package com.adobe.granite.auth.oauth.impl.helper;

import com.adobe.granite.auth.oauth.AccessTokenProviderConstants;
import com.adobe.granite.auth.oauth.OAuthIdInUseException;
import com.adobe.granite.auth.oauth.Provider;
import com.adobe.granite.crypto.CryptoSupport;
import java.io.IOException;
import java.security.MessageDigest;
import java.security.Principal;
import java.security.SecureRandom;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.Iterator;
import java.util.Map;
import javax.jcr.Node;
import javax.jcr.RepositoryException;
import javax.jcr.Session;
import javax.jcr.Value;
import javax.jcr.ValueFactory;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.codec.binary.StringUtils;
import org.apache.jackrabbit.api.JackrabbitSession;
import org.apache.jackrabbit.api.security.user.Authorizable;
import org.apache.jackrabbit.api.security.user.AuthorizableExistsException;
import org.apache.jackrabbit.api.security.user.Group;
import org.apache.jackrabbit.api.security.user.User;
import org.apache.jackrabbit.api.security.user.UserManager;
import org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityRef;
import org.apache.sling.api.resource.Resource;
import org.apache.sling.commons.json.JSONException;
import org.apache.sling.commons.json.JSONObject;
import org.jetbrains.annotations.NotNull;
import org.osgi.framework.ServiceRegistration;
import org.osgi.service.cm.Configuration;
import org.scribe.model.OAuthRequest;
import org.scribe.model.Response;
import org.scribe.model.Token;
import org.scribe.oauth.OAuthService;
import org.scribe.utils.OAuthEncoder;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/adobe/granite/auth/oauth/impl/helper/OAuthHelper.class */
public abstract class OAuthHelper {
    private final Logger log = LoggerFactory.getLogger(getClass());
    public static final String PARAM_STATE = "state";
    public static final String REDIRECT_SUFFIX_AUTHENTICATE = "/j_security_check";
    public static final String CALLBACK_SUFFIX_AUTHENTICATE = "/callback/j_security_check";
    private static final int MAX_COLLISION_TRIES = 1000;
    public static final String REDIRECT_SUFFIX_CONNECT = "/connect";
    public static final String CALLBACK_SUFFIX_CONNECT = "/callback/connect";
    public static final String RAW_USER_ID_PROPERTY = "rawUserId";
    protected static final String TOKEN_ATTR_USER = "user";
    protected final ProviderConfigImpl config;
    protected final String callBackUrl;
    private ServiceRegistration serviceRegistration;
    private Configuration[] configurations;

    /* JADX INFO: Access modifiers changed from: protected */
    public OAuthHelper(ProviderConfigImpl providerConfigImpl) {
        this.config = providerConfigImpl;
        this.callBackUrl = providerConfigImpl.getCallBackUrl();
    }

    public abstract void requestAuthorization(Provider provider, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str, boolean z) throws IOException;

    public abstract OAuthUser requestAccessCode(Provider provider, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, boolean z, boolean z2) throws IOException;

    public String getClientId() {
        return this.config.getClientId();
    }

    public ProviderConfigImpl getProviderConfig() {
        return this.config;
    }

    public void requestAuthorization(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Provider provider, String str, boolean z) throws IOException {
        RequestHelper.storeConfigId(this.config.getConfigId(), this.config.getCookieMaxAge(), httpServletRequest, httpServletResponse);
        requestAuthorization(provider, httpServletRequest, httpServletResponse, OAuthEncoder.encode(str == null ? "" : str), z);
    }

    public void storeAccessToken(HttpServletRequest httpServletRequest, Provider provider, User user, ValueFactory valueFactory) {
        if (!this.config.getSaveAccessToken()) {
            this.log.debug("config {} does not allow storing access token with user", this.config.getConfigId());
            return;
        }
        try {
            this.config.getOAuthTokenManager().saveToken(this.config.getClientId(), httpServletRequest, user, valueFactory, provider.getAccessTokenPropertyPath(this.config.getClientId()));
        } catch (RepositoryException e) {
            this.log.error("could not save access token for user {}", user, e);
        }
    }

