package org.apache.cxf.fediz.core.processor;

import java.io.IOException;
import java.net.MalformedURLException;
import java.net.URI;
import java.util.Collections;
import java.util.Date;
import java.util.Iterator;
import java.util.List;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.servlet.http.HttpServletRequest;
import org.apache.cxf.fediz.core.Claim;
import org.apache.cxf.fediz.core.config.FedizContext;
import org.apache.cxf.fediz.core.exception.ProcessingException;
import org.apache.cxf.fediz.core.spi.IDPCallback;
import org.apache.cxf.fediz.core.spi.RealmCallback;
import org.apache.cxf.fediz.core.spi.ReplyCallback;
import org.apache.cxf.fediz.core.util.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/lib/fediz-core-1.4.6.jar:org/apache/cxf/fediz/core/processor/AbstractFedizProcessor.class */
public abstract class AbstractFedizProcessor implements FedizProcessor {
    private static final Logger LOG = LoggerFactory.getLogger((Class<?>) AbstractFedizProcessor.class);

    /* JADX INFO: Access modifiers changed from: protected */
    public String resolveIssuer(HttpServletRequest httpServletRequest, FedizContext fedizContext) throws IOException, UnsupportedCallbackException {
        Object issuer = fedizContext.getProtocol().getIssuer();
        String str = null;
        if (issuer instanceof String) {
            str = (String) issuer;
        } else if (issuer instanceof CallbackHandler) {
            CallbackHandler callbackHandler = (CallbackHandler) issuer;
            IDPCallback iDPCallback = new IDPCallback(httpServletRequest);
            callbackHandler.handle(new Callback[]{iDPCallback});
            str = iDPCallback.getIssuerUrl().toString();
        }
        return str;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String resolveWTRealm(HttpServletRequest httpServletRequest, FedizContext fedizContext) throws IOException, UnsupportedCallbackException {
        Object realm = fedizContext.getProtocol().getRealm();
        String str = null;
        if (realm == null) {
            str = extractFullContextPath(httpServletRequest);
        } else if (realm instanceof String) {
            str = (String) realm;
        } else if (realm instanceof CallbackHandler) {
            CallbackHandler callbackHandler = (CallbackHandler) realm;
            RealmCallback realmCallback = new RealmCallback(httpServletRequest);
            callbackHandler.handle(new Callback[]{realmCallback});
            str = realmCallback.getRealm();
        }
        return str;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void testForReplayAttack(String str, FedizContext fedizContext, Date date) throws ProcessingException {
        if (str == null || !fedizContext.isDetectReplayedTokens()) {
            return;
        }
        if (fedizContext.getTokenReplayCache().contains(str)) {
            LOG.error("Replay attack with token id: " + str);
            throw new ProcessingException("Replay attack with token id: " + str, ProcessingException.TYPE.TOKEN_REPLAY);
        }
        if (date == null) {
            fedizContext.getTokenReplayCache().add(str);
            return;
        }
        fedizContext.getTokenReplayCache().add(str, (date.getTime() - new Date().getTime()) / 1000);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String extractFullContextPath(HttpServletRequest httpServletRequest) throws MalformedURLException {
        return StringUtils.extractFullContextPath(httpServletRequest);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public List<String> getRoles(List<Claim> list, String str) {
        if (str == null || str.isEmpty()) {
            return null;
        }
        return getRoles(list, URI.create(str));
    }

    protected List<String> getRoles(List<Claim> list, URI uri) {
        if (list == null || uri == null) {
            return null;
        }
        List<String> list2 = null;
        Iterator<Claim> it = list.iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            Claim next = it.next();
            if (uri.equals(next.getClaimType())) {
                Object value = next.getValue();
                if ((value instanceof String) && !"".equals(value)) {
                    list2 = Collections.singletonList((String) value);
                } else if ((value instanceof List) && !((List) value).isEmpty()) {
                    list2 = Collections.unmodifiableList((List) value);
                } else if (!(value instanceof String) && !(value instanceof List)) {
                    LOG.error("Unsupported value type of Claim value");
                    throw new IllegalStateException("Unsupported value type of Claim value");
                }
            }
        }
        return list2;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String resolveReply(HttpServletRequest httpServletRequest, FedizContext fedizContext) throws IOException, UnsupportedCallbackException {
        Object reply = fedizContext.getProtocol().getReply();
        String str = null;
        if (reply != null) {
            if (reply instanceof String) {
                str = (String) reply;
            } else if (reply instanceof CallbackHandler) {
                CallbackHandler callbackHandler = (CallbackHandler) reply;
                ReplyCallback replyCallback = new ReplyCallback(httpServletRequest);
                callbackHandler.handle(new Callback[]{replyCallback});
                str = replyCallback.getReply();
            }
        }
        return str;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void testForMandatoryClaims(String str, List<org.apache.cxf.fediz.core.config.Claim> list, List<Claim> list2, boolean z) throws ProcessingException {
        if (list != null) {
            for (org.apache.cxf.fediz.core.config.Claim claim : list) {
                if (!claim.isOptional()) {
                    boolean z2 = false;
                    Iterator<Claim> it = list2.iterator();
                    while (true) {
                        if (!it.hasNext()) {
                            break;
                        }
                        if (claim.getType().equals(it.next().getClaimType().toString())) {
                            z2 = true;
                            break;
                        }
                    }
                    if (!z2 && z && str != null && str.equals(claim.getType())) {
                        z2 = true;
                    }
                    if (!z2) {
                        LOG.warn("Mandatory claim {} not found in token", claim.getType());
                        throw new ProcessingException("Mandatory claim not found in token", ProcessingException.TYPE.INVALID_REQUEST);
                    }
                }
            }
        }
    }
}
