package com.sap.cloud.security.servlet;

import com.sap.cloud.security.config.Environments;
import com.sap.cloud.security.config.OAuth2ServiceConfiguration;
import com.sap.cloud.security.token.SapIdToken;
import com.sap.cloud.security.token.ScopeConverter;
import com.sap.cloud.security.token.Token;
import com.sap.cloud.security.token.TokenFactory;
import com.sap.cloud.security.token.XsuaaScopeConverter;
import com.sap.cloud.security.token.XsuaaToken;
import com.sap.cloud.security.xsuaa.Assertions;
import com.sap.cloud.security.xsuaa.jwt.Base64JwtDecoder;
import com.sap.cloud.security.xsuaa.jwt.DecodedJwt;
import java.util.Objects;
import java.util.regex.Pattern;
import javax.annotation.Nonnull;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/sap/cloud/security/servlet/HybridTokenFactory.class */
public class HybridTokenFactory implements TokenFactory {
    private static final Logger LOGGER = LoggerFactory.getLogger(HybridTokenFactory.class);
    private static String xsAppId;
    private static ScopeConverter xsScopeConverter;

    public Token create(String str) {
        Objects.requireNonNull(str, "Requires encoded jwtToken to create a Token instance.");
        DecodedJwt decode = Base64JwtDecoder.getInstance().decode(removeBearer(str));
        return isXsuaaToken(decode) ? new XsuaaToken(decode).withScopeConverter(getOrCreateScopeConverter()) : new SapIdToken(decode);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void withXsuaaAppId(@Nonnull String str) {
        LOGGER.debug("XSUAA app id = {}", str);
        xsAppId = str;
        getOrCreateScopeConverter();
    }

    private static ScopeConverter getOrCreateScopeConverter() {
        if (xsScopeConverter == null && getXsAppId() != null) {
            xsScopeConverter = new XsuaaScopeConverter(getXsAppId());
        }
        return xsScopeConverter;
    }

    private static String getXsAppId() {
        if (xsAppId == null) {
            OAuth2ServiceConfiguration xsuaaConfiguration = Environments.getCurrent().getXsuaaConfiguration();
            if (xsuaaConfiguration == null) {
                LOGGER.error("There is no xsuaa service configuration: no local scope check possible.");
            } else {
                xsAppId = xsuaaConfiguration.getProperty("xsappname");
            }
        }
        return xsAppId;
    }

    private static boolean isXsuaaToken(DecodedJwt decodedJwt) {
        String lowerCase = decodedJwt.getPayload().toLowerCase();
        return lowerCase.contains("ext_attr") && lowerCase.contains("enhancer") && lowerCase.contains("xsuaa");
    }

    private static String removeBearer(@Nonnull String str) {
        Assertions.assertHasText(str, "jwtToken must not be null / empty");
        return Pattern.compile("[B|b]earer ").matcher(str).replaceFirst("");
    }
}
