package org.apache.cxf.rs.security.oauth2.utils;

import java.security.Principal;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import java.util.UUID;
import org.apache.cxf.common.util.StringUtils;
import org.apache.cxf.jaxrs.impl.MetadataMap;
import org.apache.cxf.jaxrs.model.URITemplate;
import org.apache.cxf.rs.security.oauth2.common.Client;
import org.apache.cxf.rs.security.oauth2.common.OAuthPermission;
import org.apache.cxf.rs.security.oauth2.common.UserSubject;
import org.apache.cxf.rs.security.oauth2.provider.OAuthServiceException;
import org.apache.cxf.security.LoginSecurityContext;
import org.apache.cxf.security.SecurityContext;

/* loaded from: input_file:tomee.zip:lib/cxf-rt-rs-security-oauth2-2.6.14.jar:org/apache/cxf/rs/security/oauth2/utils/OAuthUtils.class */
public final class OAuthUtils {
    private OAuthUtils() {
    }

    public static UserSubject createSubject(SecurityContext securityContext) {
        List emptyList = Collections.emptyList();
        if (securityContext instanceof LoginSecurityContext) {
            emptyList = new ArrayList();
            Iterator<Principal> it = ((LoginSecurityContext) securityContext).getUserRoles().iterator();
            while (it.hasNext()) {
                emptyList.add(it.next().getName());
            }
        }
        return new UserSubject(securityContext.getUserPrincipal().getName(), (List<String>) emptyList);
    }

    public static String convertPermissionsToScope(List<OAuthPermission> list) {
        StringBuilder sb = new StringBuilder();
        for (OAuthPermission oAuthPermission : list) {
            if (sb.length() > 0) {
                sb.append(" ");
            }
            sb.append(oAuthPermission.getPermission());
        }
        return sb.toString();
    }

    public static List<String> convertPermissionsToScopeList(List<OAuthPermission> list) {
        LinkedList linkedList = new LinkedList();
        Iterator<OAuthPermission> it = list.iterator();
        while (it.hasNext()) {
            linkedList.add(it.next().getPermission());
        }
        return linkedList;
    }

    public static boolean isGrantSupportedForClient(Client client, boolean z, String str) {
        if (!client.isConfidential() && !z) {
            return false;
        }
        List<String> allowedGrantTypes = client.getAllowedGrantTypes();
        return allowedGrantTypes.isEmpty() || allowedGrantTypes.contains(str);
    }

    public static List<String> parseScope(String str) {
        LinkedList linkedList = new LinkedList();
        if (str != null) {
            for (String str2 : str.split(" ")) {
                if (!StringUtils.isEmpty(str2)) {
                    linkedList.add(str2);
                }
            }
        }
        return linkedList;
    }

    public static String generateRandomTokenKey() throws OAuthServiceException {
        return generateRandomTokenKey(null);
    }

    public static String generateRandomTokenKey(String str) throws OAuthServiceException {
        try {
            byte[] bytes = UUID.randomUUID().toString().getBytes("UTF-8");
            MessageDigestGenerator messageDigestGenerator = new MessageDigestGenerator();
            if (str != null) {
                messageDigestGenerator.setAlgorithm(str);
            }
            return messageDigestGenerator.generate(bytes);
        } catch (Exception e) {
            throw new OAuthServiceException(OAuthConstants.SERVER_ERROR, e);
        }
    }

    public static boolean isExpired(Long l, Long l2) {
        return l2.longValue() != -1 && l.longValue() + l2.longValue() < System.currentTimeMillis() / 1000;
    }

    public static boolean checkRequestURI(String str, String str2) {
        boolean endsWith = str2.endsWith("*");
        try {
            URITemplate uRITemplate = new URITemplate(endsWith ? str2.substring(0, str2.length() - 1) : str2);
            MetadataMap metadataMap = new MetadataMap();
            if (!uRITemplate.match(str, metadataMap)) {
                return false;
            }
            String first = metadataMap.getFirst(URITemplate.FINAL_MATCH_GROUP);
            if (endsWith || StringUtils.isEmpty(first)) {
                return true;
            }
            return "/".equals(first);
        } catch (Exception e) {
            return false;
        }
    }

    public static List<String> getRequestedScopes(Client client, String str, boolean z) {
        List<String> parseScope = parseScope(str);
        List<String> registeredScopes = client.getRegisteredScopes();
        if (parseScope.isEmpty()) {
            parseScope.addAll(registeredScopes);
            return parseScope;
        }
        if (validateScopes(parseScope, registeredScopes, z)) {
            return parseScope;
        }
        throw new OAuthServiceException("Unexpected scope");
    }

    public static boolean validateScopes(List<String> list, List<String> list2, boolean z) {
        if (list2.isEmpty()) {
            return true;
        }
        if (!z) {
            return list2.containsAll(list);
        }
        for (String str : list) {
            boolean z2 = false;
            Iterator<String> it = list2.iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                if (str.startsWith(it.next())) {
                    z2 = true;
                    break;
                }
            }
            if (!z2) {
                return false;
            }
        }
        return true;
    }
}
