package org.xdi.oxauth.federation.ws.rs;

import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.SecurityContext;
import org.apache.commons.lang.StringUtils;
import org.codehaus.jettison.json.JSONArray;
import org.codehaus.jettison.json.JSONException;
import org.codehaus.jettison.json.JSONObject;
import org.jboss.seam.annotations.In;
import org.jboss.seam.annotations.Logger;
import org.jboss.seam.annotations.Name;
import org.jboss.seam.log.Log;
import org.xdi.oxauth.model.config.ConfigurationFactory;
import org.xdi.oxauth.model.crypto.signature.RSAKeyFactory;
import org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm;
import org.xdi.oxauth.model.error.ErrorResponseFactory;
import org.xdi.oxauth.model.exception.InvalidJwtException;
import org.xdi.oxauth.model.federation.FederationErrorResponseType;
import org.xdi.oxauth.model.federation.FederationMetadata;
import org.xdi.oxauth.model.federation.FederationOP;
import org.xdi.oxauth.model.federation.FederationRP;
import org.xdi.oxauth.model.jwt.JwtHeader;
import org.xdi.oxauth.model.jwt.JwtType;
import org.xdi.oxauth.model.util.JwtUtil;
import org.xdi.oxauth.service.FederationMetadataService;

@Name("federationMetadataWS")
/* loaded from: input_file:org/xdi/oxauth/federation/ws/rs/FederationMetadataWSImpl.class */
public class FederationMetadataWSImpl implements FederationMetadataWS {

    @Logger
    private Log log;

    @In
    private FederationMetadataService federationMetadataService;

    @In
    private ErrorResponseFactory errorResponseFactory;

    @Override // org.xdi.oxauth.federation.ws.rs.FederationMetadataWS
    public Response requestMetadata(String str, String str2, HttpServletRequest httpServletRequest, SecurityContext securityContext) {
        this.log.debug("Called federation metadata endpoint federation_id: {0}", new Object[]{str});
        try {
            if (isRequestValid(httpServletRequest)) {
                if (StringUtils.isBlank(str)) {
                    return Response.status(Response.Status.OK).entity(asJSON(this.federationMetadataService.getMetadataList())).build();
                }
                FederationMetadata metadata = this.federationMetadataService.getMetadata(str, true);
                return Response.status(Response.Status.OK).entity(Boolean.FALSE.toString().equalsIgnoreCase(str2) ? asJSON(metadata).toString() : asSignedJSON(metadata)).build();
            }
        } catch (FederationMetadataService.InvalidIdException e) {
            return errorResponse(FederationErrorResponseType.INVALID_FEDERATION_ID);
        } catch (Exception e2) {
            this.log.error(e2.getMessage(), e2, new Object[0]);
        }
        return errorResponse(FederationErrorResponseType.INVALID_REQUEST);
    }

    public Response errorResponse(FederationErrorResponseType federationErrorResponseType) {
        return Response.status(Response.Status.BAD_REQUEST).entity(this.errorResponseFactory.getErrorResponse(federationErrorResponseType).toJSonString()).build();
    }

    private String asSignedJSON(FederationMetadata federationMetadata) throws JSONException, InvalidJwtException {
        try {
            String federationSigningKid = ConfigurationFactory.instance().getConfiguration().getFederationSigningKid();
            SignatureAlgorithm fromName = SignatureAlgorithm.fromName(ConfigurationFactory.instance().getConfiguration().getFederationSigningAlg());
            return JwtUtil.encodeJwt(JwtHeader.instance().setType(JwtType.JWS).setAlgorithm(fromName).setKeyId(federationSigningKid).toJsonObject(), asJSON(federationMetadata), fromName, RSAKeyFactory.valueOf(ConfigurationFactory.instance().getWebKeys().getKey(federationSigningKid)).getPrivateKey());
        } catch (Exception e) {
            this.log.error(e.getMessage(), e, new Object[0]);
            return asJSON(federationMetadata).toString();
        }
    }

    private static JSONObject asJSON(FederationMetadata federationMetadata) throws JSONException {
        JSONArray jSONArray = new JSONArray();
        if (federationMetadata.getRpList() != null) {
            for (FederationRP federationRP : federationMetadata.getRpList()) {
                JSONObject jSONObject = new JSONObject();
                jSONObject.put("display_name", federationRP.getDisplayName());
                List redirectUri = federationRP.getRedirectUri();
                if (redirectUri != null && !redirectUri.isEmpty()) {
                    if (redirectUri.size() == 1) {
                        jSONObject.put("redirect_uri", redirectUri.get(0));
                    } else {
                        jSONObject.put("redirect_uri", redirectUri);
                    }
                }
                jSONArray.put(jSONObject);
            }
        }
        JSONArray jSONArray2 = new JSONArray();
        if (federationMetadata.getOpList() != null) {
            for (FederationOP federationOP : federationMetadata.getOpList()) {
                JSONObject jSONObject2 = new JSONObject();
                jSONObject2.put("display_name", federationOP.getDisplayName());
                jSONObject2.put("op_id", federationOP.getOpId());
                jSONObject2.put("domain", federationOP.getDomain());
                jSONArray2.put(jSONObject2);
            }
        }
        JSONObject jSONObject3 = new JSONObject();
        jSONObject3.put("federation_id", federationMetadata.getId());
        jSONObject3.put("display_name", federationMetadata.getDisplayName());
        jSONObject3.put("interval_check", federationMetadata.getIntervalCheck());
        jSONObject3.put("RPs", jSONArray);
        jSONObject3.put("OPs", jSONArray2);
        return jSONObject3;
    }

    private static String asJSON(List<FederationMetadata> list) {
        JSONArray jSONArray = new JSONArray();
        if (list != null && !list.isEmpty()) {
            Iterator<FederationMetadata> it = list.iterator();
            while (it.hasNext()) {
                jSONArray.put(it.next().getId());
            }
        }
        return jSONArray.toString();
    }

    private static boolean isRequestValid(HttpServletRequest httpServletRequest) {
        Map parameterMap;
        if (httpServletRequest == null || (parameterMap = httpServletRequest.getParameterMap()) == null) {
            return false;
        }
        Set keySet = parameterMap.keySet();
        if (keySet == null) {
            return true;
        }
        keySet.remove("federation_id");
        keySet.remove("signed");
        return keySet.isEmpty();
    }
}
