package org.wso2.carbon.identity.oauth.config;

import java.util.ArrayList;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Properties;
import java.util.Set;
import java.util.concurrent.ConcurrentHashMap;
import javax.xml.namespace.QName;
import org.apache.amber.oauth2.common.message.types.GrantType;
import org.apache.amber.oauth2.common.message.types.ResponseType;
import org.apache.axiom.om.OMElement;
import org.apache.axis2.util.JavaUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.base.ServerConfigurationException;
import org.wso2.carbon.identity.core.util.IdentityConfigParser;
import org.wso2.carbon.identity.oauth.preprocessor.TokenPersistencePreprocessor;
import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception;
import org.wso2.carbon.identity.oauth2.authcontext.DefaultClaimsRetriever;
import org.wso2.carbon.identity.oauth2.token.handlers.grant.saml.SAML2TokenCallbackHandler;
import org.wso2.carbon.identity.oauth2.util.OAuth2Constants;
import org.wso2.carbon.identity.oauth2.validators.OAuth2TokenValidator;
import org.wso2.carbon.identity.oauth2.validators.TokenValidationHandler;
import org.wso2.carbon.identity.openidconnect.CustomClaimsCallbackHandler;
import org.wso2.carbon.identity.openidconnect.IDTokenBuilder;
import org.wso2.carbon.utils.CarbonUtils;

/* loaded from: input_file:org/wso2/carbon/identity/oauth/config/OAuthServerConfiguration.class */
public class OAuthServerConfiguration {
    private static Log log = LogFactory.getLog(OAuthServerConfiguration.class);
    private static final String CONFIG_ELEM_OAUTH = "OAuth";
    private static OAuthServerConfiguration instance;
    private long defaultAuthorizationCodeValidityPeriodInSeconds = 300;
    private long defaultAccessTokenValidityPeriodInSeconds = 3600;
    private long defaultApplicationAccessTokenValidityPeriodInSeconds = 3600;
    private long defaultTimeStampSkewInSeconds = 300;
    private boolean cacheEnabled = true;
    private boolean assertionsUserNameEnabled = false;
    private boolean accessTokenPartitioningEnabled = false;
    private String accessTokenPartitioningDomains = null;
    private String tokenPersistencePreProcessorClassName = "org.wso2.carbon.identity.oauth.preprocessor.PlainTokenPersistencePreprocessor";
    private TokenPersistencePreprocessor tokenPersistencePreprocessor = null;
    private Set<OAuthCallbackHandlerMetaData> callbackHandlerMetaData = new HashSet();
    private List<String> supportedGrantTypes = new ArrayList();
    private List<String> supportedResponseTypes = new ArrayList();
    private String[] supportedClaims = null;
    private List<String> supportedClientAuthMethods = new ArrayList();
    private List<String> saml2Audience = new ArrayList();
    private String saml2TokenCallbackHandlerName = null;
    private SAML2TokenCallbackHandler saml2TokenCallbackHandler = null;
    private Map<String, Map<String, String>> loginConfiguration = new ConcurrentHashMap();
    private String tokenEP = null;
    private List<String> tokenEPAliases = new ArrayList();
    private List<String> requiredHeaderClaimUris = new ArrayList();
    private boolean isAuthContextTokGenEnabled = false;
    private String tokenGeneratorImplClass = "org.wso2.carbon.identity.oauth2.token.JWTTokenGenerator";
    private String claimsRetrieverImplClass = "org.wso2.carbon.identity.oauth2.token.DefaultClaimsRetriever";
    private String consumerDialectURI = DefaultClaimsRetriever.DEFAULT_DIALECT_URI;
    private String signatureAlgorithm = "SHA256withRSA";
    private String authContextTTL = "15L";
    private String openIDConnectIDTokenBuilderClassName = "org.wso2.carbon.identity.openidconnect.DefaultIDTokenBuilder";
    private String openIDConnectIDTokenCustomClaimsHanlderClassName = "org.wso2.carbon.identity.openidconnect.SAMLAssertionClaimsCallback";
    private IDTokenBuilder openIDConnectIDTokenBuilder = null;
    private CustomClaimsCallbackHandler openidConnectIDTokenCustomClaimsCallbackHandler = null;
    private String openIDConnectIDTokenIssuerIdentifier = "OIDCAuthzServer";
    private String openIDConnectIDTokenSubClaim = "http://wso2.org/claims/fullname";
    private String openIDConnectSkipUserConsent = "false";
    private String openIDConnectIDTokenExpiration = "300";
    private String openIDConnectUserInfoEndpointClaimDialect = DefaultClaimsRetriever.DEFAULT_DIALECT_URI;
    private String openIDConnectUserInfoEndpointClaimRetriever = "org.wso2.carbon.identity.oauth.endpoint.user.impl.UserInfoUserStoreClaimRetriever";
    private String openIDConnectUserInfoEndpointRequestValidator = "org.wso2.carbon.identity.oauth.endpoint.user.impl.UserInforRequestDefaultValidator";
    private String openIDConnectUserInfoEndpointAccessTokenValidator = "org.wso2.carbon.identity.oauth.endpoint.user.impl.UserInfoISAccessTokenValidator";
    private String openIDConnectUserInfoEndpointResponseBuilder = "org.wso2.carbon.identity.oauth.endpoint.user.impl.UserInfoJSONResponseBuilder";

