package cz.integsoft.mule.security.internal;

import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.JsonNode;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.fasterxml.jackson.databind.SerializationFeature;
import com.google.i18n.phonenumbers.NumberParseException;
import cz.integsoft.mule.security.api.SecurityConstants;
import cz.integsoft.mule.security.api.SecurityErrorCode;
import cz.integsoft.mule.security.api.SecurityUtils;
import cz.integsoft.mule.security.api.exception.BadRequestException;
import cz.integsoft.mule.security.api.exception.GenericSecurityException;
import cz.integsoft.mule.security.api.exception.MobileInvalidException;
import cz.integsoft.mule.security.api.exception.MobileNotFoundException;
import cz.integsoft.mule.security.api.exception.OtpBeginChallengeException;
import cz.integsoft.mule.security.api.exception.OtpHandlerException;
import cz.integsoft.mule.security.api.exception.OtpInternalException;
import cz.integsoft.mule.security.api.exception.UnauthorizedException;
import cz.integsoft.mule.security.internal.component.TemplatePropertiesResolver;
import cz.integsoft.mule.security.internal.config.OtpConfig;
import cz.integsoft.mule.security.internal.parameter.OtpParameters;
import cz.integsoft.mule.security.internal.vo.ErrorResponseVO;
import cz.integsoft.mule.security.internal.vo.MobileNumberHandlerResponseVO;
import cz.integsoft.mule.security.internal.vo.OtpChallengeResponseVO;
import cz.integsoft.sms.api.Priority;
import cz.integsoft.sms.api.util.Utils;
import cz.integsoft.sms.api.vo.SmsEntity;
import cz.integsoft.sms.api.vo.SmsEntityResponse;
import java.io.ByteArrayInputStream;
import java.io.Closeable;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.Reader;
import java.text.MessageFormat;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Locale;
import java.util.Map;
import java.util.UUID;
import java.util.concurrent.ExecutionException;
import org.apache.commons.lang3.StringUtils;
import org.apache.http.HttpEntity;
import org.apache.http.HttpHost;
import org.apache.http.auth.AuthSchemeProvider;
import org.apache.http.auth.AuthScope;
import org.apache.http.auth.UsernamePasswordCredentials;
import org.apache.http.client.AuthCache;
import org.apache.http.client.CredentialsProvider;
import org.apache.http.client.config.RequestConfig;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.client.protocol.HttpClientContext;
import org.apache.http.config.Lookup;
import org.apache.http.config.RegistryBuilder;
import org.apache.http.entity.ContentType;
import org.apache.http.entity.StringEntity;
import org.apache.http.impl.auth.BasicScheme;
import org.apache.http.impl.auth.BasicSchemeFactory;
import org.apache.http.impl.client.BasicAuthCache;
import org.apache.http.impl.client.BasicCredentialsProvider;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.util.EntityUtils;
import org.keycloak.KeycloakSecurityContext;
import org.mule.extension.http.api.HttpListenerResponseAttributes;
import org.mule.extension.http.api.HttpRequestAttributes;
import org.mule.extension.http.api.HttpResponseAttributes;
import org.mule.runtime.api.component.execution.ExecutionResult;
import org.mule.runtime.api.component.execution.InputEvent;
import org.mule.runtime.api.component.location.ComponentLocation;
import org.mule.runtime.api.el.BindingContext;
import org.mule.runtime.api.message.Error;
import org.mule.runtime.api.message.Message;
import org.mule.runtime.api.metadata.TypedValue;
import org.mule.runtime.api.streaming.bytes.CursorStreamProvider;
import org.mule.runtime.api.util.LazyValue;
import org.mule.runtime.api.util.MultiMap;
import org.mule.runtime.core.api.util.IOUtils;
import org.mule.runtime.extension.api.exception.ModuleException;
import org.mule.runtime.extension.api.security.AuthenticationHandler;
import org.mule.runtime.http.api.HttpConstants;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:cz/integsoft/mule/security/internal/OTPSecurityFilter.class */
public class OTPSecurityFilter {
    public static final String AUDIT_LOG = "SECURITY_AUDIT";
    private static final Logger as = LoggerFactory.getLogger("SECURITY_AUDIT");
    private static final Logger at = LoggerFactory.getLogger(OTPSecurityFilter.class);
    private static final int au = 4096;
    private static final String av = "OTP[{}] validation called by user {} on URI {}.";
    private static final String aw = "OTP[{}] validation called by user {} resulted in error {}.";
    private static final String ax = "OTP[{}] validation called by user {} completed successfully.";
    private final ObjectMapper ay = new ObjectMapper().configure(SerializationFeature.FAIL_ON_EMPTY_BEANS, false);
    private final CredentialsProvider az = new BasicCredentialsProvider();
    private final RegistryBuilder<AuthSchemeProvider> aA = RegistryBuilder.create();
    private final Lookup<AuthSchemeProvider> aB = this.aA.register("Basic", new BasicSchemeFactory()).build();
    private final AuthCache aC = new BasicAuthCache();
    private final RequestConfig aD = RequestConfig.custom().setAuthenticationEnabled(true).setTargetPreferredAuthSchemes(Arrays.asList("Basic")).build();

