package org.wso2.carbon.identity.application.authentication.endpoint.util;

import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
import java.net.MalformedURLException;
import java.net.URI;
import java.net.URISyntaxException;
import java.net.URL;
import java.nio.charset.Charset;
import java.nio.charset.StandardCharsets;
import java.util.ArrayList;
import java.util.Map;
import java.util.ResourceBundle;
import org.apache.axiom.om.util.Base64;
import org.apache.commons.lang.ArrayUtils;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.methods.HttpRequestBase;
import org.apache.http.client.utils.URLEncodedUtils;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.message.BasicNameValuePair;
import org.owasp.encoder.Encode;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import org.wso2.carbon.identity.application.authentication.endpoint.util.Constants;
import org.wso2.carbon.identity.application.authentication.endpoint.util.bean.UserDTO;
import org.wso2.carbon.identity.application.authentication.framework.config.ConfigurationFacade;
import org.wso2.carbon.identity.core.ServiceURLBuilder;
import org.wso2.carbon.identity.core.URLBuilderException;
import org.wso2.carbon.identity.core.util.IdentityTenantUtil;
import org.wso2.carbon.user.core.UserCoreConstants;
import org.wso2.carbon.user.core.util.UserCoreUtil;
import org.wso2.carbon.utils.HTTPClientUtils;
import org.wso2.carbon.utils.multitenancy.MultitenantUtils;

/* loaded from: input_file:org/wso2/carbon/identity/application/authentication/endpoint/util/AuthenticationEndpointUtil.class */
public class AuthenticationEndpointUtil {
    private static final Log log = LogFactory.getLog(AuthenticationEndpointUtil.class);
    public static final String CLIENT_AUTH_TYPE = "Client";
    private static final String CLIENT = "Client ";
    private static final String COLON = ":";
    private static final String CUSTOM_PAGE_APP_SPECIFIC_CONFIG_KEY_SEPARATOR = "-";
    private static final String HTTP_METHOD_GET = "GET";
    private static final String QUERY_STRING_APPENDER = "&";
    private static final String QUERY_STRING_INITIATOR = "?";
    private static final String PADDING_CHAR = "=";
    private static final String UNDERSCORE = "_";
    private static final String TENANT_DOMAIN_PLACEHOLDER = "${tenantDomain}";
    private static final String SUPER_TENANT = "carbon.super";

    private AuthenticationEndpointUtil() {
    }

    public static String getApplicationSpecificCustomPageConfigKey(String str, String str2) {
        return str + CUSTOM_PAGE_APP_SPECIFIC_CONFIG_KEY_SEPARATOR + str2;
    }

    public static String getCustomPageRedirectUrl(String str, String str2) {
        String str3 = str;
        if (str != null && str2 != null && !str2.isEmpty()) {
            str3 = str.indexOf(QUERY_STRING_INITIATOR) > 0 ? str + QUERY_STRING_APPENDER + str2 : str + QUERY_STRING_INITIATOR + str2;
        }
        return str3;
    }

    public static String cleanErrorMessages(String str) {
        StringBuilder sb = new StringBuilder();
        if (str != null) {
            for (String str2 : str.split(QUERY_STRING_APPENDER)) {
                if (!str2.startsWith(Constants.AUTH_FAILURE) && !str2.startsWith(Constants.ERROR_CODE)) {
                    sb.append(str2);
                    sb.append(QUERY_STRING_APPENDER);
                }
            }
            if (sb.length() > 0 && sb.charAt(sb.length() - 1) == '&') {
                return sb.substring(0, sb.length() - 1);
            }
        }
        return sb.toString();
    }

    public static UserDTO getUser(String str) {
        if (str == null) {
            return null;
        }
        String extractDomainFromName = extractDomainFromName(str);
        String tenantDomain = MultitenantUtils.getTenantDomain(str);
        String tenantAwareUsername = MultitenantUtils.getTenantAwareUsername(UserCoreUtil.removeDomainFromName(str));
        UserDTO userDTO = new UserDTO();
        userDTO.setUsername(tenantAwareUsername);
        userDTO.setRealm(extractDomainFromName);
        userDTO.setTenantDomain(tenantDomain);
        return userDTO;
    }

