package org.wso2.carbon.identity.oauth.endpoint.user.impl;

import java.io.IOException;
import java.io.InputStream;
import java.nio.ByteBuffer;
import java.nio.charset.CharacterCodingException;
import java.nio.charset.Charset;
import java.util.Scanner;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.lang.StringUtils;
import org.wso2.carbon.identity.oauth.endpoint.token.OAuth2TokenEndpoint;
import org.wso2.carbon.identity.oauth.user.UserInfoEndpointException;
import org.wso2.carbon.identity.oauth.user.UserInfoRequestValidator;

/* loaded from: input_file:WEB-INF/classes/org/wso2/carbon/identity/oauth/endpoint/user/impl/UserInforRequestDefaultValidator.class */
public class UserInforRequestDefaultValidator implements UserInfoRequestValidator {
    private static String CONTENT_TYPE_HEADER_VALUE = "application/x-www-form-urlencoded";
    private static String US_ASCII = "US-ASCII";

    public String validateRequest(HttpServletRequest httpServletRequest) throws UserInfoEndpointException {
        String header = httpServletRequest.getHeader("Authorization");
        if (header != null) {
            String[] split = header.trim().split(" ");
            if (OAuth2TokenEndpoint.BEARER.equals(split[0])) {
                return split[1];
            }
            throw new UserInfoEndpointException("invalid_request", "Bearer token missing");
        }
        String header2 = httpServletRequest.getHeader("Content-Type");
        if (StringUtils.isEmpty(header2)) {
            throw new UserInfoEndpointException("invalid_request", "Authorization or Content-Type header is missing");
        }
        if (!CONTENT_TYPE_HEADER_VALUE.equals(header2.trim())) {
            throw new UserInfoEndpointException("invalid_request", "Content-Type header is wrong");
        }
        StringBuilder sb = new StringBuilder();
        try {
            Scanner scanner = new Scanner((InputStream) httpServletRequest.getInputStream());
            while (scanner.hasNextLine()) {
                sb.append(scanner.nextLine());
            }
            String[] strArr = new String[2];
            String sb2 = sb.toString();
            if (!isPureAscii(sb2)) {
                throw new UserInfoEndpointException("invalid_request", "Body contains non ASCII characters");
            }
            if (sb2.contains("access_token=")) {
                strArr = sb2.trim().split("=");
                if (strArr[1].contains("&")) {
                    return strArr[1].split("&", 1)[0];
                }
            }
            return strArr[1];
        } catch (IOException e) {
            throw new UserInfoEndpointException("invalid_request", "can not read the request body");
        }
    }

    public static boolean isPureAscii(String str) {
        byte[] bytes = str.getBytes();
        try {
            Charset.forName(US_ASCII).newDecoder().decode(ByteBuffer.wrap(bytes)).toString();
            return true;
        } catch (CharacterCodingException e) {
            return false;
        }
    }
}