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:cz/integsoft/mule/security/internal/OTPSecurityFilter$a.class */
    public static class a implements Message {
        private static final long aE = 2877568590876260343L;
        private final Message aF;

        a(Message message) {
            this.aF = message;
        }

        public <T> TypedValue<T> getPayload() {
            return this.aF.getPayload();
        }

        public <T> TypedValue<T> getAttributes() {
            return this.aF.getAttributes();
        }

        public String toString() {
            return this.aF.toString();
        }
    }

    public void authorize(OtpConfig otpConfig, OtpParameters otpParameters, SecureCodeProvider secureCodeProvider, Message message, Map<String, Object> map, HttpRequestAttributes httpRequestAttributes, AuthenticationHandler authenticationHandler, ComponentLocation componentLocation, Object obj, Error error, String str) {
        String skipWhen = otpParameters.getSkipWhen();
        String otpCacheName = otpConfig.getOtpCacheName();
        try {
            as.info(av, new Object[]{otpCacheName, SecurityUtils.getPrincipalName(authenticationHandler), new Object[]{httpRequestAttributes.getRequestUri()}});
            if (StringUtils.isNotBlank(skipWhen) && Boolean.parseBoolean(skipWhen)) {
                at.info("Skipping OTP validation process, since {} has been evaluated to true.", skipWhen);
                as.info(ax, otpCacheName, SecurityUtils.getPrincipalName(authenticationHandler));
                return;
            }
            if (a(otpParameters)) {
                at.info("Skipping OTP validation process, since {} matches autorized token realm", otpParameters.getExcludeRealms());
                as.info(ax, otpCacheName, SecurityUtils.getPrincipalName(authenticationHandler));
                return;
            }
            boolean a2 = a(message);
            if (a2) {
                String headerIgnoreCase = SecurityUtils.getHeaderIgnoreCase(httpRequestAttributes, SecurityConstants.HEADER_OTP_CHALLENGE_ID);
                String headerIgnoreCase2 = SecurityUtils.getHeaderIgnoreCase(httpRequestAttributes, SecurityConstants.HEADER_OTP_CODE);
                if (StringUtils.isBlank(headerIgnoreCase2) || !SecurityUtils.isValidUUID(headerIgnoreCase)) {
                    a(BadRequestException.class, new ErrorResponseVO(SecurityConstants.OTP_ERR_MISSING_CHALLENGE_ID), message, httpRequestAttributes);
                    return;
                } else if (!secureCodeProvider.isValid(headerIgnoreCase, headerIgnoreCase2)) {
                    secureCodeProvider.invalidateIfNeeded(headerIgnoreCase, false);
                    a(UnauthorizedException.class, new ErrorResponseVO(SecurityConstants.OTP_ERR_INVALID_CODE), message, httpRequestAttributes);
                    return;
                } else {
                    at.debug("Invalidating OTP challenge id {} after a successfull attempt. So this id cannot be used no more.", headerIgnoreCase);
                    secureCodeProvider.invalidateIfNeeded(headerIgnoreCase, true);
                }
            } else {
                MobileNumberHandlerResponseVO c = c(otpConfig, message, map);
                at.debug("Found mobile number response: {}", c);
                if (c.isRequireOtp()) {
                    if (StringUtils.isBlank(c.getMobileNumber())) {
                        a(MobileNotFoundException.class, new ErrorResponseVO(SecurityConstants.OTP_ERR_INVALID_MOBILE), message, httpRequestAttributes);
                        return;
                    }
                    String uuid = UUID.randomUUID().toString();
                    String generateCode = secureCodeProvider.generateCode(uuid);
                    at.debug("OTP code generated for OTP_ID: {}", uuid);
