package org.wso2.carbon.identity.oauth2;

import java.sql.SQLIntegrityConstraintViolationException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
import java.util.Map;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.oltu.oauth2.common.message.types.GrantType;
import org.wso2.carbon.core.AbstractAdmin;
import org.wso2.carbon.identity.application.common.model.User;
import org.wso2.carbon.identity.base.IdentityException;
import org.wso2.carbon.identity.core.util.IdentityTenantUtil;
import org.wso2.carbon.identity.oauth.OAuthUtil;
import org.wso2.carbon.identity.oauth.common.OAuth2ErrorCodes;
import org.wso2.carbon.identity.oauth.common.OAuthConstants;
import org.wso2.carbon.identity.oauth.common.exception.InvalidOAuthClientException;
import org.wso2.carbon.identity.oauth.config.OAuthServerConfiguration;
import org.wso2.carbon.identity.oauth.dao.OAuthAppDAO;
import org.wso2.carbon.identity.oauth.dao.OAuthAppDO;
import org.wso2.carbon.identity.oauth.event.OAuthEventListener;
import org.wso2.carbon.identity.oauth.internal.OAuthComponentServiceHolder;
import org.wso2.carbon.identity.oauth2.authz.AuthorizationHandlerManager;
import org.wso2.carbon.identity.oauth2.dao.TokenMgtDAO;
import org.wso2.carbon.identity.oauth2.dto.OAuth2AccessTokenReqDTO;
import org.wso2.carbon.identity.oauth2.dto.OAuth2AccessTokenRespDTO;
import org.wso2.carbon.identity.oauth2.dto.OAuth2AuthorizeReqDTO;
import org.wso2.carbon.identity.oauth2.dto.OAuth2AuthorizeRespDTO;
import org.wso2.carbon.identity.oauth2.dto.OAuth2ClientValidationResponseDTO;
import org.wso2.carbon.identity.oauth2.dto.OAuth2TokenValidationRequestDTO;
import org.wso2.carbon.identity.oauth2.dto.OAuth2TokenValidationResponseDTO;
import org.wso2.carbon.identity.oauth2.dto.OAuthRevocationRequestDTO;
import org.wso2.carbon.identity.oauth2.dto.OAuthRevocationResponseDTO;
import org.wso2.carbon.identity.oauth2.model.AccessTokenDO;
import org.wso2.carbon.identity.oauth2.model.RefreshTokenValidationDataDO;
import org.wso2.carbon.identity.oauth2.token.AccessTokenIssuer;
import org.wso2.carbon.identity.oauth2.util.OAuth2Util;
import org.wso2.carbon.identity.oauth2.validators.DefaultOAuth2TokenValidator;
import org.wso2.carbon.user.api.Claim;
import org.wso2.carbon.user.core.UserStoreManager;
import org.wso2.carbon.utils.multitenancy.MultitenantUtils;

/* loaded from: input_file:org/wso2/carbon/identity/oauth2/OAuth2Service.class */
public class OAuth2Service extends AbstractAdmin {
    private static Log log = LogFactory.getLog(OAuth2Service.class);

    public OAuth2AuthorizeRespDTO authorize(OAuth2AuthorizeReqDTO oAuth2AuthorizeReqDTO) {
        if (log.isDebugEnabled()) {
            log.debug("Authorization Request received for user : " + oAuth2AuthorizeReqDTO.getUser() + ", Client ID : " + oAuth2AuthorizeReqDTO.getConsumerKey() + ", Authorization Response Type : " + oAuth2AuthorizeReqDTO.getResponseType() + ", Requested callback URI : " + oAuth2AuthorizeReqDTO.getCallbackUrl() + ", Requested Scope : " + OAuth2Util.buildScopeString(oAuth2AuthorizeReqDTO.getScopes()));
        }
        try {
            return AuthorizationHandlerManager.getInstance().handleAuthorization(oAuth2AuthorizeReqDTO);
        } catch (Exception e) {
            log.error("Error occurred when processing the authorization request. Returning an error back to client.", e);
            OAuth2AuthorizeRespDTO oAuth2AuthorizeRespDTO = new OAuth2AuthorizeRespDTO();
            oAuth2AuthorizeRespDTO.setErrorCode(OAuth2ErrorCodes.SERVER_ERROR);
            oAuth2AuthorizeRespDTO.setErrorMsg("Error occurred when processing the authorization request. Returning an error back to client.");
