package org.wso2.sample.identity.backend;

import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
import java.io.OutputStream;
import java.net.HttpURLConnection;
import java.net.URL;
import org.json.JSONException;
import org.json.JSONObject;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/wso2/sample/identity/backend/IntrospectionHandler.class */
public class IntrospectionHandler {
    private final Logger logger = LoggerFactory.getLogger(IntrospectionHandler.class.getName());
    private final String introspectionEndpoint;
    private final boolean introspectionEnabled;

    public IntrospectionHandler(String str, boolean z) {
        this.introspectionEndpoint = str;
        this.introspectionEnabled = z;
    }

    public boolean isAuthorized(String str) {
        if (!this.introspectionEnabled) {
            return true;
        }
        if (str == null || !str.startsWith("Bearer ")) {
            return false;
        }
        String[] split = str.split(" ");
        if (split.length != 2) {
            return false;
        }
        try {
            return getIntrospectionResponse(split[1]).getBoolean("active");
        } catch (JSONException e) {
            this.logger.error("Error while reading introspection response.", (Throwable) e);
            return false;
        }
    }

    private JSONObject getIntrospectionResponse(String str) {
        try {
            HttpURLConnection httpURLConnection = (HttpURLConnection) new URL(this.introspectionEndpoint).openConnection();
            httpURLConnection.setRequestMethod("POST");
            httpURLConnection.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
            httpURLConnection.setRequestProperty("Authorization", "Bearer " + str);
            httpURLConnection.setDoOutput(true);
            OutputStream outputStream = httpURLConnection.getOutputStream();
            outputStream.write(("token=" + str).getBytes());
            outputStream.close();
            httpURLConnection.connect();
            BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(httpURLConnection.getInputStream()));
            StringBuilder sb = new StringBuilder();
            while (true) {
                String readLine = bufferedReader.readLine();
                if (readLine == null) {
                    return new JSONObject(sb.toString());
                }
                sb.append(readLine);
            }
        } catch (IOException e) {
            this.logger.error("Error while calling token introspection endpoint", (Throwable) e);
            throw new RuntimeException(e);
        }
    }
}