                    if (a(c.getMobileNumber(), generateCode, uuid, otpConfig, otpParameters, secureCodeProvider, authenticationHandler, componentLocation, obj, message, httpRequestAttributes, map, error, str, c).getStatus().equals(SmsEntityResponse.SmsResponseEntityStatus.ERROR)) {
                        a(OtpInternalException.class, new ErrorResponseVO(SecurityConstants.OTP_ERR_SMS_SEND_FAILED), message, httpRequestAttributes);
                        return;
                    }
                    String hiddenMobileNumber = c.getHiddenMobileNumber(otpParameters.getLastVisibleChars());
                    OtpChallengeResponseVO otpChallengeResponseVO = new OtpChallengeResponseVO(SecurityConstants.OTP_OK_MSG, hiddenMobileNumber, uuid);
                    MultiMap multiMap = new MultiMap();
                    multiMap.put(SecurityConstants.HEADER_RESPONSE_OTP_CHALLENGE_ID_PROPERTY_NAME, uuid);
                    multiMap.put(SecurityConstants.HEADER_RESPONSE_OTP_MOBILE_PROPERTY_NAME, hiddenMobileNumber);
                    multiMap.put(SecurityConstants.HEADER_RESPONSE_OTP_MESSAGE_PROPERTY_NAME, SecurityConstants.OTP_OK_MSG);
                    multiMap.put("Content-Type", "application/json");
                    String writeValueAsString = this.ay.writeValueAsString(otpChallengeResponseVO);
                    at.debug("OTP challenge response JSON: {}", writeValueAsString);
                    throw new OtpBeginChallengeException(SecurityErrorCode.SEC_OTP_008, MessageFormat.format("Starting OTP challenge for request {0}", httpRequestAttributes.getRequestUri()), Message.builder().payload(TypedValue.of(writeValueAsString)).attributesValue(new HttpListenerResponseAttributes(HttpConstants.HttpStatus.ACCEPTED.getStatusCode(), HttpConstants.HttpStatus.ACCEPTED.getReasonPhrase(), multiMap)).build());
                }
                as.info("Lookup handler returned that OTP is not required, so skipping it.");
            }
            as.info(ax, otpCacheName, SecurityUtils.getPrincipalName(authenticationHandler));
            if (a2) {
                a(otpConfig, message, map);
            }
        } catch (MobileInvalidException e) {
            as.info(aw, new Object[]{otpCacheName, SecurityUtils.getPrincipalName(authenticationHandler), e.getMessage()});
            b(otpConfig, message, map);
            a(MobileInvalidException.class, new ErrorResponseVO(e.getErrorCode() == null ? null : e.getErrorCode().name(), e.getLocalizedMessage()), message, httpRequestAttributes);
        } catch (OtpHandlerException e2) {
            as.info(aw, new Object[]{otpCacheName, SecurityUtils.getPrincipalName(authenticationHandler), e2.getMessage()});
            b(otpConfig, message, map);
            a(OtpHandlerException.class, new ErrorResponseVO(e2.getErrorCode() == null ? null : e2.getErrorCode().name(), e2.getLocalizedMessage()), message, httpRequestAttributes);
        } catch (RuntimeException e3) {
            as.info(aw, new Object[]{otpCacheName, SecurityUtils.getPrincipalName(authenticationHandler), e3.getMessage()});
            b(otpConfig, message, map);
            a(OtpInternalException.class, new ErrorResponseVO(e3.getLocalizedMessage()), message, httpRequestAttributes);
        } catch (Exception e4) {
            as.info(aw, new Object[]{otpCacheName, SecurityUtils.getPrincipalName(authenticationHandler), e4.getMessage()});
            b(otpConfig, message, map);
            a(OtpInternalException.class, new ErrorResponseVO(e4.getLocalizedMessage()), message, httpRequestAttributes);
        } catch (ModuleException e5) {
            as.info(aw, new Object[]{otpCacheName, SecurityUtils.getPrincipalName(authenticationHandler), e5.getMessage()});
            b(otpConfig, message, map);
            throw e5;
        }
    }

