package com.ibm.team.jfs.app.oauth;

import com.ibm.team.http.client.impl.HttpClientService;
import com.ibm.team.jfs.app.http.JfsHttpException;
import com.ibm.team.jfs.app.http.util.CookieUtil;
import com.ibm.team.jfs.app.http.util.HttpConstants;
import com.ibm.team.jfs.app.http.util.HttpParseUtil;
import java.io.IOException;
import java.net.URI;
import java.net.URISyntaxException;
import java.util.ArrayList;
import java.util.Date;
import javax.servlet.http.HttpServletResponse;
import net.oauth.OAuth;
import net.oauth.OAuthAccessor;
import net.oauth.OAuthConsumer;
import net.oauth.OAuthException;
import net.oauth.OAuthMessage;
import net.oauth.OAuthProblemException;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.http.Header;
import org.apache.http.HeaderElement;
import org.apache.http.HttpEntity;
import org.apache.http.HttpEntityEnclosingRequest;
import org.apache.http.HttpException;
import org.apache.http.HttpHost;
import org.apache.http.HttpRequest;
import org.apache.http.HttpResponse;
import org.apache.http.NameValuePair;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.client.methods.HttpRequestBase;
import org.apache.http.entity.BufferedHttpEntity;
import org.apache.http.message.BasicHeaderValueParser;
import org.apache.http.message.HeaderValueParser;
import org.apache.http.util.EntityUtils;

/* loaded from: input_file:com.ibm.team.jfs.app.oauth.jar:com/ibm/team/jfs/app/oauth/OAuthHelper.class */
public class OAuthHelper {
    public static final String ACCESS_TOKEN_COOKIE_NAME = "jfs-oauth-access-token";
    public static final String ACCESS_TOKEN_SECRET_COOKIE_NAME = "jfs-oauth-access_token-secret";
    public static final String AUTHORIZED_REQUEST_TOKEN_PARAM_NAME = "oauth_token";
    public static final String REQUEST_TOKEN_SECRET_PARAM_NAME = "request_token_secret";
    public static final String X_OAUTH_AUTHORIZATION_URL = "X-jazz-web-oauth-url";
    private static final String EMPTY = "";
    private static Log logger = LogFactory.getLog(OAuthHelper.class);
    private static final String DEFAULT_SIGNATUR_METHOD = null;

    /* loaded from: input_file:com.ibm.team.jfs.app.oauth.jar:com/ibm/team/jfs/app/oauth/OAuthHelper$TokenRequestFailedException.class */
    static class TokenRequestFailedException extends JfsHttpException {
        private static final long serialVersionUID = 1;

        public TokenRequestFailedException(int i) {
            super(i);
        }

        public TokenRequestFailedException(int i, String str) {
            super(i, str);
        }
    }

    public static boolean hasAccessToken(HttpRequest httpRequest, String str, String str2) {
        return getAccessTokenFromRequest(httpRequest, str, str2) != null;
    }

    public static boolean hasAuthorizedRequestToken(HttpRequest httpRequest) throws URISyntaxException {
        return getAuthorizedRequestTokenFromRequest(httpRequest) != null;
    }

    public static OAuthAccessToken getAccessTokenFromRequest(HttpRequest httpRequest, String str, String str2) {
        validateRequest(httpRequest);
        String str3 = str;
        if (str3 == null || str3.length() == 0) {
            str3 = ACCESS_TOKEN_COOKIE_NAME;
        }
        String cookie = getCookie(httpRequest, str3);
        String str4 = str2;
        if (str4 == null || str4.length() == 0) {
            str4 = ACCESS_TOKEN_SECRET_COOKIE_NAME;
        }
        String cookie2 = getCookie(httpRequest, str4);
        if (cookie != null && cookie.length() > 0 && cookie2 != null && cookie2.length() > 0) {
            return new OAuthAccessToken(cookie, cookie2);
        }
        for (Header header : httpRequest.getHeaders("Authorization")) {
            for (OAuth.Parameter parameter : OAuthMessage.decodeAuthorization(header.getValue())) {
                String key = parameter.getKey();
                if ("oauth_token".equalsIgnoreCase(key)) {
                    cookie = parameter.getValue();
                } else if (OAuth.OAUTH_TOKEN_SECRET.equalsIgnoreCase(key)) {
                    cookie2 = parameter.getValue();
                }
            }
        }
        if (cookie == null || cookie.length() <= 0 || cookie2 == null || cookie2.length() <= 0) {
            return null;
        }
        return new OAuthAccessToken(cookie, cookie2);
    }