    /* loaded from: input_file:org/wso2/carbon/identity/oauth/config/OAuthServerConfiguration$ConfigElements.class */
    private class ConfigElements {
        private static final String OAUTH_CALLBACK_HANDLERS = "OAuthCallbackHandlers";
        private static final String OAUTH_CALLBACK_HANDLER = "OAuthCallbackHandler";
        private static final String CLAIM_URI = "ClaimUri";
        private static final String REQUIRED_CLAIM_URIS = "RequiredRespHeaderClaimUris";
        private static final String CALLBACK_CLASS = "Class";
        private static final String CALLBACK_PRIORITY = "Priority";
        private static final String CALLBACK_PROPERTIES = "Properties";
        private static final String CALLBACK_PROPERTY = "Property";
        private static final String CALLBACK_ATTR_NAME = "Name";
        private static final String TOKEN_VALIDATORS = "TokenValidators";
        private static final String TOKEN_VALIDATOR = "TokenValidator";
        private static final String TOKEN_TYPE_ATTR = "type";
        private static final String TOKEN_CLASS_ATTR = "class";
        public static final String TIMESTAMP_SKEW = "TimestampSkew";
        private static final String AUTHORIZATION_CODE_DEFAULT_VALIDITY_PERIOD = "AuthorizationCodeDefaultValidityPeriod";
        private static final String ACCESS_TOKEN_DEFAULT_VALIDITY_PERIOD = "AccessTokenDefaultValidityPeriod";
        private static final String APPLICATION_ACCESS_TOKEN_VALIDATION_PERIOD = "ApplicationAccessTokenDefaultValidityPeriod";
        public static final String ENABLE_CACHE = "EnableOAuthCache";
        public static final String TOKEN_PERSISTENCE_PREPROCESSOR = "TokenPersistencePreprocessor";
        public static final String SUPPORTED_GRANT_TYPES = "SupportedGrantTypes";
        public static final String SUPPORTED_RESP_TYPES = "SupportedResponseTypes";
        public static final String SUPPORTED_CLAIMS = "OpenIDConnectClaims";
        public static final String SUPPORTED_CLIENT_AUTH_METHODS = "SupportedClientAuthMethods";
        public static final String SAML2_GRANT = "SAML2Grant";
        public static final String AUDIENCE = "Audience";
        public static final String SAML2_TOKEN_HANDLER = "SAML2TokenHandler";
        public static final String TOKEN_END_POINT = "TokenEndPoint";
        public static final String TOKEN_END_POINT_ALIASES = "TokenEndPointAliases";
        public static final String AUTHORIZATION_CONTEXT_TOKEN_GENERATION = "AuthorizationContextTokenGeneration";
        public static final String ENABLED = "Enabled";
        public static final String TOKEN_GENERATOR_IMPL_CLASS = "TokenGeneratorImplClass";
        public static final String CLAIMS_RETRIEVER_IMPL_CLASS = "ClaimsRetrieverImplClass";
        public static final String CONSUMER_DIALECT_URI = "ConsumerDialectURI";
        public static final String SIGNATURE_ALGORITHM = "SignatureAlgorithm";
        public static final String SECURITY_CONTEXT_TTL = "AuthorizationContextTTL";
        public static final String ENABLE_ASSERTIONS = "EnableAssertions";
        public static final String ENABLE_ASSERTIONS_USERNAME = "UserName";
        public static final String ENABLE_ACCESS_TOKEN_PARTITIONING = "EnableAccessTokenPartitioning";
        public static final String ACCESS_TOKEN_PARTITIONING_DOMAINS = "AccessTokenPartitioningDomains";
        public static final String OPENID_CONNECT = "OpenIDConnect";
        public static final String OPENID_CONNECT_IDTOKEN_BUILDER = "IDTokenBuilder";
        public static final String OPENID_CONNECT_IDTOKEN_CUSTOM_CLAIM_CALLBACK_HANDLER = "IDTokenCustomClaimsCallBackHandler";
        public static final String OPENID_CONNECT_IDTOKEN_SUB_CLAIM = "IDTokenSubjectClaim";
        public static final String OPENID_CONNECT_IDTOKEN_ISSUER_ID = "IDTokenIssuerID";
        public static final String OPENID_CONNECT_IDTOKEN_EXPIRATION = "IDTokenExpiration";
        public static final String OPENID_CONNECT_SKIP_USER_CONSENT = "SkipeUserConsent";
        public static final String OPENID_CONNECT_USERINFO_ENDPOINT_CLAIM_DIALECT = "UserInfoEndpointClaimDialect";
        public static final String OPENID_CONNECT_USERINFO_ENDPOINT_CLAIM_RETRIEVER = "UserInfoEndpointClaimRetriever";
        public static final String OPENID_CONNECT_USERINFO_ENDPOINT_REQUEST_VALIDATOR = "UserInfoEndpointRequestValidator";
        public static final String OPENID_CONNECT_USERINFO_ENDPOINT_ACCESS_TOKEN_VALIDATOR = "UserInfoEndpointAccessTokenValidator";
        public static final String OPENID_CONNECT_USERINFO_ENDPOINT_RESPONSE_BUILDER = "UserInfoEndpointResponseBuilder";
        private static final String LOGIN_CONFIG = "LoginConfig";
        private static final String USERID_LOGIN = "UserIdLogin";
        private static final String EMAIL_LOGIN = "EmailLogin";
        private static final String PRIMARY_LOGIN = "primary";