    private SmsEntityResponse a(String str, String str2, String str3, OtpConfig otpConfig, OtpParameters otpParameters, SecureCodeProvider secureCodeProvider, AuthenticationHandler authenticationHandler, ComponentLocation componentLocation, Object obj, Message message, HttpRequestAttributes httpRequestAttributes, Map<String, Object> map, Error error, String str4, MobileNumberHandlerResponseVO mobileNumberHandlerResponseVO) throws Exception {
        Locale defaultLocale = otpConfig.getDefaultLocale();
        try {
            defaultLocale = Utils.getLocaleFromNumber(str);
        } catch (NumberParseException e) {
            at.warn("Could not determine locale from mobile number {}. Using default locale. {}", str, otpConfig.getDefaultLocale());
        }
        TemplatePropertiesResolver propertiesResolver = otpConfig.getPropertiesResolver();
        BindingContext.Builder builder = BindingContext.builder();
        builder.addBinding("correlationId", TypedValue.of(str4)).addBinding("payload", TypedValue.of(obj)).addBinding("message", new LazyValue(() -> {
            return new TypedValue(new a(message), SecurityConstants.MESAGE_DATA_TYPE);
        })).addBinding("attributes", TypedValue.of(httpRequestAttributes)).addBinding("dataType", new LazyValue(() -> {
            return new TypedValue(TypedValue.of(obj).getDataType(), SecurityConstants.DATA_TYPE_DATA_TYPE);
        })).addBinding("vars", new LazyValue(() -> {
            return new TypedValue(map, SecurityConstants.VARS_DATA_TYPE);
        })).addBinding("error", new LazyValue(() -> {
            return new TypedValue(error, SecurityConstants.ERROR_DATA_TYPE);
        }));
        if (authenticationHandler.getAuthentication().isPresent()) {
            builder.addBinding("authentication", new LazyValue(() -> {
                return new TypedValue(authenticationHandler.getAuthentication().get(), SecurityConstants.AUTH_DATA_TYPE);
            }));
        } else {
            builder.addBinding("authentication", SecurityConstants.NULL_TYPED_VALUE_SUPPLIER);
        }
        HashMap hashMap = new HashMap();
        hashMap.put(SecurityConstants.SmsMessageReservedPlaceholders.smsCode, str2);
        hashMap.put(SecurityConstants.SmsMessageReservedPlaceholders.smsCodeExpiration, secureCodeProvider.getValidTo(str3, otpParameters.getDateTimePattern()));
        hashMap.put(SecurityConstants.SmsMessageReservedPlaceholders.user, SecurityUtils.getPrincipalName(authenticationHandler));
        hashMap.put(SecurityConstants.SmsMessageReservedPlaceholders.flowName, componentLocation.getRootContainerName());
        hashMap.put(SecurityConstants.SmsMessageReservedPlaceholders.lookupContext, mobileNumberHandlerResponseVO.getContext());
        SmsEntity smsEntity = new SmsEntity(propertiesResolver.resolve(otpConfig.getMessages().getMessagesAccessor().getMessage(otpParameters.getSmsTemplateKey(), defaultLocale), otpConfig.isFailOnMissing(), hashMap, builder.build(), componentLocation), str, otpConfig.getSmsSenderName(), Priority.high);
        if (otpConfig.getCostCenters() != null) {
            smsEntity.setCostCenters(otpConfig.getCostCenters());
        }
        ObjectMapper objectMapper = new ObjectMapper();
        String writeValueAsString = objectMapper.writeValueAsString(smsEntity);
        CloseableHttpClient createDefault = HttpClients.createDefault();
        HttpPost httpPost = new HttpPost(otpConfig.getSmsServiceUrl());
        httpPost.setHeader("Content-Type", ContentType.APPLICATION_JSON.getMimeType());
        httpPost.setEntity(new StringEntity(objectMapper.writeValueAsString(smsEntity), ContentType.APPLICATION_JSON));