    public static OAuthRequestToken getAuthorizedRequestTokenFromRequest(HttpRequest httpRequest) throws URISyntaxException {
        validateRequest(httpRequest);
        String str = "";
        String str2 = "";
        for (OAuth.Parameter parameter : OAuth.decodeForm(new URI(httpRequest.getRequestLine().getUri()).getRawQuery())) {
            if (parameter.getKey().equals("oauth_token")) {
                str = parameter.getValue();
            } else if (parameter.getKey().equals(REQUEST_TOKEN_SECRET_PARAM_NAME)) {
                str2 = parameter.getValue();
                if (str2 != null && str2.indexOf(" ") != -1) {
                    str2 = str2.replaceAll(" ", HttpConstants.PLUS);
                }
            }
        }
        if (str == null || str.length() <= 0 || str2 == null || str2.length() <= 0) {
            return null;
        }
        return new OAuthRequestToken(str, str2);
    }

    public static OAuthRequestToken getNewRequestTokenFromProvider(OAuthProviderProperties oAuthProviderProperties, OAuthConsumerProperties oAuthConsumerProperties) throws IOException, URISyntaxException, JfsHttpException {
        validateProvider(oAuthProviderProperties);
        validateConsumer(oAuthConsumerProperties);
        OAuthRequestToken token = getToken(new HttpPost(oAuthProviderProperties.requestTokenURL), oAuthConsumerProperties, null, null);
        logger.debug("Successfully received a new request token from:" + oAuthProviderProperties.requestTokenURL);
        return token;
    }

    public static String buildAuthorizationRedirectURL(OAuthProviderProperties oAuthProviderProperties, String str, OAuthRequestToken oAuthRequestToken) throws IOException {
        validateProvider(oAuthProviderProperties);
        validateRequestToken(oAuthRequestToken);
        if (str == null || str.length() == 0) {
            throw new IllegalArgumentException("applicationURL must not be null or empty");
        }
        StringBuilder sb = new StringBuilder(str);
        sb.append(str.indexOf("?") < 0 ? '?' : '&');
        sb.append(OAuth.formEncode(OAuth.newList(REQUEST_TOKEN_SECRET_PARAM_NAME, oAuthRequestToken.secret)));
        return OAuth.addParameters(oAuthProviderProperties.userAuthorizationURL, OAuth.newList("oauth_callback", sb.toString(), "oauth_token", oAuthRequestToken.token));
    }

    public static OAuthAccessToken exchangeRequestTokenForAccessToken(OAuthProviderProperties oAuthProviderProperties, OAuthConsumerProperties oAuthConsumerProperties, OAuthRequestToken oAuthRequestToken) throws IOException, URISyntaxException, JfsHttpException {
        validateProvider(oAuthProviderProperties);
        validateConsumer(oAuthConsumerProperties);
        validateRequestToken(oAuthRequestToken);
        OAuthRequestToken token = getToken(new HttpPost(oAuthProviderProperties.accessTokenURL), oAuthConsumerProperties, oAuthRequestToken.token, oAuthRequestToken.secret);
        logger.debug("Successfully exchanged request token for access token from:" + oAuthProviderProperties.accessTokenURL);
        return new OAuthAccessToken(token.token, token.secret);
    }

