package org.wso2.carbon.identity.provider.openid;

import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.openid4java.OpenIDException;
import org.openid4java.association.Association;
import org.openid4java.association.AssociationException;
import org.openid4java.message.AuthRequest;
import org.openid4java.message.AuthSuccess;
import org.openid4java.message.DirectError;
import org.openid4java.message.Message;
import org.openid4java.message.ParameterList;
import org.openid4java.message.VerifyRequest;
import org.openid4java.message.VerifyResponse;
import org.openid4java.server.ServerAssociationStore;
import org.openid4java.server.ServerException;
import org.openid4java.server.ServerManager;
import org.wso2.carbon.identity.core.util.IdentityUtil;

/* loaded from: input_file:org/wso2/carbon/identity/provider/openid/OpenIDServerManager.class */
public class OpenIDServerManager extends ServerManager {
    private static final Log log = LogFactory.getLog(OpenIDServerManager.class);
    private static ThreadLocal<Association> threadLocalAssociation = new ThreadLocal<>();

    public OpenIDServerManager() {
        super.setSharedAssociations(new OpenIDServerAssociationStore(OpenIDServerConstants.ASSOCIATION_STORE_TYPE_SHARED));
        ServerAssociationStore serverAssociationStore = null;
        synchronized (Runtime.getRuntime().getClass()) {
            String property = IdentityUtil.getProperty("OpenID.OpenIDPrivateAssociationStoreClass");
            if (property != null && !property.trim().isEmpty()) {
                String trim = property.trim();
                if (log.isDebugEnabled()) {
                    log.debug("Initialising privateAssociation Store : " + trim);
                }
                try {
                    try {
                        try {
                            serverAssociationStore = (ServerAssociationStore) Class.forName(trim).newInstance();
                            if (log.isDebugEnabled()) {
                                log.debug("Successfully initialized privateAssociation Store : " + trim);
                            }
                        } catch (InstantiationException e) {
                            log.error("Error while initializing association store class : " + trim, e);
                        }
                    } catch (Exception e2) {
                        log.error("Error while initializing private association store", e2);
                    }
                } catch (ClassNotFoundException e3) {
                    log.error("Private association store class : " + trim + " not found", e3);
                } catch (IllegalAccessException e4) {
                    log.error("Error while initializing association store class : " + trim, e4);
                }
            }
            if (serverAssociationStore == null) {
                serverAssociationStore = new OpenIDServerAssociationStore(OpenIDServerConstants.ASSOCIATION_STORE_TYPE_PRIVATE);
                if (log.isDebugEnabled()) {
                    log.debug("Setting default OpenID Server Association Store: " + OpenIDServerAssociationStore.class.getName());
                }
            }
        }
        super.setPrivateAssociations(serverAssociationStore);
    }

    public Message authResponse(AuthRequest authRequest, String str, String str2, boolean z, String str3, boolean z2) {
        if (log.isDebugEnabled()) {
            log.debug("Association handle in AuthRequest : " + authRequest.getHandle());
        }
        return super.authResponse(authRequest, str, str2, z, str3, z2);
    }

    public void sign(AuthSuccess authSuccess) throws ServerException, AssociationException {
        String handle = authSuccess.getHandle();
        try {
            Association threadLocalAssociation2 = getThreadLocalAssociation();
            clearThreadLocalAssociation();
            if (threadLocalAssociation2 == null) {
                threadLocalAssociation2 = getSharedAssociations().load(handle);
            }
            if (threadLocalAssociation2 == null) {
                threadLocalAssociation2 = getPrivateAssociations().load(handle);
            }
            if (threadLocalAssociation2 == null) {
                throw new ServerException("No association found for handle: " + handle);
            }
            authSuccess.setSignature(threadLocalAssociation2.sign(authSuccess.getSignedText()));
        } catch (Throwable th) {
            clearThreadLocalAssociation();
            throw th;
        }
    }

    public Message verify(ParameterList parameterList) {
        if (log.isDebugEnabled()) {
            log.debug("Processing verification request...");
        }
        boolean z = true;
        try {
            VerifyRequest createVerifyRequest = VerifyRequest.createVerifyRequest(parameterList);
            z = createVerifyRequest.isVersion2();
            String handle = createVerifyRequest.getHandle();
            boolean z2 = false;
            Association load = getPrivateAssociations().load(handle);
            String str = null;
            if (load != null) {
                if (log.isDebugEnabled()) {
                    log.debug("Loaded private association; handle: " + handle);
                }
                str = createVerifyRequest.getSignature().replaceAll("\\s", "+");
                z2 = load.verifySignature(createVerifyRequest.getSignedText(), str);
                getPrivateAssociations().remove(handle);
            } else {
                log.error("No association loaded from the database; handle: " + handle);
            }
            VerifyResponse createVerifyResponse = VerifyResponse.createVerifyResponse(!createVerifyRequest.isVersion2());
            createVerifyResponse.setSignatureVerified(z2);
            if (z2) {
                String invalidateHandle = createVerifyRequest.getInvalidateHandle();
                if (invalidateHandle != null && getSharedAssociations().load(invalidateHandle) == null) {
                    if (log.isDebugEnabled()) {
                        log.debug("Shared association invalidated; handle: " + invalidateHandle);
                    }
                    createVerifyResponse.setInvalidateHandle(invalidateHandle);
                }
            } else {
                log.error("Signature verification failed. handle : " + handle + " , signed text : " + createVerifyRequest.getSignedText() + " , signature : " + str);
            }
            if (log.isDebugEnabled()) {
                log.debug("Responding with " + (z2 ? "positive" : "negative") + " verification response");
            }
            return createVerifyResponse;
        } catch (OpenIDException e) {
            log.error("Error processing verification request; responding with verification error", e);
            return DirectError.createDirectError(e, !z);
        }
    }

    static Association getThreadLocalAssociation() {
        Association association = threadLocalAssociation.get();
        threadLocalAssociation.remove();
        return association;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void setThreadLocalAssociation(Association association) {
        threadLocalAssociation.set(association);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void clearThreadLocalAssociation() {
        threadLocalAssociation.remove();
    }
}