        CloseableHttpResponse closeableHttpResponse = null;
        try {
            try {
                at.debug("HTTP sending: {} : {}", httpPost.getRequestLine(), writeValueAsString);
                HttpClientContext create = HttpClientContext.create();
                if (otpConfig.getSmsUsername() != null) {
                    this.az.setCredentials(new AuthScope(httpPost.getURI().getHost(), httpPost.getURI().getPort()), new UsernamePasswordCredentials(otpConfig.getSmsUsername(), otpConfig.getSmsPassword()));
                    create.setCredentialsProvider(this.az);
                    create.setAuthSchemeRegistry(this.aB);
                    if (otpConfig.isPreemptiveAuth()) {
                        this.aC.put(new HttpHost(otpConfig.getSmsServiceUrl().getHost(), otpConfig.getSmsServiceUrl().getPort(), otpConfig.getSmsServiceUrl().getScheme()), new BasicScheme());
                    }
                    create.setAuthCache(this.aC);
                    httpPost.setConfig(RequestConfig.copy(this.aD).build());
                }
                CloseableHttpResponse execute = createDefault.execute(httpPost, create);
                at.debug("HTTP response status: {}", execute.getStatusLine());
                int statusCode = execute.getStatusLine().getStatusCode();
                HttpEntity entity = execute.getEntity();
                String entityUtils = EntityUtils.toString(entity);
                at.debug("HTTP response entity: {}", entityUtils);
                EntityUtils.consume(entity);
                if (statusCode >= HttpConstants.HttpStatus.OK.getStatusCode() && statusCode < HttpConstants.HttpStatus.MULTIPLE_CHOICES.getStatusCode()) {
                    SmsEntityResponse smsEntityResponse = (SmsEntityResponse) objectMapper.readValue(entityUtils, SmsEntityResponse.class);
                    if (execute != null) {
                        try {
                            execute.close();
                        } catch (IOException e2) {
                        }
                    }
                    return smsEntityResponse;
                }
                if (statusCode != HttpConstants.HttpStatus.BAD_REQUEST.getStatusCode()) {
                    throw new OtpHandlerException(SecurityErrorCode.SEC_SMS_001, MessageFormat.format("Error invoking SMS service! Status: {0} Entity: {1}", Integer.valueOf(statusCode), entityUtils), (Message) null);
                }
                JsonNode jsonNode = objectMapper.readTree(entityUtils).get("error_code");
                if (jsonNode == null || !"SMS_INV_MOBILE".equals(jsonNode.asText())) {
                    throw new OtpHandlerException(SecurityErrorCode.SEC_SMS_001, MessageFormat.format("Error invoking SMS service! Status: {0} Entity: {1}", Integer.valueOf(statusCode), entityUtils), (Message) null);
                }
                at.warn("SMS Service responded with error: invalid mobile number");
                throw new MobileInvalidException(SecurityErrorCode.SEC_SMS_004, MessageFormat.format("Error invoking SMS service - wrong mobile number! Status: {0} Entity: {1}", Integer.valueOf(statusCode), entityUtils), (Message) null);
            } catch (IOException e3) {
                throw new OtpHandlerException(SecurityErrorCode.SEC_SMS_001, MessageFormat.format("Error invoking SMS service! {0}", e3.getLocalizedMessage()), (Message) null);
            }
        } catch (Throwable th) {
            if (0 != 0) {
                try {
                    closeableHttpResponse.close();
                } catch (IOException e4) {
                }
            }
            throw th;
        }
    }