    public static void setAccessTokenAsCookies(HttpResponse httpResponse, OAuthAccessToken oAuthAccessToken, String str, String str2) {
        validateResponse(httpResponse);
        validateAccessToken(oAuthAccessToken);
        String str3 = str;
        if (str3 == null || str3.length() == 0) {
            str3 = ACCESS_TOKEN_COOKIE_NAME;
        }
        setCookie(httpResponse, str3, oAuthAccessToken.token);
        String str4 = str2;
        if (str4 == null || str4.length() == 0) {
            str4 = ACCESS_TOKEN_SECRET_COOKIE_NAME;
        }
        setCookie(httpResponse, str4, oAuthAccessToken.secret);
    }

    public static void addAuthorizationHeader(HttpRequest httpRequest, OAuthConsumerProperties oAuthConsumerProperties, OAuthAccessToken oAuthAccessToken) throws IOException, URISyntaxException {
        validateRequest(httpRequest);
        httpRequest.addHeader("Authorization", getAuthorizationHeaderInternal(httpRequest, httpRequest.getRequestLine().getUri(), httpRequest.getRequestLine().getMethod(), oAuthConsumerProperties, null, oAuthAccessToken.token, oAuthAccessToken.secret));
    }

    public static String getAuthorizationHeader(String str, String str2, OAuthConsumerProperties oAuthConsumerProperties, OAuthAccessToken oAuthAccessToken) throws IOException, URISyntaxException {
        validateConsumer(oAuthConsumerProperties);
        validateAccessToken(oAuthAccessToken);
        return getAuthorizationHeaderInternal(null, str, str2, oAuthConsumerProperties, null, oAuthAccessToken.token, oAuthAccessToken.secret);
    }

    public static String getAuthorizationHeader(HttpRequest httpRequest, String str, String str2, OAuthConsumerProperties oAuthConsumerProperties, OAuthAccessToken oAuthAccessToken) throws IOException, URISyntaxException {
        validateConsumer(oAuthConsumerProperties);
        validateAccessToken(oAuthAccessToken);
        return getAuthorizationHeaderInternal(httpRequest, str, str2, oAuthConsumerProperties, null, oAuthAccessToken.token, oAuthAccessToken.secret);
    }

    public static void setAccessTokenAsCookies(HttpResponse httpResponse, OAuthAccessToken oAuthAccessToken, String str, String str2, String str3) {
        validateResponse(httpResponse);
        validateAccessToken(oAuthAccessToken);
        String str4 = str;
        if (str4 == null || str4.length() == 0) {
            str4 = ACCESS_TOKEN_COOKIE_NAME;
        }
        CookieUtil.setCookieHeader(httpResponse, str4, oAuthAccessToken.token, str3, (Date) null);
        String str5 = str2;
        if (str5 == null || str5.length() == 0) {
            str5 = ACCESS_TOKEN_SECRET_COOKIE_NAME;
        }
        CookieUtil.setCookieHeader(httpResponse, str5, oAuthAccessToken.secret, str3, (Date) null);
    }

    public static void setAccessTokenAsCookies(HttpServletResponse httpServletResponse, OAuthAccessToken oAuthAccessToken, String str, String str2, String str3) {
        validateResponse(httpServletResponse);
        validateAccessToken(oAuthAccessToken);
        String str4 = str;
        if (str4 == null || str4.length() == 0) {
            str4 = ACCESS_TOKEN_COOKIE_NAME;
        }
        CookieUtil.setCookieHeader(httpServletResponse, str4, oAuthAccessToken.token, str3, (Date) null);
        String str5 = str2;
        if (str5 == null || str5.length() == 0) {
            str5 = ACCESS_TOKEN_SECRET_COOKIE_NAME;
        }
        CookieUtil.setCookieHeader(httpServletResponse, str5, oAuthAccessToken.secret, str3, (Date) null);
    }

