package org.apache.shindig.gadgets.oauth;

import com.google.common.collect.Lists;
import com.google.common.collect.Maps;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.regex.Pattern;
import net.oauth.OAuth;
import net.oauth.OAuthAccessor;
import net.oauth.OAuthException;
import net.oauth.OAuthMessage;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.codec.digest.DigestUtils;
import org.apache.commons.io.IOUtils;
import org.apache.commons.lang.StringUtils;
import org.apache.shindig.auth.OAuthUtil;
import org.apache.shindig.common.uri.Uri;
import org.apache.shindig.common.uri.UriBuilder;
import org.apache.shindig.common.util.CharsetUtil;
import org.apache.shindig.gadgets.GadgetException;
import org.apache.shindig.gadgets.http.HttpFetcher;
import org.apache.shindig.gadgets.http.HttpRequest;
import org.apache.shindig.gadgets.http.HttpResponse;
import org.apache.shindig.gadgets.http.HttpResponseBuilder;
import org.apache.shindig.gadgets.oauth.AccessorInfo;
import org.apache.shindig.gadgets.oauth.OAuthResponseParams;
import org.apache.shindig.gadgets.oauth.OAuthStore;
import org.json.JSONObject;

/* loaded from: input_file:org/apache/shindig/gadgets/oauth/OAuthRequest.class */
public class OAuthRequest {
    private static final int MAX_ATTEMPTS = 2;
    public static final String XOAUTH_APP_URL = "xoauth_app_url";
    protected static final String OPENSOCIAL_OWNERID = "opensocial_owner_id";
    protected static final String OPENSOCIAL_VIEWERID = "opensocial_viewer_id";
    protected static final String OPENSOCIAL_APPID = "opensocial_app_id";
    protected static final String OPENSOCIAL_APPURL = "opensocial_app_url";
    protected static final String OPENSOCIAL_PROXIED_CONTENT = "opensocial_proxied_content";
    protected static final String XOAUTH_PUBLIC_KEY = "xoauth_signature_publickey";
    protected static final Pattern ALLOWED_PARAM_NAME = Pattern.compile("[-:\\w~!@$*()_\\[\\]:,./]+");
    private static final long ACCESS_TOKEN_EXPIRE_UNKNOWN = 0;
    private static final long ACCESS_TOKEN_FORCE_EXPIRE = -1;
    protected final OAuthFetcherConfig fetcherConfig;
    private final HttpFetcher fetcher;
    private final List<OAuth.Parameter> trustedParams;
    protected OAuthClientState clientState;
    protected OAuthResponseParams responseParams;
    private AccessorInfo accessorInfo;
    private HttpRequest realRequest;
    private Map<String, String> accessTokenData;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: org.apache.shindig.gadgets.oauth.OAuthRequest$1, reason: invalid class name */
    /* loaded from: input_file:org/apache/shindig/gadgets/oauth/OAuthRequest$1.class */
    public static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$org$apache$shindig$auth$OAuthUtil$SignatureType;
        static final /* synthetic */ int[] $SwitchMap$org$apache$shindig$gadgets$oauth$AccessorInfo$OAuthParamLocation = new int[AccessorInfo.OAuthParamLocation.values().length];

        static {
            try {
                $SwitchMap$org$apache$shindig$gadgets$oauth$AccessorInfo$OAuthParamLocation[AccessorInfo.OAuthParamLocation.AUTH_HEADER.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$org$apache$shindig$gadgets$oauth$AccessorInfo$OAuthParamLocation[AccessorInfo.OAuthParamLocation.POST_BODY.ordinal()] = OAuthRequest.MAX_ATTEMPTS;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$org$apache$shindig$gadgets$oauth$AccessorInfo$OAuthParamLocation[AccessorInfo.OAuthParamLocation.URI_QUERY.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
            $SwitchMap$org$apache$shindig$auth$OAuthUtil$SignatureType = new int[OAuthUtil.SignatureType.values().length];
            try {
                $SwitchMap$org$apache$shindig$auth$OAuthUtil$SignatureType[OAuthUtil.SignatureType.URL_ONLY.ordinal()] = 1;
            } catch (NoSuchFieldError e4) {
            }
            try {
                $SwitchMap$org$apache$shindig$auth$OAuthUtil$SignatureType[OAuthUtil.SignatureType.URL_AND_FORM_PARAMS.ordinal()] = OAuthRequest.MAX_ATTEMPTS;
            } catch (NoSuchFieldError e5) {
            }
            try {
                $SwitchMap$org$apache$shindig$auth$OAuthUtil$SignatureType[OAuthUtil.SignatureType.URL_AND_BODY_HASH.ordinal()] = 3;
            } catch (NoSuchFieldError e6) {
            }
        }
    }