    private void a(Class<? extends GenericSecurityException> cls, ErrorResponseVO errorResponseVO, Message message, HttpRequestAttributes httpRequestAttributes) {
        String str;
        String str2;
        String str3;
        String str4;
        String str5;
        String str6;
        String str7;
        MultiMap multiMap = new MultiMap();
        multiMap.put("Content-Type", "application/json");
        if (StringUtils.isNotBlank(errorResponseVO.getErrorMessage())) {
            multiMap.put(SecurityConstants.HEADER_RESPONSE_OTP_MESSAGE_PROPERTY_NAME, errorResponseVO.getErrorMessage().length() > au ? errorResponseVO.getErrorMessage().substring(0, 4097) : errorResponseVO.getErrorMessage());
        }
        if (StringUtils.isNotBlank(errorResponseVO.getErrorCode())) {
            multiMap.put(SecurityConstants.HEADER_RESPONSE_OTP_ERROR_CODE_PROPERTY_NAME, errorResponseVO.getErrorCode().length() > au ? errorResponseVO.getErrorCode().substring(0, 4097) : errorResponseVO.getErrorCode());
        }
        if (BadRequestException.class.equals(cls)) {
            try {
                str = this.ay.writeValueAsString(errorResponseVO);
            } catch (JsonProcessingException e) {
                at.error("Error converting error object into string.", e);
                str = "{ \"message\": \"" + errorResponseVO.getErrorMessage() + "\"}";
            }
            throw new BadRequestException(SecurityErrorCode.SEC_ANY_003, MessageFormat.format("Bad request for request {0}", httpRequestAttributes.getRequestUri()), Message.builder().payload(TypedValue.of(str)).attributesValue(new HttpListenerResponseAttributes(HttpConstants.HttpStatus.BAD_REQUEST.getStatusCode(), HttpConstants.HttpStatus.BAD_REQUEST.getReasonPhrase(), multiMap)).build());
        }
        if (MobileInvalidException.class.equals(cls)) {
            try {
                str2 = this.ay.writeValueAsString(errorResponseVO);
            } catch (JsonProcessingException e2) {
                at.error("Error converting error object into string.", e2);
                str2 = "{ \"message\": \"" + errorResponseVO.getErrorMessage() + "\"}";
            }
            throw new MobileInvalidException(SecurityErrorCode.SEC_ANY_003, MessageFormat.format("Mobile number is invalid for request {0}", httpRequestAttributes.getRequestUri()), Message.builder().payload(TypedValue.of(str2)).attributesValue(new HttpListenerResponseAttributes(HttpConstants.HttpStatus.BAD_REQUEST.getStatusCode(), HttpConstants.HttpStatus.BAD_REQUEST.getReasonPhrase(), multiMap)).build());
        }
        if (MobileNotFoundException.class.equals(cls)) {
            try {
                str3 = this.ay.writeValueAsString(errorResponseVO);
            } catch (JsonProcessingException e3) {
                at.error("Error converting error object into string.", e3);
                str3 = "{ \"message\": \"" + errorResponseVO.getErrorMessage() + "\"}";
            }
            throw new MobileNotFoundException(SecurityErrorCode.SEC_ANY_003, MessageFormat.format("Mobile number not found for request {0}", httpRequestAttributes.getRequestUri()), Message.builder().payload(TypedValue.of(str3)).attributesValue(new HttpListenerResponseAttributes(HttpConstants.HttpStatus.NOT_FOUND.getStatusCode(), HttpConstants.HttpStatus.NOT_FOUND.getReasonPhrase(), multiMap)).build());
        }
        if (UnauthorizedException.class.equals(cls)) {
            try {
                str4 = this.ay.writeValueAsString(errorResponseVO);
            } catch (JsonProcessingException e4) {
                at.error("Error converting error object into string.", e4);
                str4 = "{ \"message\": \"" + errorResponseVO.getErrorMessage() + "\"}";
            }
            throw new UnauthorizedException(SecurityErrorCode.SEC_ANY_003, MessageFormat.format("Unauthorized for request {0}", httpRequestAttributes.getRequestUri()), Message.builder().payload(TypedValue.of(str4)).attributesValue(new HttpListenerResponseAttributes(HttpConstants.HttpStatus.UNAUTHORIZED.getStatusCode(), HttpConstants.HttpStatus.UNAUTHORIZED.getReasonPhrase(), multiMap)).build());
        }
        if (OtpInternalException.class.equals(cls)) {
            try {
                str5 = this.ay.writeValueAsString(errorResponseVO);
            } catch (JsonProcessingException e5) {
                at.error("Error converting error object into string.", e5);
                str5 = "{ \"message\": \"" + errorResponseVO.getErrorMessage() + "\"}";
            }
            throw new OtpInternalException(SecurityErrorCode.SEC_ANY_003, MessageFormat.format("Internal server error for request {0}", httpRequestAttributes.getRequestUri()), Message.builder().payload(TypedValue.of(str5)).attributesValue(new HttpListenerResponseAttributes(HttpConstants.HttpStatus.INTERNAL_SERVER_ERROR.getStatusCode(), HttpConstants.HttpStatus.INTERNAL_SERVER_ERROR.getReasonPhrase(), multiMap)).build());
        }
        if (OtpHandlerException.class.equals(cls)) {
            try {
                str7 = this.ay.writeValueAsString(errorResponseVO);
            } catch (JsonProcessingException e6) {
                at.error("Error converting error object into string.", e6);
                str7 = "{ \"message\": \"" + errorResponseVO.getErrorMessage() + "\"}";
            }
            throw new OtpHandlerException(SecurityErrorCode.SEC_ANY_003, MessageFormat.format("OTP handler error for request {0}", httpRequestAttributes.getRequestUri()), Message.builder().payload(TypedValue.of(str7)).attributesValue(new HttpListenerResponseAttributes(HttpConstants.HttpStatus.INTERNAL_SERVER_ERROR.getStatusCode(), HttpConstants.HttpStatus.INTERNAL_SERVER_ERROR.getReasonPhrase(), multiMap)).build());
        }
        try {
            str6 = this.ay.writeValueAsString(errorResponseVO);
        } catch (JsonProcessingException e7) {
            at.error("Error converting error object into string.", e7);
            str6 = "{ \"message\": \"" + errorResponseVO.getErrorMessage() + "\"}";
        }
        throw new OtpInternalException(SecurityErrorCode.SEC_ANY_003, MessageFormat.format("Internal server error for request {0}", httpRequestAttributes.getRequestUri()), Message.builder().payload(TypedValue.of(str6)).attributesValue(new HttpListenerResponseAttributes(HttpConstants.HttpStatus.INTERNAL_SERVER_ERROR.getStatusCode(), HttpConstants.HttpStatus.INTERNAL_SERVER_ERROR.getReasonPhrase(), multiMap)).build());
    }