    public static void checkResponseForOAuthErrors(HttpResponse httpResponse) throws OAuthRequestException {
        validateResponse(httpResponse);
        int statusCode = httpResponse.getStatusLine().getStatusCode();
        String oAuthProblemString = getOAuthProblemString(httpResponse);
        String buildExceptionMessage = buildExceptionMessage(httpResponse);
        if (statusCode != 401) {
            if (statusCode == 400) {
                if (oAuthProblemString.equalsIgnoreCase(OAuth.Problems.VERSION_REJECTED) || oAuthProblemString.equalsIgnoreCase(OAuth.Problems.PARAMETER_ABSENT) || oAuthProblemString.equalsIgnoreCase(OAuth.Problems.PARAMETER_REJECTED) || oAuthProblemString.equalsIgnoreCase(OAuth.Problems.TIMESTAMP_REFUSED) || oAuthProblemString.equalsIgnoreCase(OAuth.Problems.SIGNATURE_METHOD_REJECTED)) {
                    throw new OAuthBadRequestException(statusCode, buildExceptionMessage);
                }
                return;
            }
            return;
        }
        if (oAuthProblemString.equalsIgnoreCase(OAuth.Problems.INVALID_CONSUMER_KEY)) {
            throw new OAuthInvalidConsumerKeyException();
        }
        if (oAuthProblemString.equalsIgnoreCase(OAuth.Problems.SIGNATURE_INVALID)) {
            throw new OAuthInvalidSignatureException();
        }
        if (oAuthProblemString.equalsIgnoreCase(OAuth.Problems.INVALID_EXPIRED_TOKEN)) {
            throw new OAuthInvalidOrExpiredTokenException();
        }
        if (oAuthProblemString.equalsIgnoreCase(OAuth.Problems.INVALID_USED_NONCE) || oAuthProblemString.equalsIgnoreCase(OAuth.Problems.TOKEN_NOT_AUTHORIZED)) {
            throw new OAuthUnauthorizedException(statusCode, buildExceptionMessage);
        }
    }

    public static void checkUnauthorizedResponse(HttpResponse httpResponse) throws OAuthInvalidConsumerKeyException, OAuthInvalidSignatureException, OAuthInvalidOrExpiredTokenException, OAuthTokenRequestFailedException {
        validateResponse(httpResponse);
        if (httpResponse.getStatusLine().getStatusCode() != 401) {
            return;
        }
        String oAuthProblemString = getOAuthProblemString(httpResponse);
        String buildExceptionMessage = buildExceptionMessage(httpResponse);
        if (oAuthProblemString.length() != 0) {
            if (oAuthProblemString.equalsIgnoreCase(OAuth.Problems.INVALID_CONSUMER_KEY)) {
                throw new OAuthInvalidConsumerKeyException();
            }
            if (oAuthProblemString.equalsIgnoreCase(OAuth.Problems.SIGNATURE_INVALID)) {
                throw new OAuthInvalidSignatureException();
            }
            if (!oAuthProblemString.equalsIgnoreCase(OAuth.Problems.INVALID_EXPIRED_TOKEN)) {
                throw new OAuthTokenRequestFailedException(httpResponse.getStatusLine().getStatusCode(), buildExceptionMessage);
            }
            throw new OAuthInvalidOrExpiredTokenException();
        }
    }

    private static OAuthRequestToken getToken(HttpRequestBase httpRequestBase, OAuthConsumerProperties oAuthConsumerProperties, String str, String str2) throws JfsHttpException, IOException, URISyntaxException {
        try {
            URI uri = httpRequestBase.getURI();
            HttpHost httpHost = uri.isAbsolute() ? new HttpHost(uri.getHost(), uri.getPort(), uri.getScheme()) : null;
            httpRequestBase.setHeader("Authorization", getAuthorizationHeaderInternal(httpRequestBase, uri.toString(), httpRequestBase.getMethod(), oAuthConsumerProperties, str, null, str2));
            HttpResponse send = new HttpClientService().send(httpHost, httpRequestBase);
            int statusCode = send.getStatusLine().getStatusCode();
            String entityUtils = EntityUtils.toString(send.getEntity());
            if (statusCode != 200) {
                if (statusCode != 401 && statusCode != 400) {
                    throw new OAuthTokenRequestFailedException(statusCode, buildExceptionMessage(send));
                }
                checkResponseForOAuthErrors(send);
            }
            String str3 = "";
            String str4 = "";
            for (OAuth.Parameter parameter : OAuth.decodeForm(entityUtils)) {
                if (parameter.getKey().equals("oauth_token")) {
                    str3 = parameter.getValue();
                } else if (parameter.getKey().equals(OAuth.OAUTH_TOKEN_SECRET)) {
                    str4 = parameter.getValue();
                }
            }
            return new OAuthRequestToken(str3, str4);
        } catch (HttpException e) {
            e.printStackTrace();
            return null;
        }
    }

