package org.apache.cxf.rs.security.oauth.utils;

import java.io.IOException;
import java.io.InputStream;
import java.nio.charset.StandardCharsets;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.StringTokenizer;
import javax.servlet.ServletContext;
import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import net.oauth.OAuth;
import net.oauth.OAuthAccessor;
import net.oauth.OAuthConsumer;
import net.oauth.OAuthMessage;
import net.oauth.OAuthProblemException;
import net.oauth.OAuthValidator;
import net.oauth.server.OAuthServlet;
import org.apache.cxf.common.classloader.ClassLoaderUtils;
import org.apache.cxf.common.util.StringUtils;
import org.apache.cxf.jaxrs.ext.MessageContext;
import org.apache.cxf.jaxrs.impl.MetadataMap;
import org.apache.cxf.jaxrs.model.URITemplate;
import org.apache.cxf.jaxrs.utils.FormUtils;
import org.apache.cxf.message.MessageUtils;
import org.apache.cxf.phase.PhaseInterceptorChain;
import org.apache.cxf.rs.security.oauth.data.Client;
import org.apache.cxf.rs.security.oauth.data.RequestToken;
import org.apache.cxf.rs.security.oauth.data.Token;
import org.apache.cxf.rs.security.oauth.provider.DefaultOAuthValidator;
import org.apache.cxf.rs.security.oauth.provider.OAuthDataProvider;

/* loaded from: input_file:META-INF/repository/fuse-eap-distro-6.3.0.redhat-516-01.zip:modules/system/layers/fuse/org/apache/cxf/3.1/cxf-rt-rs-security-oauth-3.1.5.redhat-630516-01.jar:org/apache/cxf/rs/security/oauth/utils/OAuthUtils.class */
public final class OAuthUtils {
    public static final String REPORT_FAILURE_DETAILS = "report.failure.details";
    public static final String REPORT_FAILURE_DETAILS_AS_HEADER = "report.failure.details.as.header";

    private OAuthUtils() {
    }

    public static boolean checkRequestURI(String str, String str2) {
        boolean endsWith = str2.endsWith("*");
        try {
            URITemplate uRITemplate = new URITemplate(endsWith ? str2.substring(0, str2.length() - 1) : str2);
            MetadataMap metadataMap = new MetadataMap();
            if (!uRITemplate.match(str, metadataMap)) {
                return false;
            }
            String first = metadataMap.getFirst(URITemplate.FINAL_MATCH_GROUP);
            if (endsWith || StringUtils.isEmpty(first)) {
                return true;
            }
            return "/".equals(first);
        } catch (Exception e) {
            return false;
        }
    }

    public static void validateMessage(OAuthMessage oAuthMessage, Client client, Token token, OAuthDataProvider oAuthDataProvider, OAuthValidator oAuthValidator) throws Exception {
        OAuthAccessor oAuthAccessor = new OAuthAccessor(new OAuthConsumer(null, client.getConsumerKey(), client.getSecretKey(), null));
        if (token != null) {
            if (token instanceof RequestToken) {
                oAuthAccessor.requestToken = token.getTokenKey();
            } else {
                oAuthAccessor.accessToken = token.getTokenKey();
            }
            oAuthAccessor.tokenSecret = token.getTokenSecret();
        }
        try {
            oAuthValidator.validateMessage(oAuthMessage, oAuthAccessor);
            if (token == null || !(oAuthValidator instanceof DefaultOAuthValidator)) {
                return;
            }
            ((DefaultOAuthValidator) oAuthValidator).validateToken(token, oAuthDataProvider);
        } catch (Exception e) {
            if (token != null) {
                oAuthDataProvider.removeToken(token);
            }
            throw e;
        }
    }

    public static OAuthMessage getOAuthMessage(MessageContext messageContext, HttpServletRequest httpServletRequest, String[] strArr) throws Exception {
        OAuthMessage message = OAuthServlet.getMessage(httpServletRequest, httpServletRequest.getRequestURL().toString());
        addParametersIfNeeded(messageContext, httpServletRequest, message);
        message.requireParameters(strArr);
        return message;
    }

    /* JADX WARN: Multi-variable type inference failed */
    public static void addParametersIfNeeded(MessageContext messageContext, HttpServletRequest httpServletRequest, OAuthMessage oAuthMessage) throws IOException {
        List<Map.Entry<String, String>> parameters = oAuthMessage.getParameters();
        String bodyEncoding = oAuthMessage.getBodyEncoding();
        String name = bodyEncoding == null ? StandardCharsets.UTF_8.name() : bodyEncoding;
        if (parameters.isEmpty() && MediaType.APPLICATION_FORM_URLENCODED_TYPE.isCompatible(MediaType.valueOf(oAuthMessage.getBodyType()))) {
            String readBody = FormUtils.readBody(messageContext != null ? (InputStream) messageContext.getContent(InputStream.class) : oAuthMessage.getBodyAsStream(), name);
            MetadataMap metadataMap = new MetadataMap();
            FormUtils.populateMapFromString(metadataMap, PhaseInterceptorChain.getCurrentMessage(), readBody, name, true, httpServletRequest);
            for (K k : metadataMap.keySet()) {
                oAuthMessage.addParameter(k, (String) metadataMap.getFirst(k));
            }
            return;
        }
        String contentType = httpServletRequest.getContentType();
        if (contentType == null || !"application/x-www-form-urlencoded".equals(contentType)) {
            return;
        }
        HashMap hashMap = new HashMap();
        for (Map.Entry<String, String> entry : parameters) {
            hashMap.put(entry.getKey(), Collections.singletonList(entry.getValue()));
        }
        FormUtils.logRequestParametersIfNeeded(hashMap, name);
    }

