package org.wso2.carbon.identity.oauth.endpoint.util;

import java.io.UnsupportedEncodingException;
import java.net.URLEncoder;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import java.util.UUID;
import org.apache.axiom.util.base64.Base64Utils;
import org.apache.commons.io.Charsets;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.oltu.oauth2.as.response.OAuthASResponse;
import org.apache.oltu.oauth2.common.exception.OAuthProblemException;
import org.apache.oltu.oauth2.common.exception.OAuthSystemException;
import org.wso2.carbon.base.ServerConfiguration;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import org.wso2.carbon.identity.application.authentication.framework.cache.AuthenticationRequestCacheEntry;
import org.wso2.carbon.identity.application.authentication.framework.model.AuthenticationRequest;
import org.wso2.carbon.identity.application.authentication.framework.util.FrameworkUtils;
import org.wso2.carbon.identity.core.util.IdentityUtil;
import org.wso2.carbon.identity.oauth.cache.SessionDataCache;
import org.wso2.carbon.identity.oauth.cache.SessionDataCacheEntry;
import org.wso2.carbon.identity.oauth.cache.SessionDataCacheKey;
import org.wso2.carbon.identity.oauth.common.exception.OAuthClientException;
import org.wso2.carbon.identity.oauth.config.OAuthServerConfiguration;
import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception;
import org.wso2.carbon.identity.oauth2.OAuth2Service;
import org.wso2.carbon.identity.oauth2.OAuth2TokenValidationService;
import org.wso2.carbon.identity.oauth2.model.OAuth2Parameters;
import org.wso2.carbon.identity.oauth2.util.OAuth2Util;

/* loaded from: input_file:WEB-INF/classes/org/wso2/carbon/identity/oauth/endpoint/util/EndpointUtil.class */
public class EndpointUtil {
    private static final Log log = LogFactory.getLog(EndpointUtil.class);

    private EndpointUtil() {
    }

    public static OAuth2Service getOAuth2Service() {
        return (OAuth2Service) PrivilegedCarbonContext.getThreadLocalCarbonContext().getOSGiService(OAuth2Service.class);
    }

    public static OAuthServerConfiguration getOAuthServerConfiguration() {
        return (OAuthServerConfiguration) PrivilegedCarbonContext.getThreadLocalCarbonContext().getOSGiService(OAuthServerConfiguration.class);
    }

    public static OAuth2TokenValidationService getOAuth2TokenValidationService() {
        return (OAuth2TokenValidationService) PrivilegedCarbonContext.getThreadLocalCarbonContext().getOSGiService(OAuth2TokenValidationService.class);
    }

    public static String getUserInfoRequestValidator() throws OAuthSystemException {
        return getOAuthServerConfiguration().getOpenIDConnectUserInfoEndpointRequestValidator();
    }

    public static String getAccessTokenValidator() {
        return getOAuthServerConfiguration().getOpenIDConnectUserInfoEndpointAccessTokenValidator();
    }

    public static String getUserInfoResponseBuilder() {
        return getOAuthServerConfiguration().getOpenIDConnectUserInfoEndpointResponseBuilder();
    }

    public static String getUserInfoClaimRetriever() {
        return getOAuthServerConfiguration().getOpenIDConnectUserInfoEndpointClaimRetriever();
    }

    public static String getUserInfoClaimDialect() {
        return getOAuthServerConfiguration().getOpenIDConnectUserInfoEndpointClaimDialect();
    }

    public static String[] extractCredentialsFromAuthzHeader(String str) throws OAuthClientException {
        byte[] decode;
        String[] split = str.trim().split(" ");
        if (split.length != 2 || (decode = Base64Utils.decode(split[1].trim())) == null) {
            throw new OAuthClientException("Error decoding authorization header. Space delimited \"<authMethod> <base64Hash>\" format violated.");
        }
        return new String(decode, Charsets.UTF_8).split(":");
    }

    public static String getErrorPageURL(String str, String str2, String str3) {
        String oAuth2ErrorPageUrl = OAuth2Util.OAuthURL.getOAuth2ErrorPageUrl();
        try {
            oAuth2ErrorPageUrl = oAuth2ErrorPageUrl + "?oauthErrorCode=" + URLEncoder.encode(str, "UTF-8") + "&oauthErrorMsg=" + URLEncoder.encode(str2, "UTF-8");
        } catch (UnsupportedEncodingException e) {
            if (log.isDebugEnabled()) {
                log.debug("Error while encoding the error page url", e);
            }
        }
        if (str3 != null) {
            try {
                oAuth2ErrorPageUrl = oAuth2ErrorPageUrl + "application=" + URLEncoder.encode(str3, "UTF-8");
            } catch (UnsupportedEncodingException e2) {
                if (log.isDebugEnabled()) {
                    log.debug("Error while encoding the error page url", e2);
                }
            }
        }
        return oAuth2ErrorPageUrl;
    }

