package com.ibm.oauth.core.internal.oauth20.config;

import com.ibm.oauth.core.api.audit.OAuthAuditHandler;
import com.ibm.oauth.core.api.config.OAuthComponentConfiguration;
import com.ibm.oauth.core.api.config.OAuthComponentConfigurationConstants;
import com.ibm.oauth.core.api.error.OAuthConfigurationException;
import com.ibm.oauth.core.api.error.OAuthException;
import com.ibm.oauth.core.api.oauth20.mediator.OAuth20Mediator;
import com.ibm.oauth.core.api.oauth20.token.OAuth20TokenCache;
import com.ibm.oauth.core.internal.config.OAuthConfigurationImpl;
import com.ibm.oauth.core.internal.oauth20.OAuth20ComponentImpl;
import com.ibm.oauth.core.internal.oauth20.OAuth20Constants;
import com.ibm.oauth.core.internal.oauth20.granttype.OAuth20GrantTypeHandlerFactory;
import com.ibm.oauth.core.internal.oauth20.mediator.OAuth20MediatorWrapper;
import com.ibm.oauth.core.internal.oauth20.mediator.impl.OAuth20MediatorDefaultImpl;
import com.ibm.oauth.core.internal.oauth20.mediator.impl.OAuthAuditHandlerMediator;
import com.ibm.oauth.core.internal.oauth20.responsetype.OAuth20ResponseTypeHandlerFactory;
import com.ibm.oauth.core.internal.oauth20.token.OAuth20TokenCacheWrapper;
import com.ibm.oauth.core.internal.oauth20.tokentype.OAuth20TokenTypeHandler;
import com.ibm.ws.security.oauth20.api.OidcOAuth20ClientProvider;
import com.ibm.ws.security.oauth20.plugins.OidcOAuth20ClientProviderWrapper;
import java.util.ArrayList;
import java.util.HashSet;
import java.util.logging.Level;
import java.util.logging.Logger;

/* loaded from: input_file:wlp/lib/com.ibm.ws.security.oauth.2.0_1.1.21.jar:com/ibm/oauth/core/internal/oauth20/config/OAuth20ConfigurationImpl.class */
public class OAuth20ConfigurationImpl extends OAuthConfigurationImpl implements OAuth20ConfigValidator, OAuth20ConfigProvider {
    static final String CLASS = OAuth20ConfigurationImpl.class.getName();
    static final Logger _log = Logger.getLogger(CLASS);
    public static final String OAUTH20_ID_TOKENTYPEHANDLER_CLASSNAME = "oauth20.id.tokentypehandler.classname";
    public static final String OAUTH20_GRANT_TYPE_HANDLER_FACTORY_CLASSNAME = "oauth20.grant.type.handler.factory.classname";
    public static final String OAUTH20_RESPONSE_TYPE_HANDLER_FACTORY_CLASSNAME = "oauth20.response.type.handler.factory.classname";
    protected OAuth20ComponentImpl _compimpl;
    protected boolean _validated;
    protected OidcOAuth20ClientProvider _clientProvider;
    protected OAuth20TokenCache _tokenCache;
    protected int _maxAuthGrantLifetimeSeconds;
    protected int _codeLifetimeSeconds;
    protected int _codeLength;
    protected int _tokenLifetimeSeconds;
    protected int _accessTokenLength;
    protected boolean _issueRefreshToken;
    protected int _refreshTokenLength;
    protected OAuth20TokenTypeHandler _tokenTypeHandler;
    protected OAuth20TokenTypeHandler _idTokenTypeHandler;
    protected OAuth20GrantTypeHandlerFactory _grantTypeHandlerFactory;
    protected OAuth20ResponseTypeHandlerFactory _responseTypeHandlerFactory;
    protected OAuth20Mediator _mediators;
    protected boolean _allowPublicClients;
    protected HashSet<String> _allowedGrantTypes;
    protected OAuthAuditHandler _auditHandler;

    public OAuth20ConfigurationImpl(OAuth20ComponentImpl oAuth20ComponentImpl, OAuthComponentConfiguration oAuthComponentConfiguration) {
        super(oAuthComponentConfiguration);
        this._compimpl = oAuth20ComponentImpl;
        this._validated = false;
    }

    @Override // com.ibm.oauth.core.internal.oauth20.config.OAuth20ConfigValidator
    public OAuth20ConfigProvider getConfigProvider() throws OAuthException {
        if (!this._validated) {
            validate();
        }
        return this;
    }