    public static Response handleException(MessageContext messageContext, Exception exc, int i) {
        Response.ResponseBuilder status = Response.status(i);
        if (MessageUtils.isTrue(messageContext.getContextualProperty(REPORT_FAILURE_DETAILS))) {
            boolean isTrue = MessageUtils.isTrue(messageContext.getContextualProperty(REPORT_FAILURE_DETAILS_AS_HEADER));
            String str = null;
            if (exc instanceof OAuthProblemException) {
                OAuthProblemException oAuthProblemException = (OAuthProblemException) exc;
                if (isTrue && oAuthProblemException.getProblem() != null) {
                    str = oAuthProblemException.getProblem();
                }
            }
            if (str == null) {
                str = exc.getMessage();
            }
            if (isTrue) {
                status.header(OAuthProblemException.OAUTH_PROBLEM, str);
            } else {
                status.entity(exc.getMessage());
            }
        }
        return status.build();
    }

    public static List<String> parseParamValue(String str, String str2) throws IOException {
        ArrayList arrayList = new ArrayList();
        if (!StringUtils.isEmpty(str)) {
            StringTokenizer stringTokenizer = new StringTokenizer(str, " ");
            while (stringTokenizer.hasMoreTokens()) {
                arrayList.add(stringTokenizer.nextToken());
            }
        }
        if (str2 != null && !arrayList.contains(str2)) {
            arrayList.add(str2);
        }
        return arrayList;
    }

    public static RequestToken handleTokenRejectedException() throws OAuthProblemException {
        OAuthProblemException oAuthProblemException = new OAuthProblemException(OAuth.Problems.TOKEN_REJECTED);
        oAuthProblemException.setParameter(OAuthProblemException.HTTP_STATUS_CODE, 401);
        throw oAuthProblemException;
    }

    public static Object instantiateClass(String str) throws Exception {
        return ClassLoaderUtils.loadClass(str, OAuthUtils.class).newInstance();
    }

    public static synchronized OAuthDataProvider getOAuthDataProvider(OAuthDataProvider oAuthDataProvider, ServletContext servletContext) {
        return oAuthDataProvider != null ? oAuthDataProvider : getOAuthDataProvider(servletContext);
    }

    public static synchronized OAuthDataProvider getOAuthDataProvider(ServletContext servletContext) {
        OAuthDataProvider oAuthDataProvider = (OAuthDataProvider) servletContext.getAttribute(OAuthConstants.OAUTH_DATA_PROVIDER_INSTANCE_KEY);
        if (oAuthDataProvider == null) {
            String initParameter = servletContext.getInitParameter(OAuthConstants.OAUTH_DATA_PROVIDER_CLASS);
            if (StringUtils.isEmpty(initParameter)) {
                throw new RuntimeException("There should be provided [ oauth.data.provider-class ] context init param in web.xml");
            }
            try {
                oAuthDataProvider = (OAuthDataProvider) instantiateClass(initParameter);
                servletContext.setAttribute(OAuthConstants.OAUTH_DATA_PROVIDER_INSTANCE_KEY, oAuthDataProvider);
            } catch (Exception e) {
                throw new RuntimeException("Cannot instantiate OAuth Data Provider class: " + initParameter, e);
            }
        }
        return oAuthDataProvider;
    }

    public static synchronized OAuthValidator getOAuthValidator(ServletContext servletContext) {
        OAuthValidator oAuthValidator = (OAuthValidator) servletContext.getAttribute(OAuthConstants.OAUTH_VALIDATOR_INSTANCE_KEY);
        if (oAuthValidator == null) {
            String initParameter = servletContext.getInitParameter(OAuthConstants.OAUTH_VALIDATOR_CLASS);
            if (!StringUtils.isEmpty(initParameter)) {
                try {
                    oAuthValidator = (OAuthValidator) instantiateClass(initParameter);
                    servletContext.setAttribute(OAuthConstants.OAUTH_VALIDATOR_INSTANCE_KEY, oAuthValidator);
                } catch (Exception e) {
                    throw new RuntimeException("Cannot instantiate OAuthValidator class: " + initParameter, e);
                }
            }
        }
        return oAuthValidator == null ? new DefaultOAuthValidator() : oAuthValidator;
    }
}