    public static String getErrorRedirectURL(OAuthProblemException oAuthProblemException, OAuth2Parameters oAuth2Parameters) {
        String str = null;
        try {
            if (oAuth2Parameters == null) {
                str = getErrorPageURL(oAuthProblemException.getError(), oAuthProblemException.getMessage(), null);
            } else if (StringUtils.isNotBlank(oAuth2Parameters.getRedirectURI())) {
                if (OAuth2Util.isImplicitResponseType(oAuth2Parameters.getResponseType()) && OAuthServerConfiguration.getInstance().isImplicitErrorFragment()) {
                    str = OAuthASResponse.errorResponse(302).error(oAuthProblemException).location(oAuth2Parameters.getRedirectURI()).setState(oAuth2Parameters.getState()).setParam("access_token", (String) null).buildQueryMessage().getLocationUri();
                }
                if (StringUtils.isBlank(str)) {
                    str = OAuthASResponse.errorResponse(302).error(oAuthProblemException).location(oAuth2Parameters.getRedirectURI()).setState(oAuth2Parameters.getState()).buildQueryMessage().getLocationUri();
                }
            } else {
                str = getErrorPageURL(oAuthProblemException.getError(), oAuthProblemException.getMessage(), oAuth2Parameters.getApplicationName());
            }
        } catch (OAuthSystemException e) {
            if (log.isDebugEnabled()) {
                log.debug("Server error occurred while building error redirect url", e);
            }
            str = oAuth2Parameters != null ? getErrorPageURL(oAuthProblemException.getError(), oAuthProblemException.getMessage(), oAuth2Parameters.getApplicationName()) : getErrorPageURL(oAuthProblemException.getError(), oAuthProblemException.getMessage(), null);
        }
        return str;
    }

    public static String getLoginPageURL(String str, String str2, boolean z, boolean z2, Set<String> set) throws IdentityOAuth2Exception {
        try {
            String loginPageURL = getLoginPageURL(str, str2, z, z2, set, SessionDataCache.getInstance().getValueFromCache(new SessionDataCacheKey(str2)).getParamMap());
            OAuth2Util.clearClientTenantId();
            return loginPageURL;
        } catch (Throwable th) {
            OAuth2Util.clearClientTenantId();
            throw th;
        }
    }

    public static String getLoginPageURL(String str, String str2, boolean z, boolean z2, Set<String> set, Map<String, String[]> map) throws IdentityOAuth2Exception {
        try {
            String str3 = "oauth2";
            if (set != null) {
                try {
                    if (set.contains("openid")) {
                        str3 = "oidc";
                    }
                } catch (UnsupportedEncodingException e) {
                    throw new IdentityOAuth2Exception("Error encoding the session key : ", e);
                }
            }
            String serverURL = IdentityUtil.getServerURL("commonauth", false, true);
            AuthenticationRequest authenticationRequest = new AuthenticationRequest();
            int clientTenatId = OAuth2Util.getClientTenatId();
            authenticationRequest.setCommonAuthCallerPath("/oauth2/authorize");
            authenticationRequest.setForceAuth(z);
            authenticationRequest.setPassiveAuth(z2);
            authenticationRequest.setRelyingParty(str);
            authenticationRequest.setTenantDomain(OAuth2Util.getTenantDomain(clientTenatId));
            authenticationRequest.setRequestQueryParams(map);
            FrameworkUtils.addAuthenticationRequestToCache(str2, new AuthenticationRequestCacheEntry(authenticationRequest));
            StringBuilder sb = new StringBuilder();
            sb.append(serverURL).append("?").append("sessionDataKey").append("=").append(URLEncoder.encode(str2, "UTF-8")).append("&").append("type").append("=").append(str3);
            String sb2 = sb.toString();
            OAuth2Util.clearClientTenantId();
            return sb2;
        } catch (Throwable th) {
            OAuth2Util.clearClientTenantId();
            throw th;
        }
    }

    public static String getUserConsentURL(OAuth2Parameters oAuth2Parameters, String str, String str2, boolean z) throws OAuthSystemException {
        String str3 = "";
        if (log.isDebugEnabled()) {
            log.debug("Received Session Data Key is :  " + str2);
            if (oAuth2Parameters == null) {
                log.debug("Received OAuth2 params are Null for UserConsentURL");
            }
        }
        SessionDataCache sessionDataCache = SessionDataCache.getInstance();
        SessionDataCacheEntry valueFromCache = sessionDataCache.getValueFromCache(new SessionDataCacheKey(str2));
        String uuid = UUID.randomUUID().toString();
        try {
            if (valueFromCache != null) {
                sessionDataCache.addToCache(new SessionDataCacheKey(uuid), valueFromCache);
                if (valueFromCache.getQueryString() != null) {
                    str3 = URLEncoder.encode(valueFromCache.getQueryString(), "UTF-8");
                }
            } else if (log.isDebugEnabled()) {
                log.debug("Cache Entry is Null from SessionDataCache ");
            }
            String oIDCConsentPageUrl = z ? OAuth2Util.OAuthURL.getOIDCConsentPageUrl() : OAuth2Util.OAuthURL.getOAuth2ConsentPageUrl();
            if (oAuth2Parameters != null) {
                return oIDCConsentPageUrl + "?loggedInUser=" + URLEncoder.encode(str, "UTF-8") + "&application=" + URLEncoder.encode(oAuth2Parameters.getApplicationName(), "ISO-8859-1") + "&scope=" + URLEncoder.encode(getScope(oAuth2Parameters), "ISO-8859-1") + "&sessionDataKeyConsent=" + URLEncoder.encode(uuid, "UTF-8") + "&spQueryParams=" + str3;
            }
            throw new OAuthSystemException("Error while retrieving the application name");
        } catch (UnsupportedEncodingException e) {
            throw new OAuthSystemException("Error while encoding the url", e);
        }
    }

    public static String getScope(OAuth2Parameters oAuth2Parameters) {
        StringBuilder sb = new StringBuilder();
        Iterator it = oAuth2Parameters.getScopes().iterator();
        while (it.hasNext()) {
            sb.append(((String) it.next()) + " ");
        }
        return sb.toString().trim();
    }

    public static String getRealmInfo() {
        return "Basic realm=" + getHostName();
    }

    public static String getHostName() {
        return ServerConfiguration.getInstance().getFirstProperty("HostName");
    }
}