    public boolean storeAccessToken(HttpServletRequest httpServletRequest, Node node) throws RepositoryException {
        return this.config.getOAuthTokenManager().saveToken(this.config.getClientId(), httpServletRequest, node);
    }

    public String getAuthorizedId(HttpServletRequest httpServletRequest) {
        OAuthToken token = this.config.getOAuthTokenManager().getToken(this.config.getClientId(), httpServletRequest);
        if (token == null || !token.isAuthentic()) {
            return null;
        }
        return (String) token.getAttribute(TOKEN_ATTR_USER);
    }

    public void setAuthorizedId(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) {
        if (str == null) {
            this.log.debug("userId is null, invalidating");
            this.config.getOAuthTokenManager().invalidate(this.config.getClientId(), httpServletRequest, httpServletResponse);
            return;
        }
        OAuthToken token = this.config.getOAuthTokenManager().getToken(this.config.getClientId(), httpServletRequest);
        if (token == null || !token.isAuthentic()) {
            this.log.debug("token not present or authentic, cannot store in cookie");
            return;
        }
        token.setAttribute(TOKEN_ATTR_USER, str);
        if (this.config.getSaveAccessTokenCookie()) {
            this.log.debug("saving access token into the cookies");
            this.config.getOAuthTokenManager().saveToken(token, httpServletRequest, httpServletResponse);
            return;
        }
        this.log.debug("removing access token from cookie (setting empty cookie value)");
        String key = token.getKey();
        token.setKey("");
        this.config.getOAuthTokenManager().saveToken(token, httpServletRequest, httpServletResponse);
        token.setKey(key);
    }

    public OAuthUser getUserDetails(Provider provider, HttpServletRequest httpServletRequest, boolean z) throws IOException {
        return getUserDetails(this.config.getOAuthTokenManager().getToken(this.config.getClientId(), httpServletRequest), provider, z);
    }

    public OAuthUser getUserDetails(Provider provider, User user, boolean z) throws IOException {
        try {
            String accessTokenPropertyPath = provider.getAccessTokenPropertyPath(this.config.getClientId());
            OAuthToken token = this.config.getOAuthTokenManager().getToken(this.config.getClientId(), user, accessTokenPropertyPath);
            if (token != null && token.isAuthentic()) {
                return getUserDetails(token, provider, z);
            }
            this.log.debug("accesss token for user {} at property {} was missing or invalid", user, accessTokenPropertyPath);
            return null;
        } catch (RepositoryException e) {
            this.log.error("could not retrieve access token", e);
            return null;
        }
    }

    public Response getProtectedData(Resource resource, Provider provider, OAuthRequest oAuthRequest) {
        try {
            OAuthToken token = this.config.getOAuthTokenManager().getToken(resource);
            if (token != null && token.isAuthentic()) {
                return getProtectedData(new Token(token.getKey(), token.getSecret()), provider, oAuthRequest);
            }
            this.log.debug("accesss token at {} was missing or invalid", resource.getPath());
            return null;
        } catch (RepositoryException e) {
            this.log.error("could not retrieve access token", e);
            return null;
        }
    }

    public Response getProtectedData(User user, Provider provider, OAuthRequest oAuthRequest) {
        try {
            String accessTokenPropertyPath = provider.getAccessTokenPropertyPath(this.config.getClientId());
            OAuthToken token = this.config.getOAuthTokenManager().getToken(this.config.getClientId(), user, accessTokenPropertyPath);
            if (token != null && token.isAuthentic()) {
                return getProtectedData(new Token(token.getKey(), token.getSecret()), provider, oAuthRequest);
            }
            this.log.debug("accesss token for user {} at property {} was missing or invalid", user, accessTokenPropertyPath);
            return null;
        } catch (RepositoryException e) {
            this.log.error("could not retrieve access token", e);
            return null;
        }
    }