        private ConfigElements() {
        }
    }

    private OAuthServerConfiguration() {
        buildOAuthServerConfiguration();
    }

    public static OAuthServerConfiguration getInstance() {
        CarbonUtils.checkSecurity();
        if (instance == null) {
            synchronized (OAuthServerConfiguration.class) {
                if (instance == null) {
                    instance = new OAuthServerConfiguration();
                }
            }
        }
        return instance;
    }

    private void buildOAuthServerConfiguration() {
        try {
            OMElement configElement = IdentityConfigParser.getInstance().getConfigElement(CONFIG_ELEM_OAUTH);
            if (configElement == null) {
                warnOnFaultyConfiguration("OAuth element is not available.");
                return;
            }
            parseOAuthCallbackHandlers(configElement.getFirstChildWithName(getQNameWithIdentityNS("OAuthCallbackHandlers")));
            parseRequiredHeaderClaimUris(configElement.getFirstChildWithName(getQNameWithIdentityNS("RequiredRespHeaderClaimUris")));
            parseTokenValidators(configElement.getFirstChildWithName(getQNameWithIdentityNS("TokenValidators")));
            parseDefaultValidityPeriods(configElement);
            parseCachingConfiguration(configElement);
            parseTokenPersistencePreProcessorConfig(configElement);
            parseSupportedGrantTypesConfig(configElement);
            parseSupportedResponseTypesConfig(configElement);
            parseSupportedClaimsConfig(configElement);
            parseSupportedClientAuthMethodsConfig(configElement);
            parseSAML2GrantConfig(configElement);
            parseAuthorizationContextTokenGeneratorConfig(configElement);
            parseEnableAssertionsUserNameConfig(configElement);
            parseAccessTokenPartitioningConfig(configElement);
            parseAccessTokenPartitioningDomainsConfig(configElement);
            parseOpenIDConnectConfig(configElement);
            parseLoginConfig(configElement);
        } catch (ServerConfigurationException e) {
            log.error("Error when reading the OAuth Configurations. OAuth related functionality might be affected.", e);
        }
    }

    public Set<OAuthCallbackHandlerMetaData> getCallbackHandlerMetaData() {
        return this.callbackHandlerMetaData;
    }

    public long getDefaultAuthorizationCodeValidityPeriodInSeconds() {
        return this.defaultAuthorizationCodeValidityPeriodInSeconds;
    }

    public long getDefaultAccessTokenValidityPeriodInSeconds() {
        return this.defaultAccessTokenValidityPeriodInSeconds;
    }

    public long getDefaultApplicationAccessTokenValidityPeriodInSeconds() {
        return this.defaultApplicationAccessTokenValidityPeriodInSeconds;
    }

    public long getDefaultTimeStampSkewInSeconds() {
        return this.defaultTimeStampSkewInSeconds;
    }

    public boolean isCacheEnabled() {
        return this.cacheEnabled;
    }

    public List<String> getSupportedGrantTypes() {
        return this.supportedGrantTypes;
    }

    public List<String> getSupportedResponseTypes() {
        return this.supportedResponseTypes;
    }

    public String[] getSupportedClaims() {
        return this.supportedClaims;
    }

    public List<String> getSupportedClientAuthMethods() {
        return this.supportedClientAuthMethods;
    }

    public List<String> getSAML2Audience() {
        return this.saml2Audience;
    }