    private static String getAuthorizationHeaderInternal(HttpRequest httpRequest, String str, String str2, OAuthConsumerProperties oAuthConsumerProperties, String str3, String str4, String str5) throws IOException, URISyntaxException {
        validateConsumer(oAuthConsumerProperties);
        try {
            ArrayList arrayList = new ArrayList();
            if (str4 == null && str3 != null) {
                arrayList.add(new OAuth.Parameter("oauth_token", str3));
            }
            if (str4 != null && str5 != null) {
                arrayList.add(new OAuth.Parameter(OAuth.OAUTH_TOKEN_SECRET, str5));
            }
            if (DEFAULT_SIGNATUR_METHOD != null) {
                arrayList.add(new OAuth.Parameter(OAuth.OAUTH_SIGNATURE_METHOD, DEFAULT_SIGNATUR_METHOD));
            }
            if (str2.equals("POST") && httpRequest != null && (httpRequest instanceof HttpEntityEnclosingRequest)) {
                Header[] contentType = HttpParseUtil.getContentType(httpRequest);
                int length = contentType.length;
                int i = 0;
                while (true) {
                    if (i >= length) {
                        break;
                    }
                    if (OAuth.isFormEncoded(contentType[i].getValue().toLowerCase())) {
                        HttpEntityEnclosingRequest httpEntityEnclosingRequest = (HttpEntityEnclosingRequest) httpRequest;
                        HttpEntity entity = httpEntityEnclosingRequest.getEntity();
                        if (entity != null) {
                            BufferedHttpEntity bufferedHttpEntity = new BufferedHttpEntity(entity);
                            arrayList.addAll(OAuth.decodeForm(EntityUtils.toString(bufferedHttpEntity)));
                            httpEntityEnclosingRequest.setEntity(bufferedHttpEntity);
                        }
                    } else {
                        i++;
                    }
                }
            }
            OAuthAccessor oAuthAccessor = new OAuthAccessor(new OAuthConsumer(null, oAuthConsumerProperties.consumerKey, oAuthConsumerProperties.consumerSecret, null));
            oAuthAccessor.requestToken = str3;
            oAuthAccessor.accessToken = str4;
            oAuthAccessor.tokenSecret = str5;
            return oAuthAccessor.newRequestMessage(str2, str, arrayList).getAuthorizationHeader(null);
        } catch (OAuthException e) {
            throw new IOException("Exception building OAuth Authorization Header." + e.getMessage());
        }
    }

    private static String getCookie(HttpRequest httpRequest, String str) {
        validateRequest(httpRequest);
        if (str == null || str.equals("")) {
            return "";
        }
        for (Header header : httpRequest.getHeaders("Cookie")) {
            for (NameValuePair nameValuePair : BasicHeaderValueParser.parseParameters(header.getValue(), (HeaderValueParser) null)) {
                if (nameValuePair.getName().equals(str)) {
                    return nameValuePair.getValue();
                }
            }
        }
        return "";
    }

    private static void setCookie(HttpResponse httpResponse, String str, String str2) {
        if (httpResponse == null || str == null || str.length() <= 0) {
            return;
        }
        httpResponse.addHeader("Set-Cookie", String.valueOf(str) + HttpConstants.EQUALS + (str2 != null ? str2 : ""));
    }