    public OAuthUser fetchAndMapBasicData(Provider provider, String str, Token token) throws IOException {
        Map<String, String> fetchProfileData = fetchProfileData(provider, str, token);
        String str2 = fetchProfileData.get(provider.getUserIdProperty());
        if (str2 == null) {
            this.log.error("retrieveBasicData: could not retrieve user id from {}", provider.getDetailsURL());
            return null;
        }
        Map<String, Object> mapProperties = provider.mapProperties(str, this.config.getClientId(), Collections.emptyMap(), fetchProfileData);
        String userIdProperty = getProviderConfig().getUserIdProperty();
        if (!userIdProperty.isEmpty() && fetchProfileData.containsKey(userIdProperty)) {
            mapProperties.put(RAW_USER_ID_PROPERTY, fetchProfileData.get(userIdProperty));
        }
        return new OAuthUser(str2, mapProperties);
    }

    public OAuthUser fetchAndMapExtendedData(Provider provider, String str, Token token, OAuthUser oAuthUser) throws IOException {
        Map<String, String> fetchProfileData = fetchProfileData(provider, str, token);
        Map<String, Object> mapProperties = provider.mapProperties(str, this.config.getClientId(), oAuthUser.getProperties(), fetchProfileData);
        String userIdProperty = getProviderConfig().getUserIdProperty();
        if (!userIdProperty.isEmpty() && fetchProfileData.containsKey(userIdProperty)) {
            mapProperties.put(RAW_USER_ID_PROPERTY, fetchProfileData.get(userIdProperty));
        }
        return new OAuthUser(oAuthUser.getId(), mapProperties);
    }

    public Map<String, String> fetchProfileData(Provider provider, String str, Token token) throws IOException {
        this.log.debug("fetchProfileData: fetching data from url: {}", str);
        return provider.parseProfileDataResponse(getProtectedProfileData(token, provider, str));
    }

    public static String getOriginalRequestUri(String str) {
        int length = str.length();
        if (str.endsWith(CALLBACK_SUFFIX_AUTHENTICATE)) {
            length -= CALLBACK_SUFFIX_AUTHENTICATE.length();
        } else if (str.endsWith(REDIRECT_SUFFIX_AUTHENTICATE)) {
            length -= REDIRECT_SUFFIX_AUTHENTICATE.length();
        } else if (str.endsWith(CALLBACK_SUFFIX_CONNECT)) {
            length -= CALLBACK_SUFFIX_CONNECT.length();
        } else if (str.endsWith(REDIRECT_SUFFIX_CONNECT)) {
            length -= REDIRECT_SUFFIX_CONNECT.length();
        }
        return str.substring(0, length);
    }

    public static String getOriginalRequestUri(HttpServletRequest httpServletRequest, boolean z) {
        StringBuilder sb = new StringBuilder(getOriginalRequestUri(httpServletRequest.getRequestURI()));
        if (z) {
            sb.append(getRequestParams(httpServletRequest));
        }
        return sb.toString();
    }

    public User createOrUpdateCRXUser(Session session, CryptoSupport cryptoSupport, Provider provider, HttpServletRequest httpServletRequest, OAuthUser oAuthUser, User user) throws RepositoryException, OAuthIdInUseException {
        return createOrUpdateCRXUser(session, cryptoSupport, provider, httpServletRequest, oAuthUser, user, getProviderConfig().getClientId());
    }