    public SAML2TokenCallbackHandler getSAML2TokenCallbackHandler() {
        if (this.saml2TokenCallbackHandlerName == null) {
            return null;
        }
        if (this.saml2TokenCallbackHandler == null) {
            synchronized (SAML2TokenCallbackHandler.class) {
                if (this.saml2TokenCallbackHandler == null) {
                    try {
                        try {
                            this.saml2TokenCallbackHandler = (SAML2TokenCallbackHandler) Thread.currentThread().getContextClassLoader().loadClass(this.saml2TokenCallbackHandlerName).newInstance();
                        } catch (IllegalAccessException e) {
                            log.error("Error while instantiating the SAML2TokenCallbackHandler ", e);
                        }
                    } catch (ClassNotFoundException e2) {
                        log.error("Error while instantiating the SAML2TokenCallbackHandler ", e2);
                    } catch (InstantiationException e3) {
                        log.error("Error while instantiating the SAML2TokenCallbackHandler ", e3);
                    }
                }
            }
        }
        return this.saml2TokenCallbackHandler;
    }

    public String getTokenEndPoint() {
        return this.tokenEP;
    }

    public List<String> getTokenEndPointAliases() {
        return this.tokenEPAliases;
    }

    public List<String> getRequiredHeaderClaimUris() {
        return this.requiredHeaderClaimUris;
    }

    public boolean isAccessTokenPartitioningEnabled() {
        return this.accessTokenPartitioningEnabled;
    }

    public boolean isUserNameAssertionEnabled() {
        return this.assertionsUserNameEnabled;
    }

    public String getAccessTokenPartitioningDomains() {
        return this.accessTokenPartitioningDomains;
    }

    private QName getQNameWithIdentityNS(String str) {
        return new QName("http://wso2.org/projects/carbon/carbon.xml", str);
    }

    public boolean isAuthContextTokGenEnabled() {
        return this.isAuthContextTokGenEnabled;
    }

    public String getTokenGeneratorImplClass() {
        return this.tokenGeneratorImplClass;
    }

    public String getSignatureAlgorithm() {
        return this.signatureAlgorithm;
    }

    public String getConsumerDialectURI() {
        return this.consumerDialectURI;
    }

    public String getClaimsRetrieverImplClass() {
        return this.claimsRetrieverImplClass;
    }

    public String getAuthorizationContextTTL() {
        return this.authContextTTL;
    }

    public Map<String, Map<String, String>> getLoginConfiguration() {
        return this.loginConfiguration;
    }

    public TokenPersistencePreprocessor getTokenPersistencePreprocessor() throws IdentityOAuth2Exception {
        if (this.tokenPersistencePreprocessor == null) {
            synchronized (this) {
                try {
                    this.tokenPersistencePreprocessor = (TokenPersistencePreprocessor) getClass().getClassLoader().loadClass(this.tokenPersistencePreProcessorClassName).newInstance();
                    if (log.isDebugEnabled()) {
                        log.debug("An instance of " + this.tokenPersistencePreProcessorClassName + " is created for OAuthServerConfiguration.");
                    }
                } catch (Exception e) {
                    String str = "Error when instantiating the TokenPersistencePreprocessor : " + this.tokenPersistencePreProcessorClassName;
                    log.error(str, e);
                    throw new IdentityOAuth2Exception(str, e);
                }
            }
        }
        return this.tokenPersistencePreprocessor;
    }

    public IDTokenBuilder getOpenIDConnectIDTokenBuilder() {
        if (this.openIDConnectIDTokenBuilder == null) {
            synchronized (IDTokenBuilder.class) {
                if (this.openIDConnectIDTokenBuilder == null) {
                    try {
                        this.openIDConnectIDTokenBuilder = (IDTokenBuilder) Thread.currentThread().getContextClassLoader().loadClass(this.openIDConnectIDTokenBuilderClassName).newInstance();
                    } catch (ClassNotFoundException e) {
                        log.error("Error while instantiating the IDTokenBuilder ", e);
                    } catch (IllegalAccessException e2) {
                        log.error("Error while instantiating the IDTokenBuilder ", e2);
                    } catch (InstantiationException e3) {
                        log.error("Error while instantiating the IDTokenBuilder ", e3);
                    }
                }
            }
        }
        return this.openIDConnectIDTokenBuilder;
    }

    public CustomClaimsCallbackHandler getOpenIDConnectCustomClaimsCallbackHandler() {
        if (this.openidConnectIDTokenCustomClaimsCallbackHandler == null) {
            synchronized (CustomClaimsCallbackHandler.class) {
                if (this.openidConnectIDTokenCustomClaimsCallbackHandler == null) {
                    try {
                        this.openidConnectIDTokenCustomClaimsCallbackHandler = (CustomClaimsCallbackHandler) Thread.currentThread().getContextClassLoader().loadClass(this.openIDConnectIDTokenCustomClaimsHanlderClassName).newInstance();
                    } catch (ClassNotFoundException e) {
                        log.error("Error while instantiating the IDTokenBuilder ", e);
                    } catch (IllegalAccessException e2) {
                        log.error("Error while instantiating the IDTokenBuilder ", e2);
                    } catch (InstantiationException e3) {
                        log.error("Error while instantiating the IDTokenBuilder ", e3);
                    }
                }
            }
        }
        return this.openidConnectIDTokenCustomClaimsCallbackHandler;
    }

