package com.ebay.api.client.auth.oauth2;

import com.ebay.api.client.auth.oauth2.CredentialUtil;
import com.ebay.api.client.auth.oauth2.model.Environment;
import com.ebay.api.client.auth.oauth2.model.OAuthResponse;
import java.io.IOException;
import java.util.Base64;
import java.util.List;
import java.util.Optional;
import okhttp3.MediaType;
import okhttp3.OkHttpClient;
import okhttp3.Request;
import okhttp3.RequestBody;
import okhttp3.Response;
import org.joda.time.DateTime;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/ebay/api/client/auth/oauth2/OAuth2Api.class */
public class OAuth2Api {
    public static final String CRED_SEPERATOR = ":";
    private static final Logger logger = LoggerFactory.getLogger(OAuth2Api.class);
    private static TimedCacheValue appAccessToken = null;

    /* loaded from: input_file:com/ebay/api/client/auth/oauth2/OAuth2Api$TimedCacheValue.class */
    private static class TimedCacheValue {
        private OAuthResponse value;
        private DateTime expiresAt;

        private TimedCacheValue(OAuthResponse oAuthResponse, DateTime dateTime) {
            this.value = oAuthResponse;
            this.expiresAt = dateTime.minusMinutes(5);
        }

        /* JADX INFO: Access modifiers changed from: private */
        public OAuthResponse getValue() {
            if (DateTime.now().isBefore(this.expiresAt)) {
                return this.value;
            }
            return null;
        }
    }

    public OAuthResponse getApplicationToken(Environment environment, List<String> list) throws IOException {
        if (appAccessToken != null && appAccessToken.getValue() != null) {
            logger.debug("application access token returned from cache");
            return appAccessToken.getValue();
        }
        OkHttpClient okHttpClient = new OkHttpClient();
        String orElse = OAuth2Util.buildScopeForRequest(list).orElse("");
        Response execute = okHttpClient.newCall(new Request.Builder().url(environment.getApiEndpoint()).header("Authorization", buildAuthorization(CredentialUtil.getCredentials(environment))).header("Content-Type", "application/x-www-form-urlencoded").post(RequestBody.create(MediaType.parse("application/x-www-form-urlencoded"), String.format("grant_type=client_credentials&scope=%s", orElse))).build()).execute();
        if (!execute.isSuccessful()) {
            return OAuth2Util.handleError(execute);
        }
        logger.debug("Network call to generate new token is successfull");
        OAuthResponse parseApplicationToken = OAuth2Util.parseApplicationToken(execute.body().string());
        appAccessToken = new TimedCacheValue(parseApplicationToken, new DateTime(parseApplicationToken.getAccessToken().get().getExpiresOn()));
        return parseApplicationToken;
    }

    private String buildAuthorization(CredentialUtil.Credentials credentials) {
        StringBuilder sb = new StringBuilder();
        sb.append(credentials.get(CredentialUtil.CredentialType.APP_ID)).append(CRED_SEPERATOR).append(credentials.get(CredentialUtil.CredentialType.CERT_ID));
        return "Basic " + new String(Base64.getEncoder().encode(sb.toString().getBytes()));
    }

    public String generateUserAuthorizationUrl(Environment environment, List<String> list, Optional<String> optional) {
        StringBuilder sb = new StringBuilder();
        CredentialUtil.Credentials credentials = CredentialUtil.getCredentials(environment);
        String orElse = OAuth2Util.buildScopeForRequest(list).orElse("");
        sb.append(environment.getWebEndpoint()).append("?");
        sb.append("client_id=").append(credentials.get(CredentialUtil.CredentialType.APP_ID)).append("&");
        sb.append("response_type=code").append("&");
        sb.append("redirect_uri=").append(credentials.get(CredentialUtil.CredentialType.REDIRECT_URI)).append("&");
        sb.append("scope=").append(orElse).append("&");
        if (optional.isPresent()) {
            sb.append("state=").append(optional.get());
        }
        logger.debug("authorize_url=" + sb.toString());
        return sb.toString();
    }

    public OAuthResponse exchangeCodeForAccessToken(Environment environment, String str) throws IOException {
        OkHttpClient okHttpClient = new OkHttpClient();
        CredentialUtil.Credentials credentials = CredentialUtil.getCredentials(environment);
        StringBuilder sb = new StringBuilder();
        sb.append("grant_type=authorization_code").append("&");
        sb.append(String.format("redirect_uri=%s", credentials.get(CredentialUtil.CredentialType.REDIRECT_URI))).append("&");
        sb.append(String.format("code=%s", str));
        Response execute = okHttpClient.newCall(new Request.Builder().url(environment.getApiEndpoint()).header("Authorization", buildAuthorization(credentials)).header("Content-Type", "application/x-www-form-urlencoded").post(RequestBody.create(MediaType.parse("application/x-www-form-urlencoded"), sb.toString())).build()).execute();
        return execute.isSuccessful() ? OAuth2Util.parseUserToken(execute.body().string()) : OAuth2Util.handleError(execute);
    }

    public OAuthResponse getAccessToken(Environment environment, String str, List<String> list) throws IOException {
        OkHttpClient okHttpClient = new OkHttpClient();
        CredentialUtil.Credentials credentials = CredentialUtil.getCredentials(environment);
        String orElse = OAuth2Util.buildScopeForRequest(list).orElse("");
        StringBuilder sb = new StringBuilder();
        sb.append("grant_type=refresh_token").append("&");
        sb.append(String.format("refresh_token=%s", str));
        sb.append(String.format("scope=%s", orElse)).append("&");
        Response execute = okHttpClient.newCall(new Request.Builder().url(environment.getApiEndpoint()).header("Authorization", buildAuthorization(credentials)).header("Content-Type", "application/x-www-form-urlencoded").post(RequestBody.create(MediaType.parse("application/x-www-form-urlencoded"), sb.toString())).build()).execute();
        return execute.isSuccessful() ? OAuth2Util.parseUserToken(execute.body().string()) : OAuth2Util.handleError(execute);
    }

    public String generateIdTokenUrl(Environment environment, Optional<String> optional, String str) {
        StringBuilder sb = new StringBuilder();
        CredentialUtil.Credentials credentials = CredentialUtil.getCredentials(environment);
        sb.append(environment.getWebEndpoint()).append("?");
        sb.append("client_id=").append(credentials.get(CredentialUtil.CredentialType.APP_ID)).append("&");
        sb.append("response_type=id_token").append("&");
        sb.append("redirect_uri=").append(credentials.get(CredentialUtil.CredentialType.REDIRECT_URI)).append("&");
        sb.append("nonce=").append(str).append("&");
        if (optional.isPresent()) {
            sb.append("state=").append(optional.get());
        }
        logger.debug("id_token_url=" + sb.toString());
        return sb.toString();
    }
}
