package org.wso2.carbon.identity.oauth2.client.authentication;

import java.util.List;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.identity.oauth.common.exception.InvalidOAuthClientException;
import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception;
import org.wso2.carbon.identity.oauth2.bean.OAuthClientAuthnContext;
import org.wso2.carbon.identity.oauth2.util.OAuth2Util;

/* loaded from: input_file:org/wso2/carbon/identity/oauth2/client/authentication/PublicClientAuthenticator.class */
public class PublicClientAuthenticator extends AbstractOAuthClientAuthenticator {
    public static final String PUBLIC_CLIENT_AUTHENTICATOR = "PublicClientAuthenticator";
    private static final Log log = LogFactory.getLog(PublicClientAuthenticator.class);

    public int getPriority() {
        return 200;
    }

    @Override // org.wso2.carbon.identity.oauth2.client.authentication.OAuthClientAuthenticator
    public boolean authenticateClient(HttpServletRequest httpServletRequest, Map<String, List> map, OAuthClientAuthnContext oAuthClientAuthnContext) {
        return true;
    }

    @Override // org.wso2.carbon.identity.oauth2.client.authentication.OAuthClientAuthenticator
    public boolean canAuthenticate(HttpServletRequest httpServletRequest, Map<String, List> map, OAuthClientAuthnContext oAuthClientAuthnContext) {
        String clientId = getClientId(httpServletRequest, map, oAuthClientAuthnContext);
        try {
            if (isClientIdExistsAsParams(map)) {
                if (canBypassClientCredentials(oAuthClientAuthnContext.getClientId())) {
                    if (clientId == null) {
                        return true;
                    }
                    oAuthClientAuthnContext.setClientId(clientId);
                    return true;
                }
                if (log.isDebugEnabled()) {
                    log.debug("The Application (Service Provider) with client ID : " + clientId + " has not enabled the option \"Allow authentication without the client secret\" and no valid Authorization Header exists in the request.");
                }
            } else if (log.isDebugEnabled()) {
                log.debug("Application with the given client ID " + clientId + " is not found");
            }
        } catch (IdentityOAuth2Exception e) {
            log.error("Error in Application (Service Provider) with client ID : " + clientId, e);
        } catch (InvalidOAuthClientException e2) {
            if (log.isDebugEnabled()) {
                log.debug("Error in retrieving an Application (Service Provider) with client ID : " + clientId, e2);
            }
        }
        if (!log.isDebugEnabled()) {
            return false;
        }
        log.debug("The Client ID is not present in the request.");
        return false;
    }

    public String getName() {
        return PUBLIC_CLIENT_AUTHENTICATOR;
    }

    @Override // org.wso2.carbon.identity.oauth2.client.authentication.OAuthClientAuthenticator
    public String getClientId(HttpServletRequest httpServletRequest, Map<String, List> map, OAuthClientAuthnContext oAuthClientAuthnContext) {
        if (StringUtils.isBlank(oAuthClientAuthnContext.getClientId())) {
            setClientCredentialsFromParam(map, oAuthClientAuthnContext);
        }
        return oAuthClientAuthnContext.getClientId();
    }

    private boolean canBypassClientCredentials(String str) throws IdentityOAuth2Exception, InvalidOAuthClientException {
        return OAuth2Util.getAppInformationByClientId(str).isBypassClientCredentials();
    }

    private boolean isClientIdExistsAsParams(Map<String, List> map) {
        return StringUtils.isNotEmpty(getBodyParameters(map).get("client_id"));
    }

    private void setClientCredentialsFromParam(Map<String, List> map, OAuthClientAuthnContext oAuthClientAuthnContext) {
        oAuthClientAuthnContext.setClientId(getBodyParameters(map).get("client_id"));
    }
}
