package generators.misc;

import algoanim.animalscript.AnimalScript;
import algoanim.primitives.generators.Language;
import algoanim.properties.AnimationPropertiesKeys;
import algoanim.properties.CircleProperties;
import algoanim.properties.RectProperties;
import algoanim.properties.TextProperties;
import algoanim.util.Coordinates;
import generators.framework.Generator;
import generators.framework.GeneratorType;
import generators.framework.ValidatingGenerator;
import generators.framework.properties.AnimationPropertiesContainer;
import generators.misc.oauth.utils.OAuthEntity;
import generators.misc.oauth.utils.ProtocolArrow;
import generators.misc.oauth.utils.ProtocolLayout;
import generators.misc.oauth.utils.Token;
import interactionsupport.models.HtmlDocumentationModel;
import java.awt.Color;
import java.awt.Font;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.Locale;
import org.apache.commons.jxpath.ri.model.dynamic.DynamicPointerFactory;
import org.apache.commons.jxpath.servlet.Constants;

/* loaded from: input_file:generators/misc/OAuth2.class */
public class OAuth2 implements ValidatingGenerator {
    public Language lang;
    private int WIDTH = 1200;
    private int HEIGHT = DynamicPointerFactory.DYNAMIC_POINTER_FACTORY_ORDER;
    ProtocolLayout oauthLayout;
    private int moveEntityTimeInMs;
    private int stepSlideInTimeInMs;
    private int tokenMoveTimeInMs;
    private TextProperties headingProps;
    private TextProperties parameterTextProps;
    private TextProperties smallText;
    private RectProperties tokenRectProps;
    private static final String DESCRIPTION = "OAuth2.0 is a set of protocols designed for delegating authorization for protected resources. That has the advantage of using data or services from a provider with an external application.\n\nExample:\nAccess Facebook services and data via a third party application.";

    @Override // generators.framework.Generator
    public String getName() {
        return "OAuth2.0 [EN]";
    }

    @Override // generators.framework.Generator
    public String getAlgorithmName() {
        return "OAuth 2.0";
    }

    @Override // generators.framework.Generator
    public String getAnimationAuthor() {
        return "Nils Mäser and Vincent Riesop";
    }

    @Override // generators.framework.Generator
    public String getDescription() {
        return DESCRIPTION;
    }

    @Override // generators.framework.Generator
    public String getCodeExample() {
        return "Abstract Protocol Flow:\nApplication          => User:                 Authorization Request\nUser                 => Application:          Authorization Grant\nApplication          => Authorization Server: Authorization Grant\nAuthorization Server => Application:          Access Token\nApplication          => Resource Server:      Access Token\nResource Server      => Application:          Protected Resource";
    }

    @Override // generators.framework.Generator
    public String getFileExtension() {
        return Generator.ANIMALSCRIPT_FORMAT_EXTENSION;
    }

    @Override // generators.framework.Generator
    public Locale getContentLocale() {
        return Locale.ENGLISH;
    }

    @Override // generators.framework.Generator
    public GeneratorType getGeneratorType() {
        return new GeneratorType(GeneratorType.GENERATOR_TYPE_MORE);
    }

    @Override // generators.framework.Generator
    public String getOutputLanguage() {
        return "Pseudo-Code";
    }

    @Override // generators.framework.Generator
    public void init() {
        this.lang = new AnimalScript("OAuth2.0 [DE]", "Vincent Riesop und Nils Mäser", this.WIDTH, this.HEIGHT);
        this.lang.setStepMode(true);
        this.tokenRectProps = new RectProperties();
        this.tokenRectProps.set(AnimationPropertiesKeys.FILLED_PROPERTY, true);
        this.tokenRectProps.set("fillColor", Color.darkGray);
        this.tokenRectProps.set(AnimationPropertiesKeys.DEPTH_PROPERTY, 1);
        this.headingProps = new TextProperties();
        this.headingProps.set("font", new Font("SansSerif", 1, 18));
        this.headingProps.set("color", Color.BLACK);
        this.smallText = new TextProperties();
        this.smallText.set("font", new Font("Monospaced", 0, 10));
        this.smallText.set("color", Color.BLACK);
        this.lang.setInteractionType(1024);
    }

