package org.gluu.oxauth.service;

import com.google.common.base.Strings;
import com.google.common.collect.Sets;
import java.util.Collection;
import java.util.HashMap;
import java.util.Map;
import java.util.Set;
import javax.ejb.Stateless;
import javax.inject.Inject;
import javax.inject.Named;
import javax.ws.rs.core.Response;
import org.apache.commons.lang.StringUtils;
import org.gluu.oxauth.client.QueryStringDecoder;
import org.gluu.oxauth.model.common.SessionId;
import org.gluu.oxauth.model.error.ErrorResponseFactory;
import org.gluu.oxauth.model.registration.Client;
import org.gluu.oxauth.model.session.EndSessionErrorResponseType;
import org.gluu.oxauth.model.util.Util;
import org.jboss.resteasy.client.ClientRequest;
import org.jboss.resteasy.client.ClientResponse;
import org.json.JSONArray;
import org.slf4j.Logger;

@Stateless
@Named
/* loaded from: input_file:org/gluu/oxauth/service/RedirectionUriService.class */
public class RedirectionUriService {

    @Inject
    private Logger log;

    @Inject
    private ClientService clientService;

    @Inject
    private ErrorResponseFactory errorResponseFactory;

    public String validateRedirectionUri(String str, String str2) {
        try {
            Client client = this.clientService.getClient(str);
            if (client == null) {
                return null;
            }
            String sectorIdentifierUri = client.getSectorIdentifierUri();
            String[] redirectUris = client.getRedirectUris();
            if (StringUtils.isNotBlank(sectorIdentifierUri)) {
                ClientRequest clientRequest = new ClientRequest(sectorIdentifierUri);
                clientRequest.setHttpMethod("GET");
                ClientResponse clientResponse = clientRequest.get(String.class);
                if (clientResponse.getStatus() != 200) {
                    return null;
                }
                JSONArray jSONArray = new JSONArray((String) clientResponse.getEntity(String.class));
                redirectUris = new String[jSONArray.length()];
                for (int i = 0; i < jSONArray.length(); i++) {
                    redirectUris[i] = jSONArray.getString(i);
                }
            }
            if (!StringUtils.isNotBlank(str2) || redirectUris == null) {
                if (redirectUris == null || redirectUris.length != 1) {
                    return null;
                }
                return redirectUris[0];
            }
            this.log.debug("Validating redirection URI: clientIdentifier = {}, redirectionUri = {}, found = {}", new Object[]{str, str2, Integer.valueOf(redirectUris.length)});
            String uriWithoutParams = uriWithoutParams(str2);
            for (String str3 : redirectUris) {
                this.log.debug("Comparing {} == {}", str3, str2);
                if (str3.equals(str2)) {
                    return str2;
                }
                String uriWithoutParams2 = uriWithoutParams(str3);
                Map<String, String> params = getParams(str3);
                if ((uriWithoutParams2.equals(uriWithoutParams) && params.size() == 0 && getParams(str2).size() == 0) || (uriWithoutParams2.equals(uriWithoutParams) && params.size() > 0 && compareParams(str2, str3))) {
                    return str2;
                }
            }
            return null;
        } catch (Exception e) {
            return null;
        }
    }

    public String validatePostLogoutRedirectUri(String str, String str2) {
        boolean isNullOrEmpty = Util.isNullOrEmpty(str2);
        Client client = this.clientService.getClient(str);
        if (client != null) {
            String[] postLogoutRedirectUris = client.getPostLogoutRedirectUris();
            if (postLogoutRedirectUris != null && StringUtils.isNotBlank(str2)) {
                this.log.debug("Validating post logout redirect URI: clientId = {}, postLogoutRedirectUri = {}", str, str2);
                for (String str3 : postLogoutRedirectUris) {
                    this.log.debug("Comparing {} == {}", str3, str2);
                    if (str3.equals(str2)) {
                        return str2;
                    }
                }
            } else if (postLogoutRedirectUris != null && postLogoutRedirectUris.length == 1) {
                return postLogoutRedirectUris[0];
            }
        }
        if (isNullOrEmpty) {
            return null;
        }
        throw this.errorResponseFactory.createWebApplicationException(Response.Status.BAD_REQUEST, EndSessionErrorResponseType.POST_LOGOUT_URI_NOT_ASSOCIATED_WITH_CLIENT, "`post_logout_redirect_uri` is not added to associated client.");
    }

    public String validatePostLogoutRedirectUri(SessionId sessionId, String str) {
        if (sessionId == null) {
            throw this.errorResponseFactory.createWebApplicationException(Response.Status.BAD_REQUEST, EndSessionErrorResponseType.SESSION_NOT_PASSED, "Session object is not found.");
        }
        if (Strings.isNullOrEmpty(str)) {
            throw this.errorResponseFactory.createWebApplicationException(Response.Status.BAD_REQUEST, EndSessionErrorResponseType.POST_LOGOUT_URI_NOT_PASSED, "`post_logout_redirect_uri` is empty.");
        }
        Set<Client> client = sessionId.getPermissionGrantedMap() != null ? this.clientService.getClient((Collection<String>) sessionId.getPermissionGrantedMap().getClientIds(true), true) : Sets.newHashSet();
        this.log.trace("Validating post logout redirect URI: postLogoutRedirectUri = {}", str);
        for (Client client2 : client) {
            String[] postLogoutRedirectUris = client2.getPostLogoutRedirectUris();
            if (postLogoutRedirectUris != null) {
                for (String str2 : postLogoutRedirectUris) {
                    this.log.debug("Comparing {} == {}, clientId: {}", new Object[]{str2, str, client2.getClientId()});
                    if (str2.equals(str)) {
                        return str;
                    }
                }
            }
        }
        throw this.errorResponseFactory.createWebApplicationException(Response.Status.BAD_REQUEST, EndSessionErrorResponseType.POST_LOGOUT_URI_NOT_ASSOCIATED_WITH_CLIENT, "Unable to validate `post_logout_redirect_uri`");
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v9, types: [java.util.Map] */
    public static Map<String, String> getParams(String str) {
        int indexOf;
        HashMap hashMap = new HashMap();
        if (str != null && (indexOf = str.indexOf("?")) != -1) {
            hashMap = QueryStringDecoder.decode(str.substring(indexOf + 1));
        }
        return hashMap;
    }

    public static String uriWithoutParams(String str) {
        int indexOf;
        return (str == null || (indexOf = str.indexOf("?")) == -1) ? str : str.substring(0, indexOf);
    }

    public static boolean compareParams(String str, String str2) {
        if (StringUtils.isBlank(str) || StringUtils.isBlank(str2)) {
            return false;
        }
        return getParams(str).equals(getParams(str2));
    }
}
