package com.google.api.server.spi.auth;

import com.google.api.server.spi.response.UnauthorizedException;
import com.google.appengine.api.utils.SystemProperty;
import com.google.appengine.repackaged.com.google.api.client.extensions.appengine.http.UrlFetchTransport;
import com.google.appengine.repackaged.com.google.api.client.http.HttpTransport;
import com.google.appengine.repackaged.com.google.api.client.http.javanet.NetHttpTransport;
import com.google.appengine.repackaged.com.google.api.client.json.JsonFactory;
import com.google.appengine.repackaged.com.google.api.client.json.jackson.JacksonFactory;
import com.google.appengine.repackaged.com.google.common.annotations.VisibleForTesting;
import javax.servlet.http.HttpServletRequest;

/* loaded from: input_file:com/google/api/server/spi/auth/AuthUtils.class */
public class AuthUtils {
    private static HttpTransport transport;
    private static JsonFactory jsonFactory;

    @VisibleForTesting
    static final String HEADER_AUTHORIZATION = "Authorization";

    @VisibleForTesting
    static final String[] ALLOWED_AUTH_SCHEMES = {"Bearer", UnauthorizedException.AUTH_SCHEME_OAUTH};

    @VisibleForTesting
    static final String[] BEARER_TOKEN_PARAMETER_NAMES = {"access_token", "bearer_token"};

    @VisibleForTesting
    static final String[] OAUTH2_TOKEN_PREFIXES = {"ya29.", "1/"};

    /* JADX INFO: Access modifiers changed from: package-private */
    @VisibleForTesting
    public static String getAuthToken(HttpServletRequest httpServletRequest) {
        String authTokenFromHeader = getAuthTokenFromHeader(httpServletRequest.getHeader(HEADER_AUTHORIZATION));
        if (authTokenFromHeader == null) {
            authTokenFromHeader = getAuthTokenFromQueryParameters(httpServletRequest);
        }
        return authTokenFromHeader;
    }

    private static String getAuthTokenFromQueryParameters(HttpServletRequest httpServletRequest) {
        for (String str : BEARER_TOKEN_PARAMETER_NAMES) {
            String parameter = httpServletRequest.getParameter(str);
            if (parameter != null) {
                return parameter;
            }
        }
        return null;
    }

    private static String getAuthTokenFromHeader(String str) {
        String matchAuthScheme = matchAuthScheme(str);
        if (matchAuthScheme == null) {
            return null;
        }
        return str.substring(matchAuthScheme.length() + 1);
    }

    @VisibleForTesting
    static String matchAuthScheme(String str) {
        if (str == null) {
            return null;
        }
        for (String str2 : ALLOWED_AUTH_SCHEMES) {
            if (str.startsWith(str2)) {
                return str2;
            }
        }
        return null;
    }

    public static synchronized HttpTransport getHttpTransport() {
        if (transport == null) {
            transport = SystemProperty.environment.value() == SystemProperty.Environment.Value.Production ? new UrlFetchTransport() : new NetHttpTransport();
        }
        return transport;
    }

    public static synchronized JsonFactory getJsonFactory() {
        if (jsonFactory == null) {
            jsonFactory = new JacksonFactory();
        }
        return jsonFactory;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @VisibleForTesting
    public static boolean isIdToken(String str) {
        String replaceFirst = str.trim().replaceFirst("^['\"]", "");
        for (String str2 : OAUTH2_TOKEN_PREFIXES) {
            if (replaceFirst.startsWith(str2)) {
                return false;
            }
        }
        return true;
    }
}