    @Override // generators.framework.Generator
    public String generate(AnimationPropertiesContainer animationPropertiesContainer, Hashtable<String, Object> hashtable) {
        RectProperties rectProperties = (RectProperties) animationPropertiesContainer.getPropertiesByName("infoBoxBorderRectProp");
        RectProperties rectProperties2 = (RectProperties) animationPropertiesContainer.getPropertiesByName("entityRectProp");
        TextProperties textProperties = (TextProperties) animationPropertiesContainer.getPropertiesByName("tokenTextProp");
        RectProperties rectProperties3 = (RectProperties) animationPropertiesContainer.getPropertiesByName("tokenRectProp");
        CircleProperties circleProperties = (CircleProperties) animationPropertiesContainer.getPropertiesByName("tokenCircleProp");
        this.parameterTextProps = (TextProperties) animationPropertiesContainer.getPropertiesByName("parameterText");
        TextProperties textProperties2 = (TextProperties) animationPropertiesContainer.getPropertiesByName("infoText");
        this.moveEntityTimeInMs = ((Integer) hashtable.get("moveEntityTimeInMs")).intValue();
        this.stepSlideInTimeInMs = ((Integer) hashtable.get("stepSlideInTimeInMs")).intValue();
        this.tokenMoveTimeInMs = ((Integer) hashtable.get("tokenMoveTimeInMs")).intValue();
        int intValue = ((Integer) hashtable.get("radius")).intValue();
        this.oauthLayout = new ProtocolLayout(this.lang, ((Integer) hashtable.get("xLayoutCenter")).intValue(), ((Integer) hashtable.get("yLayoutCenter")).intValue(), intValue, this.WIDTH, this.HEIGHT, rectProperties, textProperties2, this.stepSlideInTimeInMs, this.moveEntityTimeInMs);
        LinkedList<ProtocolArrow> linkedList = new LinkedList<>();
        this.oauthLayout.drawIntroOutroLayout();
        this.oauthLayout.setHeading("OAuth2.0 - Intro");
        this.oauthLayout.addInfoBoxLine("This Animal animation visualizes the four OAuth2.0 flows. In order to understand the hows and whys of each flow, basic oauth terminology is introduced when necessary.");
        this.oauthLayout.addInfoBoxLine("However, this is not a copy of the OAuth2.0 Specification. If you need implementation details, please see the latest OAuth2.0 specs.");
        this.oauthLayout.addInfoBoxLine("");
        this.oauthLayout.addInfoBoxLine("What is OAuth 2.0?", this.headingProps);
        this.oauthLayout.addInfoBoxLine("OAuth2.0 is a set of protocols designed for delegating authorization for protected resources.");
        this.oauthLayout.addInfoBoxLine("This has the advantage of using data or services from a provider with an external application");
        this.oauthLayout.addInfoBoxLine("Example. Access Facebook services and data via a third party application.");
        this.oauthLayout.addInfoBoxLine("OAuth Terminology", this.headingProps);
        this.oauthLayout.addInfoBoxLine("Before you can jump to the OAuth2.0 protocol, you should be familiar with the following terms and concepts:");
        this.oauthLayout.addInfoBoxLine("Protected Resource");
        this.oauthLayout.addInfoBoxLine("- A resource can be any data or service.");
        this.oauthLayout.addInfoBoxLine("- It is protected by authentication and authorization enforcement.");
        this.oauthLayout.addInfoBoxLine("Authentication     ");
        this.oauthLayout.addInfoBoxLine("- The user proves his identity. This means that the authentication enforcement point knows the identity and how to verify the authentication proof.");
        this.oauthLayout.addInfoBoxLine("Authorization");
        this.oauthLayout.addInfoBoxLine("- Actions can be performed on a resource. Data can be read, written or deleted, and a service can be executed for example.");
        this.oauthLayout.addInfoBoxLine("- Which actions the user is allowed to perform depends on his permissions for that resource.");
        this.oauthLayout.addInfoBoxLine("- If the user has permission to perform a certain action, he will be authorized to do so if he performs that action on that resource.");
        this.oauthLayout.addInfoBoxLine("");
        this.oauthLayout.addInfoBoxLine("How to authorize a third party app? Or, how to delegate authorization?", this.headingProps);
        this.oauthLayout.addInfoBoxLine("A third party app provides an access token at every request to that resource. Whether the third party app is authorized to perform the requested action depends on");
        this.oauthLayout.addInfoBoxLine("whether the user has granted the particular permission for that third party app. This access token contains information about the requesting third party app ");
        this.oauthLayout.addInfoBoxLine("as well as optional information. The access token can be extended to the needs of the use cases. A common example is login via social media provider. In the use case login,  ");
        this.oauthLayout.addInfoBoxLine("information about the user may be relevant. Note: OAuth2.0 is not designed for authentication, it is designed for delegating authorization! The resource server is well ");
        this.oauthLayout.addInfoBoxLine("aware that the requesting party is acting on behalf of the user, so it would be a big no-go to issue an authentication assuring token to an entity that is ");
        this.oauthLayout.addInfoBoxLine("knowingly NOT the authentic person.");
        this.oauthLayout.addInfoBoxLine("");
        this.oauthLayout.addInfoBoxLine("How to get an access token?", this.headingProps);
        this.oauthLayout.addInfoBoxLine("How to obtain such an access token is a major part of this Animal Visualization. There are four different flows. Please continue to learn more about these four flows.");
        this.lang.nextStep("OAuth2.0 - Client Credentials Roles - Client");
        this.oauthLayout.clearText();
        this.lang.hideAllPrimitives();
        this.oauthLayout.drawFlowLayout();
        this.oauthLayout.setHeading("OAuth2.0 - Client Credentials Roles");
        this.oauthLayout.addInfoBoxLine("Client", this.headingProps);
        this.oauthLayout.addInfoBoxLine("Third party application that is requesting access to a protected ");
        this.oauthLayout.addInfoBoxLine("resource on behalf of the resource owner. The client must get authorized");
        this.oauthLayout.addInfoBoxLine("by the resource owner in order to access a protected resource.");
        OAuthEntity oAuthEntity = new OAuthEntity(this.oauthLayout, "Client", rectProperties2);
        this.lang.nextStep("OAuth2.0 - Client Credentials Roles - Client");
        this.oauthLayout.addInfoBoxLine("");
        this.oauthLayout.addInfoBoxLine("Authorization Server:", this.headingProps);
        this.oauthLayout.addInfoBoxLine("This server issues access tokens to authorized and authenticated clients.");
        this.oauthLayout.addInfoBoxLine("(A client always identifies itself with a client_id.");
