package org.picketlink.social.openid.providers;

import javax.xml.namespace.QName;
import org.jboss.security.xacml.sunxacml.ProcessingException;
import org.picketlink.identity.federation.core.interfaces.ProtocolContext;
import org.picketlink.identity.federation.core.interfaces.SecurityTokenProvider;
import org.picketlink.identity.federation.core.sts.AbstractSecurityTokenProvider;
import org.picketlink.identity.federation.core.sts.PicketLinkCoreSTS;
import org.picketlink.social.openid.providers.helpers.OpenIDParameterList;
import org.picketlink.social.openid.providers.helpers.OpenIDProtocolContext;
import org.picketlink.social.openid.providers.helpers.OpenIDProviderManager;
import org.picketlink.social.openid.providers.helpers.OpenIDTokenRegistryStore;

/* loaded from: input_file:WEB-INF/lib/picketlink-consolidated-social-1.0.1-SNAPSHOT.jar:org/picketlink/social/openid/providers/OpenIDTokenProvider.class */
public class OpenIDTokenProvider extends AbstractSecurityTokenProvider implements SecurityTokenProvider {
    public static final String OPENID_1_0_NS = "urn:openid:1:0";
    public static final String OPENID_1_1_NS = "urn:openid:1:1";
    public static final String OPENID_2_0_NS = "urn:openid:2:0";
    protected static OpenIDProviderManager serverManager = null;

    public boolean supports(String str) {
        return OPENID_1_0_NS.equals(str);
    }

    public String tokenType() {
        return OPENID_1_0_NS;
    }

    public QName getSupportedQName() {
        return new QName(OPENID_1_0_NS);
    }

    public String family() {
        return SecurityTokenProvider.FAMILY_TYPE.OPENID.name();
    }

    public void issueToken(ProtocolContext protocolContext) throws ProcessingException {
        OpenIDProviderManager.OpenIDMessage processAuthenticationRequest;
        if (protocolContext instanceof OpenIDProtocolContext) {
            check();
            OpenIDProtocolContext openIDProtocolContext = (OpenIDProtocolContext) protocolContext;
            if (serverManager.getEndPoint() == null) {
                serverManager.setEndPoint(openIDProtocolContext.getEndpoint());
            }
            OpenIDParameterList requestParameterList = openIDProtocolContext.getRequestParameterList();
            if (openIDProtocolContext.getIssueError().booleanValue()) {
                processAuthenticationRequest = serverManager.getDirectError(openIDProtocolContext.getErrorText() == null ? "Unknown request" : openIDProtocolContext.getErrorText());
            } else {
                switch (openIDProtocolContext.getMode()) {
                    case ASSOCIATE:
                        processAuthenticationRequest = serverManager.processAssociationRequest(requestParameterList);
                        break;
                    case CHECK_AUTHENTICATION:
                        validateToken(openIDProtocolContext);
                        return;
                    case CHECK_ID_SETUP:
                    case CHECK_ID_IMMEDIATE:
                        OpenIDProtocolContext.AUTH_HOLDER authenticationHolder = openIDProtocolContext.getAuthenticationHolder();
                        if (authenticationHolder != null) {
                            processAuthenticationRequest = serverManager.processAuthenticationRequest(requestParameterList, authenticationHolder.getUserSelectedId(), authenticationHolder.getUserSelectedClaimedId(), authenticationHolder.isAuthenticatedAndApproved());
                            break;
                        } else {
                            throw new ProcessingException("Authentication Holder is null");
                        }
                    default:
                        throw new ProcessingException("Unknown mode");
                }
            }
            openIDProtocolContext.setResponseMessage(processAuthenticationRequest);
        }
    }

    public void renewToken(ProtocolContext protocolContext) throws ProcessingException {
        if (protocolContext instanceof OpenIDProtocolContext) {
            check();
        }
    }

    public void cancelToken(ProtocolContext protocolContext) throws ProcessingException {
        if (protocolContext instanceof OpenIDProtocolContext) {
            check();
        }
    }

    public void validateToken(ProtocolContext protocolContext) throws ProcessingException {
        if (protocolContext instanceof OpenIDProtocolContext) {
            check();
            OpenIDProtocolContext openIDProtocolContext = (OpenIDProtocolContext) protocolContext;
            if (serverManager.getEndPoint() == null) {
                serverManager.setEndPoint(openIDProtocolContext.getEndpoint());
            }
            openIDProtocolContext.setResponseMessage(serverManager.verify(openIDProtocolContext.getRequestParameterList()));
        }
    }

    protected void check() {
        SecurityManager securityManager = System.getSecurityManager();
        if (securityManager != null) {
            securityManager.checkPermission(PicketLinkCoreSTS.rte);
        }
        if (serverManager == null) {
            serverManager = new OpenIDProviderManager();
            serverManager.initialize(new OpenIDTokenRegistryStore(), new OpenIDTokenRegistryStore());
        }
    }
}