    public User createOrUpdateCRXUser(Session session, CryptoSupport cryptoSupport, Provider provider, HttpServletRequest httpServletRequest, OAuthUser oAuthUser, User user, String str) throws RepositoryException, OAuthIdInUseException {
        Group authorizable;
        UserManager notSavingUserManager = getNotSavingUserManager(session);
        User user2 = getUser(notSavingUserManager, provider, oAuthUser);
        if (user != null && user2 != null && !user.getID().equals(user2.getID())) {
            throw new OAuthIdInUseException("Cannot link to user " + user.getID() + "; OAuth ID " + oAuthUser.getId() + " already linked to user " + user2.getID());
        }
        User user3 = user != null ? (User) notSavingUserManager.getAuthorizable(user.getID()) : user2;
        boolean z = user3 == null;
        if (user3 == null) {
            user3 = createUserForOAuthId(session, cryptoSupport, provider, oAuthUser);
            if (user3 == null) {
                this.log.warn("createOrUpdateCRXUser: could not create user, user auto creation may not be enabled");
                return null;
            }
        }
        ValueFactory valueFactory = session.getValueFactory();
        user3.setProperty(getUserPropKey(provider), valueFactory.createValue(oAuthUser.getId()));
        assignUserProfileData(user3, oAuthUser.getProperties(), valueFactory);
        for (String str2 : getProviderConfig().getAutoCreateUsersGroups()) {
            if (str2 != null && str2.length() > 0 && (authorizable = notSavingUserManager.getAuthorizable(str2)) != null && authorizable.isGroup() && !authorizable.addMember(user3)) {
                this.log.debug("user {} already a member, not added to group {}", user3.getID(), authorizable.getID());
            }
        }
        if (getProviderConfig().getClientId().equals(str)) {
            storeAccessToken(httpServletRequest, provider, user3, valueFactory);
        }
        if (!notSavingUserManager.isAutoSave()) {
            session.save();
        }
        if (z) {
            provider.onUserCreate(user3);
        } else {
            provider.onUserUpdate(user3);
        }
        if (!notSavingUserManager.isAutoSave()) {
            session.save();
        }
        return user3;
    }

    public User getUser(UserManager userManager, Provider provider, OAuthUser oAuthUser) throws RepositoryException {
        return getProviderConfig().getForceStrictUsernameMatching() ? getCRXUserByMappedId(userManager, provider, oAuthUser) : getCRXUserByOAuthId(userManager, provider, oAuthUser);
    }

    public User getCRXUserByOAuthId(UserManager userManager, Provider provider, OAuthUser oAuthUser) throws RepositoryException {
        Iterator findAuthorizables = userManager.findAuthorizables("rep:externalId", getExternalId(provider, oAuthUser), 1);
        User user = null;
        while (findAuthorizables.hasNext() && user == null) {
            Authorizable authorizable = (Authorizable) findAuthorizables.next();
            if (!authorizable.isGroup()) {
                user = (User) authorizable;
            }
            if (findAuthorizables.hasNext()) {
                this.log.info("getCRXUserByOAuthId: More than one user registered for ID={} of oauth config {}; assuming {}", new Object[]{oAuthUser.getId(), getProviderConfig().getConfigId(), user.getID()});
            }
        }
        return user;
    }

    public Iterator<Authorizable> getCRXUsersByOAuthId(UserManager userManager, Provider provider, OAuthUser oAuthUser) throws RepositoryException {
        return userManager.findAuthorizables(getUserPropKey(provider), oAuthUser.getId(), 1);
    }

    public User getCRXUserByMappedId(UserManager userManager, Provider provider, OAuthUser oAuthUser) throws RepositoryException {
        User user = null;
        String mappedOauthUsername = getMappedOauthUsername(provider, oAuthUser);
        Authorizable authorizable = userManager.getAuthorizable(mappedOauthUsername);
        if (authorizable != null && !authorizable.isGroup()) {
            user = (User) authorizable;
            String oauthUserId = getOauthUserId(provider, user);
            if (oauthUserId != null && !oauthUserId.equalsIgnoreCase(oAuthUser.getId())) {
                this.log.warn("Collision detected for userId: {} oauthUserId {}", user.getID(), oAuthUser.getId());
                user = getCRXUserByOAuthIdAndMappedUserId(userManager, provider, oAuthUser, mappedOauthUsername);
                if (user == null) {
                    this.log.debug("user not found, handling collision, returning null");
                    return null;
                }
            }
        }
        return user;
    }