    private static void validateRequestToken(OAuthRequestToken oAuthRequestToken) {
        if (oAuthRequestToken == null) {
            throw new IllegalArgumentException("OAuthRequestToken must not be null");
        }
        if (oAuthRequestToken.token == null) {
            throw new IllegalArgumentException("OAuthRequestToken.token must not be null");
        }
        if (oAuthRequestToken.secret == null) {
            throw new IllegalArgumentException("OAuthRequestToken.secret must not be null");
        }
    }

    private static void validateAccessToken(OAuthAccessToken oAuthAccessToken) {
        if (oAuthAccessToken == null) {
            throw new IllegalArgumentException("OAuthAccessToken token must not be null");
        }
        if (oAuthAccessToken.token == null) {
            throw new IllegalArgumentException("OAuthAccessToken.token must not be null");
        }
        if (oAuthAccessToken.secret == null) {
            throw new IllegalArgumentException("OAuthAccessToken.secret must not be null");
        }
    }

    private static void validateProvider(OAuthProviderProperties oAuthProviderProperties) {
        if (oAuthProviderProperties == null) {
            throw new IllegalArgumentException("OAuthProviderProperties must not be null");
        }
        if (oAuthProviderProperties.requestTokenURL == null || oAuthProviderProperties.requestTokenURL.equals("")) {
            throw new IllegalArgumentException("OAuthProviderProperties.requestTokenURL must not be null or empty");
        }
        if (oAuthProviderProperties.accessTokenURL == null || oAuthProviderProperties.accessTokenURL.equals("")) {
            throw new IllegalArgumentException("OAuthProviderProperties.accessTokenURL must not be null or empty");
        }
        if (oAuthProviderProperties.userAuthorizationURL == null || oAuthProviderProperties.userAuthorizationURL.equals("")) {
            throw new IllegalArgumentException("OAuthProviderProperties.userAuthorizationURL must not be null or empty");
        }
    }

    private static void validateConsumer(OAuthConsumerProperties oAuthConsumerProperties) {
        if (oAuthConsumerProperties == null) {
            throw new IllegalArgumentException("OAuthConsumerProperties must not be null");
        }
        if (oAuthConsumerProperties.consumerKey == null) {
            throw new IllegalArgumentException("OAuthConsumerProperties.consumerKey must not be null");
        }
        if (oAuthConsumerProperties.consumerSecret == null) {
            throw new IllegalArgumentException("OAuthConsumerProperties.consumerSecret must not be null");
        }
    }

    private static void validateRequest(HttpRequest httpRequest) {
        if (httpRequest == null) {
            throw new IllegalArgumentException("HttpRequest must not be null");
        }
    }

    private static void validateResponse(HttpResponse httpResponse) {
        if (httpResponse == null) {
            throw new IllegalArgumentException("HttpResponse must not be null");
        }
    }

    private static void validateResponse(HttpServletResponse httpServletResponse) {
        if (httpServletResponse == null) {
            throw new IllegalArgumentException("HttpServletResponse must not be null");
        }
    }

    private static String getOAuthProblemString(HttpResponse httpResponse) {
        for (Header header : httpResponse.getHeaders("WWW-Authenticate")) {
            for (HeaderElement headerElement : header.getElements()) {
                if (headerElement.getName().equals(OAuthProblemException.OAUTH_PROBLEM)) {
                    return headerElement.getValue();
                }
            }
        }
        return "";
    }

    private static String buildExceptionMessage(HttpResponse httpResponse) {
        return "\n" + httpResponse.getStatusLine().toString() + "\n" + prettyPrintResponseHeaders(httpResponse);
    }

    private static String prettyPrintResponseHeaders(HttpResponse httpResponse) {
        StringBuilder sb = new StringBuilder("");
        if (httpResponse != null) {
            for (Header header : httpResponse.getAllHeaders()) {
                sb.append(header.getName());
                sb.append(":");
                sb.append(header.getValue());
                sb.append("\n");
            }
        }
        return sb.toString();
    }
}
