package com.googlesource.gerrit.plugins.oauth;

import com.google.common.io.BaseEncoding;
import com.google.gerrit.server.OutputFormat;
import com.google.gson.JsonElement;
import com.google.gson.JsonObject;
import org.scribe.builder.api.DefaultApi20;
import org.scribe.exceptions.OAuthException;
import org.scribe.extractors.AccessTokenExtractor;
import org.scribe.model.OAuthConfig;
import org.scribe.model.OAuthConstants;
import org.scribe.model.OAuthRequest;
import org.scribe.model.Response;
import org.scribe.model.Token;
import org.scribe.model.Verb;
import org.scribe.model.Verifier;
import org.scribe.oauth.OAuthService;

/* loaded from: input_file:com/googlesource/gerrit/plugins/oauth/BitbucketApi.class */
public class BitbucketApi extends DefaultApi20 {
    private static final String AUTHORIZE_URL = "https://bitbucket.org/site/oauth2/authorize?client_id=%s&response_type=code";
    private static final String ACCESS_TOKEN_ENDPOINT = "https://bitbucket.org/site/oauth2/access_token";

    /* loaded from: input_file:com/googlesource/gerrit/plugins/oauth/BitbucketApi$BitbucketOAuthService.class */
    private static final class BitbucketOAuthService implements OAuthService {
        private static final String VERSION = "2.0";
        private static final String GRANT_TYPE = "grant_type";
        private static final String GRANT_TYPE_VALUE = "authorization_code";
        private final DefaultApi20 api;
        private final OAuthConfig config;

        private BitbucketOAuthService(DefaultApi20 defaultApi20, OAuthConfig oAuthConfig) {
            this.config = oAuthConfig;
            this.api = defaultApi20;
        }

        @Override // org.scribe.oauth.OAuthService
        public Token getAccessToken(Token token, Verifier verifier) {
            OAuthRequest oAuthRequest = new OAuthRequest(this.api.getAccessTokenVerb(), this.api.getAccessTokenEndpoint());
            oAuthRequest.addHeader(OAuthConstants.HEADER, prepareAuthorizationHeaderValue());
            oAuthRequest.addBodyParameter(GRANT_TYPE, GRANT_TYPE_VALUE);
            oAuthRequest.addBodyParameter(OAuthConstants.CODE, verifier.getValue());
            Response send = oAuthRequest.send();
            if (send.getCode() == 200) {
                return new Token(this.api.getAccessTokenExtractor().extract(send.getBody()).getToken(), this.config.getApiSecret());
            }
            throw new OAuthException(String.format("Error response received: %s, HTTP status: %s", send.getBody(), Integer.valueOf(send.getCode())));
        }

        private String prepareAuthorizationHeaderValue() {
            return String.format("Basic %s", BaseEncoding.base64().encode(String.format("%s:%s", this.config.getApiKey(), this.config.getApiSecret()).getBytes()));
        }

        @Override // org.scribe.oauth.OAuthService
        public Token getRequestToken() {
            throw new UnsupportedOperationException("Unsupported operation, please use 'getAuthorizationUrl' and redirect your users there");
        }

        @Override // org.scribe.oauth.OAuthService
        public String getVersion() {
            return VERSION;
        }

        @Override // org.scribe.oauth.OAuthService
        public void signRequest(Token token, OAuthRequest oAuthRequest) {
            oAuthRequest.addQuerystringParameter(OAuthConstants.ACCESS_TOKEN, token.getToken());
        }

        @Override // org.scribe.oauth.OAuthService
        public String getAuthorizationUrl(Token token) {
            return this.api.getAuthorizationUrl(this.config);
        }
    }

    /* loaded from: input_file:com/googlesource/gerrit/plugins/oauth/BitbucketApi$BitbucketTokenExtractor.class */
    private static final class BitbucketTokenExtractor implements AccessTokenExtractor {
        private BitbucketTokenExtractor() {
        }

        @Override // org.scribe.extractors.AccessTokenExtractor
        public Token extract(String str) {
            JsonElement jsonElement = (JsonElement) OutputFormat.JSON.newGson().fromJson(str, JsonElement.class);
            if (!jsonElement.isJsonObject()) {
                throw new OAuthException(String.format("Invalid JSON '%s': not a JSON Object", jsonElement));
            }
            JsonObject asJsonObject = jsonElement.getAsJsonObject();
            JsonElement jsonElement2 = asJsonObject.get(OAuthConstants.ACCESS_TOKEN);
            if (jsonElement2 == null || jsonElement2.isJsonNull()) {
                throw new OAuthException("Response doesn't contain 'access_token' field");
            }
            return new Token(asJsonObject.get(OAuthConstants.ACCESS_TOKEN).getAsString(), "");
        }
    }

    @Override // org.scribe.builder.api.DefaultApi20
    public String getAuthorizationUrl(OAuthConfig oAuthConfig) {
        return String.format(AUTHORIZE_URL, oAuthConfig.getApiKey());
    }

    @Override // org.scribe.builder.api.DefaultApi20
    public String getAccessTokenEndpoint() {
        return ACCESS_TOKEN_ENDPOINT;
    }

    @Override // org.scribe.builder.api.DefaultApi20
    public Verb getAccessTokenVerb() {
        return Verb.POST;
    }

    @Override // org.scribe.builder.api.DefaultApi20, org.scribe.builder.api.Api
    public OAuthService createService(OAuthConfig oAuthConfig) {
        return new BitbucketOAuthService(this, oAuthConfig);
    }

    @Override // org.scribe.builder.api.DefaultApi20
    public AccessTokenExtractor getAccessTokenExtractor() {
        return new BitbucketTokenExtractor();
    }
}
