package org.apache.shindig.social.core.oauth2;

import com.ibm.icu.text.PluralRules;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.UnsupportedEncodingException;
import java.net.URI;
import java.net.URISyntaxException;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.logging.Level;
import java.util.logging.Logger;
import java.util.regex.Pattern;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.io.IOUtils;
import org.apache.http.NameValuePair;
import org.apache.http.client.utils.URLEncodedUtils;
import org.apache.shindig.common.logging.i18n.MessageKeys;
import org.apache.shindig.gadgets.oauth2.OAuth2Message;
import org.apache.shindig.social.core.oauth2.OAuth2Types;
import org.apache.shiro.web.filter.authc.FormAuthenticationFilter;

/* loaded from: input_file:WEB-INF/lib/shindig-social-api-2.5.2.jar:org/apache/shindig/social/core/oauth2/OAuth2NormalizedRequest.class */
public class OAuth2NormalizedRequest extends HashMap<String, Object> {
    private static final long serialVersionUID = -7849581704967135322L;
    private HttpServletRequest httpReq = null;
    private static final Pattern FORM_URL_REGEX = Pattern.compile("application/(x-www-)?form-url(-)?encoded");
    private static final String classname = OAuth2NormalizedRequest.class.getName();
    private static final Logger LOG = Logger.getLogger(classname, MessageKeys.MESSAGES);

    public OAuth2NormalizedRequest(HttpServletRequest httpServletRequest) throws OAuth2Exception {
        setHttpServletRequest(httpServletRequest);
        String contentType = httpServletRequest.getContentType();
        if (contentType != null && FORM_URL_REGEX.matcher(contentType).matches()) {
            normalizeBody(getBodyAsString(httpServletRequest));
        }
        Enumeration parameterNames = httpServletRequest.getParameterNames();
        while (parameterNames.hasMoreElements()) {
            String str = (String) parameterNames.nextElement();
            put(str, httpServletRequest.getParameter(str));
        }
        normalizeClientSecret(httpServletRequest);
        normalizeAccessToken(httpServletRequest);
    }

    public String getClientId() {
        return getString(OAuth2Message.CLIENT_ID);
    }

    public String getClientSecret() {
        return getString(OAuth2Message.CLIENT_SECRET);
    }

    public String getResponseType() {
        return getString(OAuth2Message.RESPONSE_TYPE);
    }

    public String getGrantType() {
        return getString(OAuth2Message.GRANT_TYPE);
    }

    public String getRedirectURI() {
        return getString(OAuth2Message.REDIRECT_URI);
    }

    public String getAccessToken() {
        return getString(OAuth2Message.ACCESS_TOKEN);
    }

    public String getAuthorizationCode() {
        return getString(OAuth2Message.AUTHORIZATION);
    }

    public String getState() {
        return getString(OAuth2Message.STATE);
    }

    public String getScope() {
        return getString(OAuth2Message.SCOPE);
    }

    public OAuth2Types.ResponseType getEnumeratedResponseType() throws OAuth2Exception {
        String responseType = getResponseType();
        if (responseType == null) {
            return null;
        }
        if (responseType.equals(OAuth2Message.AUTHORIZATION)) {
            return OAuth2Types.ResponseType.CODE;
        }
        if (responseType.equals("token")) {
            return OAuth2Types.ResponseType.TOKEN;
        }
        OAuth2NormalizedResponse oAuth2NormalizedResponse = new OAuth2NormalizedResponse();
        oAuth2NormalizedResponse.setError(OAuth2Types.ErrorType.UNSUPPORTED_RESPONSE_TYPE.toString());
        oAuth2NormalizedResponse.setErrorDescription("Unsupported response type");
        oAuth2NormalizedResponse.setStatus(302);
        oAuth2NormalizedResponse.setBodyReturned(false);
        oAuth2NormalizedResponse.setHeader("Location", OAuth2Utils.buildUrl(getRedirectURI(), oAuth2NormalizedResponse.getResponseParameters(), null));
        throw new OAuth2Exception(oAuth2NormalizedResponse);
    }

    public OAuth2Types.GrantType getEnumeratedGrantType() {
        String grantType = getGrantType();
        if (grantType == null) {
            return null;
        }
        return grantType.equals(OAuth2Message.REFRESH_TOKEN) ? OAuth2Types.GrantType.REFRESH_TOKEN : grantType.equals(OAuth2Message.AUTHORIZATION_CODE) ? OAuth2Types.GrantType.AUTHORIZATION_CODE : grantType.equals(FormAuthenticationFilter.DEFAULT_PASSWORD_PARAM) ? OAuth2Types.GrantType.PASSWORD : grantType.equals(OAuth2Message.CLIENT_CREDENTIALS) ? OAuth2Types.GrantType.CLIENT_CREDENTIALS : OAuth2Types.GrantType.CUSTOM;
    }

    public String getString(String str) {
        if (containsKey(str)) {
            return (String) get(str);
        }
        return null;
    }