        this.oauthLayout.addInfoBoxLine("A symmetric key is commonly used for client authentication.)");
        this.oauthLayout.addInfoBoxLine("For simplicity and a better overview, the resource server and the ");
        this.oauthLayout.addInfoBoxLine("authorization server are often displayed as one entity.");
        this.oauthLayout.addInfoBoxLine("Combining the authorization and resource server APIs is perfectly ");
        this.oauthLayout.addInfoBoxLine("acceptable from the developer's point of view");
        this.oauthLayout.addInfoBoxLine("As an architect for infrastructure, you could separate ");
        this.oauthLayout.addInfoBoxLine("the authorization and the resource server APIs.");
        OAuthEntity oAuthEntity2 = new OAuthEntity(this.oauthLayout, "Auth. Server", rectProperties2);
        linkedList.add(new ProtocolArrow(this.oauthLayout, oAuthEntity, oAuthEntity2, "(A)", "Client Authentication", 0));
        linkedList.add(new ProtocolArrow(this.oauthLayout, oAuthEntity2, oAuthEntity, "(B)", "Access Token", 1));
        this.oauthLayout.registerSteps(linkedList);
        this.lang.nextStep("OAuth2.0 - Client Credentials Roles - Auth. Server");
        this.oauthLayout.clearText();
        this.oauthLayout.setHeading("OAuth2.0 - Client Credentials Flow");
        this.oauthLayout.clearDetailsOnly();
        this.oauthLayout.addStepDetailsLine(this.oauthLayout.getStepWithId(0).getStrLabel(), this.headingProps);
        this.oauthLayout.addStepDetailsLine("Client sends a request to get an access token ");
        this.oauthLayout.addStepDetailsLine("The request contains query parameters:");
        this.oauthLayout.addStepDetailsLine("grant_type=client_credentials", this.parameterTextProps);
        this.oauthLayout.addStepDetailsLine("client_id=<client_id>", this.parameterTextProps);
        this.oauthLayout.addStepDetailsLine("client_secret=<client_secret>", this.parameterTextProps);
        Token token = new Token(this.lang, "credentials", textProperties, circleProperties, rectProperties3, getArrowStart(0), this.tokenMoveTimeInMs);
        token.moveTo(getArrowEnd(0));
        showArrow(0);
        this.lang.nextStep("OAuth2.0 - Client Credentials Flow Step 1");
        token.hide();
        this.oauthLayout.clearDetailsOnly();
        this.oauthLayout.addStepDetailsLine(this.oauthLayout.getStepWithId(1).getStrLabel(), this.headingProps);
        this.oauthLayout.addStepDetailsLine("The authorization server authenticates the client, and if valid,");
        this.oauthLayout.addStepDetailsLine("issues an access token.");
        Token token2 = new Token(this.lang, "Access Token", textProperties, circleProperties, rectProperties3, getArrowStart(1), this.tokenMoveTimeInMs);
        token2.moveTo(getArrowEnd(1));
        showArrow(1);
        linkedList.clear();
        this.lang.nextStep("OAuth2.0 - Client Credentials Flow Step 2");
        token2.hide();
        this.oauthLayout.clearEntities();
        this.oauthLayout.clearText();
        this.oauthLayout.setHeading("OAuth2.0 - Authorization Code Roles");
        this.oauthLayout.addInfoBoxLine("User Agent", this.headingProps);
        this.oauthLayout.addInfoBoxLine(" The client which initiates a request. These are often browsers,");
        this.oauthLayout.addInfoBoxLine(" editors, spiders (web-traversing robots), or other end user tools.");
        OAuthEntity oAuthEntity3 = new OAuthEntity(this.oauthLayout, "User Agent", rectProperties2);
        this.lang.nextStep("OAuth2.0 - Authorization Code Roles - User Agent");
        this.oauthLayout.addInfoBoxLine("");
        this.oauthLayout.addInfoBoxLine("Client", this.headingProps);
        this.oauthLayout.addInfoBoxLine("Third party application that is requesting access to a protected ");
        this.oauthLayout.addInfoBoxLine("resource on behalf of the resource owner. The client must get authorized");
        this.oauthLayout.addInfoBoxLine("by the resource owner in order to access a protected resource.");
        OAuthEntity oAuthEntity4 = new OAuthEntity(this.oauthLayout, "Client", rectProperties2);
        this.lang.nextStep("OAuth2.0 - Authorization Code Roles - Client");
        this.oauthLayout.addInfoBoxLine("");
        this.oauthLayout.addInfoBoxLine("Authorization Server:", this.headingProps);
        this.oauthLayout.addInfoBoxLine("This server issues access tokens to authorized and authenticated clients.");
        this.oauthLayout.addInfoBoxLine("(A client always identifies itself with a client_id.");
        this.oauthLayout.addInfoBoxLine("A symmetric key is commonly used for client authentication.)");
        this.oauthLayout.addInfoBoxLine("For simplicity and a better overview, the resource server and the ");
        this.oauthLayout.addInfoBoxLine("authorization server are often displayed as one entity.");
        this.oauthLayout.addInfoBoxLine("Combining the authorization and resource server APIs is perfectly ");
        this.oauthLayout.addInfoBoxLine("acceptable from the developer's point of view");
        this.oauthLayout.addInfoBoxLine("As an architect for infrastructure, you could separate ");
        this.oauthLayout.addInfoBoxLine("the authorization and the resource server APIs.");
        OAuthEntity oAuthEntity5 = new OAuthEntity(this.oauthLayout, "Auth. Server", rectProperties2);
        this.lang.nextStep("OAuth2.0 - Authorization Code Roles - Auth. Server");
        this.oauthLayout.addInfoBoxLine("");
        this.oauthLayout.addInfoBoxLine("Resource owner", this.headingProps);
        this.oauthLayout.addInfoBoxLine("Owns the resource and can grant access to a protected resource.");
        OAuthEntity oAuthEntity6 = new OAuthEntity(this.oauthLayout, "Res. Owner", rectProperties2);
        this.lang.nextStep("OAuth2.0 - Authorization Code Roles - Res. Owner");
        this.oauthLayout.clearText();
        this.oauthLayout.setHeading("OAuth2.0 - Authorization Code Flow");
        linkedList.add(new ProtocolArrow(this.oauthLayout, oAuthEntity4, oAuthEntity5, "(A)", "Request Authorization", 0));
        linkedList.add(new ProtocolArrow(this.oauthLayout, oAuthEntity6, oAuthEntity5, "(B)", "User authorizes Request", 1));
        linkedList.add(new ProtocolArrow(this.oauthLayout, oAuthEntity5, oAuthEntity3, "(C)", "Authorization Code Grant ", 2));
        linkedList.add(new ProtocolArrow(this.oauthLayout, oAuthEntity3, oAuthEntity4, "(D)", "Authorization Code Grant", 3));
        linkedList.add(new ProtocolArrow(this.oauthLayout, oAuthEntity4, oAuthEntity5, "(E)", "Access Token Request", 4));
        linkedList.add(new ProtocolArrow(this.oauthLayout, oAuthEntity5, oAuthEntity4, "(F)", "Access Token Grant", 5));
        this.oauthLayout.registerSteps(linkedList);
        this.oauthLayout.clearText();
        this.lang.nextStep();
        this.oauthLayout.clearDetailsOnly();
