package com.liferay.oauth2.provider.service.impl;

import com.liferay.document.library.kernel.model.DLFileEntry;
import com.liferay.document.library.kernel.store.Store;
import com.liferay.oauth2.provider.constants.GrantType;
import com.liferay.oauth2.provider.exception.DuplicateOAuth2ApplicationClientIdException;
import com.liferay.oauth2.provider.exception.NoSuchOAuth2ApplicationException;
import com.liferay.oauth2.provider.exception.OAuth2ApplicationClientGrantTypeException;
import com.liferay.oauth2.provider.exception.OAuth2ApplicationHomePageURLException;
import com.liferay.oauth2.provider.exception.OAuth2ApplicationHomePageURLSchemeException;
import com.liferay.oauth2.provider.exception.OAuth2ApplicationNameException;
import com.liferay.oauth2.provider.exception.OAuth2ApplicationPrivacyPolicyURLException;
import com.liferay.oauth2.provider.exception.OAuth2ApplicationPrivacyPolicyURLSchemeException;
import com.liferay.oauth2.provider.exception.OAuth2ApplicationRedirectURIException;
import com.liferay.oauth2.provider.exception.OAuth2ApplicationRedirectURIFragmentException;
import com.liferay.oauth2.provider.exception.OAuth2ApplicationRedirectURIMissingException;
import com.liferay.oauth2.provider.exception.OAuth2ApplicationRedirectURIPathException;
import com.liferay.oauth2.provider.exception.OAuth2ApplicationRedirectURISchemeException;
import com.liferay.oauth2.provider.model.OAuth2Application;
import com.liferay.oauth2.provider.model.OAuth2ApplicationScopeAliases;
import com.liferay.oauth2.provider.model.OAuth2Authorization;
import com.liferay.oauth2.provider.service.OAuth2ApplicationScopeAliasesLocalService;
import com.liferay.oauth2.provider.service.OAuth2AuthorizationLocalService;
import com.liferay.oauth2.provider.service.base.OAuth2ApplicationLocalServiceBaseImpl;
import com.liferay.oauth2.provider.util.OAuth2SecureRandomGenerator;
import com.liferay.portal.aop.AopService;
import com.liferay.portal.kernel.exception.ImageTypeException;
import com.liferay.portal.kernel.exception.PortalException;
import com.liferay.portal.kernel.image.ImageBag;
import com.liferay.portal.kernel.image.ImageToolUtil;
import com.liferay.portal.kernel.io.unsync.UnsyncByteArrayInputStream;
import com.liferay.portal.kernel.io.unsync.UnsyncByteArrayOutputStream;
import com.liferay.portal.kernel.model.Group;
import com.liferay.portal.kernel.model.User;
import com.liferay.portal.kernel.portletfilerepository.PortletFileRepositoryUtil;
import com.liferay.portal.kernel.repository.RepositoryFactory;
import com.liferay.portal.kernel.repository.model.Folder;
import com.liferay.portal.kernel.search.Indexer;
import com.liferay.portal.kernel.service.ServiceContext;
import com.liferay.portal.kernel.service.UserLocalService;
import com.liferay.portal.kernel.util.Http;
import com.liferay.portal.kernel.util.ListUtil;
import com.liferay.portal.kernel.util.OrderByComparator;
import com.liferay.portal.kernel.util.PropsUtil;
import com.liferay.portal.kernel.util.SetUtil;
import com.liferay.portal.kernel.util.StringUtil;
import com.liferay.portal.kernel.util.Validator;
import java.awt.image.RenderedImage;
import java.io.IOException;
import java.io.InputStream;
import java.net.URI;
import java.net.URISyntaxException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Date;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Objects;
import java.util.Set;
import org.osgi.service.component.annotations.Activate;
import org.osgi.service.component.annotations.Component;
import org.osgi.service.component.annotations.Reference;