    public OAuthRequest(OAuthFetcherConfig oAuthFetcherConfig, HttpFetcher httpFetcher) {
        this(oAuthFetcherConfig, httpFetcher, null);
    }

    public OAuthRequest(OAuthFetcherConfig oAuthFetcherConfig, HttpFetcher httpFetcher, List<OAuth.Parameter> list) {
        this.fetcherConfig = oAuthFetcherConfig;
        this.fetcher = httpFetcher;
        this.trustedParams = list;
    }

    public HttpResponse fetch(HttpRequest httpRequest) {
        this.realRequest = httpRequest;
        this.clientState = new OAuthClientState(this.fetcherConfig.getStateCrypter(), httpRequest.getOAuthArguments().getOrigClientState());
        this.responseParams = new OAuthResponseParams(httpRequest.getSecurityToken(), httpRequest, this.fetcherConfig.getStateCrypter());
        try {
            return fetchNoThrow();
        } catch (RuntimeException e) {
            this.responseParams.logDetailedWarning("OAuth fetch unexpected fatal error", e);
            throw e;
        }
    }

    private HttpResponse fetchNoThrow() {
        try {
            this.accessorInfo = this.fetcherConfig.getTokenStore().getOAuthAccessor(this.realRequest.getSecurityToken(), this.realRequest.getOAuthArguments(), this.clientState, this.responseParams);
            HttpResponseBuilder fetchWithRetry = fetchWithRetry();
            if (fetchWithRetry.getHttpStatusCode() >= 400) {
                this.responseParams.logDetailedWarning("OAuth fetch fatal error");
                this.responseParams.setSendTraceToClient(true);
            } else if (this.responseParams.getAznUrl() != null && this.responseParams.sawErrorResponse()) {
                this.responseParams.logDetailedWarning("OAuth fetch error, reprompting for user approval");
                this.responseParams.setSendTraceToClient(true);
            }
            this.responseParams.addToResponse(fetchWithRetry);
            return fetchWithRetry.create();
        } catch (OAuthResponseParams.OAuthRequestException e) {
            if (OAuthError.UNAUTHENTICATED.toString().equals(this.responseParams.getError())) {
                this.responseParams.logDetailedInfo("Unauthenticated OAuth fetch", e);
            } else {
                this.responseParams.logDetailedWarning("OAuth fetch fatal error", e);
            }
            this.responseParams.setSendTraceToClient(true);
            HttpResponseBuilder strictNoCache = new HttpResponseBuilder().setHttpStatusCode(HttpResponse.SC_FORBIDDEN).setStrictNoCache();
            this.responseParams.addToResponse(strictNoCache);
            return strictNoCache.create();
        }
    }

    private HttpResponseBuilder fetchWithRetry() throws OAuthResponseParams.OAuthRequestException {
        boolean z;
        int i = 0;
        HttpResponseBuilder httpResponseBuilder = null;
        do {
            z = false;
            i++;
            try {
                httpResponseBuilder = attemptFetch();
            } catch (OAuthProtocolException e) {
                z = handleProtocolException(e, i);
                if (!z) {
                    if (e.getProblemCode() != null) {
                        throw this.responseParams.oauthRequestException(e.getProblemCode(), "Service provider rejected request", e);
                    }
                    throw this.responseParams.oauthRequestException(OAuthError.UNKNOWN_PROBLEM, "Service provider rejected request", e);
                }
            }
        } while (z);
        return httpResponseBuilder;
    }