            oAuth2AuthorizeRespDTO.setCallbackURI(oAuth2AuthorizeReqDTO.getCallbackUrl());
            return oAuth2AuthorizeRespDTO;
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r8v1, types: [org.wso2.carbon.identity.oauth.common.exception.InvalidOAuthClientException, java.lang.Throwable] */
    public OAuth2ClientValidationResponseDTO validateClientInfo(String str, String str2) {
        OAuth2ClientValidationResponseDTO oAuth2ClientValidationResponseDTO = new OAuth2ClientValidationResponseDTO();
        if (log.isDebugEnabled()) {
            log.debug("Validate Client information request for client_id : " + str + " and callback_uri " + str2);
        }
        try {
            OAuthAppDO appInformation = new OAuthAppDAO().getAppInformation(str);
            if (StringUtils.isEmpty(appInformation.getGrantTypes()) || StringUtils.isEmpty(appInformation.getCallbackUrl())) {
                if (log.isDebugEnabled()) {
                    log.debug("Registered App found for the given Client Id : " + str + " ,App Name : " + appInformation.getApplicationName() + ", does not support the requested grant type.");
                }
                oAuth2ClientValidationResponseDTO.setValidClient(false);
                oAuth2ClientValidationResponseDTO.setErrorCode(OAuth2ErrorCodes.UNSUPPORTED_GRANT_TYPE);
                oAuth2ClientValidationResponseDTO.setErrorMsg("Requested Grant type is not supported.");
                return oAuth2ClientValidationResponseDTO;
            }
            OAuth2Util.setClientTenatId(IdentityTenantUtil.getTenantId(appInformation.getUser().getTenantDomain()));
            if (str2 == null) {
                oAuth2ClientValidationResponseDTO.setValidClient(true);
                oAuth2ClientValidationResponseDTO.setCallbackURL(appInformation.getCallbackUrl());
                oAuth2ClientValidationResponseDTO.setApplicationName(appInformation.getApplicationName());
                oAuth2ClientValidationResponseDTO.setPkceMandatory(appInformation.isPkceMandatory());
                oAuth2ClientValidationResponseDTO.setPkceSupportPlain(appInformation.isPkceSupportPlain());
                return oAuth2ClientValidationResponseDTO;
            }
            if (log.isDebugEnabled()) {
                log.debug("Registered App found for the given Client Id : " + str + " ,App Name : " + appInformation.getApplicationName() + ", Callback URL : " + appInformation.getCallbackUrl());
            }
            String str3 = null;
            String callbackUrl = appInformation.getCallbackUrl();
            if (callbackUrl.startsWith(OAuthConstants.CALLBACK_URL_REGEXP_PREFIX)) {
                str3 = callbackUrl.substring(OAuthConstants.CALLBACK_URL_REGEXP_PREFIX.length());
            }
            if (str3 != null && str2.matches(str3)) {
                oAuth2ClientValidationResponseDTO.setValidClient(true);
                oAuth2ClientValidationResponseDTO.setApplicationName(appInformation.getApplicationName());
                oAuth2ClientValidationResponseDTO.setCallbackURL(str2);
                return oAuth2ClientValidationResponseDTO;
            }
            if (!appInformation.getCallbackUrl().equals(str2)) {
                log.warn("Provided Callback URL does not match with the provided one.");
                oAuth2ClientValidationResponseDTO.setValidClient(false);
                oAuth2ClientValidationResponseDTO.setErrorCode(OAuth2ErrorCodes.INVALID_CALLBACK);
                oAuth2ClientValidationResponseDTO.setErrorMsg("Registered callback does not match with the provided url.");