@Component(property = {"model.class.name=com.liferay.oauth2.provider.model.OAuth2Application"}, service = {AopService.class})
/* loaded from: input_file:com/liferay/oauth2/provider/service/impl/OAuth2ApplicationLocalServiceImpl.class */
public class OAuth2ApplicationLocalServiceImpl extends OAuth2ApplicationLocalServiceBaseImpl {
    private static Set<String> _ianaRegisteredUriSchemes = SetUtil.fromArray(new String[]{"aaa", "aaas", "about", "acap", "acct", "acr", "adiumxtra", "afp", "afs", "aim", "appdata", "apt", "attachment", "aw", "barion", "beshare", "bitcoin", "blob", "bolo", "browserext", "callto", "cap", "chrome", "chrome-extension", "cid", "coap", "coap+tcp", "coap+ws", "coaps", "coaps+tcp", "coaps+ws", "com-eventbrite-attendee", "content", "conti", "crid", "cvs", "data", "dav", "diaspora", "dict", "dis", "dlna-playcontainer", "dlna-playsingle", "dns", "dntp", "dtn", "dvb", "ed2k", "example", "facetime", "fax", "feed", "feedready", "file", "filesystem", "finger", "fish", "ftp", "geo", "gg", "git", "gizmoproject", "go", "gopher", "graph", "gtalk", "h323", "ham", "hcp", "http", "https", "hxxp", "hxxps", "hydrazone", "iax", "icap", "icon", "im", "imap", "info", "iotdisco", "ipn", "ipp", "ipps", "irc", "irc6", "ircs", "iris", "iris.beep", "iris.lwz", "iris.xpc", "iris.xpcs", "isostore", "itms", "jabber", "jar", "jms", "keyparc", "lastfm", "ldap", "ldaps", "lvlt", "magnet", "mailserver", "mailto", "maps", "market", "message", "mid", "mms", "modem", "mongodb", "moz", "ms-access", "ms-browser-extension", "ms-drive-to", "ms-enrollment", "ms-excel", "ms-gamebarservices", "ms-gamingoverlay", "ms-getoffice", "ms-help", "ms-infopath", "ms-inputapp", "ms-lockscreencomponent-config", "ms-media-stream-id", "ms-mixedrealitycapture", "ms-officeapp", "ms-people", "ms-project", "ms-powerpoint", "ms-publisher", "ms-restoretabcompanion", "ms-search-repair", "ms-secondary-screen-controller", "ms-secondary-screen-setup", "ms-settings", "ms-settings-airplanemode", "ms-settings-bluetooth", "ms-settings-camera", "ms-settings-cellular", "ms-settings-cloudstorage", "ms-settings-connectabledevices", "ms-settings-displays-topology", "ms-settings-emailandaccounts", "ms-settings-language", "ms-settings-location", "ms-settings-lock", "ms-settings-nfctransactions", "ms-settings-notifications", "ms-settings-power", "ms-settings-privacy", "ms-settings-proximity", "ms-settings-screenrotation", "ms-settings-wifi", "ms-settings-workplace", "ms-spd", "ms-sttoverlay", "ms-transit-to", "ms-useractivityset", "ms-virtualtouchpad", "ms-visio", "ms-walk-to", "ms-whiteboard", "ms-whiteboard-cmd", "ms-word", "msnim", "msrp", "msrps", "mtqp", "mumble", "mupdate", "mvn", "news", "nfs", "ni", "nih", "nntp", "notes", "ocf", "oid", "onenote", "onenote-cmd", "opaquelocktoken", "pack", "palm", "paparazzi", "pkcs11", "platform", "pop", "pres", "prospero", "proxy", "pwid", "psyc", "qb", "query", "redis", "rediss", "reload", "res", "resource", "rmi", "rsync", "rtmfp", "rtmp", "rtsp", "rtsps", "rtspu", "secondlife", "service", "session", "sftp", "sgn", "shttp", "sieve", "sip", "sips", "skype", "smb", "sms", "smtp", "snews", "snmp", "soap.beep", "soap.beeps", "soldat", "spiffe", "spotify", "ssh", "steam", "stun", "stuns", "submit", "svn", "tag", "teamspeak", "tel", "teliaeid", "telnet", "tftp", "things", "thismessage", "tip", "tn3270", "tool", "turn", "turns", "tv", "udp", "unreal", "urn", "ut2004", "v-event", "vemmi", "ventrilo", "videotex", "vnc", "view-source", "wais", "webcal", "wpid", "ws", "wss", "wtai", "wyciwyg", "xcon", "xcon-userid", "xfire", "xmlrpc.beep", "xmlrpc.beeps", "xmpp", "xri", "ymsgr", "z39.50", "z39.50r", "z39.50s"});