    private boolean handleProtocolException(OAuthProtocolException oAuthProtocolException, int i) throws OAuthResponseParams.OAuthRequestException {
        if (oAuthProtocolException.canExtend()) {
            this.accessorInfo.setTokenExpireMillis(ACCESS_TOKEN_FORCE_EXPIRE);
        } else if (oAuthProtocolException.startFromScratch()) {
            this.fetcherConfig.getTokenStore().removeToken(this.realRequest.getSecurityToken(), this.accessorInfo.getConsumer(), this.realRequest.getOAuthArguments(), this.responseParams);
            this.accessorInfo.getAccessor().accessToken = null;
            this.accessorInfo.getAccessor().requestToken = null;
            this.accessorInfo.getAccessor().tokenSecret = null;
            this.accessorInfo.setSessionHandle(null);
            this.accessorInfo.setTokenExpireMillis(ACCESS_TOKEN_EXPIRE_UNKNOWN);
        }
        return i < MAX_ATTEMPTS && oAuthProtocolException.canRetry();
    }

    private HttpResponseBuilder attemptFetch() throws OAuthResponseParams.OAuthRequestException, OAuthProtocolException {
        if (needApproval()) {
            checkCanApprove();
            fetchRequestToken();
            buildClientApprovalState();
            buildAznUrl();
            return new HttpResponseBuilder().setHttpStatusCode(HttpResponse.SC_OK).setStrictNoCache();
        }
        if (needAccessToken()) {
            checkCanApprove();
            exchangeRequestToken();
            saveAccessToken();
            buildClientAccessState();
        }
        return fetchData();
    }

    private boolean needApproval() {
        return this.realRequest.getOAuthArguments().mustUseToken() && this.accessorInfo.getAccessor().requestToken == null && this.accessorInfo.getAccessor().accessToken == null;
    }

    private void checkCanApprove() throws OAuthResponseParams.OAuthRequestException {
        String ownerId = this.realRequest.getSecurityToken().getOwnerId();
        String viewerId = this.realRequest.getSecurityToken().getViewerId();
        String owner = this.clientState.getOwner();
        if (ownerId == null) {
            throw this.responseParams.oauthRequestException(OAuthError.UNAUTHENTICATED, "Unauthenticated");
        }
        if (!ownerId.equals(viewerId)) {
            throw this.responseParams.oauthRequestException(OAuthError.NOT_OWNER, "Only page owners can grant OAuth approval");
        }
        if (owner != null && !owner.equals(ownerId)) {
            throw this.responseParams.oauthRequestException(OAuthError.UNKNOWN_PROBLEM, "Client state belongs to a different person (state owner=" + owner + ", pageOwner=" + ownerId + ')');
        }
    }

    private void fetchRequestToken() throws OAuthResponseParams.OAuthRequestException, OAuthProtocolException {
        OAuthAccessor accessor = this.accessorInfo.getAccessor();
        HttpRequest createRequestTokenRequest = createRequestTokenRequest(accessor);
        ArrayList newArrayList = Lists.newArrayList();
        addCallback(newArrayList);
        OAuthMessage sendOAuthMessage = sendOAuthMessage(sanitizeAndSign(createRequestTokenRequest, newArrayList, true));
        accessor.requestToken = OAuthUtil.getParameter(sendOAuthMessage, "oauth_token");
        accessor.tokenSecret = OAuthUtil.getParameter(sendOAuthMessage, "oauth_token_secret");
    }

