package org.apache.shindig.auth;

import com.google.common.collect.Maps;
import com.google.inject.Inject;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Map;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import javax.servlet.http.HttpServletRequest;
import net.oauth.OAuth;
import org.apache.http.auth.AUTH;
import org.apache.shindig.auth.AuthenticationHandler;

/* loaded from: input_file:WEB-INF/lib/shindig-common-2.0.2-Beta02.jar:org/apache/shindig/auth/UrlParameterAuthenticationHandler.class */
public class UrlParameterAuthenticationHandler implements AuthenticationHandler {
    private static final String SECURITY_TOKEN_PARAM = "st";
    private final SecurityTokenCodec securityTokenCodec;
    private static final Pattern COMMAWHITESPACE = Pattern.compile("\\s*,\\s*");
    private static final Pattern AUTHORIZATION = Pattern.compile("\\s*(\\w*)\\s+(.*)");
    private static final Pattern NVP = Pattern.compile("(\\S*)\\s*\\=\\s*\"([^\"]*)\"");

    @Inject
    public UrlParameterAuthenticationHandler(SecurityTokenCodec securityTokenCodec) {
        this.securityTokenCodec = securityTokenCodec;
    }

    @Override // org.apache.shindig.auth.AuthenticationHandler
    public String getName() {
        return AuthenticationMode.SECURITY_TOKEN_URL_PARAMETER.name();
    }

    @Override // org.apache.shindig.auth.AuthenticationHandler
    public SecurityToken getSecurityTokenFromRequest(HttpServletRequest httpServletRequest) throws AuthenticationHandler.InvalidAuthenticationException {
        Map<String, String> mappedParameters = getMappedParameters(httpServletRequest);
        try {
            if (mappedParameters.get("token") == null) {
                return null;
            }
            return this.securityTokenCodec.createToken(mappedParameters);
        } catch (SecurityTokenException e) {
            throw new AuthenticationHandler.InvalidAuthenticationException("Malformed security token " + mappedParameters.get("token"), e);
        }
    }

    @Override // org.apache.shindig.auth.AuthenticationHandler
    public String getWWWAuthenticateHeader(String str) {
        return null;
    }

    protected SecurityTokenCodec getSecurityTokenCodec() {
        return this.securityTokenCodec;
    }

    protected Map<String, String> getMappedParameters(HttpServletRequest httpServletRequest) {
        HashMap newHashMap = Maps.newHashMap();
        String parameter = 0 == 0 ? httpServletRequest.getParameter(SECURITY_TOKEN_PARAM) : null;
        if (parameter == null && httpServletRequest.isSecure() && httpServletRequest.getParameter(OAuth.OAUTH_SIGNATURE_METHOD) == null) {
            parameter = httpServletRequest.getParameter(OAuth.OAUTH_TOKEN);
        }
        if (parameter == null) {
            Enumeration headers = httpServletRequest.getHeaders(AUTH.WWW_AUTH_RESP);
            while (headers != null && headers.hasMoreElements()) {
                Matcher matcher = AUTHORIZATION.matcher((CharSequence) headers.nextElement());
                if (matcher.matches() && "Token".equalsIgnoreCase(matcher.group(1))) {
                    for (String str : COMMAWHITESPACE.split(matcher.group(2))) {
                        Matcher matcher2 = NVP.matcher(str);
                        if (matcher2.matches() && "token".equals(matcher2.group(1))) {
                            parameter = OAuth.decodePercent(matcher2.group(2));
                        }
                    }
                }
            }
        }
        newHashMap.put("token", parameter);
        newHashMap.put(SecurityTokenCodec.ACTIVE_URL_NAME, getActiveUrl(httpServletRequest));
        return newHashMap;
    }

    protected String getActiveUrl(HttpServletRequest httpServletRequest) {
        return httpServletRequest.getRequestURL().toString();
    }
}