    @Reference
    private Http _http;

    @Reference(target = "(indexer.class.name=com.liferay.document.library.kernel.model.DLFileEntry)")
    private Indexer<DLFileEntry> _indexer;

    @Reference
    private OAuth2ApplicationScopeAliasesLocalService _oAuth2ApplicationScopeAliasesLocalService;

    @Reference
    private OAuth2AuthorizationLocalService _oAuth2AuthorizationLocalService;

    @Reference(target = "(class.name=com.liferay.portal.repository.portletrepository.PortletRepository)")
    private RepositoryFactory _repositoryFactory;

    @Reference(target = "(current.store=true)")
    private Store _store;

    @Reference
    private UserLocalService _userLocalService;

    @Activate
    public void activate() {
        String str = PropsUtil.get("iana.registered.uri.schemes");
        if (Validator.isBlank(str)) {
            return;
        }
        _ianaRegisteredUriSchemes = new HashSet(Arrays.asList(StringUtil.split(str)));
    }

    public OAuth2Application addOAuth2Application(long j, long j2, String str, List<GrantType> list, long j3, String str2, int i, String str3, String str4, List<String> list2, String str5, long j4, String str6, String str7, List<String> list3, List<String> list4, ServiceContext serviceContext) throws PortalException {
        if (list == null) {
            list = new ArrayList();
        }
        String generateClientId = Validator.isBlank(str2) ? OAuth2SecureRandomGenerator.generateClientId() : StringUtil.trim(str2);
        String trim = StringUtil.trim(str5);
        String trim2 = StringUtil.trim(str6);
        String trim3 = StringUtil.trim(str7);
        if (list3 == null) {
            list3 = new ArrayList();
        }
        if (list4 == null) {
            list4 = new ArrayList();
        }
        validate(j, list, generateClientId, i, str3, trim, trim2, trim3, list3);
        long increment = this.counterLocalService.increment(OAuth2Application.class.getName());
        User user = this._userLocalService.getUser(j3);
        OAuth2Application create = this.oAuth2ApplicationPersistence.create(increment);
        create.setCompanyId(j);
        create.setUserId(j2);
        create.setUserName(str);
        create.setCreateDate(new Date());
        create.setModifiedDate(new Date());
        create.setAllowedGrantTypesList(list);
        create.setClientCredentialUserId(user.getUserId());
        create.setClientCredentialUserName(user.getScreenName());
        create.setClientId(generateClientId);
        create.setClientProfile(i);
        create.setClientSecret(str3);
        create.setDescription(str4);
        create.setFeaturesList(list2);
        create.setHomePageURL(trim);
        create.setIconFileEntryId(j4);
        create.setName(trim2);
        create.setPrivacyPolicyURL(trim3);
        create.setRedirectURIsList(list3);
        if (ListUtil.isNotEmpty(list4)) {
            create.setOAuth2ApplicationScopeAliasesId(this._oAuth2ApplicationScopeAliasesLocalService.addOAuth2ApplicationScopeAliases(j, j2, str, increment, list4).getOAuth2ApplicationScopeAliasesId());
        }
        this.resourceLocalService.addResources(create.getCompanyId(), 0L, create.getUserId(), OAuth2Application.class.getName(), create.getOAuth2ApplicationId(), false, false, false);
        return this.oAuth2ApplicationPersistence.update(create);
    }

    @Deprecated
    public OAuth2Application addOAuth2Application(long j, long j2, String str, List<GrantType> list, String str2, int i, String str3, String str4, List<String> list2, String str5, long j3, String str6, String str7, List<String> list3, List<String> list4, ServiceContext serviceContext) throws PortalException {
        return addOAuth2Application(j, j2, str, list, j2, str2, i, str3, str4, list2, str5, j3, str6, str7, list3, list4, serviceContext);
    }