    public String getOpenIDConnectIDTokenIssuerIdentifier() {
        return this.openIDConnectIDTokenIssuerIdentifier;
    }

    public String getOpenIDConnectIDTokenSubjectClaim() {
        return this.openIDConnectIDTokenSubClaim;
    }

    public boolean getOpenIDConnectSkipeUserConsentConfig() {
        return "true".equalsIgnoreCase(this.openIDConnectSkipUserConsent);
    }

    public String getOpenIDConnectIDTokenExpiration() {
        return this.openIDConnectIDTokenExpiration;
    }

    public String getOpenIDConnectUserInfoEndpointClaimDialect() {
        return this.openIDConnectUserInfoEndpointClaimDialect;
    }

    public String getOpenIDConnectUserInfoEndpointClaimRetriever() {
        return this.openIDConnectUserInfoEndpointClaimRetriever;
    }

    public String getOpenIDConnectUserInfoEndpointRequestValidator() {
        return this.openIDConnectUserInfoEndpointRequestValidator;
    }

    public String getOpenIDConnectUserInfoEndpointAccessTokenValidator() {
        return this.openIDConnectUserInfoEndpointAccessTokenValidator;
    }

    public String getOpenIDConnectUserInfoEndpointResponseBuilder() {
        return this.openIDConnectUserInfoEndpointResponseBuilder;
    }

    private void parseOAuthCallbackHandlers(OMElement oMElement) {
        if (oMElement == null) {
            warnOnFaultyConfiguration("AuthorizationCallbackHandlers element is not available.");
            return;
        }
        Iterator childrenWithLocalName = oMElement.getChildrenWithLocalName("OAuthCallbackHandler");
        int i = 0;
        if (childrenWithLocalName != null) {
            while (childrenWithLocalName.hasNext()) {
                OAuthCallbackHandlerMetaData buildAuthzCallbackHandlerMetadata = buildAuthzCallbackHandlerMetadata((OMElement) childrenWithLocalName.next());
                if (buildAuthzCallbackHandlerMetadata != null) {
                    this.callbackHandlerMetaData.add(buildAuthzCallbackHandlerMetadata);
                    if (log.isDebugEnabled()) {
                        log.debug("OAuthAuthorizationCallbackHandleMetadata was added. Class : " + buildAuthzCallbackHandlerMetadata.getClassName());
                    }
                    i++;
                }
            }
        }
        if (i <= 0) {
            warnOnFaultyConfiguration("No AuthorizationCallbackHandler elements were found.");
        }
    }

    private void parseRequiredHeaderClaimUris(OMElement oMElement) {
        Iterator childrenWithLocalName;
        if (oMElement == null || (childrenWithLocalName = oMElement.getChildrenWithLocalName("ClaimUri")) == null) {
            return;
        }
        while (childrenWithLocalName.hasNext()) {
            OMElement oMElement2 = (OMElement) childrenWithLocalName.next();
            if (oMElement2 != null) {
                this.requiredHeaderClaimUris.add(oMElement2.getText());
            }
        }
    }

    private void parseTokenValidators(OMElement oMElement) {
        Iterator childrenWithLocalName;
        if (oMElement == null || (childrenWithLocalName = oMElement.getChildrenWithLocalName("TokenValidator")) == null) {
            return;
        }
        while (childrenWithLocalName.hasNext()) {
            OMElement oMElement2 = (OMElement) childrenWithLocalName.next();
            if (oMElement2 != null) {
                OAuth2TokenValidator oAuth2TokenValidator = null;
                String str = null;
                try {
                    str = oMElement2.getAttributeValue(getQNameWithIdentityNS("class"));
                    oAuth2TokenValidator = (OAuth2TokenValidator) Thread.currentThread().getContextClassLoader().loadClass(str).newInstance();
                } catch (ClassNotFoundException e) {
                    log.error("Class not in build path " + str, e);
                } catch (IllegalAccessException e2) {
                    log.error("Class access error " + str, e2);
                } catch (InstantiationException e3) {
                    log.error("Class initialization error " + str, e3);
                }
                TokenValidationHandler.getInstance().addTokenValidator(oMElement2.getAttributeValue(getQNameWithIdentityNS("type")), oAuth2TokenValidator);
            }
        }
    }

    private void warnOnFaultyConfiguration(String str) {
        log.warn("Error in OAuth Configuration. " + str);
    }

