package com.hyperscience.saas.auth;

import com.fasterxml.jackson.databind.ObjectMapper;
import com.hyperscience.saas.api.enums.SupportedMediaType;
import com.hyperscience.saas.api.utils.Constants;
import com.hyperscience.saas.auth.model.Credentials;
import com.hyperscience.saas.auth.model.NonceResponse;
import com.hyperscience.saas.auth.model.OktaRequestDto;
import com.hyperscience.saas.auth.model.OktaResponseDto;
import com.hyperscience.saas.config.Configuration;
import com.hyperscience.saas.utils.Validator;
import java.io.IOException;
import java.net.URL;
import java.util.Objects;
import java.util.concurrent.TimeUnit;
import lombok.Generated;
import okhttp3.CookieJar;
import okhttp3.HttpUrl;
import okhttp3.MediaType;
import okhttp3.OkHttpClient;
import okhttp3.Request;
import okhttp3.RequestBody;
import okhttp3.Response;
import okhttp3.ResponseBody;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/hyperscience/saas/auth/OauthServiceImpl.class */
public class OauthServiceImpl implements OauthService {
    Configuration configuration;
    private final OkHttpClient client;

    @Generated
    private static final Logger log = LoggerFactory.getLogger(OauthServiceImpl.class);
    static ObjectMapper objectMapper = new ObjectMapper();
    static final RequestBody EMPTY_REQUEST = RequestBody.create("", MediaType.parse("application/json"));
    static final String USER_AGENT_HEADER_VALUE = String.format("hyperscience-saas-client-java/%s", OauthService.class.getPackage().getImplementationVersion());

    public OauthServiceImpl(Configuration configuration, CookieJar cookieJar) {
        this.configuration = configuration;
        this.client = new OkHttpClient().newBuilder().followRedirects(false).connectTimeout(configuration.getTimeOutConfiguration().getConnectionTimeout(), TimeUnit.SECONDS).readTimeout(configuration.getTimeOutConfiguration().getReadTimeout(), TimeUnit.SECONDS).cookieJar(cookieJar).build();
    }

    @Override // com.hyperscience.saas.auth.OauthService
    public String login(Credentials credentials) throws IOException {
        OktaResponseDto oktaResponseDto = (OktaResponseDto) objectMapper.readValue(((ResponseBody) Objects.requireNonNull(callClient(new Request.Builder().url(new HttpUrl.Builder().scheme("https").host(this.configuration.getAuthServer()).addPathSegments("api/v1/authn").build().url()).header(Constants.CONTENT_TYPE_HEADER, SupportedMediaType.ApplicationJson.getValue()).header(Constants.ACCEPT_HEADER, SupportedMediaType.ApplicationJson.getValue()).header("User-Agent", USER_AGENT_HEADER_VALUE).post(RequestBody.create(objectMapper.writeValueAsString(new OktaRequestDto(credentials.decodeClientId(), credentials.decodeClientSecret())), MediaType.parse("application/json")))).body(), "illegal okta response!")).byteStream(), OktaResponseDto.class);
        Validator.validateNotNull(oktaResponseDto, "illegal okta response!");
        Validator.validateNotEmpty(oktaResponseDto.getSessionToken(), "failed to authenticate with okta!");
        log.debug("Successfully logged in to OKTA.");
        String header = callClient(new Request.Builder().get().url(new HttpUrl.Builder().scheme("https").host(this.configuration.getHyperscienceDomain()).build().url()).header("User-Agent", USER_AGENT_HEADER_VALUE)).header("Location");
        Validator.validateNotEmpty(header, "Failed to receive authentication location header.");
        log.debug("Successfully received redirection URL");
        URL url = new URL((String) Objects.requireNonNull(header));
        NonceResponse nonceResponse = (NonceResponse) objectMapper.readValue(((ResponseBody) Objects.requireNonNull(callClient(new Request.Builder().post(EMPTY_REQUEST).url(new HttpUrl.Builder().scheme("https").host(url.getHost()).addPathSegments("api/v1/internal/device/nonce").build().url()).header("User-Agent", USER_AGENT_HEADER_VALUE)).body(), "illegal nonce response!")).byteStream(), NonceResponse.class);
        Validator.validateNotNull(nonceResponse, "illegal nonce response!");
        Validator.validateNotEmpty(nonceResponse.getNonce(), "illegal nonce response value!");
        log.debug("Successfully received nonce.");
        String header2 = callClient(new Request.Builder().get().url(new HttpUrl.Builder().scheme("https").host(url.getHost()).addEncodedPathSegments(url.getPath().substring(1)).encodedQuery(url.getQuery() + "&sessionToken=" + oktaResponseDto.getSessionToken() + "&nonce=" + nonceResponse.getNonce()).build().url()).header("User-Agent", USER_AGENT_HEADER_VALUE)).header("Location");
        Validator.validateNotEmpty(header2, "Authentication has failed!");
        log.debug("Successfully authenticated!");
        String header3 = callClient(new Request.Builder().get().url(new HttpUrl.Builder().scheme("https").host(this.configuration.getHyperscienceDomain()).addEncodedPathSegments("oauth2/idpresponse").encodedQuery(new URL((String) Objects.requireNonNull(header2)).getQuery()).build().url()).header("User-Agent", USER_AGENT_HEADER_VALUE)).header(Constants.SET_COOKIE_HEADER);
        Validator.validateNotEmpty(header3, "Failed to authenticate, cookie is not valid!");
        log.info("Successfully received cookie! Login is complete.");
        return header3;
    }

    public Response callClient(Request.Builder builder) throws IOException {
        return getClient().newCall(builder.build()).execute();
    }

    public OkHttpClient getClient() {
        return this.client;
    }
}
