package org.wso2.carbon.identity.oauth.mediator;

import java.util.Map;
import org.apache.axis2.AxisFault;
import org.apache.axis2.context.ConfigurationContext;
import org.apache.axis2.context.ConfigurationContextFactory;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.synapse.MessageContext;
import org.apache.synapse.SynapseException;
import org.apache.synapse.core.SynapseEnvironment;
import org.apache.synapse.core.axis2.Axis2MessageContext;
import org.apache.synapse.mediators.AbstractMediator;
import org.wso2.carbon.identity.oauth.stub.dto.OAuthConsumerDTO;
import org.wso2.carbon.identity.oauth.stub.types.Parameters;
import org.wso2.carbon.identity.oauth2.stub.dto.OAuth2TokenValidationResponseDTO;

/* loaded from: input_file:lib/org.wso2.carbon.identity.oauth.mediator_4.0.6.jar:org/wso2/carbon/identity/oauth/mediator/OAuthMediator.class */
public class OAuthMediator extends AbstractMediator {
    private static final Log log = LogFactory.getLog(OAuthMediator.class);
    private String remoteServiceUrl;
    private String username;
    private String password;
    ConfigurationContext cfgCtx = null;
    private String clientRepository = null;
    private String axis2xml = null;
    public static final String DEFAULT_CLIENT_REPO = "./samples/axis2Client/client_repo";
    public static final String DEFAULT_AXIS2_XML = "./samples/axis2Client/client_repo/conf/axis2.xml";

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r7v0, types: [java.lang.Throwable, org.apache.axis2.AxisFault] */
    public void init(SynapseEnvironment synapseEnvironment) {
        try {
            this.cfgCtx = ConfigurationContextFactory.createConfigurationContextFromFileSystem(this.clientRepository != null ? this.clientRepository : "./samples/axis2Client/client_repo", this.axis2xml != null ? this.axis2xml : "./samples/axis2Client/client_repo/conf/axis2.xml");
        } catch (AxisFault e) {
            String str = "Error initializing OAuth mediator : " + e.getMessage();
            log.error(str, e);
            throw new SynapseException(str, (Throwable) e);
        }
    }

    @Override // org.apache.synapse.Mediator
    public boolean mediate(MessageContext messageContext) {
        return validateRequest(messageContext) ? handleOAuth2(messageContext) : handleOAuth1a(messageContext);
    }

    private boolean validateRequest(MessageContext messageContext) {
        boolean z = false;
        String str = null;
        String str2 = (String) ((Map) ((Axis2MessageContext) messageContext).getAxis2MessageContext().getProperty(org.apache.axis2.context.MessageContext.TRANSPORT_HEADERS)).get("Authorization");
        if (str2 == null) {
            throw new SynapseException("Not a valid OAuth Request");
        }
        if (str2 != null && str2.startsWith(OAuthConstants.BEARER)) {
            z = true;
            str = str2.substring(7).trim();
        }
        if (z && str == null) {
            throw new SynapseException("OAuth 2.0 access_token could not found in the request");
        }
        return z;
    }

    private boolean handleOAuth2(MessageContext messageContext) {
        log.debug("Validating the OAuth 2.0 Request");
        try {
            OAuth2TokenValidationServiceClient oAuth2TokenValidationServiceClient = new OAuth2TokenValidationServiceClient(getRemoteServiceUrl(), getUsername(), getPassword(), this.cfgCtx);
            Map map = (Map) ((Axis2MessageContext) messageContext).getAxis2MessageContext().getProperty(org.apache.axis2.context.MessageContext.TRANSPORT_HEADERS);
            OAuth2TokenValidationResponseDTO validateAuthenticationRequest = oAuth2TokenValidationServiceClient.validateAuthenticationRequest(((String) map.get("Authorization")).substring(7).trim());
            if (!validateAuthenticationRequest.getValid()) {
                throw new SynapseException("OAuth 2.0 authentication failed");
            }
            if (validateAuthenticationRequest.getAuthorizationContextToken() == null) {
                return true;
            }
            map.put("X-JWT-Assertion", validateAuthenticationRequest.getAuthorizationContextToken().getTokenString());
            return true;
        } catch (Exception e) {
            log.error("Error occured while validating oauth access token", e);
            throw new SynapseException("Error occured while validating oauth 2.0 access token");
        }
    }