    public String getMappedOauthUsername(Provider provider, OAuthUser oAuthUser) {
        String mapUserId = oAuthUser.getProperties().containsKey(RAW_USER_ID_PROPERTY) ? (String) oAuthUser.getProperties().get(RAW_USER_ID_PROPERTY) : provider.mapUserId(oAuthUser.getId(), oAuthUser.getProperties());
        if (getProviderConfig().getEncodeUserIds()) {
            mapUserId = encodeBase64(StringUtils.getBytesUtf8(mapUserId));
        }
        if (getProviderConfig().getHashUserIds()) {
            mapUserId = hashUserId(mapUserId);
        }
        return mapUserId;
    }

    public UserManager getNotSavingUserManager(Session session) throws RepositoryException {
        UserManager userManager = ((JackrabbitSession) session).getUserManager();
        if (userManager.isAutoSave()) {
            try {
                userManager.autoSave(false);
            } catch (UnsupportedOperationException e) {
            }
        }
        return userManager;
    }

    public String getClientIdFromAccessToken(String str) {
        String str2 = null;
        if (str == null || str.length() == 0) {
            this.log.debug("getClientIdFromAccessToken: empty access token");
            return null;
        }
        String[] split = str.split("\\.");
        if (split == null || split.length != 3) {
            this.log.debug("getClientIdFromAccessToken: not a jwt access token");
            return null;
        }
        try {
            str2 = new JSONObject(StringUtils.newStringUtf8(new Base64(true).decode(split[1]))).getString(AccessTokenProviderConstants.CLIENT_ID);
            this.log.debug("getClientIdFromAccessToken: extracted clientID {}", str2);
        } catch (JSONException e) {
            this.log.error("getClientIdFromAccessToken: error while parsing claimsSet", e);
        }
        return str2;
    }

    public void setTokenAttrRequest(String str, HttpServletRequest httpServletRequest) {
        if (this.config.getSaveAccessToken()) {
            httpServletRequest.setAttribute(getClientId(), new OAuthToken(getClientId(), str, "", 3));
        }
    }

    protected OAuthService getService(Provider provider) {
        return this.config.getOAuthService(provider, this.callBackUrl);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public OAuthService getService(Provider provider, HttpServletRequest httpServletRequest, boolean z, boolean z2) {
        String sb;
        if (this.callBackUrl == null || this.callBackUrl.startsWith("/")) {
            StringBuilder rootURL = getRootURL(httpServletRequest);
            if (this.callBackUrl != null && this.callBackUrl.startsWith("/")) {
                if (this.callBackUrl.endsWith("/")) {
                    rootURL.append((CharSequence) this.callBackUrl, 0, this.callBackUrl.length() - 1);
                } else {
                    rootURL.append(this.callBackUrl);
                }
            }
            if (z) {
                rootURL.append(CALLBACK_SUFFIX_AUTHENTICATE);
            } else {
                rootURL.append(CALLBACK_SUFFIX_CONNECT);
            }
            if (z2) {
                rootURL.append(getRequestParams(httpServletRequest));
            }
            sb = rootURL.toString();
        } else {
            sb = this.callBackUrl;
        }
        this.log.debug("getService: Getting Service with callback={}", sb);
        return this.config.getOAuthService(provider, sb);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public ServiceRegistration getServiceRegistration() {
        return this.serviceRegistration;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setServiceRegistration(ServiceRegistration serviceRegistration) {
        this.serviceRegistration = serviceRegistration;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setConfigurations(Configuration[] configurationArr) {
        this.configurations = configurationArr;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Configuration[] getConfigurations() {
        return this.configurations;
    }

    static String getRequestParams(HttpServletRequest httpServletRequest) {
        StringBuilder sb = new StringBuilder();
        int i = 0;
        for (Map.Entry entry : httpServletRequest.getParameterMap().entrySet()) {
            if (!((String) entry.getKey()).equals(RequestHelper.PARAM_CONFIG_ID) && !((String) entry.getKey()).equals(RequestHelper.PARAM_PROVIDER)) {
                sb.append(i == 0 ? "?" : "&");
                i++;
                sb.append(((String) entry.getKey()) + "=" + OAuthEncoder.encode(((String[]) entry.getValue())[0]));
            }
        }
        return sb.toString();
    }

