package org.codelibs.fess.ds.gsuite;

import com.auth0.jwt.JWT;
import com.auth0.jwt.algorithms.Algorithm;
import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
import com.fasterxml.jackson.annotation.JsonProperty;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.google.api.client.googleapis.GoogleUtils;
import com.google.api.client.http.GenericUrl;
import com.google.api.client.http.HttpRequest;
import com.google.api.client.http.HttpRequestInitializer;
import com.google.api.client.http.HttpResponse;
import com.google.api.client.http.UrlEncodedContent;
import com.google.api.client.http.javanet.NetHttpTransport;
import com.google.api.client.json.jackson2.JacksonFactory;
import com.google.api.client.util.GenericData;
import com.google.api.client.util.SecurityUtils;
import com.google.api.services.drive.Drive;
import com.google.api.services.drive.DriveScopes;
import com.google.api.services.drive.model.File;
import com.google.api.services.drive.model.FileList;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.net.InetSocketAddress;
import java.net.Proxy;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.interfaces.RSAPrivateKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.Base64;
import java.util.Date;
import java.util.Iterator;
import java.util.function.Consumer;
import org.apache.commons.io.output.DeferredFileOutputStream;
import org.apache.commons.lang3.SystemUtils;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.codelibs.core.lang.StringUtil;
import org.codelibs.core.timer.TimeoutManager;
import org.codelibs.core.timer.TimeoutTarget;
import org.codelibs.core.timer.TimeoutTask;
import org.codelibs.fess.crawler.exception.CrawlingAccessException;
import org.codelibs.fess.crawler.util.TemporaryFileInputStream;
import org.codelibs.fess.entity.DataStoreParams;
import org.codelibs.fess.exception.DataStoreException;

/* loaded from: input_file:org/codelibs/fess/ds/gsuite/GSuiteClient.class */
public class GSuiteClient implements AutoCloseable {
    private static final Logger logger = LogManager.getLogger(GSuiteClient.class);
    protected static final String PRIVATE_KEY_PARAM = "private_key";
    protected static final String PRIVATE_KEY_ID_PARAM = "private_key_id";
    protected static final String CLIENT_EMAIL_PARAM = "client_email";
    protected static final String READ_TIMEOUT = "read_timeout";
    protected static final String CONNECT_TIMEOUT = "connect_timeout";
    protected static final String PROXY_PORT = "proxy_port";
    protected static final String PROXY_HOST = "proxy_host";
    protected static final String REFRESH_TOKEN_INTERVAL = "refresh_token_interval";
    protected static final String MAX_CACHED_CONTENT_SIZE = "max_cached_content_size";
    public static final String ALL_DRIVES = "allDrives";
    protected Drive drive;
    protected DataStoreParams params;
    protected int maxCachedContentSize;
    protected RequestInitializer requestInitializer;
    protected TimeoutTask refreshTokenTask;
    protected String applicationName = "Fess DataStore";
    protected NetHttpTransport httpTransport = newHttpTransport();

    /* JADX INFO: Access modifiers changed from: protected */
    /* loaded from: input_file:org/codelibs/fess/ds/gsuite/GSuiteClient$RequestInitializer.class */
    public static class RequestInitializer implements HttpRequestInitializer, TimeoutTarget {
        protected NetHttpTransport httpTransport;
        protected String privateKeyPem;
        protected String privateKeyId;
        protected String clientEmail;
        protected String accessToken;
        protected int readTimeout;
        protected int connectTimeout;

        protected RequestInitializer(DataStoreParams dataStoreParams, NetHttpTransport netHttpTransport) {
            this.readTimeout = 20000;
            this.connectTimeout = 20000;
            this.httpTransport = netHttpTransport;
            this.privateKeyPem = dataStoreParams.getAsString(GSuiteClient.PRIVATE_KEY_PARAM, "");
            this.privateKeyId = dataStoreParams.getAsString(GSuiteClient.PRIVATE_KEY_ID_PARAM, "");
            this.clientEmail = dataStoreParams.getAsString(GSuiteClient.CLIENT_EMAIL_PARAM, "");
            if (this.privateKeyPem.isEmpty() || this.privateKeyId.isEmpty() || this.clientEmail.isEmpty()) {
                throw new DataStoreException("parameter 'private_key', 'private_key_id', 'client_email' is required");
            }
            String asString = dataStoreParams.getAsString(GSuiteClient.READ_TIMEOUT);
            if (StringUtil.isNotBlank(asString)) {
                this.readTimeout = Integer.parseInt(asString);
            }
            String asString2 = dataStoreParams.getAsString(GSuiteClient.CONNECT_TIMEOUT);
            if (StringUtil.isNotBlank(asString2)) {
                this.connectTimeout = Integer.parseInt(asString2);
            }
            refreshToken();
        }