        this.oauthLayout.addStepDetailsLine(this.oauthLayout.getStepWithId(0).getStrLabel(), this.headingProps);
        this.oauthLayout.addStepDetailsLine("The client initiates the flow and requests access on behalf of the user.");
        this.oauthLayout.addStepDetailsLine("The Request contains the following parameters:");
        this.oauthLayout.addStepDetailsLine("client_id= <id of the requesting client>", this.parameterTextProps);
        this.oauthLayout.addStepDetailsLine("redirect_uri = <Callback URL>", this.parameterTextProps);
        this.oauthLayout.addStepDetailsLine("response_type = code", this.parameterTextProps);
        this.oauthLayout.addStepDetailsLine("scope = <granular authorization system>", this.parameterTextProps);
        this.oauthLayout.addStepDetailsLine(" ... this enables the user to grant or revoke specific ");
        this.oauthLayout.addStepDetailsLine(" ... permissions for the application (here referred to as client)");
        this.oauthLayout.addStepDetailsLine("It is common to provide these parameters as query parameters of the");
        this.oauthLayout.addStepDetailsLine("requesting API call. Example URL:");
        this.oauthLayout.addStepDetailsLine("https://<fqdn>/v1/oauth/authorize?", this.smallText);
        this.oauthLayout.addStepDetailsLine("response_type=code&client_id=CLIENT_ID&redirect_uri=CALLBACK_URL&scope=read", this.smallText);
        Token token3 = new Token(this.lang, Constants.REQUEST_SCOPE, textProperties, circleProperties, rectProperties3, getArrowStart(0), this.tokenMoveTimeInMs);
        token3.moveTo(getArrowEnd(0));
        showArrow(0);
        this.lang.nextStep("OAuth2.0 - Authorization Code Flow Step 1");
        token3.hide();
        this.oauthLayout.clearDetailsOnly();
        this.oauthLayout.addStepDetailsLine(this.oauthLayout.getStepWithId(1).getStrLabel(), this.headingProps);
        this.oauthLayout.addStepDetailsLine("The user is redirected to the Authorization Server.");
        this.oauthLayout.addStepDetailsLine("He or she will be prompted to log in, unless the user is already logged in.");
        this.oauthLayout.addStepDetailsLine("Once the identity of the user has been authenticated,");
        this.oauthLayout.addStepDetailsLine("he or she; will be asked to provide his or her permission.");
        this.oauthLayout.addStepDetailsLine("Typically the user sees a description of the scopes and the requesting client");
        this.oauthLayout.addStepDetailsLine("A common challenge is the translation of the descriptions, ");
        this.oauthLayout.addStepDetailsLine("and the mapping between the technical scopes and the readable descriptions. ");
        Token token4 = new Token(this.lang, "user input", textProperties, circleProperties, rectProperties3, getArrowStart(1), this.tokenMoveTimeInMs);
        token4.moveTo(getArrowEnd(1));
        showArrow(1);
        this.lang.nextStep("OAuth2.0 - Authorization Code Flow Step 2");
        token4.hide();
        this.oauthLayout.clearDetailsOnly();
        this.oauthLayout.addStepDetailsLine(this.oauthLayout.getStepWithId(2).getStrLabel(), this.headingProps);
        this.oauthLayout.addStepDetailsLine("Given that the user has provided his consent to the requested permissions,");
        this.oauthLayout.addStepDetailsLine("the authorization server sends an authorization code to the callback URL.");
        this.oauthLayout.addStepDetailsLine("The callback URL is targeted to the client. The User Agent will be redirected ");
        this.oauthLayout.addStepDetailsLine("together with the authorization code to that client.");
        showArrow(2);
        Token token5 = new Token(this.lang, "Auth Code", textProperties, circleProperties, rectProperties3, getArrowStart(2), this.tokenMoveTimeInMs);
        token5.moveTo(getArrowEnd(2));
        this.lang.nextStep("OAuth2.0 - Authorization Code Flow Step 3");
        token5.hide();
        this.oauthLayout.clearDetailsOnly();
        this.oauthLayout.addStepDetailsLine(this.oauthLayout.getStepWithId(3).getStrLabel(), this.headingProps);
        this.oauthLayout.addStepDetailsLine("The User Agent is redirected to the client. Redirection is initiated in the previous step.");
        showArrow(3);
        Token token6 = new Token(this.lang, "Auth Code", textProperties, circleProperties, rectProperties3, getArrowStart(3), this.tokenMoveTimeInMs);
        token6.moveTo(getArrowEnd(3));
        this.lang.nextStep("OAuth2.0 - Authorization Code Flow Step 4");
        token6.hide();
        this.oauthLayout.clearDetailsOnly();
        this.oauthLayout.addStepDetailsLine(this.oauthLayout.getStepWithId(4).getStrLabel(), this.headingProps);
        this.oauthLayout.addStepDetailsLine("The Client builds a new API call in order to get an access token. This request contains");
        this.oauthLayout.addStepDetailsLine("client_id = <id of the client>", this.parameterTextProps);
        this.oauthLayout.addStepDetailsLine("client_secret = < only known by the Client>", this.parameterTextProps);
        this.oauthLayout.addStepDetailsLine("... The user agent should NOT know the secret. ");
        this.oauthLayout.addStepDetailsLine("... The user agent is typically in an uncontrolled and ");
        this.oauthLayout.addStepDetailsLine("... and potentially not trustworthy and insecure environment.");
        this.oauthLayout.addStepDetailsLine("... A browser, a mobile app or whatever.");
        this.oauthLayout.addStepDetailsLine("... The client secret could be leaked easier in such an environment.");
        this.oauthLayout.addStepDetailsLine("... However, the user agent is still relevant,");
        this.oauthLayout.addStepDetailsLine("... because the client should not be able to perform");
        this.oauthLayout.addStepDetailsLine("... actions without the authorization of the resource owner.");
        this.oauthLayout.addStepDetailsLine("code=<AUTHORIZATION_CODE>", this.parameterTextProps);
        this.oauthLayout.addStepDetailsLine("redirect_uri=CALLBACK_URL", this.parameterTextProps);
        showArrow(4);
        Token token7 = new Token(this.lang, "Auth Code", textProperties, circleProperties, rectProperties3, getArrowStart(4), this.tokenMoveTimeInMs);
        token7.moveTo(getArrowEnd(4));
        this.lang.nextStep("OAuth2.0 - Authorization Code Flow Step 5");
        token7.hide();
        this.oauthLayout.clearDetailsOnly();
        this.oauthLayout.addStepDetailsLine(this.oauthLayout.getStepWithId(5).getStrLabel(), this.headingProps);
        this.oauthLayout.addStepDetailsLine("The client now receives the access token. With that access token, the client is now");
        this.oauthLayout.addStepDetailsLine("able to access the requested resources (based on the requested and permitted scopes)");
        this.oauthLayout.addStepDetailsLine("OAuth2.0 allows a versatile configuration of the access token.");