    private boolean a(Message message) {
        return StringUtils.isNotBlank(SecurityUtils.getHeaderIgnoreCase((HttpRequestAttributes) message.getAttributes().getValue(), SecurityConstants.HEADER_OTP_CHALLENGE_ID));
    }

    private void a(OtpConfig otpConfig, Message message, Map<String, Object> map) {
        try {
            otpConfig.getSuccessHandler().execute(InputEvent.create().message(Message.builder().payload(message.getPayload()).attributes(message.getAttributes()).build()).variables(map)).whenCompleteAsync((executionResult, th) -> {
                if (executionResult == null) {
                    at.warn("Problem completing success handler execution");
                } else {
                    at.debug("Completing success handler execution");
                    executionResult.complete();
                }
            });
        } catch (Exception e) {
            at.error("Error while executing success handler.", e);
        }
    }

    private void b(OtpConfig otpConfig, Message message, Map<String, Object> map) {
        try {
            otpConfig.getErrorHandler().execute(InputEvent.create().message(Message.builder().payload(message.getPayload()).attributes(message.getAttributes()).build()).variables(map)).whenCompleteAsync((executionResult, th) -> {
                if (executionResult == null) {
                    at.warn("Problem completing error handler execution");
                } else {
                    at.debug("Completing error handler execution");
                    executionResult.complete();
                }
            });
        } catch (Exception e) {
            at.error("Error while executing error handler.", e);
        }
    }