                return oAuth2ClientValidationResponseDTO;
            }
            oAuth2ClientValidationResponseDTO.setValidClient(true);
            oAuth2ClientValidationResponseDTO.setApplicationName(appInformation.getApplicationName());
            oAuth2ClientValidationResponseDTO.setCallbackURL(str2);
            oAuth2ClientValidationResponseDTO.setPkceMandatory(appInformation.isPkceMandatory());
            oAuth2ClientValidationResponseDTO.setPkceSupportPlain(appInformation.isPkceSupportPlain());
            return oAuth2ClientValidationResponseDTO;
        } catch (InvalidOAuthClientException e) {
            log.error("Error while retrieving the Application Information", e);
            oAuth2ClientValidationResponseDTO.setValidClient(false);
            oAuth2ClientValidationResponseDTO.setErrorCode(OAuth2ErrorCodes.INVALID_CLIENT);
            oAuth2ClientValidationResponseDTO.setErrorMsg(e.getMessage());
            return oAuth2ClientValidationResponseDTO;
        } catch (IdentityOAuth2Exception e2) {
            log.error("Error when reading the Application Information.", e2);
            oAuth2ClientValidationResponseDTO.setValidClient(false);
            oAuth2ClientValidationResponseDTO.setErrorCode(OAuth2ErrorCodes.SERVER_ERROR);
            oAuth2ClientValidationResponseDTO.setErrorMsg("Error when processing the authorization request.");
            return oAuth2ClientValidationResponseDTO;
        }
    }

    public OAuth2AccessTokenRespDTO issueAccessToken(OAuth2AccessTokenReqDTO oAuth2AccessTokenReqDTO) {
        if (log.isDebugEnabled()) {
            log.debug("Access Token request received for Client ID " + oAuth2AccessTokenReqDTO.getClientId() + ", User ID " + oAuth2AccessTokenReqDTO.getResourceOwnerUsername() + ", Scope : " + Arrays.toString(oAuth2AccessTokenReqDTO.getScope()) + " and Grant Type : " + oAuth2AccessTokenReqDTO.getGrantType());
        }
        try {
            return AccessTokenIssuer.getInstance().issue(oAuth2AccessTokenReqDTO);
        } catch (Exception e) {
            log.error("Error occurred while issuing the access token for Client ID : " + oAuth2AccessTokenReqDTO.getClientId() + ", User ID " + oAuth2AccessTokenReqDTO.getResourceOwnerUsername() + ", Scope : " + Arrays.toString(oAuth2AccessTokenReqDTO.getScope()) + " and Grant Type : " + oAuth2AccessTokenReqDTO.getGrantType(), e);
            OAuth2AccessTokenRespDTO oAuth2AccessTokenRespDTO = new OAuth2AccessTokenRespDTO();
            oAuth2AccessTokenRespDTO.setError(true);
            if (e.getCause() == null || e.getCause().getCause() == null || !(e.getCause().getCause() instanceof SQLIntegrityConstraintViolationException)) {
                oAuth2AccessTokenRespDTO.setErrorCode(OAuth2ErrorCodes.SERVER_ERROR);
            } else {
                oAuth2AccessTokenRespDTO.setErrorCode("sql_error");
            }
            oAuth2AccessTokenRespDTO.setErrorMsg("Server Error");
            return oAuth2AccessTokenRespDTO;
        } catch (InvalidOAuthClientException e2) {
            if (log.isDebugEnabled()) {
                log.debug("Error occurred while issuing access token for Client ID : " + oAuth2AccessTokenReqDTO.getClientId() + ", User ID: " + oAuth2AccessTokenReqDTO.getResourceOwnerUsername() + ", Scope : " + Arrays.toString(oAuth2AccessTokenReqDTO.getScope()) + " and Grant Type : " + oAuth2AccessTokenReqDTO.getGrantType(), e2);
            }
            OAuth2AccessTokenRespDTO oAuth2AccessTokenRespDTO2 = new OAuth2AccessTokenRespDTO();
            oAuth2AccessTokenRespDTO2.setError(true);
            oAuth2AccessTokenRespDTO2.setErrorCode(OAuth2ErrorCodes.INVALID_CLIENT);