    private HttpRequest createRequestTokenRequest(OAuthAccessor oAuthAccessor) throws OAuthResponseParams.OAuthRequestException {
        if (oAuthAccessor.consumer.serviceProvider.requestTokenURL == null) {
            throw this.responseParams.oauthRequestException(OAuthError.BAD_OAUTH_CONFIGURATION, "No request token URL specified");
        }
        HttpRequest httpRequest = new HttpRequest(Uri.parse(oAuthAccessor.consumer.serviceProvider.requestTokenURL));
        httpRequest.setMethod(this.accessorInfo.getHttpMethod().toString());
        if (this.accessorInfo.getHttpMethod() == AccessorInfo.HttpMethod.POST) {
            httpRequest.setHeader("Content-Type", "application/x-www-form-urlencoded");
        }
        return httpRequest;
    }

    private void addCallback(List<OAuth.Parameter> list) throws OAuthResponseParams.OAuthRequestException {
        String generateCallback;
        String trimToNull = StringUtils.trimToNull(this.accessorInfo.getConsumer().getCallbackUrl());
        if (trimToNull == null || (generateCallback = this.fetcherConfig.getOAuthCallbackGenerator().generateCallback(this.fetcherConfig, trimToNull, this.realRequest, this.responseParams)) == null) {
            return;
        }
        list.add(new OAuth.Parameter("oauth_callback", generateCallback));
    }

    private List<OAuth.Parameter> sanitize(List<OAuth.Parameter> list) throws OAuthResponseParams.OAuthRequestException {
        ArrayList newArrayList = Lists.newArrayList();
        for (OAuth.Parameter parameter : list) {
            String key = parameter.getKey();
            if (!allowParam(key)) {
                throw this.responseParams.oauthRequestException(OAuthError.INVALID_REQUEST, "invalid parameter name " + key + ", applications may not override opensocial or oauth parameters");
            }
            newArrayList.add(parameter);
        }
        return newArrayList;
    }

    private boolean allowParam(String str) {
        String lowerCase = str.toLowerCase();
        return (lowerCase.startsWith("oauth") || lowerCase.startsWith("xoauth") || lowerCase.startsWith("opensocial") || !ALLOWED_PARAM_NAME.matcher(lowerCase).matches()) ? false : true;
    }

    private void addIdentityParams(List<OAuth.Parameter> list) {
        if (this.realRequest.getOAuthArguments().getSignOwner() || this.realRequest.getOAuthArguments().getSignViewer()) {
            String ownerId = this.realRequest.getSecurityToken().getOwnerId();
            if (ownerId != null && this.realRequest.getOAuthArguments().getSignOwner()) {
                list.add(new OAuth.Parameter(OPENSOCIAL_OWNERID, ownerId));
            }
            String viewerId = this.realRequest.getSecurityToken().getViewerId();
            if (viewerId != null && this.realRequest.getOAuthArguments().getSignViewer()) {
                list.add(new OAuth.Parameter(OPENSOCIAL_VIEWERID, viewerId));
            }
            String appId = this.realRequest.getSecurityToken().getAppId();
            if (appId != null) {
                list.add(new OAuth.Parameter(OPENSOCIAL_APPID, appId));
            }
            String appUrl = this.realRequest.getSecurityToken().getAppUrl();
            if (appUrl != null) {
                list.add(new OAuth.Parameter(OPENSOCIAL_APPURL, appUrl));
            }
            if (this.trustedParams != null) {
                list.addAll(this.trustedParams);
            }
            if (this.realRequest.getOAuthArguments().isProxiedContentRequest()) {
                list.add(new OAuth.Parameter(OPENSOCIAL_PROXIED_CONTENT, "1"));
            }
        }
    }

