package org.wso2.carbon.identity.application.authenticator.openid.manager;

import java.util.HashMap;
import java.util.List;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.openid4java.association.AssociationException;
import org.openid4java.consumer.ConsumerException;
import org.openid4java.consumer.ConsumerManager;
import org.openid4java.consumer.VerificationResult;
import org.openid4java.discovery.DiscoveryException;
import org.openid4java.discovery.DiscoveryInformation;
import org.openid4java.discovery.Identifier;
import org.openid4java.discovery.yadis.YadisException;
import org.openid4java.message.AuthRequest;
import org.openid4java.message.AuthSuccess;
import org.openid4java.message.MessageException;
import org.openid4java.message.ParameterList;
import org.openid4java.message.ax.FetchRequest;
import org.openid4java.message.ax.FetchResponse;
import org.wso2.carbon.identity.application.authentication.framework.config.builder.FileBasedConfigurationBuilder;
import org.wso2.carbon.identity.application.authentication.framework.context.AuthenticationContext;
import org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser;
import org.wso2.carbon.identity.application.authenticator.openid.exception.OpenIDException;
import org.wso2.carbon.identity.application.common.model.Claim;
import org.wso2.carbon.identity.application.common.model.ClaimMapping;
import org.wso2.carbon.ui.CarbonUIUtil;

/* loaded from: input_file:org/wso2/carbon/identity/application/authenticator/openid/manager/DefaultOpenIDManager.class */
public class DefaultOpenIDManager implements OpenIDManager {
    private static ConsumerManager consumerManager = new ConsumerManager();
    private static Log log = LogFactory.getLog(DefaultOpenIDManager.class);

    @Override // org.wso2.carbon.identity.application.authenticator.openid.manager.OpenIDManager
    public String doOpenIDLogin(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationContext authenticationContext) throws OpenIDException {
        String parameter = httpServletRequest.getParameter("claimed_id");
        if (parameter == null) {
            parameter = (String) authenticationContext.getAuthenticatorProperties().get("OpenIdUrl");
        }
        try {
            DiscoveryInformation associate = consumerManager.associate(consumerManager.discover(parameter));
            httpServletRequest.getSession().setAttribute("openid-disc", associate);
            String replace = CarbonUIUtil.getAdminConsoleURL(httpServletRequest).replace("commonauth/carbon/", "commonauth");
            AuthRequest authenticate = consumerManager.authenticate(associate, replace + "?sessionDataKey=" + authenticationContext.getContextIdentifier());
            authenticate.setRealm(replace);
            AttributesRequestor attributeRequestor = getAttributeRequestor();
            String[] requestedAttributes = attributeRequestor.getRequestedAttributes(parameter);
            FetchRequest createFetchRequest = FetchRequest.createFetchRequest();
            for (String str : requestedAttributes) {
                createFetchRequest.addAttribute(str, attributeRequestor.getTypeURI(parameter, str), attributeRequestor.isRequired(parameter, str), attributeRequestor.getCount(parameter, str));
            }
            authenticate.addExtension(createFetchRequest);
            return authenticate.getDestinationUrl(true);
        } catch (MessageException e) {
            throw new OpenIDException("Error while creating FetchRequest", e);
        } catch (DiscoveryException e2) {
            throw new OpenIDException("Error while doing OpenID Discovery", e2);
        } catch (YadisException e3) {
            if (e3.getErrorCode() == 1796) {
                throw new OpenIDException(e3.getMessage(), e3);
            }
            throw new OpenIDException("Error while creating FetchRequest", e3);
        } catch (ConsumerException e4) {
            throw new OpenIDException("Error while doing OpenID Authentication", e4);
        }
    }