    private MobileNumberHandlerResponseVO c(OtpConfig otpConfig, Message message, Map<String, Object> map) {
        InputEvent message2 = InputEvent.create().message(Message.builder().payload(message.getPayload()).attributes(message.getAttributes()).build());
        if (map != null && !map.isEmpty()) {
            for (Map.Entry<String, Object> entry : map.entrySet()) {
                at.trace("Adding variable {} under key {}", entry.getValue(), entry.getKey());
                message2 = message2.addVariable(entry.getKey(), entry.getValue());
            }
        }
        ExecutionResult executionResult = null;
        try {
            try {
                ExecutionResult executionResult2 = (ExecutionResult) otpConfig.getLookupHandler().execute(message2).get();
                Message message3 = executionResult2.getEvent().getMessage();
                TypedValue payload = message3.getPayload();
                at.debug("Response message from lookup call: {}", message3);
                int statusCode = ((HttpResponseAttributes) TypedValue.unwrap(message3.getAttributes())).getStatusCode();
                if (statusCode < HttpConstants.HttpStatus.OK.getStatusCode() || statusCode >= HttpConstants.HttpStatus.MULTIPLE_CHOICES.getStatusCode()) {
                    try {
                        as.error("Failed to call mobile number lookup service. Response status: {}, response payload: {}", Integer.valueOf(statusCode), payload);
                    } catch (Exception e) {
                    }
                    throw new OtpHandlerException(SecurityErrorCode.SEC_SMS_002, "Failed to call mobile number lookup service. Response status: " + statusCode, (Message) null);
                }
                MobileNumberHandlerResponseVO b = b(message3);
                if (executionResult2 != null) {
                    at.debug("Completing lookup handler execution");
                    executionResult2.complete();
                }
                return b;
            } catch (InterruptedException | ExecutionException e2) {
                throw new OtpHandlerException(SecurityErrorCode.SEC_SMS_002, "Failed to call mobile number lookup service. Flow execution problem. ", e2, null);
            }
        } catch (Throwable th) {
            if (0 != 0) {
                at.debug("Completing lookup handler execution");
                executionResult.complete();
            }
            throw th;
        }
    }

    private MobileNumberHandlerResponseVO b(Message message) {
        MobileNumberHandlerResponseVO mobileNumberHandlerResponseVO;
        InputStream inputStream = null;
        Object value = message.getPayload().getValue();
        ObjectMapper objectMapper = new ObjectMapper();
        InputStreamReader inputStreamReader = null;
        try {
            try {
                if (value instanceof InputStream) {
                    inputStream = (InputStream) value;
                } else if (value instanceof byte[]) {
                    inputStream = new ByteArrayInputStream((byte[]) value);
                } else if (value instanceof CursorStreamProvider) {
                    inputStream = ((CursorStreamProvider) value).openCursor();
                }
                if (value instanceof Reader) {
                    mobileNumberHandlerResponseVO = (MobileNumberHandlerResponseVO) objectMapper.readValue((Reader) value, MobileNumberHandlerResponseVO.class);
                } else if (value instanceof String) {
                    mobileNumberHandlerResponseVO = (MobileNumberHandlerResponseVO) objectMapper.readValue((String) value, MobileNumberHandlerResponseVO.class);
                } else {
                    inputStreamReader = new InputStreamReader(inputStream, "UTF-8");
                    mobileNumberHandlerResponseVO = (MobileNumberHandlerResponseVO) objectMapper.readValue(inputStreamReader, MobileNumberHandlerResponseVO.class);
                }
                MobileNumberHandlerResponseVO mobileNumberHandlerResponseVO2 = mobileNumberHandlerResponseVO;
                IOUtils.closeQuietly(inputStreamReader);
                IOUtils.closeQuietly(inputStream);
                return mobileNumberHandlerResponseVO2;
            } catch (Exception e) {
                throw new OtpHandlerException(SecurityErrorCode.SEC_SMS_003, "Error while parsing response from mobile number lookup service.", e, null);
            }
        } catch (Throwable th) {
            IOUtils.closeQuietly((Closeable) null);
            IOUtils.closeQuietly((Closeable) null);
            throw th;
        }
    }

    private boolean a(OtpParameters otpParameters) {
        String issuer;
        if (OtpParameters.REALMS_WILDCARD.equals(otpParameters.getExcludeRealms())) {
            return true;
        }
        KeycloakSecurityContext currentKeycloakContext = SecurityUtils.getCurrentKeycloakContext();
        if (currentKeycloakContext == null || (issuer = currentKeycloakContext.getToken().getIssuer()) == null) {
            return false;
        }
        String substring = issuer.substring(issuer.lastIndexOf(47) + 1, issuer.length());
        for (String str : otpParameters.getExcludeRealmsArray()) {
            if (str.equalsIgnoreCase(substring)) {
                return true;
            }
        }
        return false;
    }
}