    private void addSignatureParams(List<OAuth.Parameter> list) {
        if (this.accessorInfo.getConsumer().getConsumer().consumerKey == null) {
            list.add(new OAuth.Parameter("oauth_consumer_key", this.realRequest.getSecurityToken().getDomain()));
        }
        if (this.accessorInfo.getConsumer().getKeyName() != null) {
            list.add(new OAuth.Parameter(XOAUTH_PUBLIC_KEY, this.accessorInfo.getConsumer().getKeyName()));
        }
        list.add(new OAuth.Parameter("oauth_version", "1.0"));
        list.add(new OAuth.Parameter("oauth_timestamp", Long.toString(this.fetcherConfig.getClock().currentTimeMillis() / 1000)));
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static String getAuthorizationHeader(List<Map.Entry<String, String>> list) {
        StringBuilder sb = new StringBuilder("OAuth ");
        boolean z = true;
        for (Map.Entry<String, String> entry : list) {
            if (z) {
                z = false;
            } else {
                sb.append(", ");
            }
            sb.append(OAuth.percentEncode(entry.getKey())).append("=\"").append(OAuth.percentEncode(entry.getValue())).append('\"');
        }
        return sb.toString();
    }

    public HttpRequest sanitizeAndSign(HttpRequest httpRequest, List<OAuth.Parameter> list, boolean z) throws OAuthResponseParams.OAuthRequestException {
        if (list == null) {
            list = Lists.newArrayList();
        }
        UriBuilder uriBuilder = new UriBuilder(httpRequest.getUri());
        String query = uriBuilder.getQuery();
        uriBuilder.setQuery((String) null);
        list.addAll(sanitize(OAuth.decodeForm(query)));
        switch (AnonymousClass1.$SwitchMap$org$apache$shindig$auth$OAuthUtil$SignatureType[OAuthUtil.getSignatureType(z, httpRequest.getHeader("Content-Type")).ordinal()]) {
            case MAX_ATTEMPTS /* 2 */:
                list.addAll(sanitize(OAuth.decodeForm(httpRequest.getPostBodyAsString())));
                break;
            case 3:
                try {
                    list.add(new OAuth.Parameter("oauth_body_hash", new String(Base64.encodeBase64(DigestUtils.sha(IOUtils.toByteArray(httpRequest.getPostBody()))), CharsetUtil.UTF8.name())));
                    break;
                } catch (IOException e) {
                    throw this.responseParams.oauthRequestException(OAuthError.UNKNOWN_PROBLEM, "Error taking body hash", e);
                }
        }
        addIdentityParams(list);
        addSignatureParams(list);
        try {
            HttpRequest createHttpRequest = createHttpRequest(httpRequest, selectOAuthParams(OAuthUtil.newRequestMessage(this.accessorInfo.getAccessor(), httpRequest.getMethod(), uriBuilder.toString(), list)));
            createHttpRequest.setFollowRedirects(false);
            return createHttpRequest;
        } catch (OAuthException e2) {
            throw this.responseParams.oauthRequestException(OAuthError.UNKNOWN_PROBLEM, "Error signing message", e2);
        }
    }

    private HttpRequest createHttpRequest(HttpRequest httpRequest, List<Map.Entry<String, String>> list) throws OAuthResponseParams.OAuthRequestException {
        AccessorInfo.OAuthParamLocation paramLocation = this.accessorInfo.getParamLocation();
        HttpRequest httpRequest2 = new HttpRequest(httpRequest);
        if (paramLocation == AccessorInfo.OAuthParamLocation.POST_BODY && !httpRequest2.getMethod().equals("POST")) {
            paramLocation = AccessorInfo.OAuthParamLocation.AUTH_HEADER;
        }
        switch (AnonymousClass1.$SwitchMap$org$apache$shindig$gadgets$oauth$AccessorInfo$OAuthParamLocation[paramLocation.ordinal()]) {
            case 1:
                httpRequest2.addHeader("Authorization", getAuthorizationHeader(list));
                break;
            case MAX_ATTEMPTS /* 2 */:
                if (!OAuth.isFormEncoded(httpRequest2.getHeader("Content-Type"))) {
                    throw this.responseParams.oauthRequestException(OAuthError.INVALID_REQUEST, "OAuth param location can only be post_body if post body if of type x-www-form-urlencoded");
                }
                String formEncode = OAuthUtil.formEncode(list);
                if (httpRequest2.getPostBodyLength() != 0) {
                    httpRequest2.setPostBody((httpRequest2.getPostBodyAsString() + '&' + formEncode).getBytes());
                    break;
                } else {
                    httpRequest2.setPostBody(CharsetUtil.getUtf8Bytes(formEncode));
                    break;
                }
            case 3:
                httpRequest2.setUri(Uri.parse(OAuthUtil.addParameters(httpRequest2.getUri().toString(), list)));
                break;
        }
        return httpRequest2;
    }