    @Override // com.liferay.oauth2.provider.service.base.OAuth2ApplicationLocalServiceBaseImpl
    public OAuth2Application deleteOAuth2Application(long j) throws PortalException {
        Iterator it = this._oAuth2AuthorizationLocalService.getOAuth2Authorizations(j, -1, -1, (OrderByComparator) null).iterator();
        while (it.hasNext()) {
            this._oAuth2AuthorizationLocalService.deleteOAuth2Authorization(((OAuth2Authorization) it.next()).getOAuth2AuthorizationId());
        }
        Iterator it2 = this._oAuth2ApplicationScopeAliasesLocalService.getOAuth2ApplicationScopeAliaseses(j, -1, -1, (OrderByComparator) null).iterator();
        while (it2.hasNext()) {
            this._oAuth2ApplicationScopeAliasesLocalService.deleteOAuth2ApplicationScopeAliases(((OAuth2ApplicationScopeAliases) it2.next()).getOAuth2ApplicationScopeAliasesId());
        }
        return this.oAuth2ApplicationPersistence.remove(j);
    }

    public void deleteOAuth2Applications(long j) throws PortalException {
        Iterator it = this.oAuth2ApplicationPersistence.findByC(j).iterator();
        while (it.hasNext()) {
            deleteOAuth2Application(((OAuth2Application) it.next()).getOAuth2ApplicationId());
        }
    }

    public OAuth2Application fetchOAuth2Application(long j, String str) {
        return this.oAuth2ApplicationPersistence.fetchByC_C(j, str);
    }

    public OAuth2Application getOAuth2Application(long j, String str) throws NoSuchOAuth2ApplicationException {
        return this.oAuth2ApplicationPersistence.findByC_C(j, str);
    }

    public List<OAuth2Application> getOAuth2Applications(long j) {
        return this.oAuth2ApplicationPersistence.findByC(j);
    }

    public OAuth2Application updateIcon(long j, InputStream inputStream) throws PortalException {
        OAuth2Application oAuth2Application = getOAuth2Application(j);
        long iconFileEntryId = oAuth2Application.getIconFileEntryId();
        if (inputStream == null) {
            if (iconFileEntryId > 0) {
                PortletFileRepositoryUtil.deletePortletFileEntry(iconFileEntryId);
                oAuth2Application.setIconFileEntryId(-1L);
                oAuth2Application = updateOAuth2Application(oAuth2Application);
            }
            return oAuth2Application;
        }
        Group companyGroup = this.groupLocalService.getCompanyGroup(oAuth2Application.getCompanyId());
        ServiceContext serviceContext = new ServiceContext();
        serviceContext.setAddGuestPermissions(true);
        Folder addPortletFolder = PortletFileRepositoryUtil.addPortletFolder(this.userLocalService.getDefaultUserId(oAuth2Application.getCompanyId()), PortletFileRepositoryUtil.addPortletRepository(companyGroup.getGroupId(), "com.liferay.oauth2.provider", serviceContext).getRepositoryId(), 0L, "icons", serviceContext);
        UnsyncByteArrayOutputStream unsyncByteArrayOutputStream = new UnsyncByteArrayOutputStream();
        try {
            ImageBag read = ImageToolUtil.read(inputStream);
            RenderedImage renderedImage = read.getRenderedImage();
            if (renderedImage == null) {
                throw new ImageTypeException("Unable to read icon");
            }
            ImageToolUtil.write(ImageToolUtil.scale(renderedImage, 160, 160), read.getType(), unsyncByteArrayOutputStream);
            oAuth2Application.setIconFileEntryId(PortletFileRepositoryUtil.addPortletFileEntry(companyGroup.getGroupId(), oAuth2Application.getUserId(), OAuth2Application.class.getName(), oAuth2Application.getOAuth2ApplicationId(), "com.liferay.oauth2.provider", addPortletFolder.getFolderId(), new UnsyncByteArrayInputStream(unsyncByteArrayOutputStream.toByteArray()), PortletFileRepositoryUtil.getUniqueFileName(companyGroup.getGroupId(), addPortletFolder.getFolderId(), oAuth2Application.getClientId()), (String) null, false).getFileEntryId());
            OAuth2Application updateOAuth2Application = updateOAuth2Application(oAuth2Application);
            if (iconFileEntryId > 0) {
                PortletFileRepositoryUtil.deletePortletFileEntry(iconFileEntryId);
            }
            return updateOAuth2Application;
        } catch (IOException e) {
            throw new PortalException(e);
        }
    }

