package org.picketlink.identity.federation.api.openid;

import java.util.Collections;
import java.util.List;
import java.util.Map;
import org.apache.log4j.Level;
import org.jboss.seam.ui.util.HTML;
import org.jboss.seam.ui.util.JSF;
import org.openid4java.association.AssociationException;
import org.openid4java.consumer.ConsumerException;
import org.openid4java.consumer.ConsumerManager;
import org.openid4java.consumer.InMemoryConsumerAssociationStore;
import org.openid4java.consumer.InMemoryNonceVerifier;
import org.openid4java.consumer.VerificationResult;
import org.openid4java.discovery.DiscoveryException;
import org.openid4java.discovery.DiscoveryInformation;
import org.openid4java.message.AuthSuccess;
import org.openid4java.message.Message;
import org.openid4java.message.MessageException;
import org.openid4java.message.ParameterList;
import org.openid4java.message.ax.FetchRequest;
import org.openid4java.message.sreg.SRegRequest;
import org.picketlink.identity.federation.api.openid.OpenIDLifecycleEvent;
import org.picketlink.identity.federation.api.openid.exceptions.OpenIDAssociationException;
import org.picketlink.identity.federation.api.openid.exceptions.OpenIDConsumerException;
import org.picketlink.identity.federation.api.openid.exceptions.OpenIDDiscoveryException;
import org.picketlink.identity.federation.api.openid.exceptions.OpenIDLifeCycleException;
import org.picketlink.identity.federation.api.openid.exceptions.OpenIDMessageException;
import org.picketlink.identity.federation.api.openid.exceptions.OpenIDProtocolException;
import org.picketlink.identity.federation.core.constants.AttributeConstants;

/* loaded from: input_file:WEB-INF/lib/picketlink-fed-api-1.0.1.jar:org/picketlink/identity/federation/api/openid/OpenIDManager.class */
public class OpenIDManager {
    private OpenIDRequest request;
    private ConsumerManager consumerManager;
    private String userString;

    /* loaded from: input_file:WEB-INF/lib/picketlink-fed-api-1.0.1.jar:org/picketlink/identity/federation/api/openid/OpenIDManager$CONST.class */
    public enum CONST {
        OPENID("openid"),
        OPENID_CLAIMED("openid-claimed"),
        OPENID_DISC("openid-discovered");

        private String val;

        CONST(String str) {
            this.val = str;
        }

        public String get() {
            return this.val;
        }
    }

    /* loaded from: input_file:WEB-INF/lib/picketlink-fed-api-1.0.1.jar:org/picketlink/identity/federation/api/openid/OpenIDManager$OpenIDProviderInformation.class */
    public static class OpenIDProviderInformation {
        private DiscoveryInformation discovered;

        OpenIDProviderInformation(DiscoveryInformation discoveryInformation) {
            this.discovered = discoveryInformation;
        }

        DiscoveryInformation get() {
            return this.discovered;
        }
    }

    /* loaded from: input_file:WEB-INF/lib/picketlink-fed-api-1.0.1.jar:org/picketlink/identity/federation/api/openid/OpenIDManager$OpenIDProviderList.class */
    public static class OpenIDProviderList {
        private List<DiscoveryInformation> providers;

        OpenIDProviderList(List<DiscoveryInformation> list) {
            this.providers = null;
            this.providers = list;
        }

        List<DiscoveryInformation> get() {
            return Collections.unmodifiableList(this.providers);
        }

        public int size() {
            if (this.providers != null) {
                return this.providers.size();
            }
            return 0;
        }
    }

    public OpenIDManager(OpenIDRequest openIDRequest) {
        this.request = null;
        this.consumerManager = null;
        this.userString = null;
        this.request = openIDRequest;
        try {
            this.consumerManager = new ConsumerManager();
            this.consumerManager.setAssociations(new InMemoryConsumerAssociationStore());
            this.consumerManager.setNonceVerifier(new InMemoryNonceVerifier(Level.TRACE_INT));
            this.userString = this.request.getURL();
        } catch (ConsumerException e) {
            throw new RuntimeException(e);
        }
    }