    private boolean handleOAuth1a(MessageContext messageContext) {
        boolean validateAuthenticationRequest;
        log.debug("Validating the OAuth 1.0a Request");
        try {
            Parameters populateOauthConsumerData = populateOauthConsumerData(messageContext);
            OAuthServiceClient oAuthServiceClient = new OAuthServiceClient(getRemoteServiceUrl(), null);
            if (populateOauthConsumerData == null || populateOauthConsumerData.getOauthToken() != null) {
                validateAuthenticationRequest = oAuthServiceClient.validateAuthenticationRequest(populateOauthConsumerData);
            } else {
                OAuthConsumerDTO oAuthConsumerDTO = new OAuthConsumerDTO();
                oAuthConsumerDTO.setBaseString(populateOauthConsumerData.getBaseString());
                oAuthConsumerDTO.setHttpMethod(populateOauthConsumerData.getHttpMethod());
                oAuthConsumerDTO.setOauthConsumerKey(populateOauthConsumerData.getOauthConsumerKey());
                oAuthConsumerDTO.setOauthNonce(populateOauthConsumerData.getOauthNonce());
                oAuthConsumerDTO.setOauthSignature(populateOauthConsumerData.getOauthSignature());
                oAuthConsumerDTO.setOauthSignatureMethod(populateOauthConsumerData.getOauthSignatureMethod());
                oAuthConsumerDTO.setOauthTimeStamp(populateOauthConsumerData.getOauthTimeStamp());
                validateAuthenticationRequest = oAuthServiceClient.isOAuthConsumerValid(oAuthConsumerDTO);
            }
            if (validateAuthenticationRequest) {
                return true;
            }
            throw new SynapseException("OAuth authentication failed");
        } catch (Exception e) {
            log.error("Error occured while validating oauth consumer", e);
            throw new SynapseException("Error occured while validating oauth consumer");
        }
    }

