package org.wso2.carbon.auth.user.info.impl;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.wso2.carbon.auth.core.exception.ExceptionCodes;
import org.wso2.carbon.auth.token.introspection.IntrospectionManager;
import org.wso2.carbon.auth.token.introspection.dto.IntrospectionResponse;
import org.wso2.carbon.auth.user.info.UserinfoRequestHandler;
import org.wso2.carbon.auth.user.info.constants.UserInfoConstants;
import org.wso2.carbon.auth.user.info.exception.UserInfoException;
import org.wso2.carbon.auth.user.info.util.UserInfoUtil;

/* loaded from: input_file:org/wso2/carbon/auth/user/info/impl/UserInfoRequestHandlerImpl.class */
public class UserInfoRequestHandlerImpl implements UserinfoRequestHandler {
    private static final Logger log = LoggerFactory.getLogger(UserInfoRequestHandlerImpl.class);
    private IntrospectionManager introspectionManager;

    public UserInfoRequestHandlerImpl(IntrospectionManager introspectionManager) {
        this.introspectionManager = introspectionManager;
    }

    @Override // org.wso2.carbon.auth.user.info.UserinfoRequestHandler
    public String retrieveUserInfo(String str) throws UserInfoException {
        IntrospectionResponse introspect = this.introspectionManager.introspect(retrieveToken(str));
        if (!introspect.isActive()) {
            throw new UserInfoException("The access token is not active.", ExceptionCodes.INVALID_TOKEN);
        }
        if (areScopesValid(introspect.getScope())) {
            return UserInfoUtil.getUserInfoResponseBuilder().getResponseString(introspect);
        }
        throw new UserInfoException("Openid scope is missing.", ExceptionCodes.INVALID_TOKEN);
    }

    private String retrieveToken(String str) throws UserInfoException {
        log.debug("Retrieving token from Authorization header value: {}", str);
        if (str == null) {
            throw new UserInfoException("Authorization header value is missing", ExceptionCodes.INVALID_TOKEN);
        }
        String[] split = str.trim().split(" ");
        if (!"Bearer".equals(split[0])) {
            throw new UserInfoException("Bearer token is missing", ExceptionCodes.INVALID_TOKEN);
        }
        if (split.length == 1) {
            throw new UserInfoException("Access token is missing", ExceptionCodes.INVALID_TOKEN);
        }
        return split[1];
    }

    private boolean areScopesValid(String str) throws UserInfoException {
        log.debug("Validating scopes values: {}", str);
        if (str == null) {
            return false;
        }
        for (String str2 : str.split(" ")) {
            if (UserInfoConstants.OPENID.equals(str2)) {
                return true;
            }
        }
        return false;
    }
}
