package com.ibm.team.jfs.app.oauth.client;

import com.ibm.team.http.client.impl.NaiveSSLSocketFactory;
import com.ibm.team.jfs.app.http.util.HttpConstants;
import java.io.IOException;
import java.net.URI;
import java.net.URISyntaxException;
import org.apache.http.Header;
import org.apache.http.HttpException;
import org.apache.http.HttpResponse;
import org.apache.http.HttpVersion;
import org.apache.http.ProtocolException;
import org.apache.http.client.CookieStore;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.methods.HttpUriRequest;
import org.apache.http.client.params.HttpClientParams;
import org.apache.http.conn.scheme.PlainSocketFactory;
import org.apache.http.conn.scheme.Scheme;
import org.apache.http.conn.scheme.SchemeRegistry;
import org.apache.http.impl.client.AbstractHttpClient;
import org.apache.http.impl.client.DefaultHttpClient;
import org.apache.http.impl.client.DefaultRedirectHandler;
import org.apache.http.impl.conn.tsccm.ThreadSafeClientConnManager;
import org.apache.http.params.BasicHttpParams;
import org.apache.http.params.HttpProtocolParams;
import org.apache.http.protocol.HttpContext;

/* loaded from: input_file:com.ibm.team.jfs.app.oauth.jar:com/ibm/team/jfs/app/oauth/client/OAuthConsumerClientHelper.class */
public class OAuthConsumerClientHelper {
    private static String OAUTH_AUTHORIZE_URL = "/oauth-authorize";
    private static String RESPONSE_HEADER_AUTH_REQUIRED = "X-com-ibm-team-repository-web-auth-msg";
    private static String AUTH_REQUIRED_KEY = "authrequired";
    private static final String X_OAUTH_AUTHORIZATION_URL = "X-jazz-web-oauth-url";
    private static final String HTTP_LOCATION_HEADER = "Location";
    private IOAuthConsumerClientListener listener;
    private AbstractHttpClient httpClient = createHttpClient();
    private URI lastURI;

    /* loaded from: input_file:com.ibm.team.jfs.app.oauth.jar:com/ibm/team/jfs/app/oauth/client/OAuthConsumerClientHelper$RedirectHandler.class */
    class RedirectHandler extends DefaultRedirectHandler {
        OAuthConsumerClientHelper helper;

        public RedirectHandler(OAuthConsumerClientHelper oAuthConsumerClientHelper) {
            this.helper = oAuthConsumerClientHelper;
        }

        @Override // org.apache.http.impl.client.DefaultRedirectHandler, org.apache.http.client.RedirectHandler
        public URI getLocationURI(HttpResponse httpResponse, HttpContext httpContext) throws ProtocolException {
            URI locationURI = super.getLocationURI(httpResponse, httpContext);
            this.helper.lastURI = locationURI;
            return locationURI;
        }
    }

    public OAuthConsumerClientHelper() {
        this.httpClient.setRedirectHandler(new RedirectHandler(this));
    }

    public boolean isResponseOAuthChallenge(HttpResponse httpResponse) {
        Header firstHeader;
        return httpResponse.getStatusLine().getStatusCode() == 302 && (firstHeader = httpResponse.getFirstHeader("Location")) != null && isOAuthAuthorizeURL(firstHeader.getValue());
    }

    public boolean isResponseOAuthChallengeForJFSProxy(HttpResponse httpResponse) {
        return httpResponse.getStatusLine().getStatusCode() == 401 && httpResponse.getFirstHeader("X-jazz-web-oauth-url") != null;
    }

    public void performOAuthChallenge(HttpResponse httpResponse, CookieStore cookieStore) throws IOException, HttpException {
        if (this.listener == null) {
            throw new IllegalArgumentException("Listener must not be null");
        }
        if (httpResponse == null) {
            throw new IllegalArgumentException("HTTP response must not be null");
        }
        if (cookieStore != null) {
            this.httpClient.setCookieStore(cookieStore);
        }
        Header header = null;
        int statusCode = httpResponse.getStatusLine().getStatusCode();
        if (statusCode == 302) {
            header = httpResponse.getFirstHeader("Location");
        } else if (statusCode == 401) {
            header = httpResponse.getFirstHeader("X-jazz-web-oauth-url");
        }
        if (header != null) {
            HttpGet httpGet = new HttpGet(header.getValue());
            this.lastURI = httpGet.getURI();
            httpResponse = this.httpClient.execute(httpGet);
        }
        Header firstHeader = httpResponse.getFirstHeader(RESPONSE_HEADER_AUTH_REQUIRED);
        if (firstHeader != null && firstHeader.getValue().equals(AUTH_REQUIRED_KEY)) {
            httpResponse = executeFormAuthentication(httpResponse);
            if (httpResponse.getStatusLine().getStatusCode() != 200) {
                throw new HttpException("Form authntication failed");
            }
        }
        if (isOAuthAuthorizeURL(this.lastURI.getPath())) {
            httpResponse = executeOAuthAuthorization(httpResponse);
            if (httpResponse.getStatusLine().getStatusCode() != 302) {
                throw new HttpException("OAuth challenge failed");
            }
            Header firstHeader2 = httpResponse.getFirstHeader("Location");
            if (firstHeader2 != null) {
                try {
                    this.lastURI = new URI(firstHeader2.getValue());
                } catch (URISyntaxException e) {
                    throw new HttpException("Invalid value is returned", e);
                }
            }
        }
        finalizeResponse(httpResponse);
        this.listener.onComplete(this.lastURI, this.httpClient.getCookieStore());
    }

    public void setListner(IOAuthConsumerClientListener iOAuthConsumerClientListener) {
        this.listener = iOAuthConsumerClientListener;
    }

    protected boolean isOAuthAuthorizeURL(String str) {
        return str != null && str.lastIndexOf(OAUTH_AUTHORIZE_URL) > 0;
    }

    private HttpResponse executeFormAuthentication(HttpResponse httpResponse) throws IOException {
        HttpUriRequest onFormAuthentication = this.listener.onFormAuthentication(this.lastURI, httpResponse);
        finalizeResponse(httpResponse);
        return this.httpClient.execute(onFormAuthentication);
    }

    private HttpResponse executeOAuthAuthorization(HttpResponse httpResponse) throws IOException {
        HttpUriRequest onOAuthAuthorization = this.listener.onOAuthAuthorization(this.lastURI, httpResponse);
        finalizeResponse(httpResponse);
        HttpClientParams.setRedirecting(onOAuthAuthorization.getParams(), false);
        return this.httpClient.execute(onOAuthAuthorization);
    }

    private DefaultHttpClient createHttpClient() {
        BasicHttpParams basicHttpParams = new BasicHttpParams();
        HttpProtocolParams.setVersion(basicHttpParams, HttpVersion.HTTP_1_1);
        HttpProtocolParams.setContentCharset(basicHttpParams, "UTF-8");
        HttpProtocolParams.setUseExpectContinue(basicHttpParams, true);
        SchemeRegistry schemeRegistry = new SchemeRegistry();
        schemeRegistry.register(new Scheme("http", PlainSocketFactory.getSocketFactory(), 9080));
        schemeRegistry.register(new Scheme(HttpConstants.HTTPS, new NaiveSSLSocketFactory(), 9443));
        return new DefaultHttpClient(new ThreadSafeClientConnManager(basicHttpParams, schemeRegistry), basicHttpParams);
    }

    private void finalizeResponse(HttpResponse httpResponse) throws IOException {
        if (httpResponse.getEntity() != null) {
            httpResponse.getEntity().consumeContent();
        }
    }
}
