package org.hawkular.accounts.common;

import java.io.StringReader;
import java.net.URLEncoder;
import javax.enterprise.context.ApplicationScoped;
import javax.inject.Inject;
import javax.json.Json;
import javax.json.JsonObject;

@ApplicationScoped
/* loaded from: input_file:WEB-INF/lib/hawkular-accounts-common-2.0.6.Final.jar:org/hawkular/accounts/common/UsernamePasswordConverter.class */
public class UsernamePasswordConverter {

    @Inject
    @AuthServerUrl
    private String baseUrl;

    @Inject
    @RealmName
    private String realm;

    @Inject
    AuthServerRequestExecutor executor;

    public String getAccessToken(String str, String str2) throws Exception {
        return getResponse(str, str2).getString("access_token");
    }

    public String getRefreshToken(String str, String str2) throws Exception {
        return getResponse(str, str2).getString("refresh_token");
    }

    public String getOfflineToken(String str, String str2) throws Exception {
        if (str == null || str.isEmpty()) {
            throw new UsernamePasswordConversionException("Username is not provided.");
        }
        JsonObject readObject = Json.createReader(new StringReader(this.executor.execute(this.baseUrl + "/realms/" + URLEncoder.encode(this.realm, "UTF-8") + "/protocol/openid-connect/token", (("grant_type=password&username=" + URLEncoder.encode(str, "UTF-8")) + "&password=" + URLEncoder.encode(str2, "UTF-8")) + "&scope=offline_access", "POST"))).readObject();
        if (readObject.get("error") == null) {
            return readObject.getString("refresh_token");
        }
        throw new UsernamePasswordConversionException("Error from Keycloak server: " + readObject.getString("error"));
    }

    private JsonObject getResponse(String str, String str2) throws Exception {
        JsonObject readObject = Json.createReader(new StringReader(getTokenResponseForUsernamePassword(str, str2))).readObject();
        if (readObject.get("error") == null) {
            return readObject;
        }
        throw new UsernamePasswordConversionException("Error from Keycloak server: " + readObject.getString("error"));
    }

    private String getTokenResponseForUsernamePassword(String str, String str2) throws Exception {
        if (str == null || str.isEmpty()) {
            throw new UsernamePasswordConversionException("Username is not provided.");
        }
        return this.executor.execute(this.baseUrl + "/realms/" + URLEncoder.encode(this.realm, "UTF-8") + "/protocol/openid-connect/token", ("grant_type=password&username=" + URLEncoder.encode(str, "UTF-8")) + "&password=" + URLEncoder.encode(str2, "UTF-8"), "POST");
    }
}