    public OpenIDRequest getOpenIDRequest() {
        return this.request;
    }

    public OpenIDProviderList discoverProviders() throws OpenIDDiscoveryException, OpenIDConsumerException {
        try {
            return new OpenIDProviderList(this.consumerManager.discover(this.userString));
        } catch (DiscoveryException e) {
            throw new OpenIDDiscoveryException(e);
        }
    }

    public OpenIDProviderInformation associate(OpenIDProtocolAdapter openIDProtocolAdapter, OpenIDProviderList openIDProviderList) throws OpenIDConsumerException, OpenIDLifeCycleException {
        OpenIDLifecycle openIDLifecycle = null;
        if (openIDProtocolAdapter instanceof OpenIDLifecycle) {
            openIDLifecycle = (OpenIDLifecycle) openIDProtocolAdapter;
        }
        List<DiscoveryInformation> list = openIDProviderList.get();
        if (list.size() == 0) {
            throw new OpenIDConsumerException("No open id endpoints discovered");
        }
        DiscoveryInformation associate = this.consumerManager.associate(list);
        if (openIDLifecycle != null) {
            openIDLifecycle.handle(new OpenIDLifecycleEvent(OpenIDLifecycleEvent.TYPE.SESSION, OpenIDLifecycleEvent.OP.ADD, CONST.OPENID_DISC.get(), associate));
        }
        return new OpenIDProviderInformation(associate);
    }

    public boolean authenticate(OpenIDProtocolAdapter openIDProtocolAdapter, OpenIDProviderInformation openIDProviderInformation) throws OpenIDDiscoveryException, OpenIDConsumerException, OpenIDMessageException, OpenIDProtocolException {
        DiscoveryInformation discoveryInformation = openIDProviderInformation.get();
        try {
            Message authenticate = this.consumerManager.authenticate(discoveryInformation, openIDProtocolAdapter.getReturnURL());
            FetchRequest createFetchRequest = FetchRequest.createFetchRequest();
            SRegRequest createFetchRequest2 = SRegRequest.createFetchRequest();
            OpenIDAttributeMap attributeMap = openIDProtocolAdapter.getAttributeMap();
            if ("1".equals(attributeMap.get("nickname"))) {
                createFetchRequest2.addAttribute("nickname", false);
            }
            if ("1".equals(attributeMap.get(AttributeConstants.EMAIL_ADDRESS))) {
                createFetchRequest.addAttribute(AttributeConstants.EMAIL_ADDRESS, OpenIDConstants.EMAIL.url(), false);
                createFetchRequest2.addAttribute(AttributeConstants.EMAIL_ADDRESS, false);
            }
            if ("1".equals(attributeMap.get("fullname"))) {
                createFetchRequest.addAttribute("fullname", OpenIDConstants.FULLNAME.url(), false);
                createFetchRequest2.addAttribute("fullname", false);
            }
            if ("1".equals(attributeMap.get("dob"))) {
                createFetchRequest.addAttribute("dob", OpenIDConstants.DOB.url(), true);
                createFetchRequest2.addAttribute("dob", false);
            }
            if ("1".equals(attributeMap.get("gender"))) {
                createFetchRequest.addAttribute("gender", OpenIDConstants.GENDER.url(), false);
                createFetchRequest2.addAttribute("gender", false);
            }
            if ("1".equals(attributeMap.get("postcode"))) {
                createFetchRequest.addAttribute("postcode", OpenIDConstants.POSTCODE.url(), false);
                createFetchRequest2.addAttribute("postcode", false);
            }
            if ("1".equals(attributeMap.get(AttributeConstants.COUNTRY))) {
                createFetchRequest.addAttribute(AttributeConstants.COUNTRY, OpenIDConstants.COUNTRY.url(), false);
                createFetchRequest2.addAttribute(AttributeConstants.COUNTRY, false);
            }
            if ("1".equals(attributeMap.get(HTML.SCRIPT_LANGUAGE_ATTR))) {
                createFetchRequest.addAttribute(HTML.SCRIPT_LANGUAGE_ATTR, OpenIDConstants.LANGUAGE.url(), false);
                createFetchRequest2.addAttribute(HTML.SCRIPT_LANGUAGE_ATTR, false);
            }
            if ("1".equals(attributeMap.get(JSF.TIMEZONE_ATTR))) {
                createFetchRequest.addAttribute(JSF.TIMEZONE_ATTR, OpenIDConstants.TIMEZONE.url(), false);
                createFetchRequest2.addAttribute(JSF.TIMEZONE_ATTR, false);
            }
            if (!createFetchRequest2.getAttributes().isEmpty()) {
                authenticate.addExtension(createFetchRequest2);
            }
            if (discoveryInformation.isVersion2()) {
                openIDProtocolAdapter.sendToProvider(2, authenticate.getDestinationUrl(false), authenticate.getParameterMap());
                return false;
            }
            openIDProtocolAdapter.sendToProvider(1, authenticate.getDestinationUrl(true), null);
            return false;
        } catch (ConsumerException e) {
            throw new OpenIDConsumerException(e);
        } catch (MessageException e2) {
            throw new OpenIDMessageException(e2);
        }
    }