            oAuth2AccessTokenRespDTO2.setErrorMsg("Invalid Client");
            return oAuth2AccessTokenRespDTO2;
        }
    }

    public OAuthRevocationResponseDTO revokeTokenByOAuthClient(OAuthRevocationRequestDTO oAuthRevocationRequestDTO) {
        TokenMgtDAO tokenMgtDAO = new TokenMgtDAO();
        OAuthRevocationResponseDTO oAuthRevocationResponseDTO = new OAuthRevocationResponseDTO();
        List<OAuthEventListener> list = OAuthComponentServiceHolder.getInstance().getoAuthEventListeners();
        try {
            invokePreRevocationListeners(list, oAuthRevocationRequestDTO);
            RefreshTokenValidationDataDO refreshTokenValidationDataDO = null;
            AccessTokenDO accessTokenDO = null;
            try {
                if (!StringUtils.isNotEmpty(oAuthRevocationRequestDTO.getConsumerKey()) || !StringUtils.isNotEmpty(oAuthRevocationRequestDTO.getToken())) {
                    oAuthRevocationResponseDTO.setError(true);
                    oAuthRevocationResponseDTO.setErrorCode("invalid_request");
                    oAuthRevocationResponseDTO.setErrorMsg("Invalid revocation request");
                    invokePostRevocationListeners(list, oAuthRevocationRequestDTO, oAuthRevocationResponseDTO, null, null);
                    return oAuthRevocationResponseDTO;
                }
                boolean z = false;
                if (StringUtils.equals(GrantType.REFRESH_TOKEN.toString(), oAuthRevocationRequestDTO.getToken_type())) {
                    z = true;
                }
                if (z) {
                    refreshTokenValidationDataDO = tokenMgtDAO.validateRefreshToken(oAuthRevocationRequestDTO.getConsumerKey(), oAuthRevocationRequestDTO.getToken());
                    if (refreshTokenValidationDataDO == null || StringUtils.isEmpty(refreshTokenValidationDataDO.getRefreshTokenState()) || (!"ACTIVE".equals(refreshTokenValidationDataDO.getRefreshTokenState()) && !"EXPIRED".equals(refreshTokenValidationDataDO.getRefreshTokenState()))) {
                        accessTokenDO = tokenMgtDAO.retrieveAccessToken(oAuthRevocationRequestDTO.getToken(), true);
                        refreshTokenValidationDataDO = null;
                    }
                } else {
                    accessTokenDO = tokenMgtDAO.retrieveAccessToken(oAuthRevocationRequestDTO.getToken(), true);
                    if (accessTokenDO == null) {
                        refreshTokenValidationDataDO = tokenMgtDAO.validateRefreshToken(oAuthRevocationRequestDTO.getConsumerKey(), oAuthRevocationRequestDTO.getToken());
                        if (refreshTokenValidationDataDO == null || StringUtils.isEmpty(refreshTokenValidationDataDO.getRefreshTokenState()) || (!"ACTIVE".equals(refreshTokenValidationDataDO.getRefreshTokenState()) && !"EXPIRED".equals(refreshTokenValidationDataDO.getRefreshTokenState()))) {
                            invokePostRevocationListeners(list, oAuthRevocationRequestDTO, oAuthRevocationResponseDTO, accessTokenDO, refreshTokenValidationDataDO);
                            return oAuthRevocationResponseDTO;
                        }
                    }
                }
                String str = "";
                if (accessTokenDO != null) {
                    str = accessTokenDO.getGrantType();
                } else if (refreshTokenValidationDataDO != null) {
                    str = refreshTokenValidationDataDO.getGrantType();
                }
                if (!StringUtils.equals("implicit", str) && !OAuth2Util.authenticateClient(oAuthRevocationRequestDTO.getConsumerKey(), oAuthRevocationRequestDTO.getConsumerSecret())) {