    public static String extractDomainFromName(String str) {
        if (str.indexOf(UserCoreConstants.DOMAIN_SEPARATOR) > 0) {
            return str.substring(0, str.indexOf(UserCoreConstants.DOMAIN_SEPARATOR)).toUpperCase();
        }
        return null;
    }

    public static String i18n(ResourceBundle resourceBundle, String str) {
        try {
            return Encode.forHtml(StringUtils.isNotBlank(resourceBundle.getString(str)) ? resourceBundle.getString(str) : str);
        } catch (Exception e) {
            return Encode.forHtml(str);
        }
    }

    public static String i18nBase64(ResourceBundle resourceBundle, String str) {
        String replaceAll = Base64.encode(str.getBytes(StandardCharsets.UTF_8)).replaceAll(PADDING_CHAR, UNDERSCORE);
        try {
            return Encode.forHtml(StringUtils.isNotBlank(resourceBundle.getString(replaceAll)) ? resourceBundle.getString(replaceAll) : str);
        } catch (Exception e) {
            return Encode.forHtml(str);
        }
    }

    public static String customi18n(ResourceBundle resourceBundle, String str) {
        try {
            return Encode.forHtml(StringUtils.isNotBlank(resourceBundle.getString(str)) ? resourceBundle.getString(str) : str);
        } catch (Exception e) {
            return i18nBase64(resourceBundle, str);
        }
    }

    public static String getErrorCodeToi18nMapping(String str, String str2) {
        return Constants.ErrorToi18nMappingConstants.ERROR_TO_I18N_MAP.getOrDefault(str + UNDERSCORE + str2, Constants.ErrorToi18nMappingConstants.INCORRECT_ERROR_MAPPING_KEY);
    }

    public static boolean isValidURL(String str) {
        return validateURL(str);
    }

    public static boolean isValidMultiOptionURI(String str) {
        if (validateURL(str)) {
            return validateCallbackURL(str);
        }
        return false;
    }

    private static boolean validateURL(String str) {
        if (StringUtils.isBlank(str)) {
            if (!log.isDebugEnabled()) {
                return false;
            }
            log.debug("Invalid URL.");
            return false;
        }
        try {
            if (isURLRelative(str)) {
                str = buildAbsoluteURL(str);
            }
            new URL(str);
            return true;
        } catch (MalformedURLException | URISyntaxException | URLBuilderException e) {
            if (!log.isDebugEnabled()) {
                return false;
            }
            log.debug(e.getMessage(), e);
            return false;
        }
    }

    private static boolean validateCallbackURL(String str) {
        String authenticationEndpointURL = ConfigurationFacade.getInstance().getAuthenticationEndpointURL();
        try {
            if (isURLRelative(str)) {
                if (str.matches("^/?[a-zA-Z0-9].*")) {
                    return true;
                }
                log.error("No valid URL found for the multiOptionURI. URL: " + str + " is not allowed.");
                return false;
            }
            String hostAndPort = getHostAndPort(str);
            if (hostAndPort.equals(getHostAndPort(buildAbsoluteURL("/")))) {
                return true;
            }
            if (!isURLRelative(authenticationEndpointURL) && hostAndPort.equals(getHostAndPort(authenticationEndpointURL))) {
                return true;
            }
            log.error("No valid host found for the multiOptionURI. URL: " + hostAndPort + " is not allowed.");
            return false;
        } catch (MalformedURLException | URISyntaxException | URLBuilderException e) {
            if (!log.isDebugEnabled()) {
                return false;
            }
            log.debug(e.getMessage(), e);
            return false;
        }
    }

    private static String getHostAndPort(String str) throws MalformedURLException {
        URL url = new URL(str);
        String host = url.getHost();
        int port = url.getPort();
        return port == -1 ? host : host + ":" + port;
    }

    private static boolean isURLRelative(String str) throws URISyntaxException {
        return !new URI(str).isAbsolute();
    }

    private static String buildAbsoluteURL(String str) throws URLBuilderException {
        return ServiceURLBuilder.create().addPath(new String[]{str}).build().getAbsolutePublicURL();
    }

