package org.wso2.carbon.identity.oauth2.token.handler.clientauth.mutualtls.utils;

import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.io.Charsets;
import org.apache.commons.lang.ArrayUtils;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.identity.application.common.model.ServiceProvider;
import org.wso2.carbon.identity.application.common.model.ServiceProviderProperty;
import org.wso2.carbon.identity.core.util.IdentityUtil;
import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception;
import org.wso2.carbon.identity.oauth2.util.OAuth2Util;

/* loaded from: input_file:org/wso2/carbon/identity/oauth2/token/handler/clientauth/mutualtls/utils/MutualTLSUtil.class */
public class MutualTLSUtil {
    private static final Log log = LogFactory.getLog(MutualTLSUtil.class);
    public static final String JAVAX_SERVLET_REQUEST_CERTIFICATE = "javax.servlet.request.X509Certificate";

    public static String getThumbPrint(X509Certificate x509Certificate) throws NoSuchAlgorithmException, CertificateEncodingException {
        MessageDigest messageDigest = MessageDigest.getInstance("SHA-1");
        messageDigest.update(x509Certificate.getEncoded());
        return new String(new Base64(0, null, true).encode(hexify(messageDigest.digest()).getBytes(Charsets.UTF_8)), Charsets.UTF_8);
    }

    public static String getThumbPrint(X509Certificate x509Certificate, String str) throws CertificateEncodingException {
        try {
            return OAuth2Util.getThumbPrint(x509Certificate, str);
        } catch (IdentityOAuth2Exception e) {
            if (log.isDebugEnabled()) {
                log.debug("An error occurred while getting the thumbprint of the certificate: " + x509Certificate.toString());
            }
            throw new CertificateEncodingException("Error occurred while getting certificate thumbprint", e);
        }
    }

    public static String hexify(byte[] bArr) {
        StringBuilder sb = new StringBuilder(bArr.length * 2);
        char[] cArr = {'0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'a', 'b', 'c', 'd', 'e', 'f'};
        for (byte b : bArr) {
            sb.append(cArr[(b & 240) >> 4]).append(cArr[b & 15]);
        }
        return sb.toString();
    }

    public static int readHTTPConnectionConfigValue(String str) {
        int i = 0;
        String property = IdentityUtil.getProperty(str);
        if (StringUtils.isNotBlank(property)) {
            try {
                i = Integer.parseInt(property);
            } catch (NumberFormatException e) {
                log.error("Provided HTTP connection config value in " + str + " should be an integer type. Value : " + property);
            }
        }
        return i;
    }

    public static boolean isJwksUriConfigured(ServiceProvider serviceProvider) {
        for (ServiceProviderProperty serviceProviderProperty : serviceProvider.getSpProperties()) {
            if (serviceProviderProperty.getName().equals(CommonConstants.JWKS_URI) && StringUtils.isNotBlank(serviceProviderProperty.getValue())) {
                return true;
            }
        }
        return false;
    }

    public static String getPropertyValue(ServiceProvider serviceProvider, String str) {
        ServiceProviderProperty[] spProperties = serviceProvider.getSpProperties();
        if (ArrayUtils.isEmpty(spProperties) || StringUtils.isBlank(str)) {
            return null;
        }
        for (ServiceProviderProperty serviceProviderProperty : spProperties) {
            if (str.equals(serviceProviderProperty.getName()) && StringUtils.isNotBlank(serviceProviderProperty.getValue())) {
                return serviceProviderProperty.getValue();
            }
        }
        return null;
    }
}