                    OAuthRevocationResponseDTO oAuthRevocationResponseDTO2 = new OAuthRevocationResponseDTO();
                    oAuthRevocationResponseDTO2.setError(true);
                    oAuthRevocationResponseDTO2.setErrorCode(OAuth2ErrorCodes.UNAUTHORIZED_CLIENT);
                    oAuthRevocationResponseDTO2.setErrorMsg("Unauthorized Client");
                    invokePostRevocationListeners(list, oAuthRevocationRequestDTO, oAuthRevocationResponseDTO, accessTokenDO, refreshTokenValidationDataDO);
                    return oAuthRevocationResponseDTO2;
                }
                if (refreshTokenValidationDataDO != null) {
                    OAuthUtil.clearOAuthCache(oAuthRevocationRequestDTO.getConsumerKey(), (User) refreshTokenValidationDataDO.getAuthorizedUser(), OAuth2Util.buildScopeString(refreshTokenValidationDataDO.getScope()));
                    OAuthUtil.clearOAuthCache(oAuthRevocationRequestDTO.getConsumerKey(), (User) refreshTokenValidationDataDO.getAuthorizedUser());
                    OAuthUtil.clearOAuthCache(refreshTokenValidationDataDO.getAccessToken());
                    tokenMgtDAO.revokeTokens(new String[]{refreshTokenValidationDataDO.getAccessToken()});
                    addRevokeResponseHeaders(oAuthRevocationResponseDTO, refreshTokenValidationDataDO.getAccessToken(), oAuthRevocationRequestDTO.getToken(), refreshTokenValidationDataDO.getAuthorizedUser().toString());
                } else if (accessTokenDO != null) {
                    if (!oAuthRevocationRequestDTO.getConsumerKey().equals(accessTokenDO.getConsumerKey())) {
                        throw new InvalidOAuthClientException("Unauthorized Client");
                    }
                    OAuthUtil.clearOAuthCache(oAuthRevocationRequestDTO.getConsumerKey(), (User) accessTokenDO.getAuthzUser(), OAuth2Util.buildScopeString(accessTokenDO.getScope()));
                    OAuthUtil.clearOAuthCache(oAuthRevocationRequestDTO.getConsumerKey(), (User) accessTokenDO.getAuthzUser());
                    OAuthUtil.clearOAuthCache(oAuthRevocationRequestDTO.getToken());
                    tokenMgtDAO.revokeTokens(new String[]{oAuthRevocationRequestDTO.getToken()});
                    addRevokeResponseHeaders(oAuthRevocationResponseDTO, oAuthRevocationRequestDTO.getToken(), accessTokenDO.getRefreshToken(), accessTokenDO.getAuthzUser().toString());
                }
                invokePostRevocationListeners(list, oAuthRevocationRequestDTO, oAuthRevocationResponseDTO, accessTokenDO, refreshTokenValidationDataDO);
                return oAuthRevocationResponseDTO;
            } catch (InvalidOAuthClientException e) {
                log.error("Unauthorized Client", e);
                OAuthRevocationResponseDTO oAuthRevocationResponseDTO3 = new OAuthRevocationResponseDTO();
                oAuthRevocationResponseDTO3.setError(true);
                oAuthRevocationResponseDTO3.setErrorCode(OAuth2ErrorCodes.UNAUTHORIZED_CLIENT);
                oAuthRevocationResponseDTO3.setErrorMsg("Unauthorized Client");
                invokePostRevocationListeners(list, oAuthRevocationRequestDTO, oAuthRevocationResponseDTO, null, null);
                return oAuthRevocationResponseDTO3;
            } catch (IdentityException e2) {
                log.error("Error occurred while revoking authorization grant for applications", e2);
                OAuthRevocationResponseDTO oAuthRevocationResponseDTO4 = new OAuthRevocationResponseDTO();
                oAuthRevocationResponseDTO4.setError(true);
                oAuthRevocationResponseDTO4.setErrorCode(OAuth2ErrorCodes.SERVER_ERROR);
