package com.ibm.ws.security.social.internal.utils;

import com.ibm.websphere.ras.Tr;
import com.ibm.websphere.ras.TraceComponent;
import com.ibm.websphere.ras.annotation.TraceObjectField;
import com.ibm.websphere.ras.annotation.Trivial;
import com.ibm.websphere.security.cred.WSCredential;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.ras.instrument.annotation.InjectedFFDC;
import com.ibm.ws.security.social.Constants;
import com.ibm.ws.security.social.SocialLoginConfig;
import com.ibm.ws.security.social.error.SocialLoginException;
import com.ibm.ws.security.social.internal.Oauth2LoginConfigImpl;
import com.ibm.ws.security.social.internal.OkdServiceLoginImpl;
import java.net.URI;
import java.net.URISyntaxException;
import java.security.AccessController;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.security.SecureRandom;
import java.util.Random;
import java.util.regex.Pattern;
import javax.security.auth.Subject;
import javax.xml.namespace.QName;

@InjectedFFDC
@TraceObjectField(fieldName = "tc", fieldDesc = "Lcom/ibm/websphere/ras/TraceComponent;")
/* loaded from: input_file:com/ibm/ws/security/social/internal/utils/SocialUtil.class */
public class SocialUtil {
    private static final TraceComponent tc = Tr.register(SocialUtil.class, "SOCIAL", "com.ibm.ws.security.social.resources.SocialMessages");
    static final char[] chars = Constants.CHARS;
    static final String[] numberFiller = {"00000000", "0000000", "000000", "00000", "0000", "000", "00", "0", ""};
    static final long serialVersionUID = 6610880161159866620L;

    @Trivial
    public static String hash(String str) {
        int hashCode = str.hashCode();
        if (hashCode >= 0) {
            return "p" + hashCode;
        }
        return "n" + (hashCode * (-1));
    }

    @Trivial
    public static String generateRandomID() {
        return "_" + generateRandom(32);
    }

    @Trivial
    public static String generateRandom() {
        return generateRandom(32);
    }

    @Trivial
    public static String generateRandom(int i) {
        StringBuffer stringBuffer = new StringBuffer();
        Random random = getRandom();
        for (int i2 = 0; i2 < i; i2++) {
            stringBuffer.append(chars[random.nextInt(chars.length)]);
        }
        return stringBuffer.toString();
    }

    @Trivial
    public static String generateRandomNumber() {
        String str = "" + getRandom().nextInt(100000000);
        return numberFiller[str.length()] + str;
    }

    @Trivial
    static Random getRandom() {
        return new SecureRandom();
    }

    public static QName cloneQName(QName qName) {
        if (qName == null) {
            return null;
        }
        return new QName(qName.getNamespaceURI(), qName.getLocalPart(), qName.getPrefix());
    }

    public static WSCredential getWSCredential(Subject subject) {
        if (subject == null) {
            return null;
        }
        return (WSCredential) subject.getPublicCredentials(WSCredential.class).iterator().next();
    }

    public static boolean sameUser(String str, String str2, String str3, String str4) {
        if (str == null) {
            if (str3 != null) {
                return false;
            }
        } else if (!str.equals(str3)) {
            return false;
        }
        if (str2 == null) {
            return false;
        }
        return str2.equals(str4);
    }

    public static boolean sameUser(String str, String str2) {
        if (str == null) {
            return false;
        }
        return str.equals(str2);
    }

    public static boolean validateQueryString(String str) {
        if (str == null) {
            return true;
        }
        return Pattern.matches("[a-zA-Z0-9._~%!$&'()*+,;=:@/?-]*", str);
    }

    public static void validateEndpointFormat(String str) throws SocialLoginException {
        validateEndpointFormat(str, true);
    }

    public static void validateEndpointFormat(final String str, boolean z) throws SocialLoginException {
        if (str == null || str.isEmpty()) {
            throw new SocialLoginException("NULL_OR_EMPTY_REQUEST_URL", null, new Object[0]);
        }
        try {
            AccessController.doPrivileged(new PrivilegedExceptionAction<URI>() { // from class: com.ibm.ws.security.social.internal.utils.SocialUtil.1
                static final long serialVersionUID = -8247929799894419786L;
                private static final /* synthetic */ TraceComponent $$$tc$$$ = Tr.register("com.ibm.ws.security.social.internal.utils.SocialUtil$1", AnonymousClass1.class, (String) null, (String) null);

                /* JADX WARN: Can't rename method to resolve collision */
                @Override // java.security.PrivilegedExceptionAction
                public URI run() throws URISyntaxException {
                    return new URI(str);
                }
            });
            String str2 = "https?://";
            if (!z) {
                str2 = "(?:https?://)?";
            } else if (!Pattern.matches(str2 + ".*", str)) {
                throw new SocialLoginException("HTTP_URI_DOES_NOT_START_WITH_HTTP", null, new Object[]{str});
            }
            if (!Pattern.matches(str2 + "[a-zA-Z0-9._~%!$&'()*+,;=:@/-]+", str)) {
                throw new SocialLoginException("URI_CONTAINS_INVALID_CHARS", null, new Object[]{str});
            }
        } catch (PrivilegedActionException e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.social.internal.utils.SocialUtil", "197", (Object) null, new Object[]{str, Boolean.valueOf(z)});
            throw new SocialLoginException("EXCEPTION_INITIALIZING_URL", null, new Object[]{str, e.getException().getLocalizedMessage()});
        }
    }

    public static void validateEndpointWithQuery(String str) throws SocialLoginException {
        if (str == null || !str.contains("?")) {
            validateEndpointFormat(str);
            return;
        }
        validateEndpointFormat(str.substring(0, str.indexOf("?")));
        if (!validateQueryString(str.substring(str.indexOf("?") + 1))) {
            throw new SocialLoginException("EXCEPTION_INITIALIZING_URL", null, new Object[]{str, ""});
        }
    }

    public static boolean isKubeConfig(SocialLoginConfig socialLoginConfig) {
        String userApiType = socialLoginConfig.getUserApiType();
        return userApiType != null && Oauth2LoginConfigImpl.USER_API_TYPE_KUBE.equals(userApiType);
    }

    public static boolean isOkdConfig(SocialLoginConfig socialLoginConfig) {
        return socialLoginConfig.getClass().getName().equals(OkdServiceLoginImpl.class.getName());
    }

    public static boolean useAccessTokenFromRequest(SocialLoginConfig socialLoginConfig) {
        return socialLoginConfig.isAccessTokenRequired() || socialLoginConfig.isAccessTokenSupported();
    }
}
