package org.apache.cxf.rs.security.oauth.utils;

import java.io.IOException;
import java.util.ArrayList;
import java.util.List;
import java.util.StringTokenizer;
import javax.servlet.ServletContext;
import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.WebApplicationException;
import javax.ws.rs.core.Response;
import net.oauth.OAuthAccessor;
import net.oauth.OAuthConsumer;
import net.oauth.OAuthMessage;
import net.oauth.OAuthProblemException;
import net.oauth.OAuthServiceProvider;
import net.oauth.server.OAuthServlet;
import org.apache.cxf.common.classloader.ClassLoaderUtils;
import org.apache.cxf.common.util.StringUtils;
import org.apache.cxf.jaxrs.impl.MetadataMap;
import org.apache.cxf.jaxrs.utils.FormUtils;
import org.apache.cxf.rs.security.oauth.data.Client;
import org.apache.cxf.rs.security.oauth.data.RequestToken;
import org.apache.cxf.rs.security.oauth.data.Token;
import org.apache.cxf.rs.security.oauth.provider.DefaultOAuthValidator;
import org.apache.cxf.rs.security.oauth.provider.OAuthDataProvider;

/* loaded from: input_file:org/apache/cxf/rs/security/oauth/utils/OAuthUtils.class */
public final class OAuthUtils {
    private OAuthUtils() {
    }

    public static void validateMessage(OAuthMessage oAuthMessage, Client client, Token token, OAuthDataProvider oAuthDataProvider) throws Exception {
        OAuthAccessor oAuthAccessor = new OAuthAccessor(new OAuthConsumer((String) null, client.getConsumerKey(), client.getSecretKey(), (OAuthServiceProvider) null));
        if (token != null) {
            if (token instanceof RequestToken) {
                oAuthAccessor.requestToken = token.getTokenKey();
            } else {
                oAuthAccessor.accessToken = token.getTokenKey();
            }
            oAuthAccessor.tokenSecret = token.getTokenSecret();
        }
        DefaultOAuthValidator defaultOAuthValidator = new DefaultOAuthValidator();
        defaultOAuthValidator.validateMessage(oAuthMessage, oAuthAccessor);
        if (token != null) {
            defaultOAuthValidator.validateToken(token, oAuthDataProvider);
        }
    }

    public static OAuthMessage getOAuthMessage(HttpServletRequest httpServletRequest, String[] strArr) throws Exception {
        OAuthMessage message = OAuthServlet.getMessage(httpServletRequest, httpServletRequest.getRequestURL().toString());
        addParametersIfNeeded(httpServletRequest, message);
        message.requireParameters(strArr);
        return message;
    }

    public static void addParametersIfNeeded(HttpServletRequest httpServletRequest, OAuthMessage oAuthMessage) throws IOException {
        if (oAuthMessage.getParameters().isEmpty() && "application/x-www-form-urlencoded".equals(oAuthMessage.getBodyType())) {
            String bodyEncoding = oAuthMessage.getBodyEncoding();
            String str = bodyEncoding == null ? "UTF-8" : bodyEncoding;
            String readBody = FormUtils.readBody(oAuthMessage.getBodyAsStream(), str);
            MetadataMap metadataMap = new MetadataMap();
            FormUtils.populateMapFromString(metadataMap, readBody, str, true, httpServletRequest);
            for (String str2 : metadataMap.keySet()) {
                oAuthMessage.addParameter(str2, (String) metadataMap.getFirst(str2));
            }
        }
    }

    public static Response handleException(Exception exc, int i) {
        return handleException(exc, i, null);
    }

    public static Response handleException(Exception exc, int i, String str) {
        if (!(exc instanceof OAuthProblemException)) {
            throw new WebApplicationException(Response.status(i).entity(exc.getMessage()).build());
        }
        try {
            return Response.status(i).header("WWW-Authenticate", new OAuthMessage((String) null, (String) null, ((OAuthProblemException) exc).getParameters().entrySet()).getAuthorizationHeader(str)).entity(exc.getMessage()).build();
        } catch (IOException e) {
            throw new WebApplicationException(Response.status(i).entity(exc.getMessage()).build());
        }
    }

    public static List<String> parseParamValue(String str, String str2) throws IOException {
        ArrayList arrayList = new ArrayList();
        if (!StringUtils.isEmpty(str)) {
            StringTokenizer stringTokenizer = new StringTokenizer(str, ",");
            while (stringTokenizer.hasMoreTokens()) {
                arrayList.add(stringTokenizer.nextToken());
            }
        }
        if (str2 != null) {
            arrayList.add(str2);
        }
        return arrayList;
    }

    public static RequestToken handleTokenRejectedException() throws OAuthProblemException {
        OAuthProblemException oAuthProblemException = new OAuthProblemException("token_rejected");
        oAuthProblemException.setParameter("HTTP status", 401);
        throw oAuthProblemException;
    }

    public static Object instantiateClass(String str) throws Exception {
        return ClassLoaderUtils.loadClass(str, OAuthUtils.class).newInstance();
    }

    public static synchronized OAuthDataProvider getOAuthDataProvider(OAuthDataProvider oAuthDataProvider, ServletContext servletContext) {
        return oAuthDataProvider != null ? oAuthDataProvider : getOAuthDataProvider(servletContext);
    }

    public static synchronized OAuthDataProvider getOAuthDataProvider(ServletContext servletContext) {
        OAuthDataProvider oAuthDataProvider = (OAuthDataProvider) servletContext.getAttribute(OAuthConstants.OAUTH_DATA_PROVIDER_INSTANCE_KEY);
        if (oAuthDataProvider == null) {
            String initParameter = servletContext.getInitParameter(OAuthConstants.OAUTH_DATA_PROVIDER_CLASS);
            if (StringUtils.isEmpty(initParameter)) {
                throw new RuntimeException("There should be provided [ oauth.data.provider-class ] context init param in web.xml");
            }
            if (StringUtils.isEmpty(servletContext.getInitParameter(OAuthConstants.OAUTH_DATA_VALIDATOR_CLASS))) {
                DefaultOAuthValidator.class.getName();
            }
            try {
                oAuthDataProvider = (OAuthDataProvider) instantiateClass(initParameter);
                servletContext.setAttribute(OAuthConstants.OAUTH_DATA_PROVIDER_INSTANCE_KEY, oAuthDataProvider);
            } catch (Exception e) {
                throw new RuntimeException("Cannot instantiate OAuth Data Provider class: " + initParameter, e);
            }
        }
        return oAuthDataProvider;
    }
}