    private OAuthCallbackHandlerMetaData buildAuthzCallbackHandlerMetadata(OMElement oMElement) {
        String attributeValue = oMElement.getAttributeValue(new QName("Class"));
        if (attributeValue == null) {
            log.error("Mandatory attribute \"Class\" is not present in the AuthorizationCallbackHandler element. AuthorizationCallbackHandler will not be registered.");
            return null;
        }
        int i = 1;
        OMElement firstChildWithName = oMElement.getFirstChildWithName(getQNameWithIdentityNS("Priority"));
        if (firstChildWithName != null) {
            i = Integer.parseInt(firstChildWithName.getText());
        }
        if (log.isDebugEnabled()) {
            log.debug("Priority level of : " + i + " is set for the AuthorizationCallbackHandler with the class : " + attributeValue);
        }
        OMElement firstChildWithName2 = oMElement.getFirstChildWithName(getQNameWithIdentityNS("Properties"));
        Properties properties = null;
        if (firstChildWithName2 != null) {
            Iterator childrenWithLocalName = firstChildWithName2.getChildrenWithLocalName("Property");
            properties = new Properties();
            if (log.isDebugEnabled()) {
                log.debug("Registering Properties for AuthorizationCallbackHandler class : " + attributeValue);
            }
            while (childrenWithLocalName.hasNext()) {
                OMElement oMElement2 = (OMElement) childrenWithLocalName.next();
                String attributeValue2 = oMElement2.getAttributeValue(new QName("Name"));
                String text = oMElement2.getText();
                properties.put(attributeValue2, text);
                if (log.isDebugEnabled()) {
                    log.debug("Property name : " + attributeValue2 + ", Property Value : " + text);
                }
            }
        }
        return new OAuthCallbackHandlerMetaData(attributeValue, properties, i);
    }

    private void parseDefaultValidityPeriods(OMElement oMElement) {
        OMElement firstChildWithName = oMElement.getFirstChildWithName(getQNameWithIdentityNS("AuthorizationCodeDefaultValidityPeriod"));
        if (firstChildWithName != null) {
            this.defaultAuthorizationCodeValidityPeriodInSeconds = Long.parseLong(firstChildWithName.getText());
        }
        OMElement firstChildWithName2 = oMElement.getFirstChildWithName(getQNameWithIdentityNS("AccessTokenDefaultValidityPeriod"));
        if (firstChildWithName2 != null) {
            this.defaultAccessTokenValidityPeriodInSeconds = Long.parseLong(firstChildWithName2.getText());
        }
        OMElement firstChildWithName3 = oMElement.getFirstChildWithName(getQNameWithIdentityNS("ApplicationAccessTokenDefaultValidityPeriod"));
        if (firstChildWithName3 != null) {
            this.defaultApplicationAccessTokenValidityPeriodInSeconds = Long.parseLong(firstChildWithName3.getText());
        }
        OMElement firstChildWithName4 = oMElement.getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.TIMESTAMP_SKEW));
        if (firstChildWithName4 != null) {
            this.defaultTimeStampSkewInSeconds = Long.parseLong(firstChildWithName4.getText());
        }
        if (log.isDebugEnabled()) {
            if (firstChildWithName == null) {
                log.debug("\"Authorization Code Default Timeout\" element was not available in identity.xml. Continuing with the default value.");
            }
            if (firstChildWithName2 == null) {
                log.debug("\"Access Token Default Timeout\" element was not available in from identity.xml. Continuing with the default value.");
            }
            if (firstChildWithName4 == null) {
                log.debug("\"Default Timestamp Skew\" element was not available in from identity.xml. Continuing with the default value.");
            }
            log.debug("Authorization Code Default Timeout is set to : " + this.defaultAuthorizationCodeValidityPeriodInSeconds + "ms.");
            log.debug("Access Token Default Timeout is set to " + this.defaultAccessTokenValidityPeriodInSeconds + "ms.");
            log.debug("Application Access Token Default Timeout is set to " + this.defaultAccessTokenValidityPeriodInSeconds + "ms.");
            log.debug("Default TimestampSkew is set to " + this.defaultTimeStampSkewInSeconds + "ms.");
        }
    }

    private void parseCachingConfiguration(OMElement oMElement) {
        OMElement firstChildWithName = oMElement.getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.ENABLE_CACHE));
        if (firstChildWithName != null) {
            this.cacheEnabled = Boolean.parseBoolean(firstChildWithName.getText());
        }
        if (log.isDebugEnabled()) {
            log.debug("Enable OAuth Cache was set to : " + this.cacheEnabled);
        }
    }

    private void parseAccessTokenPartitioningConfig(OMElement oMElement) {
        OMElement firstChildWithName = oMElement.getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.ENABLE_ACCESS_TOKEN_PARTITIONING));
        if (firstChildWithName != null) {
            this.accessTokenPartitioningEnabled = Boolean.parseBoolean(firstChildWithName.getText());
        }
        if (log.isDebugEnabled()) {
            log.debug("Enable OAuth Access Token Partitioning was set to : " + this.accessTokenPartitioningEnabled);
        }
    }