    private User createUserForOAuthId(Session session, CryptoSupport cryptoSupport, Provider provider, OAuthUser oAuthUser) throws RepositoryException {
        if (provider == null) {
            this.log.error("createUserForOauthId: helper or provider is null");
            return null;
        }
        if (!getProviderConfig().getAutoCreateUsers()) {
            this.log.debug("createUserForId: User creation disabled");
            return null;
        }
        User user = null;
        try {
            UserManager notSavingUserManager = getNotSavingUserManager(session);
            final String mappedOauthUsername = getMappedOauthUsername(provider, oAuthUser);
            Principal principal = new Principal() { // from class: com.adobe.granite.auth.oauth.impl.helper.OAuthHelper.1
                @Override // java.security.Principal
                public String getName() {
                    return mappedOauthUsername;
                }
            };
            String userFolderPath = provider.getUserFolderPath(oAuthUser.getId(), getProviderConfig().getClientId(), oAuthUser.getProperties());
            try {
                user = notSavingUserManager.createUser(mappedOauthUsername, (String) null, principal, userFolderPath);
            } catch (AuthorizableExistsException e) {
                this.log.warn("Collision detected for userId: {} , generate unique identifier", mappedOauthUsername);
                final String generateUniqueIdentifier = generateUniqueIdentifier(notSavingUserManager, getMappedOauthUsername(provider, oAuthUser));
                user = notSavingUserManager.createUser(generateUniqueIdentifier, (String) null, new Principal() { // from class: com.adobe.granite.auth.oauth.impl.helper.OAuthHelper.2
                    @Override // java.security.Principal
                    public String getName() {
                        return generateUniqueIdentifier;
                    }
                }, userFolderPath);
            }
            if (!notSavingUserManager.isAutoSave()) {
                session.save();
            }
            return user;
        } catch (RepositoryException e2) {
            if (user != null) {
                try {
                    user.remove();
                } catch (RepositoryException e3) {
                }
            }
            throw e2;
        }
    }

    private String encodeBase64(byte[] bArr) {
        return StringUtils.newStringUtf8(Base64.encodeBase64(bArr));
    }

    private String generateUniqueIdentifier(UserManager userManager, String str) throws RepositoryException {
        SecureRandom secureRandom = new SecureRandom();
        for (int i = 0; i < MAX_COLLISION_TRIES; i++) {
            String str2 = str + secureRandom.nextInt();
            if (userManager.getAuthorizable(str2) == null) {
                return str2;
            }
        }
        return null;
    }

    private String hashUserId(String str) {
        try {
            return Base64.encodeBase64URLSafeString(MessageDigest.getInstance("SHA-256").digest(str.getBytes("UTF-8"))).toLowerCase();
        } catch (Exception e) {
            this.log.error("Failed to hash a userId: ", e.getMessage());
            return null;
        }
    }

    private String getOauthUserId(Provider provider, User user) throws RepositoryException {
        String userPropKey = getUserPropKey(provider);
        Value[] property = user.hasProperty(userPropKey) ? user.getProperty(userPropKey) : null;
        if (property == null || property.length <= 0) {
            return null;
        }
        return property[0].getString();
    }

    private User getCRXUserByOAuthIdAndMappedUserId(UserManager userManager, Provider provider, OAuthUser oAuthUser, String str) throws RepositoryException {
        Iterator findAuthorizables = userManager.findAuthorizables(getUserPropKey(provider), oAuthUser.getId(), 1);
        while (findAuthorizables.hasNext()) {
            User user = (Authorizable) findAuthorizables.next();
            if (!user.isGroup() && user.getID().startsWith(str)) {
                User user2 = user;
                if (findAuthorizables.hasNext()) {
                    this.log.info("getCRXUserByOAuthIdAndMappedUserId: More than one user registered for ID={} of oauth config {} mappedUserId {}; assuming {}", new Object[]{oAuthUser.getId(), getProviderConfig().getConfigId(), str, user2.getID()});
                }
                return user2;
            }
        }
        return null;
    }