    private OAuthMessage sendOAuthMessage(HttpRequest httpRequest) throws OAuthResponseParams.OAuthRequestException, OAuthProtocolException {
        HttpResponse fetchFromServer = fetchFromServer(httpRequest);
        checkForProtocolProblem(fetchFromServer);
        OAuthMessage oAuthMessage = new OAuthMessage((String) null, (String) null, (Collection) null);
        oAuthMessage.addParameters(OAuth.decodeForm(fetchFromServer.getResponseAsString()));
        OAuthMessage parseAuthHeader = parseAuthHeader(oAuthMessage, fetchFromServer);
        if (OAuthUtil.getParameter(parseAuthHeader, "oauth_token") == null) {
            throw this.responseParams.oauthRequestException(OAuthError.UNKNOWN_PROBLEM, "No oauth_token returned from service provider");
        }
        if (OAuthUtil.getParameter(parseAuthHeader, "oauth_token_secret") == null) {
            throw this.responseParams.oauthRequestException(OAuthError.UNKNOWN_PROBLEM, "No oauth_token_secret returned from service provider");
        }
        return parseAuthHeader;
    }

    private OAuthMessage parseAuthHeader(OAuthMessage oAuthMessage, HttpResponse httpResponse) {
        if (oAuthMessage == null) {
            oAuthMessage = new OAuthMessage((String) null, (String) null, (Collection) null);
        }
        Iterator<String> it = httpResponse.getHeaders("WWW-Authenticate").iterator();
        while (it.hasNext()) {
            oAuthMessage.addParameters(OAuthMessage.decodeAuthorization(it.next()));
        }
        return oAuthMessage;
    }

    private void buildClientApprovalState() {
        OAuthAccessor accessor = this.accessorInfo.getAccessor();
        this.responseParams.getNewClientState().setRequestToken(accessor.requestToken);
        this.responseParams.getNewClientState().setRequestTokenSecret(accessor.tokenSecret);
        this.responseParams.getNewClientState().setOwner(this.realRequest.getSecurityToken().getOwnerId());
    }

    private void buildAznUrl() throws OAuthResponseParams.OAuthRequestException {
        OAuthAccessor accessor = this.accessorInfo.getAccessor();
        if (accessor.consumer.serviceProvider.userAuthorizationURL == null) {
            throw this.responseParams.oauthRequestException(OAuthError.BAD_OAUTH_CONFIGURATION, "No authorization URL specified");
        }
        StringBuilder sb = new StringBuilder(accessor.consumer.serviceProvider.userAuthorizationURL);
        if (sb.indexOf("?") == -1) {
            sb.append('?');
        } else {
            sb.append('&');
        }
        sb.append("oauth_token");
        sb.append('=');
        sb.append(OAuth.percentEncode(accessor.requestToken));
        this.responseParams.setAznUrl(sb.toString());
    }

    private boolean needAccessToken() {
        if (this.realRequest.getOAuthArguments().mustUseToken() && this.accessorInfo.getAccessor().requestToken != null && this.accessorInfo.getAccessor().accessToken == null) {
            return true;
        }
        return this.realRequest.getOAuthArguments().mayUseToken() && accessTokenExpired();
    }

    private boolean accessTokenExpired() {
        return this.accessorInfo.getTokenExpireMillis() != ACCESS_TOKEN_EXPIRE_UNKNOWN && this.accessorInfo.getTokenExpireMillis() < this.fetcherConfig.getClock().currentTimeMillis();
    }