    private void parseAccessTokenPartitioningDomainsConfig(OMElement oMElement) {
        OMElement firstChildWithName = oMElement.getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.ACCESS_TOKEN_PARTITIONING_DOMAINS));
        if (firstChildWithName != null) {
            this.accessTokenPartitioningDomains = firstChildWithName.getText();
        }
        if (log.isDebugEnabled()) {
            log.debug("Enable OAuth Access Token Partitioning Domains was set to : " + this.accessTokenPartitioningDomains);
        }
    }

    private void parseEnableAssertionsUserNameConfig(OMElement oMElement) {
        OMElement firstChildWithName;
        OMElement firstChildWithName2 = oMElement.getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.ENABLE_ASSERTIONS));
        if (firstChildWithName2 != null && (firstChildWithName = firstChildWithName2.getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.ENABLE_ASSERTIONS_USERNAME))) != null) {
            this.assertionsUserNameEnabled = Boolean.parseBoolean(firstChildWithName.getText());
        }
        if (log.isDebugEnabled()) {
            log.debug("Enable Assertions-UserName was set to : " + this.assertionsUserNameEnabled);
        }
    }

    private void parseTokenPersistencePreProcessorConfig(OMElement oMElement) {
        OMElement firstChildWithName = oMElement.getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.TOKEN_PERSISTENCE_PREPROCESSOR));
        if (firstChildWithName != null) {
            this.tokenPersistencePreProcessorClassName = firstChildWithName.getText().trim();
        }
        if (log.isDebugEnabled()) {
            log.debug("Token Persistence Preprocessor was set to : " + this.tokenPersistencePreProcessorClassName);
        }
    }

    private void parseSupportedGrantTypesConfig(OMElement oMElement) {
        String[] split;
        OMElement firstChildWithName = oMElement.getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.SUPPORTED_GRANT_TYPES));
        ArrayList arrayList = new ArrayList(4);
        arrayList.add(GrantType.AUTHORIZATION_CODE.toString());
        arrayList.add(GrantType.CLIENT_CREDENTIALS.toString());
        arrayList.add(GrantType.PASSWORD.toString());
        arrayList.add(GrantType.REFRESH_TOKEN.toString());
        arrayList.add(org.wso2.carbon.identity.oauth.common.GrantType.SAML20_BEARER.toString());
        if (firstChildWithName != null) {
            String text = firstChildWithName.getText();
            if (text != null && (split = text.split(",")) != null) {
                for (String str : split) {
                    String trim = str.trim();
                    if (arrayList.contains(trim)) {
                        this.supportedGrantTypes.add(trim);
                    } else if (log.isDebugEnabled()) {
                        log.debug("Invalid Grant Type provided : " + trim + ". This will be ignored.");
                    }
                }
            }
        } else {
            this.supportedGrantTypes.addAll(arrayList);
        }
        if (log.isDebugEnabled()) {
            log.debug("Supported Grant Types : " + this.supportedGrantTypes);
        }
    }

    private void parseSupportedResponseTypesConfig(OMElement oMElement) {
        String[] split;
        OMElement firstChildWithName = oMElement.getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.SUPPORTED_RESP_TYPES));
        ArrayList arrayList = new ArrayList(4);
        arrayList.add(ResponseType.CODE.toString());
        arrayList.add(ResponseType.TOKEN.toString());
        if (firstChildWithName != null) {
            String text = firstChildWithName.getText();
            if (text != null && (split = text.split(",")) != null) {
                for (String str : split) {
                    String trim = str.trim();
                    if (arrayList.contains(trim)) {
                        this.supportedResponseTypes.add(trim);
                    } else if (log.isDebugEnabled()) {
                        log.debug("Invalid Response Type provided : " + trim + ". This will be ignored.");
                    }
                }
            }
        } else {
            this.supportedResponseTypes.addAll(arrayList);
        }
        if (log.isDebugEnabled()) {
            log.debug("Supported Response Types : " + this.supportedResponseTypes);
        }
    }

    private void parseSupportedClaimsConfig(OMElement oMElement) {
        OMElement firstChildWithName = oMElement.getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.SUPPORTED_CLAIMS));
        String str = null;
        if (firstChildWithName != null) {
            str = firstChildWithName.getText();
            if (str != null) {
                this.supportedClaims = str.split(",");
            }
        }
        if (log.isDebugEnabled()) {
            log.debug("Supported Claims : " + str);
        }
    }