    /* JADX WARN: Finally extract failed */
    public static String sendGetRequest(String str) {
        StringBuilder sb = new StringBuilder();
        try {
            CloseableHttpClient build = HTTPClientUtils.createClientWithCustomVerifier().build();
            try {
                HttpGet httpGet = new HttpGet(str);
                setAuthorizationHeader(httpGet);
                try {
                    CloseableHttpResponse execute = build.execute(httpGet);
                    try {
                        if (log.isDebugEnabled()) {
                            log.debug("HTTP status " + execute.getStatusLine().getStatusCode() + " when invoking " + HTTP_METHOD_GET + " for URL: " + str);
                        }
                        sb = handleHttpResponse(execute, str);
                        if (execute != null) {
                            execute.close();
                        }
                        httpGet.releaseConnection();
                        if (build != null) {
                            build.close();
                        }
                    } catch (Throwable th) {
                        if (execute != null) {
                            try {
                                execute.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        }
                        throw th;
                    }
                } catch (Throwable th3) {
                    httpGet.releaseConnection();
                    throw th3;
                }
            } finally {
            }
        } catch (IOException e) {
            log.error("Sending GET request to URL : " + str + ", failed.", e);
        }
        return sb.toString();
    }

    private static StringBuilder handleHttpResponse(CloseableHttpResponse closeableHttpResponse, String str) throws IOException {
        StringBuilder sb = new StringBuilder();
        if (closeableHttpResponse.getStatusLine().getStatusCode() == 200) {
            BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(closeableHttpResponse.getEntity().getContent()));
            while (true) {
                try {
                    String readLine = bufferedReader.readLine();
                    if (readLine == null) {
                        break;
                    }
                    sb.append(readLine);
                } catch (Throwable th) {
                    try {
                        bufferedReader.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                    throw th;
                }
            }
            bufferedReader.close();
        } else if (closeableHttpResponse.getStatusLine().getStatusCode() != 404) {
            log.error("Response received from the backendURL " + str + " failed with status " + closeableHttpResponse.getStatusLine() + Constants.TenantConstants.RELATIVE_PATH_START_CHAR);
        } else if (log.isDebugEnabled()) {
            log.debug("Response received from the backendURL " + str + " with status " + closeableHttpResponse.getStatusLine() + Constants.TenantConstants.RELATIVE_PATH_START_CHAR);
        }
        return sb;
    }

    private static void setAuthorizationHeader(HttpRequestBase httpRequestBase) {
        httpRequestBase.addHeader("Authorization", CLIENT + new String(org.apache.commons.codec.binary.Base64.encodeBase64((EndpointConfigManager.getAppName() + ":" + String.valueOf(EndpointConfigManager.getAppPassword())).getBytes()), Charset.defaultCharset()));
    }

    public static String resolveTenantDomain(String str) {
        if (str.contains(TENANT_DOMAIN_PLACEHOLDER)) {
            String tenantDomainFromContext = IdentityTenantUtil.getTenantDomainFromContext();
            if (StringUtils.isBlank(tenantDomainFromContext)) {
                tenantDomainFromContext = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantDomain();
            }
            str = SUPER_TENANT.equals(tenantDomainFromContext) ? str.replace("t/${tenantDomain}/", "") : str.replace(TENANT_DOMAIN_PLACEHOLDER, tenantDomainFromContext);
        }
        return str;
    }

    public static String resolveQueryString(Map<String, String[]> map) {
        StringBuilder sb = new StringBuilder();
        if (map != null && !map.isEmpty()) {
            sb.append(QUERY_STRING_INITIATOR);
            ArrayList arrayList = new ArrayList();
            for (Map.Entry<String, String[]> entry : map.entrySet()) {
                if (ArrayUtils.isNotEmpty(entry.getValue())) {
                    arrayList.add(new BasicNameValuePair(entry.getKey(), entry.getValue()[0]));
                }
            }
            sb.append(URLEncodedUtils.format(arrayList, StandardCharsets.UTF_8));
        }
        return sb.toString();
    }
}
