package com.parasoft.xtest.common.oidc;

import com.parasoft.xtest.common.UArrays;
import com.parasoft.xtest.common.api.MessageSeverity;
import com.parasoft.xtest.common.api.console.IConsole;
import com.parasoft.xtest.common.nls.NLS;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.Security;
import java.util.Arrays;
import org.apache.commons.codec.binary.Base64;
import org.apache.http.Header;
import org.apache.http.HeaderElement;
import org.apache.http.HttpResponse;
import org.json.JSONException;
import org.json.JSONObject;

/* loaded from: input_file:WEB-INF/lib/com.parasoft.xtest.common-10.5.0.20201016.jar:com/parasoft/xtest/common/oidc/OidcUtil.class */
public class OidcUtil {
    public static final String JKS_TYPE = "jks";
    public static final String PKCS_TYPE = "pkcs12";
    public static final String BEARER = "Bearer";
    private static final String PARASOFT_REST_SERVICES = "Parasoft REST Services";
    private static final String INVALID_TOKEN = "invalid_token";
    private static final String WWW_AUTHENTICATE = "WWW-Authenticate";

    public static KeyStore loadKeystore(File file, String str) throws GeneralSecurityException, IOException {
        KeyStore loadKeystore;
        String defaultType = KeyStore.getDefaultType();
        String str2 = str == null ? "" : str;
        try {
            loadKeystore = loadKeystore(defaultType, file, str2);
        } catch (FileNotFoundException e) {
            throw e;
        } catch (IOException unused) {
            loadKeystore = loadKeystore(getOtherKeystoreType(defaultType), file, str2);
        }
        return loadKeystore;
    }

    public static boolean isDTPExpectingAccessToken(HttpResponse httpResponse) {
        if (isAuthorizationErrorResponse(httpResponse)) {
            return isElementEmpty(getHeaderElements(httpResponse));
        }
        return false;
    }

    public static void handleDTPAuthorizationErrorResponse(HttpResponse httpResponse) throws OidcResponseException {
        if (isAuthorizationErrorResponse(httpResponse)) {
            String elementValue = getElementValue(getHeaderElements(httpResponse));
            if (INVALID_TOKEN.equals(elementValue)) {
                throw new OidcInvalidTokenResponseException(com.parasoft.xtest.common.httpclient.Messages.INVALID_TOKEN, 401);
            }
            if (!PARASOFT_REST_SERVICES.equals(elementValue)) {
                throw new OidcResponseException(com.parasoft.xtest.common.httpclient.Messages.ACCESS_TOKEN_UNAVAILABLE, 401);
            }
            throw new OidcUnexpectedTokenResponseException(com.parasoft.xtest.common.httpclient.Messages.UNEXPECTED_TOKEN, 401);
        }
    }

    public static String getCurrentOidcUserName(IOidcService iOidcService) {
        if (iOidcService == null || !iOidcService.isEnabled()) {
            return null;
        }
        try {
            return decodeUserNameFromAccessToken(iOidcService.getAccessToken());
        } catch (OidcException e) {
            Logger.getLogger().warn("Unable to get user name", e);
            return null;
        }
    }

    public static String decodeUserNameFromAccessToken(String str) {
        if (str == null) {
            return null;
        }
        String[] split = str.split("\\.");
        if (split.length < 2) {
            Logger.getLogger().error("Incorrect access token format! ");
            return null;
        }
        try {
            return new JSONObject(new String(Base64.decodeBase64(split[1]))).getString("preferred_username");
        } catch (JSONException e) {
            Logger.getLogger().error("User name cannot be obtained for token: " + str, e);
            return null;
        }
    }

    private static boolean isAuthorizationErrorResponse(HttpResponse httpResponse) {
        return httpResponse.getStatusLine().getStatusCode() == 401;
    }

    private static HeaderElement[] getHeaderElements(HttpResponse httpResponse) {
        Header[] headers = httpResponse.getHeaders("WWW-Authenticate");
        if (headers == null || headers.length != 1) {
            return null;
        }
        return headers[0].getElements();
    }

    private static boolean isElementEmpty(HeaderElement[] headerElementArr) {
        return !UArrays.isEmpty(headerElementArr) && BEARER.equals(headerElementArr[0].getName()) && headerElementArr[0].getValue() == null;
    }

    private static String getElementValue(HeaderElement[] headerElementArr) {
        if (UArrays.isEmpty(headerElementArr)) {
            return null;
        }
        return headerElementArr[0].getValue();
    }

    private static KeyStore loadKeystore(String str, File file, String str2) throws GeneralSecurityException, IOException {
        Logger.getLogger().debug("Registered security providers: " + Arrays.toString(Security.getProviders()));
        KeyStore keyStore = KeyStore.getInstance(str);
        keyStore.load(new FileInputStream(file), str2.toCharArray());
        return keyStore;
    }

    private static String getOtherKeystoreType(String str) {
        return PKCS_TYPE.equalsIgnoreCase(str) ? JKS_TYPE : PKCS_TYPE;
    }

    public static void writeOnConsole(IConsole iConsole, String str) {
        writeOnConsole(iConsole, str, MessageSeverity.NORMAL);
    }

    public static void writeOnConsole(IConsole iConsole, String str, MessageSeverity messageSeverity) {
        iConsole.writeln(NLS.getFormatted(Messages.OIDC_CONSOLE_PREFIX, str), messageSeverity);
    }
}