    private Parameters populateOauthConsumerData(MessageContext messageContext) {
        org.apache.axis2.context.MessageContext axis2MessageContext = ((Axis2MessageContext) messageContext).getAxis2MessageContext();
        String str = (String) ((Map) axis2MessageContext.getProperty(org.apache.axis2.context.MessageContext.TRANSPORT_HEADERS)).get("Authorization");
        String str2 = (String) axis2MessageContext.getProperty("REST_URL_POSTFIX");
        String str3 = ",";
        boolean z = false;
        Parameters parameters = new Parameters();
        String str4 = null;
        if (str2.indexOf("?") > -1) {
            str2 = str2.substring(str2.indexOf("?") + 1);
            str4 = str2.substring(0, str2.indexOf("?") + 1);
        }
        if (str == null) {
            z = true;
            str = str2;
            str3 = "&";
        }
        StringBuffer stringBuffer = new StringBuffer();
        if (str != null) {
            if (str.startsWith("OAuth ")) {
                str = str.substring(str.indexOf("o"));
            }
            String[] split = str.split(str3);
            if (split != null && split.length > 0) {
                for (String str5 : split) {
                    String[] split2 = str5.split("=");
                    if (split2 != null && split2.length > 0) {
                        if (OAuthConstants.OAUTH_CONSUMER_KEY.equals(split2[0].trim())) {
                            parameters.setOauthConsumerKey(removeLeadingAndTrailingQuatation(split2[1].trim()));
                        } else if (OAuthConstants.OAUTH_NONCE.equals(split2[0].trim())) {
                            parameters.setOauthNonce(removeLeadingAndTrailingQuatation(split2[1].trim()));
                        } else if (OAuthConstants.OAUTH_SIGNATURE.equals(split2[0].trim())) {
                            parameters.setOauthSignature(removeLeadingAndTrailingQuatation(split2[1].trim()));
                        } else if (OAuthConstants.OAUTH_SIGNATURE_METHOD.equals(split2[0].trim())) {
                            parameters.setOauthSignatureMethod(removeLeadingAndTrailingQuatation(split2[1].trim()));
                        } else if (OAuthConstants.OAUTH_TIMESTAMP.equals(split2[0].trim())) {
                            parameters.setOauthTimeStamp(removeLeadingAndTrailingQuatation(split2[1].trim()));
                        } else if (OAuthConstants.OAUTH_CALLBACK.equals(split2[0].trim())) {
                            parameters.setOauthCallback(removeLeadingAndTrailingQuatation(split2[1].trim()));
                        } else if ("scope".equals(split2[0].trim())) {
                            parameters.setScope(removeLeadingAndTrailingQuatation(split2[1].trim()));
                        } else if (OAuthConstants.OAUTH_DISPLAY_NAME.equals(split2[0].trim())) {
                            parameters.setDisplayName(removeLeadingAndTrailingQuatation(split2[1].trim()));
                        } else if (OAuthConstants.OAUTH_TOKEN.equals(split2[0].trim())) {
                            parameters.setOauthToken(removeLeadingAndTrailingQuatation(split2[1].trim()));
                        } else if (OAuthConstants.OAUTH_VERIFIER.equals(split2[0].trim())) {
                            parameters.setOauthTokenVerifier(removeLeadingAndTrailingQuatation(split2[1].trim()));
                        } else if (OAuthConstants.OAUTH_TOKEN_SECRET.equals(split2[0].trim())) {
                            parameters.setOauthTokenSecret(removeLeadingAndTrailingQuatation(split2[1].trim()));
                        } else if (OAuthConstants.OAUTH_VERSION.equals(split2[0].trim())) {
                            parameters.setVersion(removeLeadingAndTrailingQuatation(split2[1].trim()));
                        } else {
                            stringBuffer.append(split2[0].trim() + "=" + removeLeadingAndTrailingQuatation(split2[1].trim()) + "&");
                        }
                    }
                }
            }
        }
        String stringBuffer2 = stringBuffer.toString();
        if (!z) {
            stringBuffer2 = str2 + "&";
        }
        String str6 = (String) messageContext.getProperty("scope");
        if (str6 == null) {
            throw new SynapseException("Unable to find SCOPE value in Synapse Message Context");
        }
        parameters.setScope(str6);
        parameters.setHttpMethod((String) axis2MessageContext.getProperty("HTTP_METHOD"));
        String str7 = (String) axis2MessageContext.getProperty("SERVICE_PREFIX");
        if (stringBuffer2.length() > 1) {
            parameters.setBaseString(str7 + str4 + stringBuffer2.substring(0, stringBuffer2.length() - 1));
        } else {
            parameters.setBaseString(str7);
        }
        return parameters;
    }

    private String removeLeadingAndTrailingQuatation(String str) {
        String str2 = str;
        if (str.startsWith("\"") || str.endsWith("\"")) {
            str2 = str.replace("\"", "");
        }
        return str2.trim();
    }

    public String getPassword() {
        return this.password;
    }

    public void setPassword(String str) {
        this.password = str;
    }

    public String getUsername() {
        return this.username;
    }

    public void setUsername(String str) {
        this.username = str;
    }

    public String getRemoteServiceUrl() {
        if (this.remoteServiceUrl != null && !this.remoteServiceUrl.endsWith("/")) {
            this.remoteServiceUrl += "/";
        }
        return this.remoteServiceUrl;
    }

    public void setRemoteServiceUrl(String str) {
        this.remoteServiceUrl = str;
    }
}