    @NotNull
    StringBuilder getRootURL(@NotNull HttpServletRequest httpServletRequest) {
        StringBuilder sb = new StringBuilder();
        sb.append(httpServletRequest.getScheme()).append("://").append(httpServletRequest.getServerName());
        int serverPort = httpServletRequest.getServerPort();
        if (serverPort > 0) {
            String scheme = httpServletRequest.getScheme();
            boolean z = -1;
            switch (scheme.hashCode()) {
                case 3213448:
                    if (scheme.equals("http")) {
                        z = false;
                        break;
                    }
                    break;
                case 99617003:
                    if (scheme.equals("https")) {
                        z = true;
                        break;
                    }
                    break;
            }
            switch (z) {
                case false:
                    if (serverPort != 80) {
                        sb.append(':').append(serverPort);
                        break;
                    }
                    break;
                case true:
                    if (serverPort != 443) {
                        sb.append(':').append(serverPort);
                        break;
                    }
                    break;
                default:
                    sb.append(':').append(serverPort);
                    break;
            }
        }
        return sb;
    }

    private Response getProtectedData(Token token, Provider provider, OAuthRequest oAuthRequest) {
        getService(provider).signRequest(token, oAuthRequest);
        return oAuthRequest.send();
    }

    private Response getProtectedProfileData(Token token, Provider provider, String str) {
        return getProtectedData(token, provider, provider.getProtectedDataRequest(str));
    }

    private String getUserPropKey(Provider provider) {
        return provider.getOAuthIdPropertyPath(this.config.getClientId());
    }

    private void assignUserProfileData(User user, Map<String, Object> map, ValueFactory valueFactory) throws RepositoryException {
        for (Map.Entry<String, Object> entry : map.entrySet()) {
            Object value = entry.getValue();
            if (value.getClass().isArray()) {
                Object[] objArr = (Object[]) value;
                Value[] valueArr = new Value[objArr.length];
                for (int i = 0; i < objArr.length; i++) {
                    if (objArr[i] != null) {
                        valueArr[i] = valueFactory.createValue(objArr[i].toString());
                    }
                }
                user.setProperty(entry.getKey(), valueArr);
            } else if (entry.getValue() != null) {
                user.setProperty(entry.getKey(), valueFactory.createValue(entry.getValue().toString()));
            }
        }
        Iterator propertyNames = user.getPropertyNames();
        while (propertyNames.hasNext()) {
            String str = (String) propertyNames.next();
            if (str.startsWith("profile/facebook") && map.get(str) == null) {
                this.log.info("**** removing property:" + str);
                user.removeProperty(str);
            }
        }
    }

    private OAuthUser getUserDetails(OAuthToken oAuthToken, Provider provider, boolean z) throws IOException {
        if (oAuthToken == null || !oAuthToken.isAuthentic()) {
            this.log.warn("token was null or not authentic:{}", oAuthToken);
            return null;
        }
        Token token = new Token(oAuthToken.getKey(), oAuthToken.getSecret());
        ArrayList<String> arrayList = new ArrayList();
        OAuthUser fetchAndMapBasicData = fetchAndMapBasicData(provider, provider.getDetailsURL(), token);
        String[] extendedDetailsURLs = provider.getExtendedDetailsURLs(this.config.getScope());
        if (z && extendedDetailsURLs != null && extendedDetailsURLs.length > 0 && fetchAndMapBasicData != null) {
            arrayList.addAll(Arrays.asList(extendedDetailsURLs));
            for (String str : arrayList) {
                if (str == null || str.trim().length() <= 0) {
                    this.log.debug("skipping empty url");
                } else {
                    fetchAndMapBasicData = fetchAndMapExtendedData(provider, str, token, fetchAndMapBasicData);
                }
            }
        }
        return fetchAndMapBasicData;
    }

    private String getExternalId(Provider provider, OAuthUser oAuthUser) {
        if (provider == null || oAuthUser == null) {
            return null;
        }
        return new ExternalIdentityRef(provider.mapUserId(oAuthUser.getId(), oAuthUser.getProperties()), this.config.getConfigId()).getString();
    }
}