    @Override // com.ibm.oauth.core.internal.oauth20.config.OAuth20ConfigValidator
    public void validate() throws OAuthException {
        processClientProvider();
        processTokenCache();
        processTokenTypeHandler();
        processIDTokenTypeHandler();
        processGrantTypeHandlerFactory();
        processResponseTypeHandlerFactory();
        processAuditHandler();
        processMediators();
        processGrantTypes();
        this._maxAuthGrantLifetimeSeconds = validateNonNegativeInt(OAuthComponentConfigurationConstants.OAUTH20_MAX_AUTHORIZATION_GRANT_LIFETIME_SECONDS);
        this._codeLifetimeSeconds = validateNonNegativeInt(OAuthComponentConfigurationConstants.OAUTH20_CODE_LIFETIME_SECONDS);
        this._codeLength = validateNonNegativeInt(OAuthComponentConfigurationConstants.OAUTH20_CODE_LENGTH);
        this._tokenLifetimeSeconds = validateNonNegativeInt(OAuthComponentConfigurationConstants.OAUTH20_TOKEN_LIFETIME_SECONDS);
        this._accessTokenLength = validateNonNegativeInt(OAuthComponentConfigurationConstants.OAUTH20_ACCESS_TOKEN_LENGTH);
        this._refreshTokenLength = validateNonNegativeInt(OAuthComponentConfigurationConstants.OAUTH20_REFRESH_TOKEN_LENGTH);
        this._issueRefreshToken = validateBoolean(OAuthComponentConfigurationConstants.OAUTH20_ISSUE_REFRESH_TOKEN);
        this._allowPublicClients = validateBoolean(OAuthComponentConfigurationConstants.OAUTH20_ALLOW_PUBLIC_CLIENTS);
        this._compimpl = null;
        this._oldconfig = null;
        this._validated = true;
    }

    protected void processClientProvider() throws OAuthException {
        OidcOAuth20ClientProviderWrapper oidcOAuth20ClientProviderWrapper = new OidcOAuth20ClientProviderWrapper((OidcOAuth20ClientProvider) processClass(this._oldconfig.getConfigPropertyValue(OAuthComponentConfigurationConstants.OAUTH20_CLIENT_PROVIDER_CLASSNAME), OAuthComponentConfigurationConstants.OAUTH20_CLIENT_PROVIDER_CLASSNAME, OidcOAuth20ClientProvider.class), this._compimpl.getOAuthStatisticsImpl());
        oidcOAuth20ClientProviderWrapper.init(this._oldconfig);
        this._clientProvider = oidcOAuth20ClientProviderWrapper;
    }

    protected void processTokenCache() throws OAuthException {
        OAuth20TokenCacheWrapper oAuth20TokenCacheWrapper = new OAuth20TokenCacheWrapper((OAuth20TokenCache) processClass(this._oldconfig.getConfigPropertyValue(OAuthComponentConfigurationConstants.OAUTH20_TOKEN_CACHE_CLASSNAME), OAuthComponentConfigurationConstants.OAUTH20_TOKEN_CACHE_CLASSNAME, OAuth20TokenCache.class), this._compimpl.getOAuthStatisticsImpl());
        oAuth20TokenCacheWrapper.init(this._oldconfig);
        this._tokenCache = oAuth20TokenCacheWrapper;
    }

    protected void processTokenTypeHandler() throws OAuthException {
        this._tokenTypeHandler = (OAuth20TokenTypeHandler) processClass(this._oldconfig.getConfigPropertyValue(OAuthComponentConfigurationConstants.OAUTH20_ACCESS_TOKENTYPEHANDLER_CLASSNAME), OAuthComponentConfigurationConstants.OAUTH20_ACCESS_TOKENTYPEHANDLER_CLASSNAME, OAuth20TokenTypeHandler.class);
        this._tokenTypeHandler.init(this._oldconfig);
    }

    protected void processIDTokenTypeHandler() throws OAuthException {
        String configPropertyValue = this._oldconfig.getConfigPropertyValue("oauth20.id.tokentypehandler.classname");
        if (_log.isLoggable(Level.FINEST)) {
            _log.logp(Level.FINEST, CLASS, "processIDTokenTypeHandler", configPropertyValue);
        }
        if (configPropertyValue != null) {
            try {
                this._idTokenTypeHandler = (OAuth20TokenTypeHandler) processClass(configPropertyValue, "oauth20.id.tokentypehandler.classname", OAuth20TokenTypeHandler.class);
                this._idTokenTypeHandler.init(this._oldconfig);
            } catch (OAuthException e) {
                if (!(e.getCause() instanceof ClassNotFoundException)) {
                    throw e;
                }
            }
        }
    }