    @Override // java.util.AbstractMap
    public String toString() {
        StringBuilder sb = new StringBuilder();
        for (String str : keySet()) {
            sb.append(str);
            sb.append(PluralRules.KEYWORD_RULE_SEPARATOR);
            sb.append(get(str));
            sb.append('\n');
        }
        return sb.toString();
    }

    private void normalizeAccessToken(HttpServletRequest httpServletRequest) {
        String header;
        String string = getString(OAuth2Message.ACCESS_TOKEN);
        if ((string == null || string.equals("")) && (header = httpServletRequest.getHeader("Authorization")) != null && header.toLowerCase().startsWith("bearer")) {
            String[] split = header.split("[ \\t]+");
            string = split[split.length - 1];
        }
        put(OAuth2Message.ACCESS_TOKEN, string);
    }

    private void normalizeClientSecret(HttpServletRequest httpServletRequest) throws OAuth2Exception {
        String header;
        String clientSecret = getClientSecret();
        if ((clientSecret == null || clientSecret.equals("")) && (header = httpServletRequest.getHeader("Authorization")) != null && header.toLowerCase().startsWith("basic")) {
            String[] split = header.split("[ \\t]+");
            try {
                String[] split2 = new String(Base64.decodeBase64(split[split.length - 1]), "UTF-8").split(":");
                if (split2 != null && split2.length == 2) {
                    clientSecret = split2[1];
                    String string = getString(OAuth2Message.CLIENT_ID);
                    if (string != null && !string.equals(split2[0])) {
                        OAuth2NormalizedResponse oAuth2NormalizedResponse = new OAuth2NormalizedResponse();
                        oAuth2NormalizedResponse.setError(OAuth2Types.ErrorType.INVALID_REQUEST.toString());
                        oAuth2NormalizedResponse.setErrorDescription("Request contains mismatched client ids");
                        oAuth2NormalizedResponse.setStatus(403);
                        throw new OAuth2Exception(oAuth2NormalizedResponse);
                    }
                    if (string == null) {
                        put(OAuth2Message.CLIENT_ID, split2[0]);
                    }
                }
            } catch (UnsupportedEncodingException e) {
                LOG.logp(Level.WARNING, classname, "normalizeClientSecret", MessageKeys.INVALID_OAUTH, (Throwable) e);
                return;
            }
        }
        put(OAuth2Message.CLIENT_SECRET, clientSecret);
    }

    private void normalizeBody(String str) throws OAuth2Exception {
        if (str == null || str.length() == 0) {
            return;
        }
        try {
            for (NameValuePair nameValuePair : URLEncodedUtils.parse(new URI("http://localhost:8080?" + str), "UTF-8")) {
                put(nameValuePair.getName(), nameValuePair.getValue());
            }
        } catch (URISyntaxException e) {
            OAuth2NormalizedResponse oAuth2NormalizedResponse = new OAuth2NormalizedResponse();
            oAuth2NormalizedResponse.setError(OAuth2Types.ErrorType.INVALID_REQUEST.toString());
            oAuth2NormalizedResponse.setErrorDescription("The message body's syntax is incorrect");
            oAuth2NormalizedResponse.setStatus(403);
            throw new OAuth2Exception(oAuth2NormalizedResponse);
        }
    }

    private String getBodyAsString(HttpServletRequest httpServletRequest) {
        if (httpServletRequest.getContentLength() == 0) {
            return "";
        }
        InputStream inputStream = null;
        try {
            try {
                StringBuilder sb = new StringBuilder();
                inputStream = httpServletRequest.getInputStream();
                BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(inputStream));
                while (true) {
                    String readLine = bufferedReader.readLine();
                    if (readLine == null) {
                        inputStream.close();
                        String sb2 = sb.toString();
                        IOUtils.closeQuietly(inputStream);
                        return sb2;
                    }
                    sb.append(readLine);
                }
            } catch (IOException e) {
                LOG.logp(Level.WARNING, classname, "getBodyAsString", MessageKeys.INVALID_OAUTH, (Throwable) e);
                IOUtils.closeQuietly(inputStream);
                return null;
            }
        } catch (Throwable th) {
            IOUtils.closeQuietly(inputStream);
            throw th;
        }
    }

    public void setHttpServletRequest(HttpServletRequest httpServletRequest) {
        this.httpReq = httpServletRequest;
    }

    public HttpServletRequest getHttpServletRequest() {
        return this.httpReq;
    }
}