    /* JADX WARN: Multi-variable type inference failed */
    private void exchangeRequestToken() throws OAuthResponseParams.OAuthRequestException, OAuthProtocolException {
        if (this.accessorInfo.getAccessor().accessToken != null) {
            this.accessorInfo.getAccessor().requestToken = this.accessorInfo.getAccessor().accessToken;
            this.accessorInfo.getAccessor().accessToken = null;
        }
        OAuthAccessor accessor = this.accessorInfo.getAccessor();
        if (accessor.consumer.serviceProvider.accessTokenURL == null) {
            throw this.responseParams.oauthRequestException(OAuthError.BAD_OAUTH_CONFIGURATION, "No access token URL specified.");
        }
        Uri parse = Uri.parse(accessor.consumer.serviceProvider.accessTokenURL);
        HttpRequest httpRequest = new HttpRequest(parse);
        httpRequest.setMethod(this.accessorInfo.getHttpMethod().toString());
        if (this.accessorInfo.getHttpMethod() == AccessorInfo.HttpMethod.POST) {
            httpRequest.setHeader("Content-Type", "application/x-www-form-urlencoded");
        }
        ArrayList newArrayList = Lists.newArrayList();
        newArrayList.add(new OAuth.Parameter("oauth_token", accessor.requestToken));
        if (this.accessorInfo.getSessionHandle() != null) {
            newArrayList.add(new OAuth.Parameter("oauth_session_handle", this.accessorInfo.getSessionHandle()));
        }
        String receivedCallbackUrl = this.realRequest.getOAuthArguments().getReceivedCallbackUrl();
        if (!StringUtils.isBlank(receivedCallbackUrl)) {
            try {
                String queryParameter = Uri.parse(receivedCallbackUrl).getQueryParameter("oauth_verifier");
                if (queryParameter != null) {
                    newArrayList.add(new OAuth.Parameter("oauth_verifier", queryParameter));
                }
            } catch (IllegalArgumentException e) {
                throw this.responseParams.oauthRequestException(OAuthError.INVALID_REQUEST, "Invalid received callback URL: " + receivedCallbackUrl, e);
            }
        }
        OAuthMessage sendOAuthMessage = sendOAuthMessage(sanitizeAndSign(httpRequest, newArrayList, true));
        accessor.accessToken = OAuthUtil.getParameter(sendOAuthMessage, "oauth_token");
        accessor.tokenSecret = OAuthUtil.getParameter(sendOAuthMessage, "oauth_token_secret");
        this.accessorInfo.setSessionHandle(OAuthUtil.getParameter(sendOAuthMessage, "oauth_session_handle"));
        this.accessorInfo.setTokenExpireMillis(ACCESS_TOKEN_EXPIRE_UNKNOWN);
        if (OAuthUtil.getParameter(sendOAuthMessage, "oauth_expires_in") != null) {
            try {
                this.accessorInfo.setTokenExpireMillis(this.fetcherConfig.getClock().currentTimeMillis() + (Integer.parseInt(OAuthUtil.getParameter(sendOAuthMessage, "oauth_expires_in")) * 1000));
            } catch (NumberFormatException e2) {
                this.responseParams.logDetailedWarning("server returned bogus expiration");
            }
        }
        if (parse.equals(this.realRequest.getUri())) {
            this.accessTokenData = Maps.newHashMap();
            for (Map.Entry entry : OAuthUtil.getParameters(sendOAuthMessage)) {
                if (!((String) entry.getKey()).startsWith("oauth")) {
                    this.accessTokenData.put(entry.getKey(), entry.getValue());
                }
            }
        }
    }

    private void saveAccessToken() throws OAuthResponseParams.OAuthRequestException {
        OAuthAccessor accessor = this.accessorInfo.getAccessor();
        this.fetcherConfig.getTokenStore().storeTokenKeyAndSecret(this.realRequest.getSecurityToken(), this.accessorInfo.getConsumer(), this.realRequest.getOAuthArguments(), new OAuthStore.TokenInfo(accessor.accessToken, accessor.tokenSecret, this.accessorInfo.getSessionHandle(), this.accessorInfo.getTokenExpireMillis()), this.responseParams);
    }

