package org.xdi.oxauth.model.registration;

import com.google.common.base.Strings;
import java.net.ConnectException;
import java.net.URI;
import java.net.URISyntaxException;
import java.net.UnknownHostException;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import javax.ws.rs.WebApplicationException;
import javax.ws.rs.core.Response;
import org.apache.commons.lang.StringUtils;
import org.codehaus.jettison.json.JSONArray;
import org.codehaus.jettison.json.JSONException;
import org.jboss.resteasy.client.ClientRequest;
import org.jboss.resteasy.client.ClientResponse;
import org.jboss.seam.log.Log;
import org.jboss.seam.log.Logging;
import org.xdi.oxauth.model.common.SubjectType;
import org.xdi.oxauth.model.config.ConfigurationFactory;
import org.xdi.oxauth.model.error.ErrorResponseFactory;
import org.xdi.oxauth.model.register.ApplicationType;
import org.xdi.oxauth.model.register.RegisterErrorResponseType;
import org.xdi.oxauth.model.util.Util;
import org.xdi.oxauth.util.ServerUtil;

/* loaded from: input_file:org/xdi/oxauth/model/registration/RegisterParamsValidator.class */
public class RegisterParamsValidator {
    private static final Log LOG = Logging.getLog(RegisterParamsValidator.class);
    private static final String HTTP = "http";
    private static final String HTTPS = "https";
    private static final String LOCALHOST = "localhost";

    /* renamed from: org.xdi.oxauth.model.registration.RegisterParamsValidator$1, reason: invalid class name */
    /* loaded from: input_file:org/xdi/oxauth/model/registration/RegisterParamsValidator$1.class */
    static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$org$xdi$oxauth$model$register$ApplicationType = new int[ApplicationType.values().length];

        static {
            try {
                $SwitchMap$org$xdi$oxauth$model$register$ApplicationType[ApplicationType.WEB.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$org$xdi$oxauth$model$register$ApplicationType[ApplicationType.NATIVE.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
        }
    }

    public static boolean validateParamsClientRegister(ApplicationType applicationType, SubjectType subjectType, List<String> list, String str) {
        boolean z = (applicationType == null || list == null || list.isEmpty()) ? false : true;
        if (subjectType == null || !ConfigurationFactory.instance().getConfiguration().getSubjectTypesSupported().contains(subjectType.toString())) {
            LOG.debug("Parameter subject_type is not valid.", new Object[0]);
            return false;
        }
        if (z && StringUtils.isNotBlank(str)) {
            try {
                if (!HTTPS.equalsIgnoreCase(new URI(str).getScheme())) {
                    return false;
                }
                ClientRequest clientRequest = new ClientRequest(str);
                clientRequest.setHttpMethod("GET");
                ClientResponse clientResponse = clientRequest.get(String.class);
                if (clientResponse.getStatus() == 200) {
                    return Util.asList(new JSONArray((String) clientResponse.getEntity(String.class))).containsAll(list);
                }
            } catch (ConnectException e) {
                LOG.trace(e.getMessage(), e, new Object[0]);
                return false;
            } catch (JSONException e2) {
                LOG.trace(e2.getMessage(), e2, new Object[0]);
                return false;
            } catch (URISyntaxException e3) {
                LOG.trace(e3.getMessage(), e3, new Object[0]);
                return false;
            } catch (UnknownHostException e4) {
                LOG.trace(e4.getMessage(), e4, new Object[0]);
                return false;
            } catch (Exception e5) {
                LOG.trace(e5.getMessage(), e5, new Object[0]);
                return false;
            }
        }
        return z;
    }

    public static boolean validateParamsClientRead(String str, String str2) {
        return StringUtils.isNotBlank(str) && StringUtils.isNotBlank(str2);
    }

    public static boolean validateRedirectUris(ApplicationType applicationType, SubjectType subjectType, List<String> list, String str) {
        HashSet hashSet = new HashSet();
        if (list == null) {
            return false;
        }
        try {
            if (list.isEmpty()) {
                return false;
            }
            for (String str2 : list) {
                if (str2 != null && !str2.contains("#")) {
                    URI uri = new URI(str2);
                    hashSet.add(uri.getHost());
                    switch (AnonymousClass1.$SwitchMap$org$xdi$oxauth$model$register$ApplicationType[applicationType.ordinal()]) {
                        case 1:
                            if (!HTTPS.equalsIgnoreCase(uri.getScheme()) || LOCALHOST.equalsIgnoreCase(uri.getHost())) {
                                return false;
                            }
                            break;
                            break;
                        case 2:
                            if (!HTTP.equalsIgnoreCase(uri.getScheme()) || !LOCALHOST.equalsIgnoreCase(uri.getHost())) {
                                return false;
                            }
                            break;
                            break;
                    }
                } else {
                    return false;
                }
            }
            return subjectType == null || !subjectType.equals(SubjectType.PAIRWISE) || !StringUtils.isBlank(str) || hashSet.size() <= 1;
        } catch (URISyntaxException e) {
            return false;
        }
    }

    public static void validateLogoutUri(String str, List<String> list, ErrorResponseFactory errorResponseFactory) {
        if (Strings.isNullOrEmpty(str)) {
            return;
        }
        if (list == null || list.isEmpty()) {
            LOG.error("Preconditions of logout uri validation are failed.", new Object[0]);
            throwInvalidLogoutUri(errorResponseFactory);
            return;
        }
        try {
            Set<String> collectUriHosts = collectUriHosts(list);
            URI uri = new URI(str);
            if (!collectUriHosts.contains(uri.getHost())) {
                LOG.error("logout uri host is not within redirect_uris, logout_uri: {0}, redirect_uris: {1}", new Object[]{str, list});
                throwInvalidLogoutUri(errorResponseFactory);
            } else {
                if (!HTTPS.equalsIgnoreCase(uri.getScheme())) {
                    LOG.error("logout uri schema is not https, logout_uri: {0}", new Object[]{str});
                    throwInvalidLogoutUri(errorResponseFactory);
                }
            }
        } catch (Exception e) {
            LOG.error(e.getMessage(), e, new Object[0]);
            throwInvalidLogoutUri(errorResponseFactory);
        }
    }

    private static void throwInvalidLogoutUri(ErrorResponseFactory errorResponseFactory) throws WebApplicationException {
        throw new WebApplicationException(Response.status(Response.Status.BAD_REQUEST.getStatusCode()).entity(errorResponseFactory.getErrorAsJson(RegisterErrorResponseType.INVALID_LOGOUT_URI)).cacheControl(ServerUtil.cacheControl(true, false)).header("Pragma", "no-cache").build());
    }

    private static Set<String> collectUriHosts(List<String> list) throws URISyntaxException {
        HashSet hashSet = new HashSet();
        Iterator<String> it = list.iterator();
        while (it.hasNext()) {
            hashSet.add(new URI(it.next()).getHost());
        }
        return hashSet;
    }
}
