package com.ibm.ws.security.openidconnect.web;

import com.ibm.oauth.core.api.attributes.AttributeList;
import com.ibm.oauth.core.api.error.oauth20.OAuth20BadParameterFormatException;
import com.ibm.websphere.ras.Tr;
import com.ibm.websphere.ras.TraceComponent;
import com.ibm.websphere.ras.annotation.TraceObjectField;
import com.ibm.ws.ras.instrument.annotation.InjectedFFDC;
import com.ibm.ws.security.openidconnect.server.ServerConstants;
import java.util.Arrays;
import java.util.Collections;
import java.util.List;
import javax.servlet.http.HttpServletRequest;

@InjectedFFDC
@TraceObjectField(fieldName = "tc", fieldDesc = "Lcom/ibm/websphere/ras/TraceComponent;")
/* loaded from: input_file:com/ibm/ws/security/openidconnect/web/OidcOptionalParams.class */
public class OidcOptionalParams {
    private static final String SPACE = " ";
    private volatile BrowserState browserState = null;
    static final long serialVersionUID = 4529778470243347486L;
    private static TraceComponent tc = Tr.register(OidcOptionalParams.class, "OpenIdConnect", "com.ibm.ws.security.openidconnect.server.internal.resources.OidcServerMessages");
    private static final String[] OIDC_ALL_OPTIONAL_PARAMS = {"nonce", "display", "prompt", "max_age", "ui_locales", "claims_locales", "id_token_hint", "login_hint", "acr_values", "response_mode"};
    private static final List<String> OIDC_OPTIONAL_PARAMS_TO_BE_HANDLED = Collections.unmodifiableList(Arrays.asList("nonce"));
    private static final List<String> MULTIPLE_VALUE_PARAMS = Collections.unmodifiableList(Arrays.asList("ui_locales", "claims_locales", "acr_values"));

    public AttributeList getParameters(HttpServletRequest httpServletRequest) throws OAuth20BadParameterFormatException {
        AttributeList attributeList = new AttributeList();
        for (String str : OIDC_ALL_OPTIONAL_PARAMS) {
            String parameter = httpServletRequest.getParameter(str);
            if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                Tr.debug(tc, "key:" + str + " value:" + parameter, new Object[0]);
            }
            if (parameter != null && parameter.trim().length() > 0) {
                String[] strArr = new String[1];
                if ("prompt".equals(str)) {
                    String trim = parameter.trim();
                    if (trim.contains(ServerConstants.PROPAGATION_NONE) && trim.contains(SPACE)) {
                        throw new OAuth20BadParameterFormatException("security.oauth20.error.invalid.authorization.prompt.none.value", "prompt", trim);
                    }
                    strArr = trim.split(SPACE);
                } else if (MULTIPLE_VALUE_PARAMS.contains(str)) {
                    strArr = parameter.trim().split(SPACE);
                } else {
                    strArr[0] = parameter.trim();
                }
                attributeList.setAttribute(str, "urn:ibm:names:oauth:request", strArr);
                if (OIDC_OPTIONAL_PARAMS_TO_BE_HANDLED.contains(str)) {
                    attributeList.setAttribute("com.ibm.wsspi.security.oidc.external.claims:" + str, "com.ibm.wsspi.security.oidc.external.claims", strArr);
                }
            }
        }
        return attributeList;
    }
}
