package de.adorsys.xs2a.adapter.commerzbank.service;

import de.adorsys.xs2a.adapter.adapter.BaseOauth2Service;
import de.adorsys.xs2a.adapter.adapter.CertificateSubjectClientIdOauth2Service;
import de.adorsys.xs2a.adapter.adapter.PkceOauth2Service;
import de.adorsys.xs2a.adapter.http.HttpClient;
import de.adorsys.xs2a.adapter.http.StringUri;
import de.adorsys.xs2a.adapter.http.UriBuilder;
import de.adorsys.xs2a.adapter.service.Oauth2Service;
import de.adorsys.xs2a.adapter.service.PkceOauth2Extension;
import de.adorsys.xs2a.adapter.service.Pkcs12KeyStore;
import de.adorsys.xs2a.adapter.service.exception.BadRequestException;
import de.adorsys.xs2a.adapter.service.model.Aspsp;
import de.adorsys.xs2a.adapter.service.model.Scope;
import de.adorsys.xs2a.adapter.service.model.TokenResponse;
import de.adorsys.xs2a.adapter.validation.Validation;
import de.adorsys.xs2a.adapter.validation.ValidationError;
import java.io.IOException;
import java.net.URI;
import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
import java.util.Map;
import org.apache.commons.lang3.StringUtils;

/* loaded from: input_file:de/adorsys/xs2a/adapter/commerzbank/service/CommerzbankOauth2Service.class */
public class CommerzbankOauth2Service implements Oauth2Service, PkceOauth2Extension {
    protected static final String UNSUPPORTED_SCOPE_VALUE_ERROR_MESSAGE = "Scope value [%s] is not supported";
    protected static final String UNKNOWN_SCOPE_VALUE_ERROR_MESSAGE = "Unknown scope value";
    protected static final String CONSENT_OR_PAYMENT_ID_MISSING_ERROR_MESSAGE = "Either consent id or payment id should be provided";
    protected static final String PAYMENT_ID_MISSING_ERROR_MESSAGE = "Payment id should be provided for pis scope";
    protected static final String CONSENT_ID_MISSING_ERROR_MESSAGE = "Consent id should be provided for ais scope";
    private static final String AIS_SCOPE_PREFIX = "AIS:";
    private static final String PIS_SCOPE_PREFIX = "PIS:";
    private final Oauth2Service oauth2Service;
    private final String baseUrl;

    private CommerzbankOauth2Service(Oauth2Service oauth2Service, String str, HttpClient httpClient) {
        this.oauth2Service = oauth2Service;
        this.baseUrl = str;
    }

    public static CommerzbankOauth2Service create(Aspsp aspsp, HttpClient httpClient, Pkcs12KeyStore pkcs12KeyStore) {
        return new CommerzbankOauth2Service(new PkceOauth2Service(new CertificateSubjectClientIdOauth2Service(new BaseOauth2Service(aspsp, httpClient), pkcs12KeyStore)), aspsp.getIdpUrl() != null ? aspsp.getIdpUrl() : aspsp.getUrl(), httpClient);
    }

    public URI getAuthorizationRequestUri(Map<String, String> map, Oauth2Service.Parameters parameters) throws IOException {
        Validation.requireValid(validateGetAuthorizationRequestUri(map, parameters));
        parameters.setAuthorizationEndpoint(parameters.removeScaOAuthLink());
        return UriBuilder.fromUri(this.oauth2Service.getAuthorizationRequestUri(map, parameters)).queryParam("scope", scope(parameters)).build();
    }

    public List<ValidationError> validateGetAuthorizationRequestUri(Map<String, String> map, Oauth2Service.Parameters parameters) {
        ArrayList arrayList = new ArrayList();
        String scope = parameters.getScope();
        if (StringUtils.isNotEmpty(scope)) {
            if (!Scope.contains(scope)) {
                arrayList.add(new ValidationError(ValidationError.Code.NOT_SUPPORTED, "scope", String.format(UNSUPPORTED_SCOPE_VALUE_ERROR_MESSAGE, scope)));
            } else if (Scope.isAis(Scope.fromValue(scope))) {
                if (StringUtils.isBlank(parameters.getConsentId())) {
                    arrayList.add(new ValidationError(ValidationError.Code.REQUIRED, "consent_id", CONSENT_ID_MISSING_ERROR_MESSAGE));
                }
            } else if (Scope.isPis(Scope.fromValue(scope)) && StringUtils.isBlank(parameters.getPaymentId())) {
                arrayList.add(new ValidationError(ValidationError.Code.REQUIRED, "payment_id", PAYMENT_ID_MISSING_ERROR_MESSAGE));
            }
        }
        return Collections.unmodifiableList(arrayList);
    }

    private String scope(Oauth2Service.Parameters parameters) {
        return StringUtils.isEmpty(parameters.getScope()) ? computeScope(parameters) : mapScope(parameters);
    }

    private String computeScope(Oauth2Service.Parameters parameters) {
        if (StringUtils.isNotBlank(parameters.getConsentId())) {
            return AIS_SCOPE_PREFIX + parameters.getConsentId();
        }
        if (StringUtils.isNotBlank(parameters.getPaymentId())) {
            return PIS_SCOPE_PREFIX + parameters.getPaymentId();
        }
        throw new BadRequestException(CONSENT_OR_PAYMENT_ID_MISSING_ERROR_MESSAGE);
    }

    private String mapScope(Oauth2Service.Parameters parameters) {
        Scope fromValue = Scope.fromValue(parameters.getScope());
        if (Scope.isAis(fromValue)) {
            return AIS_SCOPE_PREFIX + parameters.getConsentId();
        }
        if (Scope.isPis(fromValue)) {
            return PIS_SCOPE_PREFIX + parameters.getPaymentId();
        }
        throw new BadRequestException(UNKNOWN_SCOPE_VALUE_ERROR_MESSAGE);
    }

    public TokenResponse getToken(Map<String, String> map, Oauth2Service.Parameters parameters) throws IOException {
        parameters.removeScaOAuthLink();
        parameters.setTokenEndpoint(StringUri.fromElements(new String[]{this.baseUrl, "/v1/token"}));
        return this.oauth2Service.getToken(map, parameters);
    }
}