        protected void refreshToken() {
            if (this.httpTransport == null) {
                return;
            }
            if (GSuiteClient.logger.isDebugEnabled()) {
                GSuiteClient.logger.debug("Refreshing access token.");
            }
            long currentTimeMillis = System.currentTimeMillis();
            try {
                String sign = JWT.create().withKeyId(this.privateKeyId).withIssuer(this.clientEmail).withSubject(this.clientEmail).withAudience("https://www.googleapis.com/oauth2/v4/token").withClaim("scope", DriveScopes.DRIVE).withIssuedAt(new Date(currentTimeMillis)).withExpiresAt(new Date(currentTimeMillis + 3600000)).sign(Algorithm.RSA256(null, (RSAPrivateKey) getPrivateKey()));
                if (GSuiteClient.logger.isDebugEnabled()) {
                    GSuiteClient.logger.debug("jwt: {}", sign);
                }
                GenericUrl genericUrl = new GenericUrl("https://www.googleapis.com/oauth2/v4/token");
                GenericData genericData = new GenericData();
                genericData.set("assertion", sign);
                genericData.set("grant_type", "urn:ietf:params:oauth:grant-type:jwt-bearer");
                HttpResponse execute = this.httpTransport.createRequestFactory().buildPostRequest(genericUrl, new UrlEncodedContent(genericData)).execute();
                if (GSuiteClient.logger.isDebugEnabled()) {
                    GSuiteClient.logger.debug("response: {}", execute);
                }
                try {
                    TokenResponse tokenResponse = (TokenResponse) new ObjectMapper().readValue(execute.getContent(), TokenResponse.class);
                    if (GSuiteClient.logger.isDebugEnabled()) {
                        GSuiteClient.logger.debug("Update: {} -> {}", this.accessToken, tokenResponse.getAccessToken());
                    }
                    this.accessToken = tokenResponse.getAccessToken();
                    execute.disconnect();
                } catch (Throwable th) {
                    execute.disconnect();
                    throw th;
                }
            } catch (Exception e) {
                throw new DataStoreException("Failed to authorize GSuite API.", e);
            }
        }

        protected PrivateKey getPrivateKey() throws NoSuchAlgorithmException, InvalidKeySpecException {
            return SecurityUtils.getRsaKeyFactory().generatePrivate(new PKCS8EncodedKeySpec(Base64.getDecoder().decode(this.privateKeyPem.replaceAll("\\\\n|\\n|-----[A-Z ]+-----", ""))));
        }

        public void expired() {
            try {
                refreshToken();
            } catch (Exception e) {
                GSuiteClient.logger.warn("Failed to refresh an access token.", e);
            }
        }

        public void initialize(HttpRequest httpRequest) throws IOException {
            httpRequest.getHeaders().setAuthorization("Bearer " + this.accessToken);
            httpRequest.setReadTimeout(this.readTimeout);
            httpRequest.setConnectTimeout(this.connectTimeout);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @JsonIgnoreProperties(ignoreUnknown = true)
    /* loaded from: input_file:org/codelibs/fess/ds/gsuite/GSuiteClient$TokenResponse.class */
    public static class TokenResponse {

        @JsonProperty("access_token")
        private String accessToken;

        @JsonProperty("expires_in")
        private Integer expiresIn;

        @JsonProperty("token_type")
        private String tokenType;
        private String error;

        @JsonProperty("error_description")
        private String errorDescription;

        protected TokenResponse() {
        }

        String getAccessToken() {
            return this.accessToken;
        }

        Integer getExpiresIn() {
            return this.expiresIn;
        }

        String getTokenType() {
            return this.tokenType;
        }

        String getError() {
            return this.error;
        }

        String getErrorDescription() {
            return this.errorDescription;
        }
    }

    public GSuiteClient(DataStoreParams dataStoreParams) {
        this.maxCachedContentSize = 1048576;
        this.params = dataStoreParams;
        String asString = dataStoreParams.getAsString(MAX_CACHED_CONTENT_SIZE);
        if (StringUtil.isNotBlank(asString)) {
            this.maxCachedContentSize = Integer.parseInt(asString);
        }
        this.requestInitializer = new RequestInitializer(dataStoreParams, this.httpTransport);
        this.refreshTokenTask = TimeoutManager.getInstance().addTimeoutTarget(this.requestInitializer, Integer.parseInt(dataStoreParams.getAsString(REFRESH_TOKEN_INTERVAL, "3540")), true);
    }