    protected void processGrantTypeHandlerFactory() throws OAuthException {
        String configPropertyValue = this._oldconfig.getConfigPropertyValue("oauth20.grant.type.handler.factory.classname");
        if (_log.isLoggable(Level.FINEST)) {
            _log.logp(Level.FINEST, CLASS, "processGrantTypeHandlerFactory", configPropertyValue);
        }
        if (configPropertyValue != null) {
            try {
                this._grantTypeHandlerFactory = (OAuth20GrantTypeHandlerFactory) processClass(configPropertyValue, "oauth20.grant.type.handler.factory.classname", OAuth20GrantTypeHandlerFactory.class);
            } catch (OAuthException e) {
                if (!(e.getCause() instanceof ClassNotFoundException)) {
                    throw e;
                }
            }
        }
    }

    protected void processResponseTypeHandlerFactory() throws OAuthException {
        String configPropertyValue = this._oldconfig.getConfigPropertyValue("oauth20.response.type.handler.factory.classname");
        if (_log.isLoggable(Level.FINEST)) {
            _log.logp(Level.FINEST, CLASS, "processResponseTypeHandlerFactory", configPropertyValue);
        }
        if (configPropertyValue != null) {
            try {
                this._responseTypeHandlerFactory = (OAuth20ResponseTypeHandlerFactory) processClass(configPropertyValue, "oauth20.response.type.handler.factory.classname", OAuth20ResponseTypeHandlerFactory.class);
                this._responseTypeHandlerFactory.init(this._oldconfig);
            } catch (OAuthException e) {
                if (!(e.getCause() instanceof ClassNotFoundException)) {
                    throw e;
                }
            }
        }
    }

    protected void processMediators() throws OAuthException {
        ArrayList arrayList = new ArrayList();
        String[] configPropertyValues = this._oldconfig.getConfigPropertyValues(OAuthComponentConfigurationConstants.OAUTH20_MEDIATOR_CLASSNAMES);
        if (configPropertyValues == null || configPropertyValues.length == 0) {
            if (_log.isLoggable(Level.FINEST)) {
                _log.logp(Level.FINEST, CLASS, "processMediators", "No mediator in configuration - using default mediator");
            }
            configPropertyValues = new String[]{OAuth20MediatorDefaultImpl.class.getName()};
        }
        for (String str : configPropertyValues) {
            arrayList.add((OAuth20Mediator) processClass(str, OAuthComponentConfigurationConstants.OAUTH20_MEDIATOR_CLASSNAMES, OAuth20Mediator.class));
        }
        if (this._auditHandler != null) {
            if (_log.isLoggable(Level.FINEST)) {
                _log.logp(Level.FINEST, CLASS, "processMediators", "Audit handler defined and instantiated, adding OAuthAuditHandlerMediator to mediator chain");
            }
            arrayList.add(new OAuthAuditHandlerMediator(this._auditHandler));
        }
        this._mediators = new OAuth20MediatorWrapper(arrayList, this._compimpl.getStatisticsImpl());
        this._mediators.init(this._oldconfig);
    }

    protected void processGrantTypes() throws OAuthException {
        String[] configPropertyValues = this._oldconfig.getConfigPropertyValues(OAuthComponentConfigurationConstants.OAUTH20_GRANT_TYPES_ALLOWED);
        if (configPropertyValues == null || configPropertyValues.length == 0) {
            throw new OAuthConfigurationException("security.oauth.error.config.notspecified.exception", OAuthComponentConfigurationConstants.OAUTH20_GRANT_TYPES_ALLOWED, "", null);
        }
        this._allowedGrantTypes = new HashSet<>();
        for (String str : configPropertyValues) {
            if (!OAuth20Constants.ALL_GRANT_TYPES_SET.contains(str)) {
                throw new OAuthConfigurationException("security.oauth.error.invalidconfig.exception", OAuthComponentConfigurationConstants.OAUTH20_GRANT_TYPES_ALLOWED, str, null);
            }
            this._allowedGrantTypes.add(str);
        }
    }

