package org.apache.cxf.rs.security.oauth2.services;

import java.net.URI;
import java.net.URISyntaxException;
import java.util.LinkedHashMap;
import java.util.Map;
import javax.ws.rs.GET;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.UriBuilder;
import javax.ws.rs.core.UriInfo;
import org.apache.cxf.jaxrs.json.basic.JsonMapObjectReaderWriter;
import org.apache.cxf.transport.https.HttpsURLConnectionFactory;
import org.hsqldb.DatabaseURL;

/* loaded from: input_file:lib/cxf-shade-8.0.16.jar:org/apache/cxf/rs/security/oauth2/services/AuthorizationMetadataService.class */
public class AuthorizationMetadataService {
    private String issuer;
    private boolean stripPathFromIssuerUri = true;
    private String authorizationEndpointAddress;
    private boolean tokenEndpointNotAvailable;
    private String tokenEndpointAddress;
    private boolean tokenRevocationEndpointNotAvailable;
    private String tokenRevocationEndpointAddress;
    private boolean jwkEndpointNotAvailable;
    private String jwkEndpointAddress;
    private boolean dynamicRegistrationEndpointNotAvailable;
    private String dynamicRegistrationEndpointAddress;

    @GET
    @Produces({MediaType.APPLICATION_JSON})
    @Path("oauth-authorization-server")
    public String getConfiguration(@Context UriInfo uriInfo) {
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        prepareConfigurationData(linkedHashMap, getBaseUri(uriInfo));
        JsonMapObjectReaderWriter jsonMapObjectReaderWriter = new JsonMapObjectReaderWriter();
        jsonMapObjectReaderWriter.setFormat(true);
        return jsonMapObjectReaderWriter.toJson(linkedHashMap);
    }

    protected void prepareConfigurationData(Map<String, Object> map, String str) {
        map.put(AuthorizationMetadata.ISSUER, buildIssuerUri(str));
        map.put(AuthorizationMetadata.AUTHORIZATION_ENDPOINT, calculateEndpointAddress(this.authorizationEndpointAddress, str, "/idp/authorize"));
        if (!isTokenEndpointNotAvailable()) {
            map.put(AuthorizationMetadata.TOKEN_ENDPOINT, calculateEndpointAddress(this.tokenEndpointAddress, str, "/oauth2/token"));
        }
        if (!isTokenRevocationEndpointNotAvailable()) {
            map.put(AuthorizationMetadata.REVOCATION_ENDPOINT, calculateEndpointAddress(this.tokenRevocationEndpointAddress, str, "/oauth2/revoke"));
        }
        if (!isJwkEndpointNotAvailable()) {
            map.put(AuthorizationMetadata.JWKS_URI, calculateEndpointAddress(this.jwkEndpointAddress, str, "/jwk/keys"));
        }
        if (isDynamicRegistrationEndpointNotAvailable()) {
            return;
        }
        map.put(AuthorizationMetadata.REGISTRATION_ENDPOINT, calculateEndpointAddress(this.dynamicRegistrationEndpointAddress, str, "/dynamic/register"));
    }

    protected static String calculateEndpointAddress(String str, String str2, String str3) {
        String str4 = str != null ? str : str3;
        return isAbsoluteUri(str4) ? str4 : removeDefaultPort(UriBuilder.fromUri(str2).path(str4).build(new Object[0])).toString();
    }

    private static boolean isAbsoluteUri(String str) {
        if (str == null) {
            return false;
        }
        return str.startsWith(DatabaseURL.S_HTTP) || str.startsWith(DatabaseURL.S_HTTPS);
    }

    private String getBaseUri(UriInfo uriInfo) {
        String uri = uriInfo.getRequestUri().toString();
        int lastIndexOf = uri.lastIndexOf(WellKnownService.WELL_KNOWN_PATH);
        if (lastIndexOf != -1) {
            uri = uri.substring(0, lastIndexOf);
        }
        return uri;
    }

    public void setIssuer(String str) {
        this.issuer = str;
    }

    public void setAuthorizationEndpointAddress(String str) {
        this.authorizationEndpointAddress = str;
    }

    public void setTokenEndpointAddress(String str) {
        this.tokenEndpointAddress = str;
    }

    public void setJwkEndpointAddress(String str) {
        this.jwkEndpointAddress = str;
    }

    public void setTokenRevocationEndpointAddress(String str) {
        this.tokenRevocationEndpointAddress = str;
    }

    public void setTokenRevocationEndpointNotAvailable(boolean z) {
        this.tokenRevocationEndpointNotAvailable = z;
    }

    public boolean isTokenRevocationEndpointNotAvailable() {
        return this.tokenRevocationEndpointNotAvailable;
    }

    public void setJwkEndpointNotAvailable(boolean z) {
        this.jwkEndpointNotAvailable = z;
    }

    public boolean isJwkEndpointNotAvailable() {
        return this.jwkEndpointNotAvailable;
    }

    public boolean isTokenEndpointNotAvailable() {
        return this.tokenEndpointNotAvailable;
    }

    public void setTokenEndpointNotAvailable(boolean z) {
        this.tokenEndpointNotAvailable = z;
    }

    public boolean isDynamicRegistrationEndpointNotAvailable() {
        return this.dynamicRegistrationEndpointNotAvailable;
    }

    public void setDynamicRegistrationEndpointNotAvailable(boolean z) {
        this.dynamicRegistrationEndpointNotAvailable = z;
    }

    public String getDynamicRegistrationEndpointAddress() {
        return this.dynamicRegistrationEndpointAddress;
    }

    public void setDynamicRegistrationEndpointAddress(String str) {
        this.dynamicRegistrationEndpointAddress = str;
    }

    private String buildIssuerUri(String str) {
        URI create;
        if (isAbsoluteUri(this.issuer)) {
            create = UriBuilder.fromUri(this.issuer).build(new Object[0]);
        } else {
            create = (this.issuer == null || !this.issuer.startsWith("/")) ? URI.create(str) : UriBuilder.fromUri(str).path(this.issuer).build(new Object[0]);
        }
        URI removeDefaultPort = removeDefaultPort(create);
        if (!this.stripPathFromIssuerUri) {
            return removeDefaultPort.toString();
        }
        StringBuilder sb = new StringBuilder();
        sb.append(removeDefaultPort.getScheme()).append("://").append(removeDefaultPort.getHost());
        if (removeDefaultPort.getPort() != -1) {
            sb.append(':').append(removeDefaultPort.getPort());
        }
        return sb.toString();
    }

    private static URI removeDefaultPort(URI uri) {
        if ((uri.getPort() != 80 || !"http".equals(uri.getScheme())) && (uri.getPort() != 443 || !HttpsURLConnectionFactory.HTTPS_URL_PROTOCOL_ID.equals(uri.getScheme()))) {
            return uri;
        }
        try {
            return new URI(uri.getScheme(), uri.getUserInfo(), uri.getHost(), -1, uri.getPath(), uri.getQuery(), uri.getFragment());
        } catch (URISyntaxException e) {
            throw new IllegalArgumentException("Invalid URI " + uri + " : " + e.toString(), e);
        }
    }

    public void setStripPathFromIssuerUri(boolean z) {
        this.stripPathFromIssuerUri = z;
    }
}