    public OAuth2Application updateOAuth2Application(long j, List<GrantType> list, long j2, String str, int i, String str2, String str3, List<String> list2, String str4, long j3, String str5, String str6, List<String> list3, long j4, ServiceContext serviceContext) throws PortalException {
        OAuth2Application findByPrimaryKey = this.oAuth2ApplicationPersistence.findByPrimaryKey(j);
        String trim = StringUtil.trim(str);
        String trim2 = StringUtil.trim(str4);
        String trim3 = StringUtil.trim(str5);
        String trim4 = StringUtil.trim(str6);
        if (list3 == null) {
            list3 = new ArrayList();
        }
        validate(findByPrimaryKey.getCompanyId(), j, list, trim, i, str2, trim2, trim3, trim4, list3);
        User user = this._userLocalService.getUser(j2);
        findByPrimaryKey.setModifiedDate(new Date());
        findByPrimaryKey.setOAuth2ApplicationScopeAliasesId(j4);
        findByPrimaryKey.setAllowedGrantTypesList(list);
        findByPrimaryKey.setClientCredentialUserId(user.getUserId());
        findByPrimaryKey.setClientCredentialUserName(user.getScreenName());
        findByPrimaryKey.setClientId(trim);
        findByPrimaryKey.setClientProfile(i);
        findByPrimaryKey.setClientSecret(str2);
        findByPrimaryKey.setDescription(str3);
        findByPrimaryKey.setFeaturesList(list2);
        findByPrimaryKey.setHomePageURL(trim2);
        findByPrimaryKey.setIconFileEntryId(j3);
        findByPrimaryKey.setName(trim3);
        findByPrimaryKey.setPrivacyPolicyURL(trim4);
        findByPrimaryKey.setRedirectURIsList(list3);
        return this.oAuth2ApplicationPersistence.update(findByPrimaryKey);
    }

    @Deprecated
    public OAuth2Application updateOAuth2Application(long j, List<GrantType> list, String str, int i, String str2, String str3, List<String> list2, String str4, long j2, String str5, String str6, List<String> list3, long j3, ServiceContext serviceContext) throws PortalException {
        return updateOAuth2Application(j, list, this.oAuth2ApplicationPersistence.findByPrimaryKey(j).getClientCredentialUserId(), str, i, str2, str3, list2, str4, j2, str5, str6, list3, j3, serviceContext);
    }

    public OAuth2Application updateScopeAliases(long j, String str, long j2, List<String> list) throws PortalException {
        OAuth2ApplicationScopeAliases addOAuth2ApplicationScopeAliases;
        OAuth2Application findByPrimaryKey = this.oAuth2ApplicationPersistence.findByPrimaryKey(j2);
        if (ListUtil.isEmpty(list)) {
            if (findByPrimaryKey.getOAuth2ApplicationScopeAliasesId() == 0) {
                return findByPrimaryKey;
            }
            findByPrimaryKey.setModifiedDate(new Date());
            findByPrimaryKey.setOAuth2ApplicationScopeAliasesId(0L);
            return this.oAuth2ApplicationPersistence.update(findByPrimaryKey);
        }
        OAuth2ApplicationScopeAliases fetchOAuth2ApplicationScopeAliases = this._oAuth2ApplicationScopeAliasesLocalService.fetchOAuth2ApplicationScopeAliases(j2, list);
        if (fetchOAuth2ApplicationScopeAliases != null) {
            fetchOAuth2ApplicationScopeAliases.setUserId(j);
            fetchOAuth2ApplicationScopeAliases.setUserName(str);
            addOAuth2ApplicationScopeAliases = this._oAuth2ApplicationScopeAliasesLocalService.updateOAuth2ApplicationScopeAliases(fetchOAuth2ApplicationScopeAliases);
        } else {
            addOAuth2ApplicationScopeAliases = this._oAuth2ApplicationScopeAliasesLocalService.addOAuth2ApplicationScopeAliases(findByPrimaryKey.getCompanyId(), j, str, j2, list);
        }
        if (findByPrimaryKey.getOAuth2ApplicationScopeAliasesId() == addOAuth2ApplicationScopeAliases.getOAuth2ApplicationScopeAliasesId()) {
            return findByPrimaryKey;
        }
        findByPrimaryKey.setModifiedDate(new Date());
        findByPrimaryKey.setOAuth2ApplicationScopeAliasesId(addOAuth2ApplicationScopeAliases.getOAuth2ApplicationScopeAliasesId());
        return this.oAuth2ApplicationPersistence.update(findByPrimaryKey);
    }