    protected void processAuditHandler() throws OAuthException {
        String configPropertyValue = this._oldconfig.getConfigPropertyValue(OAuthComponentConfigurationConstants.OAUTH20_AUDITHANDLER_CLASSNAME);
        if (_log.isLoggable(Level.FINEST)) {
            _log.logp(Level.FINEST, CLASS, "processAuditHandler", "Audit handler class name: " + configPropertyValue);
        }
        this._auditHandler = (OAuthAuditHandler) (configPropertyValue == null ? null : processClass(configPropertyValue, OAuthComponentConfigurationConstants.OAUTH20_AUDITHANDLER_CLASSNAME, OAuthAuditHandler.class));
        if (_log.isLoggable(Level.FINEST)) {
            _log.logp(Level.FINEST, CLASS, "processAuditHandler", "Instantiated audit handler : " + this._auditHandler);
        }
    }

    @Override // com.ibm.oauth.core.internal.oauth20.config.OAuth20ConfigProvider
    public int getAccessTokenLength() {
        return this._accessTokenLength;
    }

    @Override // com.ibm.oauth.core.internal.oauth20.config.OAuth20ConfigProvider
    public OidcOAuth20ClientProvider getClientProvider() {
        return this._clientProvider;
    }

    @Override // com.ibm.oauth.core.internal.oauth20.config.OAuth20ConfigProvider
    public int getCodeLength() {
        return this._codeLength;
    }

    @Override // com.ibm.oauth.core.internal.oauth20.config.OAuth20ConfigProvider
    public int getCodeLifetimeSeconds() {
        return this._codeLifetimeSeconds;
    }

    @Override // com.ibm.oauth.core.internal.oauth20.config.OAuth20ConfigProvider
    public int getMaxAuthGrantLifetimeSeconds() {
        return this._maxAuthGrantLifetimeSeconds;
    }

    @Override // com.ibm.oauth.core.internal.oauth20.config.OAuth20ConfigProvider
    public OAuth20Mediator getMediators() {
        return this._mediators;
    }

    @Override // com.ibm.oauth.core.internal.oauth20.config.OAuth20ConfigProvider
    public int getRefreshTokenLength() {
        return this._refreshTokenLength;
    }

    @Override // com.ibm.oauth.core.internal.oauth20.config.OAuth20ConfigProvider
    public OAuth20TokenCache getTokenCache() {
        return this._tokenCache;
    }

    @Override // com.ibm.oauth.core.internal.oauth20.config.OAuth20ConfigProvider
    public int getTokenLifetimeSeconds() {
        return this._tokenLifetimeSeconds;
    }

    @Override // com.ibm.oauth.core.internal.oauth20.config.OAuth20ConfigProvider
    public OAuth20TokenTypeHandler getTokenTypeHandler() {
        return this._tokenTypeHandler;
    }

    @Override // com.ibm.oauth.core.internal.oauth20.config.OAuth20ConfigProvider
    public OAuth20TokenTypeHandler getIDTokenTypeHandler() {
        return this._idTokenTypeHandler;
    }

    @Override // com.ibm.oauth.core.internal.oauth20.config.OAuth20ConfigProvider
    public OAuth20GrantTypeHandlerFactory getGrantTypeHandlerFactory() {
        return this._grantTypeHandlerFactory;
    }

    @Override // com.ibm.oauth.core.internal.oauth20.config.OAuth20ConfigProvider
    public OAuth20ResponseTypeHandlerFactory getResponseTypeHandlerFactory() {
        return this._responseTypeHandlerFactory;
    }

    @Override // com.ibm.oauth.core.internal.oauth20.config.OAuth20ConfigProvider
    public boolean isAllowPublicClients() {
        return this._allowPublicClients;
    }

    @Override // com.ibm.oauth.core.internal.oauth20.config.OAuth20ConfigProvider
    public boolean isIssueRefreshToken() {
        return this._issueRefreshToken;
    }

    @Override // com.ibm.oauth.core.internal.oauth20.config.OAuth20ConfigProvider
    public boolean isGrantTypeAllowed(String str) {
        return this._allowedGrantTypes.contains(str);
    }

    @Override // com.ibm.oauth.core.internal.oauth20.config.OAuth20ConfigProvider
    public OAuthAuditHandler getAuditHandler() {
        return this._auditHandler;
    }
}