                oAuthRevocationResponseDTO4.setErrorMsg("Error occurred while revoking authorization grant for applications");
                invokePostRevocationListeners(list, oAuthRevocationRequestDTO, oAuthRevocationResponseDTO, null, null);
                return oAuthRevocationResponseDTO4;
            }
        } catch (IdentityOAuth2Exception e3) {
            log.error(e3);
            oAuthRevocationResponseDTO.setError(true);
            oAuthRevocationResponseDTO.setErrorCode(OAuth2ErrorCodes.SERVER_ERROR);
            oAuthRevocationResponseDTO.setErrorMsg("Error occurred while revoking authorization grant for applications");
            return oAuthRevocationResponseDTO;
        }
    }

    private void invokePreRevocationListeners(List<OAuthEventListener> list, OAuthRevocationRequestDTO oAuthRevocationRequestDTO) throws IdentityOAuth2Exception {
        for (OAuthEventListener oAuthEventListener : list) {
            try {
                oAuthEventListener.onPreTokenRevocationByClient(oAuthRevocationRequestDTO);
            } catch (IdentityOAuth2Exception e) {
                throw new IdentityOAuth2Exception("Error occured when invoking pre token revoke listener " + oAuthEventListener.getClass().getName(), e);
            }
        }
    }

    private void invokePostRevocationListeners(List<OAuthEventListener> list, OAuthRevocationRequestDTO oAuthRevocationRequestDTO, OAuthRevocationResponseDTO oAuthRevocationResponseDTO, AccessTokenDO accessTokenDO, RefreshTokenValidationDataDO refreshTokenValidationDataDO) {
        for (OAuthEventListener oAuthEventListener : list) {
            try {
                oAuthEventListener.onPostTokenRevocationByClient(oAuthRevocationRequestDTO, oAuthRevocationResponseDTO, accessTokenDO, refreshTokenValidationDataDO);
            } catch (IdentityOAuth2Exception e) {
                log.error("Error occured when invoking post token revoke listener " + oAuthEventListener.getClass().getName(), e);
            }
        }
    }

    public Claim[] getUserClaims(String str) {
        OAuth2TokenValidationRequestDTO oAuth2TokenValidationRequestDTO = new OAuth2TokenValidationRequestDTO();
        oAuth2TokenValidationRequestDTO.getClass();
        OAuth2TokenValidationRequestDTO.OAuth2AccessToken oAuth2AccessToken = new OAuth2TokenValidationRequestDTO.OAuth2AccessToken();
        oAuth2AccessToken.setTokenType(DefaultOAuth2TokenValidator.TOKEN_TYPE);
        oAuth2AccessToken.setIdentifier(str);
        oAuth2TokenValidationRequestDTO.setAccessToken(oAuth2AccessToken);
        OAuth2TokenValidationResponseDTO validate = new OAuth2TokenValidationService().validate(oAuth2TokenValidationRequestDTO);
        String authorizedUser = validate.getAuthorizedUser();
        if (authorizedUser == null) {
            log.debug(validate.getErrorMsg());
            return new Claim[0];
        }
        boolean z = false;
        for (String str2 : validate.getScope()) {
            if (OAuthConstants.Scope.OPENID.equals(str2)) {
                z = true;
            }
        }
        if (!z) {
            log.error("AccessToken does not have the openid scope");
            return new Claim[0];
        }
        String tenantDomain = MultitenantUtils.getTenantDomain(authorizedUser);
        String tenantAwareUsername = MultitenantUtils.getTenantAwareUsername(authorizedUser);
        ArrayList arrayList = new ArrayList();
        Claim claim = new Claim();
        claim.setClaimUri(OAuth2Util.SUB);
        claim.setValue(authorizedUser);
        arrayList.add(claim);
        try {