    public boolean verify(OpenIDProtocolAdapter openIDProtocolAdapter, Map<String, String> map, String str) throws OpenIDMessageException, OpenIDDiscoveryException, OpenIDAssociationException, OpenIDLifeCycleException {
        OpenIDLifecycle openIDLifecycle = null;
        if (openIDProtocolAdapter instanceof OpenIDLifecycle) {
            openIDLifecycle = (OpenIDLifecycle) openIDProtocolAdapter;
        }
        ParameterList parameterList = new ParameterList(map);
        if (openIDLifecycle == null) {
            throw new IllegalStateException("Lifecycle not found");
        }
        try {
            VerificationResult verify = this.consumerManager.verify(str, parameterList, (DiscoveryInformation) openIDLifecycle.getAttributeValue(CONST.OPENID_DISC.get()));
            if (verify.getVerifiedId() == null) {
                return false;
            }
            AuthSuccess authSuccess = (AuthSuccess) verify.getAuthResponse();
            openIDLifecycle.handle(new OpenIDLifecycleEvent[]{new OpenIDLifecycleEvent(OpenIDLifecycleEvent.TYPE.SESSION, OpenIDLifecycleEvent.OP.ADD, CONST.OPENID.get(), authSuccess.getIdentity()), new OpenIDLifecycleEvent(OpenIDLifecycleEvent.TYPE.SESSION, OpenIDLifecycleEvent.OP.ADD, CONST.OPENID_CLAIMED.get(), authSuccess.getClaimed()), new OpenIDLifecycleEvent(OpenIDLifecycleEvent.TYPE.SUCCESS, null, null, null)});
            return true;
        } catch (AssociationException e) {
            throw new OpenIDAssociationException(e);
        } catch (DiscoveryException e2) {
            throw new OpenIDDiscoveryException(e2);
        } catch (MessageException e3) {
            throw new OpenIDMessageException(e3);
        }
    }

    public void logout(OpenIDProtocolAdapter openIDProtocolAdapter) throws OpenIDLifeCycleException {
        OpenIDLifecycle openIDLifecycle = null;
        if (openIDProtocolAdapter instanceof OpenIDLifecycle) {
            openIDLifecycle = (OpenIDLifecycle) openIDProtocolAdapter;
        }
        if (openIDLifecycle != null) {
            openIDLifecycle.handle(new OpenIDLifecycleEvent(OpenIDLifecycleEvent.TYPE.SESSION, OpenIDLifecycleEvent.OP.REMOVE, CONST.OPENID.get(), null));
            openIDLifecycle.handle(new OpenIDLifecycleEvent(OpenIDLifecycleEvent.TYPE.SESSION, OpenIDLifecycleEvent.OP.REMOVE, CONST.OPENID_CLAIMED.get(), null));
        }
    }
}