    protected void validate(long j, List<GrantType> list, String str, int i, String str2, String str3, String str4, String str5, List<String> list2) throws PortalException {
        validate(j, 0L, list, str, i, str2, str3, str4, str5, list2);
    }

    protected void validate(long j, long j2, List<GrantType> list, String str, int i, String str2, String str3, String str4, String str5, List<String> list2) throws PortalException {
        OAuth2Application fetchByC_C;
        if (Validator.isBlank(str2)) {
            for (GrantType grantType : list) {
                if (!grantType.isSupportsPublicClients()) {
                    throw new OAuth2ApplicationClientGrantTypeException(grantType.name());
                }
            }
        } else {
            for (GrantType grantType2 : list) {
                if (!grantType2.isSupportsConfidentialClients()) {
                    throw new OAuth2ApplicationClientGrantTypeException(grantType2.name());
                }
            }
        }
        if (!Validator.isBlank(str) && (fetchByC_C = this.oAuth2ApplicationPersistence.fetchByC_C(j, str)) != null && fetchByC_C.getOAuth2ApplicationId() != j2) {
            throw new DuplicateOAuth2ApplicationClientIdException();
        }
        if (!Validator.isBlank(str3)) {
            if (!StringUtil.startsWith(str3, "http://") && !StringUtil.startsWith(str3, "https://")) {
                throw new OAuth2ApplicationHomePageURLSchemeException();
            }
            if (!Validator.isUri(str3)) {
                throw new OAuth2ApplicationHomePageURLException();
            }
        }
        if (Validator.isBlank(str4)) {
            throw new OAuth2ApplicationNameException();
        }
        if (!Validator.isBlank(str5)) {
            if (!StringUtil.startsWith(str5, "http://") && !StringUtil.startsWith(str5, "https://")) {
                throw new OAuth2ApplicationPrivacyPolicyURLSchemeException();
            }
            if (!Validator.isUri(str5)) {
                throw new OAuth2ApplicationPrivacyPolicyURLException();
            }
        }
        if (list2.isEmpty()) {
            for (GrantType grantType3 : list) {
                if (grantType3.isRequiresRedirectURI()) {
                    throw new OAuth2ApplicationRedirectURIMissingException(grantType3.name());
                }
            }
        }
        for (String str6 : list2) {
            try {
                URI uri = new URI(str6);
                if (uri.getFragment() != null) {
                    throw new OAuth2ApplicationRedirectURIFragmentException(str6);
                }
                String scheme = uri.getScheme();
                if (scheme == null) {
                    throw new OAuth2ApplicationRedirectURISchemeException(str6);
                }
                String lowerCase = StringUtil.toLowerCase(scheme);
                if (!Objects.equals(lowerCase, "http") && !Objects.equals(lowerCase, "https") && _ianaRegisteredUriSchemes.contains(lowerCase)) {
                    throw new OAuth2ApplicationHomePageURLSchemeException(str6);
                }
                String path = uri.getPath();
                if (!Objects.equals(path, this._http.normalizePath(path))) {
                    throw new OAuth2ApplicationRedirectURIPathException(str6);
                }
            } catch (URISyntaxException e) {
                throw new OAuth2ApplicationRedirectURIException(str6, e);
            }
        }
    }
}