        this.oauthLayout.addStepDetailsLine("It should contain the following parameters");
        this.oauthLayout.addStepDetailsLine("access_token=<The crypto access token>", this.parameterTextProps);
        this.oauthLayout.addStepDetailsLine("token_type=bearer", this.parameterTextProps);
        this.oauthLayout.addStepDetailsLine("expires_in=<time to live>", this.parameterTextProps);
        this.oauthLayout.addStepDetailsLine("refresh_token=<optional crypto token to get a fresh access token.>", this.parameterTextProps);
        this.oauthLayout.addStepDetailsLine("scope=<the requested scopes.. e.g. read>", this.parameterTextProps);
        this.oauthLayout.addStepDetailsLine("info=<e.g. name and email of the user>", this.parameterTextProps);
        this.oauthLayout.addStepDetailsLine("... the info section already contains some basic information. ");
        this.oauthLayout.addStepDetailsLine("... for more information, the client should request the /userinfo API.");
        this.oauthLayout.addStepDetailsLine("");
        showArrow(5);
        Token token8 = new Token(this.lang, "Access Token", textProperties, circleProperties, rectProperties3, getArrowStart(5), this.tokenMoveTimeInMs);
        token8.moveTo(getArrowEnd(5));
        linkedList.clear();
        this.lang.nextStep("OAuth2.0 - Authorization Code Flow Step 6");
        token8.hide();
        this.lang.hideAllPrimitives();
        this.oauthLayout.clearEntities();
        this.oauthLayout.clearText();
        this.oauthLayout.setHeading("OAuth2.0 - Implicit Roles");
        this.oauthLayout.addInfoBoxLine("Client", this.headingProps);
        this.oauthLayout.addInfoBoxLine("Third party application that is requesting access to a protected ");
        this.oauthLayout.addInfoBoxLine("resource on behalf of the resource owner. The client must get authorized");
        this.oauthLayout.addInfoBoxLine("by the resource owner in order to access a protected resource.");
        OAuthEntity oAuthEntity7 = new OAuthEntity(this.oauthLayout, "Client", rectProperties2);
        this.lang.nextStep("OAuth2.0 - Implicit Roles - Client");
        this.oauthLayout.addInfoBoxLine("User Agent", this.headingProps);
        this.oauthLayout.addInfoBoxLine(" The client which initiates a request. These are often browsers,");
        this.oauthLayout.addInfoBoxLine(" editors, spiders (web-traversing robots), or other end user tools.");
        OAuthEntity oAuthEntity8 = new OAuthEntity(this.oauthLayout, "User Agent", rectProperties2);
        this.lang.nextStep("OAuth2.0 - Implicit Roles - User Agent");
        this.oauthLayout.addInfoBoxLine("");
        this.oauthLayout.addInfoBoxLine("Authorization Server:", this.headingProps);
        this.oauthLayout.addInfoBoxLine("This server issues access tokens to authorized and authenticated clients.");
        this.oauthLayout.addInfoBoxLine("(A client always identifies itself with a client_id.");
        this.oauthLayout.addInfoBoxLine("A symmetric key is commonly used for client authentication.)");
        this.oauthLayout.addInfoBoxLine("For simplicity and a better overview, the resource server and the ");
        this.oauthLayout.addInfoBoxLine("authorization server are often displayed as one entity.");
        this.oauthLayout.addInfoBoxLine("Combining the authorization and resource server APIs is perfectly ");
        this.oauthLayout.addInfoBoxLine("acceptable from the developer's point of view");
        this.oauthLayout.addInfoBoxLine("As an architect for infrastructure, you could separate ");
        this.oauthLayout.addInfoBoxLine("the authorization and the resource server APIs.");
        OAuthEntity oAuthEntity9 = new OAuthEntity(this.oauthLayout, "Auth. Server", rectProperties2);
        this.lang.nextStep("OAuth2.0 - Implicit Roles - Auth. Server");
        this.oauthLayout.addInfoBoxLine("");
        this.oauthLayout.addInfoBoxLine("Resource owner", this.headingProps);
        this.oauthLayout.addInfoBoxLine("Owns the resource and can grant access to a protected resource.");
        OAuthEntity oAuthEntity10 = new OAuthEntity(this.oauthLayout, "Res. Owner", rectProperties2);
        linkedList.clear();
        linkedList.add(new ProtocolArrow(this.oauthLayout, oAuthEntity7, oAuthEntity9, "(A)", "Authorization Request", 0));
        linkedList.add(new ProtocolArrow(this.oauthLayout, oAuthEntity10, oAuthEntity9, "(B)", "User authorizes Request", 1));
        linkedList.add(new ProtocolArrow(this.oauthLayout, oAuthEntity9, oAuthEntity8, "(C)", "Redirect URI with Fragment", 2));
        linkedList.add(new ProtocolArrow(this.oauthLayout, oAuthEntity8, oAuthEntity7, "(D)", "Follow Redirect URI", 3));
        linkedList.add(new ProtocolArrow(this.oauthLayout, oAuthEntity7, oAuthEntity8, "(E)", "send Token extract script", 4));
        linkedList.add(new ProtocolArrow(this.oauthLayout, oAuthEntity8, oAuthEntity7, "(F)", "Pass Token to Client ", 5));
        this.oauthLayout.registerSteps(linkedList);
        this.oauthLayout.setHeading("OAuth2.0 - Implicit Code Flow");
        this.oauthLayout.clearText();
        this.lang.nextStep("OAuth2.0 - Implicit Roles - Res. Owner");
        this.oauthLayout.clearDetailsOnly();
        this.oauthLayout.addStepDetailsLine(this.oauthLayout.getStepWithId(0).getStrLabel(), this.headingProps);
        this.oauthLayout.addStepDetailsLine("The client initiates the flow and requests access on behalf of the user.");
        this.oauthLayout.addStepDetailsLine("The request contains the following parameters:");
        this.oauthLayout.addStepDetailsLine("client_id= <id of the requesting client>", this.parameterTextProps);
        this.oauthLayout.addStepDetailsLine("redirect_uri = <Callback URL>", this.parameterTextProps);
        this.oauthLayout.addStepDetailsLine("response_type = token", this.parameterTextProps);
        this.oauthLayout.addStepDetailsLine(" ... This means that the client receives the access token without the auth. code.");
        this.oauthLayout.addStepDetailsLine("scope = <granular authorization system)>", this.parameterTextProps);
        this.oauthLayout.addStepDetailsLine(" ... this enables the user to grant or revoke specific ");
        this.oauthLayout.addStepDetailsLine(" ... permissions for the application (here referred to as client)");
        this.oauthLayout.addStepDetailsLine("It is common to provide these parameters as query Parameters ");
        this.oauthLayout.addStepDetailsLine("of the requesting API call. Example URL:");
        this.oauthLayout.addStepDetailsLine("https://<fqdn>/v1/oauth/authorize?", this.smallText);
        this.oauthLayout.addStepDetailsLine("response_type=token&client_id=CLIENT_ID&redirect_uri=CALLBACK_URL&scope=read", this.smallText);
