package com.ibm.ws.security.social.internal;

import com.ibm.websphere.ras.Tr;
import com.ibm.websphere.ras.TraceComponent;
import com.ibm.websphere.ras.annotation.TraceObjectField;
import com.ibm.ws.ffdc.annotation.FFDCIgnore;
import com.ibm.ws.ras.instrument.annotation.InjectedFFDC;
import com.ibm.ws.security.common.config.CommonConfigUtils;
import com.ibm.ws.security.social.SocialLoginWebappConfig;
import com.ibm.ws.security.social.error.SocialLoginException;
import com.ibm.ws.security.social.internal.utils.SocialUtil;
import com.ibm.wsspi.wab.configure.WABConfiguration;
import java.util.Map;
import java.util.regex.Pattern;
import org.osgi.service.component.ComponentContext;
import org.osgi.service.component.annotations.Activate;
import org.osgi.service.component.annotations.Component;
import org.osgi.service.component.annotations.ConfigurationPolicy;
import org.osgi.service.component.annotations.Deactivate;
import org.osgi.service.component.annotations.Modified;

@InjectedFFDC
@TraceObjectField(fieldName = "tc", fieldDesc = "Lcom/ibm/websphere/ras/TraceComponent;")
@Component(configurationPid = {"com.ibm.ws.security.social.webapp"}, configurationPolicy = ConfigurationPolicy.REQUIRE, service = {SocialLoginWebappConfig.class, WABConfiguration.class}, immediate = true, property = {"service.vendor=IBM"})
/* loaded from: input_file:com/ibm/ws/security/social/internal/SocialLoginWebappConfigImpl.class */
public class SocialLoginWebappConfigImpl implements SocialLoginWebappConfig {
    private static final TraceComponent tc = Tr.register(SocialLoginWebappConfigImpl.class, "SOCIAL", "com.ibm.ws.security.social.resources.SocialMessages");
    public static final String KEY_SOCIAL_MEDIA_SELECTION_PAGE_URL = "socialMediaSelectionPageUrl";
    public static final String KEY_ENABLE_LOCAL_AUTHENTICATION = "enableLocalAuthentication";
    static final long serialVersionUID = 7809008795496933119L;
    protected String socialMediaSelectionPageUrl = null;
    protected boolean enableLocalAuthentication = false;
    private final CommonConfigUtils configUtils = new CommonConfigUtils();

    @Activate
    protected void activate(ComponentContext componentContext, Map<String, Object> map) {
        initProps(map);
    }

    @Modified
    protected void modified(Map<String, Object> map) {
        initProps(map);
    }

    @Deactivate
    protected void deactivate() {
    }

    public void initProps(Map<String, Object> map) {
        String configAttribute = this.configUtils.getConfigAttribute(map, "contextPath");
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "Context Path=" + configAttribute, new Object[0]);
        }
        validateAndSetContextPath(configAttribute);
        validateAndSetSelectionPageUrl(this.configUtils.getConfigAttribute(map, KEY_SOCIAL_MEDIA_SELECTION_PAGE_URL));
        this.enableLocalAuthentication = this.configUtils.getBooleanConfigAttribute(map, KEY_ENABLE_LOCAL_AUTHENTICATION, this.enableLocalAuthentication);
    }

    @Override // com.ibm.ws.security.social.SocialLoginWebappConfig
    public String getSocialMediaSelectionPageUrl() {
        return this.socialMediaSelectionPageUrl;
    }

    @Override // com.ibm.ws.security.social.SocialLoginWebappConfig
    public boolean isLocalAuthenticationEnabled() {
        return this.enableLocalAuthentication;
    }

    void validateAndSetContextPath(String str) {
        if (isValidUriPath(str)) {
            Oauth2LoginConfigImpl.setContextRoot(str);
        } else {
            Tr.error(tc, "INVALID_CONTEXT_PATH_CHARS", new Object[]{str});
        }
    }

    void validateAndSetSelectionPageUrl(String str) {
        if (isSelectionPageUrlNullOrEmpty(str)) {
            this.socialMediaSelectionPageUrl = null;
        } else {
            validateAndSetNonEmptySelectionPageUrl(str);
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "socialMediaSelectionPageUrl=" + this.socialMediaSelectionPageUrl, new Object[0]);
        }
    }

    boolean isSelectionPageUrlNullOrEmpty(String str) {
        if (str != null && !str.isEmpty()) {
            return false;
        }
        if (!tc.isDebugEnabled()) {
            return true;
        }
        Tr.debug(tc, "socialMediaSelectionPageUrl is null or empty", new Object[0]);
        return true;
    }

    @FFDCIgnore({SocialLoginException.class})
    void validateAndSetNonEmptySelectionPageUrl(String str) {
        if (!isHttpOrRelativeUrl(str)) {
            Tr.error(tc, "SELECTION_PAGE_URL_NOT_HTTP", new Object[]{str});
            this.socialMediaSelectionPageUrl = null;
            return;
        }
        try {
            SocialUtil.validateEndpointFormat(str, false);
            this.socialMediaSelectionPageUrl = str;
        } catch (SocialLoginException e) {
            Tr.error(tc, "SELECTION_PAGE_URL_NOT_VALID", new Object[]{str, e.getMessage()});
            this.socialMediaSelectionPageUrl = null;
        }
    }

    boolean isHttpOrRelativeUrl(String str) {
        if (str == null) {
            return false;
        }
        String lowerCase = str.toLowerCase();
        if (lowerCase.startsWith("http://") || lowerCase.startsWith("https://") || !str.contains("://")) {
            return true;
        }
        if (!tc.isDebugEnabled()) {
            return false;
        }
        Tr.debug(tc, "Provided URL does not start with http or https, but appears to contain a protocol", new Object[0]);
        return false;
    }

    boolean isValidUriPath(String str) {
        if (str == null) {
            return false;
        }
        return Pattern.matches("[a-zA-Z0-9._~%!$&'()*+,;=:@/-]*", str);
    }
}