    private void buildClientAccessState() {
        OAuthAccessor accessor = this.accessorInfo.getAccessor();
        this.responseParams.getNewClientState().setAccessToken(accessor.accessToken);
        this.responseParams.getNewClientState().setAccessTokenSecret(accessor.tokenSecret);
        this.responseParams.getNewClientState().setOwner(this.realRequest.getSecurityToken().getOwnerId());
        this.responseParams.getNewClientState().setSessionHandle(this.accessorInfo.getSessionHandle());
        this.responseParams.getNewClientState().setTokenExpireMillis(this.accessorInfo.getTokenExpireMillis());
    }

    private HttpResponseBuilder fetchData() throws OAuthResponseParams.OAuthRequestException, OAuthProtocolException {
        HttpResponseBuilder httpResponseBuilder;
        if (this.accessTokenData != null) {
            httpResponseBuilder = formatAccessTokenData();
        } else {
            HttpResponse fetchFromServer = fetchFromServer(sanitizeAndSign(this.realRequest, null, false));
            checkForProtocolProblem(fetchFromServer);
            httpResponseBuilder = new HttpResponseBuilder(fetchFromServer);
        }
        return httpResponseBuilder;
    }

    private HttpResponse fetchFromServer(HttpRequest httpRequest) throws OAuthResponseParams.OAuthRequestException {
        HttpResponse httpResponse = null;
        try {
            try {
                httpResponse = this.fetcher.fetch(httpRequest);
                if (httpResponse == null) {
                    throw this.responseParams.oauthRequestException(OAuthError.UNKNOWN_PROBLEM, "No response from server");
                }
                this.responseParams.addRequestTrace(httpRequest, httpResponse);
                return httpResponse;
            } catch (GadgetException e) {
                throw this.responseParams.oauthRequestException(OAuthError.UNKNOWN_PROBLEM, "No response from server", e);
            }
        } catch (Throwable th) {
            this.responseParams.addRequestTrace(httpRequest, httpResponse);
            throw th;
        }
    }

    private HttpResponseBuilder formatAccessTokenData() {
        HttpResponseBuilder httpResponseBuilder = new HttpResponseBuilder();
        httpResponseBuilder.addHeader("Content-Type", "application/json; charset=utf-8");
        httpResponseBuilder.setHttpStatusCode(HttpResponse.SC_OK);
        httpResponseBuilder.setStrictNoCache();
        httpResponseBuilder.setResponseString(new JSONObject(this.accessTokenData).toString());
        return httpResponseBuilder;
    }

    private void checkForProtocolProblem(HttpResponse httpResponse) throws OAuthProtocolException {
        if (isFullOAuthError(httpResponse)) {
            OAuthMessage parseAuthHeader = parseAuthHeader(null, httpResponse);
            if (OAuthUtil.getParameter(parseAuthHeader, "oauth_problem") == null) {
                throw new OAuthProtocolException(httpResponse.getHttpStatusCode());
            }
            throw new OAuthProtocolException(parseAuthHeader);
        }
    }

    private boolean isFullOAuthError(HttpResponse httpResponse) {
        if (httpResponse.getHttpStatusCode() == 401 || httpResponse.getHttpStatusCode() == 403) {
            return this.realRequest.getOAuthArguments().mustUseToken() || this.accessorInfo.getAccessor().accessToken != null;
        }
        return false;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static List<Map.Entry<String, String>> selectOAuthParams(OAuthMessage oAuthMessage) {
        ArrayList newArrayList = Lists.newArrayList();
        for (Map.Entry entry : OAuthUtil.getParameters(oAuthMessage)) {
            if (isContainerInjectedParameter((String) entry.getKey())) {
                newArrayList.add(entry);
            }
        }
        return newArrayList;
    }

    private static boolean isContainerInjectedParameter(String str) {
        String lowerCase = str.toLowerCase();
        return lowerCase.startsWith("oauth") || lowerCase.startsWith("xoauth") || lowerCase.startsWith("opensocial");
    }
}