        Token token9 = new Token(this.lang, Constants.REQUEST_SCOPE, textProperties, circleProperties, rectProperties3, getArrowStart(0), this.tokenMoveTimeInMs);
        token9.moveTo(getArrowEnd(0));
        showArrow(0);
        this.lang.nextStep("OAuth2.0 - Implicit Flow Step 1");
        token9.hide();
        this.oauthLayout.clearDetailsOnly();
        this.oauthLayout.addStepDetailsLine(this.oauthLayout.getStepWithId(1).getStrLabel(), this.headingProps);
        this.oauthLayout.addStepDetailsLine("The user is redirected to the Authorization Server.");
        this.oauthLayout.addStepDetailsLine("He or She will be prompted to login, unless the user is already logged in.");
        this.oauthLayout.addStepDetailsLine("Once the identity of the user has been authenticated,");
        this.oauthLayout.addStepDetailsLine("he or she; will be asked to provide his or her permission.");
        this.oauthLayout.addStepDetailsLine("Typically the user sees a description of the scopes and the requesting client");
        this.oauthLayout.addStepDetailsLine("A common challenge is the translation of the descriptions, ");
        this.oauthLayout.addStepDetailsLine("and the mapping between the technical scopes and the readable descriptions. ");
        Token token10 = new Token(this.lang, "user input", textProperties, circleProperties, rectProperties3, getArrowStart(1), this.tokenMoveTimeInMs);
        token10.moveTo(getArrowEnd(1));
        showArrow(1);
        this.lang.nextStep("OAuth2.0 - Implicit Flow Step 2");
        token10.hide();
        this.oauthLayout.clearDetailsOnly();
        this.oauthLayout.addStepDetailsLine(this.oauthLayout.getStepWithId(2).getStrLabel(), this.headingProps);
        this.oauthLayout.addStepDetailsLine("If the user authorizes the request, the user agent gets redirected to the client");
        this.oauthLayout.addStepDetailsLine("Redirect URI. The access token is part of the URI (URI Fragment)");
        this.oauthLayout.addStepDetailsLine("Example URI: https://animal.rocks/callback#token=ACCESS_TOKEN");
        Token token11 = new Token(this.lang, "URI+Fragment", textProperties, circleProperties, rectProperties3, getArrowStart(2), this.tokenMoveTimeInMs);
        token11.moveTo(getArrowEnd(2));
        showArrow(2);
        this.lang.nextStep("OAuth2.0 - Implicit Flow Step 3");
        token11.hide();
        this.oauthLayout.clearDetailsOnly();
        this.oauthLayout.addStepDetailsLine(this.oauthLayout.getStepWithId(3).getStrLabel(), this.headingProps);
        this.oauthLayout.addStepDetailsLine("The user Agent follows the redirection to the Client, but retains the full URI.");
        Token token12 = new Token(this.lang, "URI+Fragment", textProperties, circleProperties, rectProperties3, getArrowStart(3), this.tokenMoveTimeInMs);
        token12.moveTo(getArrowEnd(3));
        showArrow(3);
        this.lang.nextStep("OAuth2.0 - Implicit Flow Step 4");
        token12.hide();
        this.oauthLayout.clearDetailsOnly();
        this.oauthLayout.addStepDetailsLine(this.oauthLayout.getStepWithId(4).getStrLabel(), this.headingProps);
        this.oauthLayout.addStepDetailsLine("The client returns a webpage containing a script.");
        this.oauthLayout.addStepDetailsLine("This script can extract the access token ");
        this.oauthLayout.addStepDetailsLine("from the full redirect URI the user agent has retained.");
        Token token13 = new Token(this.lang, "script", textProperties, circleProperties, rectProperties3, getArrowStart(4), this.tokenMoveTimeInMs);
        token13.moveTo(getArrowEnd(4));
        showArrow(4);
        this.lang.nextStep("OAuth2.0 - Implicit Flow Step 5");
        token13.hide();
        this.oauthLayout.clearDetailsOnly();
        this.oauthLayout.addStepDetailsLine(this.oauthLayout.getStepWithId(5).getStrLabel(), this.headingProps);
        this.oauthLayout.addStepDetailsLine("The user agent executes the script, gets the access token and finally sends ");
        this.oauthLayout.addStepDetailsLine("the access token to the client.");
        Token token14 = new Token(this.lang, "access token", textProperties, circleProperties, rectProperties3, getArrowStart(5), this.tokenMoveTimeInMs);
        token14.moveTo(getArrowEnd(5));
        showArrow(5);
        linkedList.clear();
        this.lang.nextStep("OAuth2.0 - Implicit Flow Step 6");
        token14.hide();
        this.lang.hideAllPrimitives();
        this.oauthLayout.clearEntities();
        this.oauthLayout.clearText();
        this.oauthLayout.setHeading("OAuth2.0 - Resource Owner Password Credentials Roles");
        this.oauthLayout.addInfoBoxLine("");
        this.oauthLayout.addInfoBoxLine("Client", this.headingProps);
        this.oauthLayout.addInfoBoxLine("Third party application that is requesting access to a protected ");
        this.oauthLayout.addInfoBoxLine("resource on behalf of the resource owner. The client must get authorized");
        this.oauthLayout.addInfoBoxLine("by the resource owner in order to access a protected resource.");
        OAuthEntity oAuthEntity11 = new OAuthEntity(this.oauthLayout, "Client", rectProperties2);
        this.lang.nextStep("OAuth2.0 - Resource Owner Password Credentials Roles - Client");
        this.oauthLayout.addInfoBoxLine("");
        this.oauthLayout.addInfoBoxLine("Resource owner", this.headingProps);
        this.oauthLayout.addInfoBoxLine("Owns the resource and can grant access to a protected resource.");
        OAuthEntity oAuthEntity12 = new OAuthEntity(this.oauthLayout, "Res. Owner", rectProperties2);
        this.lang.nextStep("OAuth2.0 - Resource Owner Password Credentials Roles - Res. Owner");
        this.oauthLayout.addInfoBoxLine("");
        this.oauthLayout.addInfoBoxLine("Authorization Server:", this.headingProps);
        this.oauthLayout.addInfoBoxLine("This server issues access tokens to authorized and authenticated clients.");
        this.oauthLayout.addInfoBoxLine("(A client always identifies itself with a client_id.");
        this.oauthLayout.addInfoBoxLine("A symmetric key is commonly used for client authentication.)");
        this.oauthLayout.addInfoBoxLine("For simplicity and a better overview, the resource server and the ");
        this.oauthLayout.addInfoBoxLine("authorization server are often displayed as one entity.");
        this.oauthLayout.addInfoBoxLine("Combining the authorization and resource server APIs is perfectly ");
        this.oauthLayout.addInfoBoxLine("acceptable from the developer's point of view");
        this.oauthLayout.addInfoBoxLine("As an architect for infrastructure, you could separate ");
        this.oauthLayout.addInfoBoxLine("the authorization and the resource server APIs.");
        OAuthEntity oAuthEntity13 = new OAuthEntity(this.oauthLayout, "Auth. Server", rectProperties2);
        this.lang.nextStep("OAuth2.0 - Resource Owner Password Credentials Roles - Auth. Server");
