package com.ibm.ws.security.social.internal.utils;

import com.ibm.websphere.ras.Tr;
import com.ibm.websphere.ras.TraceComponent;
import com.ibm.websphere.ras.annotation.Sensitive;
import com.ibm.websphere.ras.annotation.TraceObjectField;
import com.ibm.ws.common.internal.encoder.Base64Coder;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.ras.instrument.annotation.InjectedFFDC;
import com.ibm.ws.security.common.http.HttpUtils;
import com.ibm.ws.security.social.SocialLoginConfig;
import com.ibm.ws.security.social.error.SocialLoginException;
import com.ibm.ws.security.social.internal.Oauth2LoginConfigImpl;
import java.io.IOException;
import java.io.OutputStream;
import java.io.StringReader;
import java.net.HttpURLConnection;
import java.util.HashMap;
import java.util.Map;
import javax.json.Json;
import javax.json.JsonObject;
import javax.json.stream.JsonParsingException;
import javax.net.ssl.SSLSocketFactory;

@InjectedFFDC
@TraceObjectField(fieldName = "tc", fieldDesc = "Lcom/ibm/websphere/ras/TraceComponent;")
/* loaded from: input_file:com/ibm/ws/security/social/internal/utils/IntrospectUserApiUtils.class */
public class IntrospectUserApiUtils {
    public static final TraceComponent tc = Tr.register(IntrospectUserApiUtils.class, "SOCIAL", "com.ibm.ws.security.social.resources.SocialMessages");
    SocialLoginConfig config;
    HttpUtils httpUtils = new HttpUtils();
    static final long serialVersionUID = 2062072527967814811L;

    public IntrospectUserApiUtils(Oauth2LoginConfigImpl oauth2LoginConfigImpl) {
        this.config = null;
        this.config = oauth2LoginConfigImpl;
    }

    public String getUserApiResponse(@Sensitive String str, SSLSocketFactory sSLSocketFactory) throws SocialLoginException {
        try {
            return readUserApiResponse(sendUserApiRequest(str, sSLSocketFactory));
        } catch (Exception e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.social.internal.utils.IntrospectUserApiUtils", "59", this, new Object[]{"<sensitive java.lang.String>", sSLSocketFactory});
            throw new SocialLoginException("INTROSPECT_ERROR_GETTING_USER_INFO", e, new Object[]{e});
        }
    }

    HttpURLConnection sendUserApiRequest(@Sensitive String str, SSLSocketFactory sSLSocketFactory) throws IOException, SocialLoginException {
        HttpURLConnection headers = this.httpUtils.setHeaders(this.httpUtils.createConnection(HttpUtils.RequestMethod.POST, this.config.getUserApi(), sSLSocketFactory), getUserApiRequestHeaders());
        headers.setDoOutput(true);
        OutputStream outputStream = headers.getOutputStream();
        outputStream.write(("token=" + str).getBytes());
        outputStream.close();
        headers.connect();
        return headers;
    }

    @Sensitive
    Map<String, String> getUserApiRequestHeaders() {
        HashMap hashMap = new HashMap();
        hashMap.put(ClientConstants.AUTHORIZATION, "Basic " + Base64Coder.base64Encode(this.config.getClientId() + ":" + this.config.getClientSecret()));
        hashMap.put("Accept", "application/json");
        hashMap.put(ClientConstants.REQ_CONTENT_TYPE_NAME, ClientConstants.REQ_CONTENT_TYPE_APP_FORM_URLENCODED);
        return hashMap;
    }

    String readUserApiResponse(HttpURLConnection httpURLConnection) throws IOException, SocialLoginException {
        int responseCode = httpURLConnection.getResponseCode();
        String readConnectionResponse = this.httpUtils.readConnectionResponse(httpURLConnection);
        if (responseCode != 200) {
            throw new SocialLoginException("USER_API_RESPONSE_BAD_STATUS", null, new Object[]{Integer.valueOf(responseCode), readConnectionResponse});
        }
        return modifyExistingResponseToJSON(readConnectionResponse);
    }

    String modifyExistingResponseToJSON(String str) throws SocialLoginException {
        JsonObject jsonResponseIfValid = getJsonResponseIfValid(str);
        if (jsonResponseIfValid.getBoolean("active")) {
            return jsonResponseIfValid.toString();
        }
        throw new SocialLoginException("INTROSPECT_USER_API_INACTIVE", null, null);
    }

    private JsonObject getJsonResponseIfValid(String str) throws SocialLoginException {
        if (str == null || str.isEmpty()) {
            throw new SocialLoginException("RESPONSE_NOT_JSON", null, null);
        }
        try {
            return Json.createReader(new StringReader(str)).readObject();
        } catch (JsonParsingException e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.social.internal.utils.IntrospectUserApiUtils", "115", this, new Object[]{str});
            throw new SocialLoginException("RESPONSE_NOT_JSON", e, new Object[]{str, e});
        }
    }
}