    @Override // org.wso2.carbon.identity.application.authenticator.openid.manager.OpenIDManager
    public void processOpenIDLoginResponse(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationContext authenticationContext) throws OpenIDException {
        try {
            VerificationResult verify = consumerManager.verify(CarbonUIUtil.getAdminConsoleURL(httpServletRequest).replace("commonauth/carbon/", "commonauth") + "?sessionDataKey=" + authenticationContext.getContextIdentifier(), new ParameterList(httpServletRequest.getParameterMap()), (DiscoveryInformation) httpServletRequest.getSession().getAttribute("openid-disc"));
            Identifier verifiedId = verify.getVerifiedId();
            if (verifiedId == null) {
                throw new OpenIDException("OpenID verification failed");
            }
            if (log.isDebugEnabled()) {
                log.debug("OpenID Response verification successfull. Verified ID: " + verifiedId.getIdentifier());
            }
            AuthSuccess authResponse = verify.getAuthResponse();
            AttributesRequestor attributeRequestor = getAttributeRequestor();
            AuthenticatedUser authenticatedUser = new AuthenticatedUser();
            if (authResponse.hasExtension("http://openid.net/srv/ax/1.0")) {
                HashMap hashMap = new HashMap();
                String[] requestedAttributes = attributeRequestor.getRequestedAttributes(authResponse.getIdentity());
                FetchResponse extension = authResponse.getExtension("http://openid.net/srv/ax/1.0");
                for (String str : requestedAttributes) {
                    String typeURI = attributeRequestor.getTypeURI(authResponse.getIdentity(), str);
                    List<String> attributeValuesByTypeUri = extension.getAttributeValuesByTypeUri(typeURI);
                    if ((attributeValuesByTypeUri.get(0) instanceof String) && attributeValuesByTypeUri.get(0).split(",").length > 1) {
                        for (String str2 : attributeValuesByTypeUri.get(0).split(",")) {
                            attributeValuesByTypeUri.add(str2);
                        }
                    }
                    if (attributeValuesByTypeUri.get(0) != null) {
                        Claim claim = new Claim();
                        claim.setClaimUri(typeURI);
                        ClaimMapping claimMapping = new ClaimMapping();
                        claimMapping.setRemoteClaim(claim);
                        hashMap.put(claimMapping, getCommaSeperatedValue(attributeValuesByTypeUri));
                    }
                }
                authenticatedUser.setUserAttributes(hashMap);
            }
            authenticatedUser.setAuthenticatedSubjectIdentifier(authResponse.getClaimed());
            authenticationContext.setSubject(authenticatedUser);
        } catch (MessageException e) {
            throw new OpenIDException("Error while verifying OpenID response", e);
        } catch (AssociationException e2) {
            throw new OpenIDException("Error while verifying OpenID response", e2);
        } catch (DiscoveryException e3) {
            throw new OpenIDException("Error while verifying OpenID response", e3);
        }
    }

    private AttributesRequestor getAttributeRequestor() {
        String str = (String) FileBasedConfigurationBuilder.getInstance().getAuthenticatorBean("OpenIDAuthenticator").getParameterMap().get("AttributesRequestor");
        AttributesRequestor attributesRequestor = null;
        if (str != null) {
            try {
                attributesRequestor = (AttributesRequestor) Thread.currentThread().getContextClassLoader().loadClass(str).newInstance();
            } catch (ClassNotFoundException e) {
                log.error("Error while instantiating the OpenIDManager ", e);
            } catch (IllegalAccessException e2) {
                log.error("Error while instantiating the OpenIDManager ", e2);
            } catch (InstantiationException e3) {
                log.error("Error while instantiating the OpenIDManager ", e3);
            }
        } else {
            attributesRequestor = new SampleAttributesRequestor();
        }
        attributesRequestor.init();
        return attributesRequestor;
    }

    private String getCommaSeperatedValue(List<String> list) {
        StringBuffer stringBuffer = null;
        for (String str : list) {
            if (stringBuffer == null) {
                stringBuffer = new StringBuffer(str);
            } else {
                stringBuffer.append("," + str);
            }
        }
        if (stringBuffer != null) {
            return stringBuffer.toString();
        }
        return null;
    }
}