        linkedList.clear();
        linkedList.add(new ProtocolArrow(this.oauthLayout, oAuthEntity12, oAuthEntity11, "(A)", "Password Credentials", 0));
        linkedList.add(new ProtocolArrow(this.oauthLayout, oAuthEntity11, oAuthEntity13, "(B)", "Password Credentials", 1));
        linkedList.add(new ProtocolArrow(this.oauthLayout, oAuthEntity13, oAuthEntity11, "(C)", "Access Token (Token)", 2));
        this.oauthLayout.registerSteps(linkedList);
        this.oauthLayout.setHeading("OAuth2.0 - Resource Owner Password Credentials Flow");
        this.oauthLayout.clearText();
        this.lang.nextStep();
        this.oauthLayout.clearDetailsOnly();
        this.oauthLayout.addStepDetailsLine(this.oauthLayout.getStepWithId(0).getStrLabel(), this.headingProps);
        this.oauthLayout.addStepDetailsLine("The User sends his credentials (password and user name) directly to the client.");
        Token token15 = new Token(this.lang, "credentials", textProperties, circleProperties, rectProperties3, getArrowStart(0), this.tokenMoveTimeInMs);
        token15.moveTo(getArrowEnd(0));
        showArrow(0);
        this.lang.nextStep("OAuth2.0 - Resource Owner Password Credentials Flow Step 1");
        token15.hide();
        this.oauthLayout.clearDetailsOnly();
        this.oauthLayout.addStepDetailsLine(this.oauthLayout.getStepWithId(1).getStrLabel(), this.headingProps);
        this.oauthLayout.addStepDetailsLine("The client sends a request to the authorization server's /token endpoint");
        this.oauthLayout.addStepDetailsLine("grant_type=password", this.parameterTextProps);
        this.oauthLayout.addStepDetailsLine("username=<user name>", this.parameterTextProps);
        this.oauthLayout.addStepDetailsLine("password=<password>", this.parameterTextProps);
        this.oauthLayout.addStepDetailsLine("client_id=<client_id>", this.parameterTextProps);
        Token token16 = new Token(this.lang, Constants.REQUEST_SCOPE, textProperties, circleProperties, rectProperties3, getArrowStart(1), this.tokenMoveTimeInMs);
        token16.moveTo(getArrowEnd(1));
        showArrow(1);
        this.lang.nextStep("OAuth2.0 - Resource Owner Password Credentials Flow Step 2");
        token16.hide();
        this.oauthLayout.clearDetailsOnly();
        this.oauthLayout.addStepDetailsLine(this.oauthLayout.getStepWithId(2).getStrLabel(), this.headingProps);
        this.oauthLayout.addStepDetailsLine("The authorization server returns the access token.");
        this.oauthLayout.addStepDetailsLine("The client is now authorized.");
        new Token(this.lang, "access token", textProperties, circleProperties, rectProperties3, getArrowStart(2), this.tokenMoveTimeInMs).moveTo(getArrowEnd(2));
        showArrow(2);
        this.lang.nextStep("OAuth2.0 - Resource Owner Password Credentials Flow Step 3");
        this.oauthLayout.clearText();
        this.oauthLayout.clearEntities();
        this.lang.hideAllPrimitives();
        this.oauthLayout.drawIntroOutroLayout();
        this.oauthLayout.setHeading("OAuth2.0 - Outro");
        this.oauthLayout.addInfoBoxLine("You have learned", this.headingProps);
        this.oauthLayout.addInfoBoxLine("How a client can obtain an access token via client credentials flow, authorization code flow, implicit flow and Resource owner password flow");
        this.oauthLayout.addInfoBoxLine("Which types of entities are involved in each Flow");
        this.oauthLayout.addInfoBoxLine("Trust is established between a Client and the authorization Server. (Hint: its the client_secret, a symmetric key)");
        this.oauthLayout.addInfoBoxLine("OAuth is designed for delegating authorization to third party apps.");
        this.oauthLayout.addInfoBoxLine("");
        this.oauthLayout.addInfoBoxLine("OK, cool.. but how can I implement OAuth?", this.headingProps);
        this.oauthLayout.addInfoBoxLine("As you have learned, there are many participating entities. You need a clear picture of the architecture and the use cases before you implement Oauth 2.0.");
        this.oauthLayout.addInfoBoxLine("The authorization Server requires 3 API End points.");
        this.oauthLayout.addInfoBoxLine("/authorize end point which accepts new authorization requests from clients", this.parameterTextProps);
        this.oauthLayout.addInfoBoxLine("/token end point which issues access tokens", this.parameterTextProps);
        this.oauthLayout.addInfoBoxLine("/userinfo optional end point and provides more information of the user if a valid access token is provided in the request", this.parameterTextProps);
        this.oauthLayout.addInfoBoxLine("");
        this.oauthLayout.addInfoBoxLine("The Client must have a valid client_id and client_secret. The client_id and the client_secret is issued by the authorization server.");
        this.oauthLayout.addInfoBoxLine("A developer portal where client developers can register and request a client_id and client_secret, is helpful. ");
        this.oauthLayout.addInfoBoxLine("Otherwise the client_id and the client_secret must be manually exchanged for each client.");
        this.oauthLayout.addInfoBoxLine("");
        this.oauthLayout.addInfoBoxLine("The authorization Server should have translations of the scope descriptions.");
        this.oauthLayout.addInfoBoxLine(".. Yes, you get it now. There are many topics regarding a general architecture. As a client developer you probably don't care about the scope translation.");
        this.oauthLayout.addInfoBoxLine(".. So, a software architect who designs the end-to-end flow is required. As a responsible software architect, you will design the APIs and the flows.");
        this.oauthLayout.addInfoBoxLine(".. If your architecture is OAuth2.0 compliant, client developers reading your documentation can use existing OAuth2.0 libraries and configure their clients ");
        this.oauthLayout.addInfoBoxLine(".. to participate in the flow in order to get an access token.");
        this.oauthLayout.addInfoBoxLine("");
        this.oauthLayout.addInfoBoxLine("Further Topics", this.headingProps);
        this.oauthLayout.addInfoBoxLine("- Obtaining a refresh token");
        this.oauthLayout.addInfoBoxLine("- Revoking an access token");
        this.oauthLayout.addInfoBoxLine("");
        this.oauthLayout.addInfoBoxLine("The OAuth specification will be opened next. You can close the Animation now, or continue to the specification.");
        this.oauthLayout.addInfoBoxLine("Link: https://tools.ietf.org/html/rfc6749   (just in case you prefer your own Browser)");
        this.lang.nextStep("OAuth2.0 - Outro");
        this.lang.addDocumentationLink(new HtmlDocumentationModel("oauthstandard", "https://tools.ietf.org/html/rfc6749"));
        this.lang.nextStep("OAuth2.0 - Specs");
        this.lang.finalizeGeneration();
        return this.lang.toString();
    }