    @Override // java.lang.AutoCloseable
    public void close() {
        if (this.refreshTokenTask != null) {
            this.refreshTokenTask.cancel();
        }
    }

    protected NetHttpTransport newHttpTransport() {
        try {
            NetHttpTransport.Builder trustCertificates = new NetHttpTransport.Builder().trustCertificates(GoogleUtils.getCertificateTrustStore());
            String asString = this.params.getAsString(PROXY_HOST);
            String asString2 = this.params.getAsString(PROXY_PORT);
            if (StringUtil.isNotBlank(asString) && StringUtil.isNotBlank(asString2)) {
                trustCertificates.setProxy(new Proxy(Proxy.Type.HTTP, new InetSocketAddress(asString, Integer.parseInt(asString2))));
            }
            return trustCertificates.build();
        } catch (Exception e) {
            throw new DataStoreException("Failed to create a http transport.", e);
        }
    }

    protected Drive createGlobalDrive() {
        return new Drive.Builder(this.httpTransport, new JacksonFactory(), this.requestInitializer).setApplicationName(this.applicationName).build();
    }

    protected Drive getDrive() {
        if (this.drive == null) {
            this.drive = createGlobalDrive();
        }
        return this.drive;
    }

    public void getFiles(String str, String str2, String str3, String str4, Consumer<File> consumer) {
        if (logger.isDebugEnabled()) {
            logger.debug("query: {}, corpora: {}, spaces: {}, fields: {}", str, str2, str3, str4);
        }
        long j = 1;
        String str5 = null;
        do {
            try {
                Drive.Files.List pageToken = getDrive().files().list().setPageToken(str5);
                if (StringUtil.isNotBlank(str)) {
                    pageToken.setQ(str);
                }
                if (StringUtil.isNotBlank(str4)) {
                    pageToken.setFields2(str4);
                }
                if (StringUtil.isNotBlank(str2)) {
                    pageToken.setCorpora(str2);
                }
                if (ALL_DRIVES.equals(str2)) {
                    pageToken.setIncludeTeamDriveItems(true);
                    pageToken.setSupportsTeamDrives(true);
                }
                if (StringUtil.isNotBlank(str3)) {
                    pageToken.setSpaces(str3);
                }
                if (logger.isDebugEnabled()) {
                    logger.debug("Accessing files: {}=>{}", Long.valueOf(j), str5);
                }
                FileList execute = pageToken.execute();
                if (logger.isDebugEnabled()) {
                    logger.debug("filelist: {}", execute);
                }
                Iterator<File> it = execute.getFiles().iterator();
                while (it.hasNext()) {
                    consumer.accept(it.next());
                }
                str5 = execute.getNextPageToken();
                j++;
            } catch (IOException e) {
                throw new DataStoreException("Failed to access files.", e);
            }
        } while (str5 != null);
    }

    public String extractFileText(String str, String str2) {
        try {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            try {
                getDrive().files().export(str, str2).executeMediaAndDownloadTo(byteArrayOutputStream);
                String byteArrayOutputStream2 = byteArrayOutputStream.toString("UTF-8");
                byteArrayOutputStream.close();
                return byteArrayOutputStream2;
            } finally {
            }
        } catch (Exception e) {
            throw new CrawlingAccessException("Failed to extract a text from " + str, e);
        }
    }

    public InputStream getFileInputStream(String str) {
        try {
            DeferredFileOutputStream deferredFileOutputStream = new DeferredFileOutputStream(this.maxCachedContentSize, "crawler-GSuiteClient-", ".out", SystemUtils.getJavaIoTmpDir());
            try {
                getDrive().files().get(str).executeMediaAndDownloadTo(deferredFileOutputStream);
                deferredFileOutputStream.flush();
                if (deferredFileOutputStream.isInMemory()) {
                    ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(deferredFileOutputStream.getData());
                    deferredFileOutputStream.close();
                    return byteArrayInputStream;
                }
                TemporaryFileInputStream temporaryFileInputStream = new TemporaryFileInputStream(deferredFileOutputStream.getFile());
                deferredFileOutputStream.close();
                return temporaryFileInputStream;
            } finally {
            }
        } catch (Exception e) {
            throw new CrawlingAccessException("Failed to create an input stream from " + str, e);
        }
    }

    public void setApplicationName(String str) {
        this.applicationName = str;
    }
}