            UserStoreManager userStoreManager = IdentityTenantUtil.getRealm(tenantDomain, tenantAwareUsername).getUserStoreManager();
            String[] supportedClaims = OAuthServerConfiguration.getInstance().getSupportedClaims();
            if (supportedClaims != null) {
                for (Map.Entry entry : userStoreManager.getUserClaimValues(authorizedUser, supportedClaims, "default").entrySet()) {
                    Claim claim2 = new Claim();
                    claim2.setClaimUri((String) entry.getKey());
                    claim2.setValue((String) entry.getValue());
                    arrayList.add(claim2);
                }
            }
            String[] strArr = {"http://wso2.org/claims/emailaddress", "http://wso2.org/claims/givenname", "http://wso2.org/claims/lastname"};
            String str3 = null;
            String str4 = null;
            Map userClaimValues = userStoreManager.getUserClaimValues(authorizedUser, strArr, "default");
            if (userClaimValues.get(strArr[0]) != null) {
                String str5 = (String) userClaimValues.get(strArr[0]);
                Claim claim3 = new Claim();
                claim3.setClaimUri("email");
                claim3.setValue(str5);
                arrayList.add(claim3);
                Claim claim4 = new Claim();
                claim4.setClaimUri("preferred_username");
                claim4.setValue(str5.split("@")[0]);
                arrayList.add(claim4);
            }
            if (userClaimValues.get(strArr[1]) != null) {
                str3 = (String) userClaimValues.get(strArr[1]);
                Claim claim5 = new Claim();
                claim5.setClaimUri("given_name");
                claim5.setValue(str3);
                arrayList.add(claim5);
            }
            if (userClaimValues.get(strArr[2]) != null) {
                str4 = (String) userClaimValues.get(strArr[2]);
                Claim claim6 = new Claim();
                claim6.setClaimUri("family_name");
                claim6.setValue(str4);
                arrayList.add(claim6);
            }
            if (str3 != null && str4 != null) {
                Claim claim7 = new Claim();
                claim7.setClaimUri("name");
                claim7.setValue(str3 + " " + str4);
                arrayList.add(claim7);
            }
        } catch (Exception e) {
            log.error("Error while reading user claims ", e);
        }
        Claim[] claimArr = new Claim[arrayList.size()];
        for (int i = 0; i < arrayList.size(); i++) {
            claimArr[i] = (Claim) arrayList.get(i);
        }
        return claimArr;
    }

    public boolean isPKCESupportEnabled() {
        return OAuth2Util.isPKCESupportEnabled();
    }

    private void addRevokeResponseHeaders(OAuthRevocationResponseDTO oAuthRevocationResponseDTO, String str, String str2, String str3) {
        ArrayList arrayList = new ArrayList();
        ResponseHeader responseHeader = new ResponseHeader();
        responseHeader.setKey("RevokedAccessToken");
        responseHeader.setValue(str);
        arrayList.add(responseHeader);
        ResponseHeader responseHeader2 = new ResponseHeader();
        responseHeader2.setKey("AuthorizedUser");
        responseHeader2.setValue(str3);
        arrayList.add(responseHeader2);
        ResponseHeader responseHeader3 = new ResponseHeader();
        responseHeader3.setKey("RevokedRefreshToken");
        responseHeader3.setValue(str2);
        arrayList.add(responseHeader3);
        oAuthRevocationResponseDTO.setResponseHeaders((ResponseHeader[]) arrayList.toArray(new ResponseHeader[arrayList.size()]));
    }
}