    private void showArrow(int i) {
        Iterator<ProtocolArrow> it = this.oauthLayout.protocolArrows.iterator();
        while (it.hasNext()) {
            ProtocolArrow next = it.next();
            if (next.id == i) {
                next.show();
                this.oauthLayout.stepsList.slideInItem(i, this.stepSlideInTimeInMs);
            }
        }
    }

    private Coordinates getArrowStart(int i) {
        Iterator<ProtocolArrow> it = this.oauthLayout.protocolArrows.iterator();
        while (it.hasNext()) {
            ProtocolArrow next = it.next();
            if (next.id == i) {
                return next.start;
            }
        }
        return null;
    }

    private Coordinates getArrowEnd(int i) {
        Iterator<ProtocolArrow> it = this.oauthLayout.protocolArrows.iterator();
        while (it.hasNext()) {
            ProtocolArrow next = it.next();
            if (next.id == i) {
                return next.end;
            }
        }
        return null;
    }

    @Override // generators.framework.ValidatingGenerator
    public boolean validateInput(AnimationPropertiesContainer animationPropertiesContainer, Hashtable<String, Object> hashtable) throws IllegalArgumentException {
        return ((Integer) hashtable.get("radius")).intValue() >= 250 && ((Integer) hashtable.get("moveEntityTimeInMs")).intValue() >= 0 && ((Integer) hashtable.get("stepSlideInTimeInMs")).intValue() >= 0 && ((Integer) hashtable.get("tokenMoveTimeInMs")).intValue() >= 0 && ((Integer) hashtable.get("xLayoutCenter")).intValue() >= 0 && ((Integer) hashtable.get("yLayoutCenter")).intValue() >= 0;
    }
}
