package com.atlassian.applinks.core.auth.oauth.servlets.serviceprovider;

import com.atlassian.applinks.api.ApplicationLink;
import com.atlassian.applinks.api.ApplicationLinkService;
import com.atlassian.applinks.core.auth.oauth.servlets.AbstractOAuthConfigServlet;
import com.atlassian.applinks.core.docs.DocumentationLinker;
import com.atlassian.applinks.core.util.MessageFactory;
import com.atlassian.applinks.core.util.RendererContextBuilder;
import com.atlassian.applinks.host.spi.InternalHostApplication;
import com.atlassian.applinks.ui.BatchedJSONi18NBuilderFactory;
import com.atlassian.applinks.ui.auth.AdminUIAuthenticator;
import com.atlassian.oauth.util.RSAKeys;
import com.atlassian.plugin.webresource.WebResourceManager;
import com.atlassian.sal.api.auth.LoginUriProvider;
import com.atlassian.sal.api.message.I18nResolver;
import com.atlassian.sal.api.net.RequestFactory;
import com.atlassian.sal.api.user.UserManager;
import com.atlassian.sal.api.xsrf.XsrfTokenAccessor;
import com.atlassian.sal.api.xsrf.XsrfTokenValidator;
import com.atlassian.templaterenderer.TemplateRenderer;
import java.io.IOException;
import java.io.Serializable;
import java.net.URI;
import java.net.URISyntaxException;
import java.security.GeneralSecurityException;
import java.security.PublicKey;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang.StringUtils;

/* loaded from: input_file:com/atlassian/applinks/core/auth/oauth/servlets/serviceprovider/AbstractConsumerServlet.class */
public abstract class AbstractConsumerServlet extends AbstractOAuthConfigServlet {
    protected static final String CONSUMER_KEY = "key";
    protected static final String CONSUMER_NAME = "consumerName";
    protected static final String CONSUMER_DESCRIPTION = "description";
    protected static final String CONSUMER_PUBLIC_KEY = "publicKey";
    protected static final String CONSUMER_CALLBACK = "callback";
    protected static final String CONSUMER_TWO_LO_ALLOWED = "two-lo-enabled";
    protected static final String CONSUMER_EXECUTING_TWO_LO_USER = "two-lo-execute-as";
    protected static final String CONSUMER_TWO_LO_IMPERSONATION_ALLOWED = "two-lo-impersonation-enabled";
    protected static final String IS_SYSADMIN = "isSysadmin";
    public static final String OAUTH_INCOMING_CONSUMER_KEY = "oauth.incoming.consumerkey";
    public static final String OAUTH_INCOMING_ENABLED = "oauth-incoming-enabled";
    public static final String OAUTH_OUTGOING_ENABLED = "oauth-outgoing-enabled";
    protected final RequestFactory requestFactory;
    protected static final String ENABLED_CONTEXT_PARAM = "enabled";
    protected final UserManager userManager;

    /* JADX INFO: Access modifiers changed from: protected */
    public AbstractConsumerServlet(I18nResolver i18nResolver, MessageFactory messageFactory, TemplateRenderer templateRenderer, WebResourceManager webResourceManager, ApplicationLinkService applicationLinkService, AdminUIAuthenticator adminUIAuthenticator, RequestFactory requestFactory, BatchedJSONi18NBuilderFactory batchedJSONi18NBuilderFactory, DocumentationLinker documentationLinker, LoginUriProvider loginUriProvider, InternalHostApplication internalHostApplication, XsrfTokenAccessor xsrfTokenAccessor, XsrfTokenValidator xsrfTokenValidator, UserManager userManager) {
        super(i18nResolver, messageFactory, templateRenderer, webResourceManager, applicationLinkService, adminUIAuthenticator, batchedJSONi18NBuilderFactory, documentationLinker, loginUriProvider, internalHostApplication, xsrfTokenAccessor, xsrfTokenValidator);
        this.requestFactory = requestFactory;
        this.userManager = userManager;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public final URI getCallbackUri(HttpServletRequest httpServletRequest, Map<String, String> map) {
        String parameter = httpServletRequest.getParameter("callback");
        if (parameter == null || StringUtils.isEmpty(parameter)) {
            return null;
        }
        try {
            if (!parameter.endsWith("/")) {
                parameter = parameter + "/";
            }
            URI uri = new URI(parameter);
            if (!uri.isAbsolute()) {
                map.put("callback", this.i18nResolver.getText("auth.oauth.config.serviceprovider.callback.uri.must.be.absolute"));
                return null;
            }
            if ("http".equals(uri.getScheme()) || "https".equals(uri.getScheme())) {
                return uri;
            }
            map.put("callback", this.i18nResolver.getText("auth.oauth.config.serviceprovider.callback.uri.must.be.http.or.https"));
            return null;
        } catch (URISyntaxException e) {
            map.put("callback", this.i18nResolver.getText("auth.oauth.config.serviceprovider.invalid.uri"));
            return null;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public final PublicKey getPublicKey(HttpServletRequest httpServletRequest, Map<String, String> map) {
        String checkRequiredFormParameter = checkRequiredFormParameter(httpServletRequest, CONSUMER_PUBLIC_KEY, map, "auth.oauth.config.serviceprovider.missing.public.key");
        if (checkRequiredFormParameter == null) {
            return null;
        }
        PublicKey publicKey = null;
        try {
            publicKey = checkRequiredFormParameter.startsWith("-----BEGIN CERTIFICATE-----") ? RSAKeys.fromEncodedCertificateToPublicKey(checkRequiredFormParameter) : RSAKeys.fromPemEncodingToPublicKey(checkRequiredFormParameter);
        } catch (GeneralSecurityException e) {
            map.put(CONSUMER_PUBLIC_KEY, this.i18nResolver.getText("auth.oauth.config.serviceprovider.invalid.public.key", new Serializable[]{e.getMessage()}));
        }
        return publicKey;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void render(String str, Map<String, Object> map, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, ApplicationLink applicationLink) throws IOException {
        RendererContextBuilder rendererContextBuilder = new RendererContextBuilder(map);
        rendererContextBuilder.put(ENABLED_CONTEXT_PARAM, Boolean.valueOf(applicationLink.getProperty(OAUTH_INCOMING_CONSUMER_KEY) != null));
        super.render(str, rendererContextBuilder.build(), httpServletRequest, httpServletResponse);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean isSysadmin() {
        return this.userManager.isSystemAdmin(this.userManager.getRemoteUsername());
    }
}