    private void parseSupportedClientAuthMethodsConfig(OMElement oMElement) {
        OMElement firstChildWithName = oMElement.getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.SUPPORTED_CLIENT_AUTH_METHODS));
        ArrayList arrayList = new ArrayList(4);
        arrayList.add(OAuth2Constants.ClientAuthMethods.BASIC.toString());
        arrayList.add(OAuth2Constants.ClientAuthMethods.SAML_20_BEARER.toString());
        if (firstChildWithName != null) {
            String text = firstChildWithName.getText();
            if (text != null) {
                String[] split = text.split(",");
                if (firstChildWithName != null) {
                    for (String str : split) {
                        String trim = str.trim();
                        if (arrayList.contains(trim)) {
                            this.supportedClientAuthMethods.add(trim);
                        } else if (log.isDebugEnabled()) {
                            log.debug("Invalid Client Authentication Method provided : " + trim + ". This will be ignored.");
                        }
                    }
                }
            }
        } else {
            this.supportedClientAuthMethods.addAll(arrayList);
        }
        if (log.isDebugEnabled()) {
            log.debug("Supported Client Authentication Methods : " + this.supportedClientAuthMethods);
        }
    }

    private void parseSAML2GrantConfig(OMElement oMElement) {
        OMElement firstChildWithName = oMElement.getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.SAML2_GRANT)).getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.AUDIENCE));
        if (firstChildWithName != null) {
            for (String str : firstChildWithName.getText().split(",")) {
                this.saml2Audience.add(str);
            }
        }
        if (log.isDebugEnabled()) {
            for (int i = 0; i < this.saml2Audience.size(); i++) {
                log.debug("Valid SAML2Grant Audience " + i + " : " + this.saml2Audience.get(i));
            }
        }
        OMElement firstChildWithName2 = oMElement.getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.SAML2_GRANT)).getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.SAML2_TOKEN_HANDLER));
        if (firstChildWithName2 != null) {
            this.saml2TokenCallbackHandlerName = firstChildWithName2.getText();
        }
        OMElement firstChildWithName3 = oMElement.getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.SAML2_GRANT)).getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.TOKEN_END_POINT));
        if (firstChildWithName3 != null) {
            this.tokenEP = firstChildWithName3.getText();
        }
        if (log.isDebugEnabled()) {
            for (int i2 = 0; i2 < this.saml2Audience.size(); i2++) {
                log.debug("Token EndPoint : " + this.tokenEP);
            }
        }
        OMElement firstChildWithName4 = oMElement.getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.SAML2_GRANT)).getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.TOKEN_END_POINT_ALIASES));
        if (firstChildWithName4 != null) {
            for (String str2 : firstChildWithName4.getText().split(",")) {
                this.tokenEPAliases.add(str2);
            }
        }
        if (log.isDebugEnabled()) {
            for (int i3 = 0; i3 < this.tokenEPAliases.size(); i3++) {
                log.debug("Token EndPoint Alias" + i3 + " : " + this.tokenEPAliases.get(i3));
            }
        }
    }

    private void parseAuthorizationContextTokenGeneratorConfig(OMElement oMElement) {
        OMElement firstChildWithName;
        String trim;
        OMElement firstChildWithName2 = oMElement.getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.AUTHORIZATION_CONTEXT_TOKEN_GENERATION));
        if (firstChildWithName2 != null && (firstChildWithName = firstChildWithName2.getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.ENABLED))) != null && (trim = firstChildWithName.getText().trim()) != null && JavaUtils.isTrueExplicitly(trim)) {
            this.isAuthContextTokGenEnabled = true;
            if (firstChildWithName2.getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.TOKEN_GENERATOR_IMPL_CLASS)) != null) {
                this.tokenGeneratorImplClass = firstChildWithName2.getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.TOKEN_GENERATOR_IMPL_CLASS)).getText().trim();
            }
            if (firstChildWithName2.getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.CLAIMS_RETRIEVER_IMPL_CLASS)) != null) {
                this.claimsRetrieverImplClass = firstChildWithName2.getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.CLAIMS_RETRIEVER_IMPL_CLASS)).getText().trim();
            }
            if (firstChildWithName2.getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.CONSUMER_DIALECT_URI)) != null) {
                this.consumerDialectURI = firstChildWithName2.getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.CONSUMER_DIALECT_URI)).getText().trim();
            }
            if (firstChildWithName2.getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.SIGNATURE_ALGORITHM)) != null) {
                this.signatureAlgorithm = firstChildWithName2.getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.SIGNATURE_ALGORITHM)).getText().trim();
            }
            if (firstChildWithName2.getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.SECURITY_CONTEXT_TTL)) != null) {
                this.authContextTTL = firstChildWithName2.getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.SECURITY_CONTEXT_TTL)).getText().trim();
            }
        }
        if (log.isDebugEnabled()) {
            if (this.isAuthContextTokGenEnabled) {
                log.debug("JWT Generation is enabled");
            } else {
                log.debug("JWT Generation is disabled");
            }
        }
    }

    private void parseOpenIDConnectConfig(OMElement oMElement) {
        OMElement firstChildWithName = oMElement.getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.OPENID_CONNECT));
        if (firstChildWithName != null) {
            if (firstChildWithName.getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.OPENID_CONNECT_IDTOKEN_BUILDER)) != null) {
                this.openIDConnectIDTokenBuilderClassName = firstChildWithName.getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.OPENID_CONNECT_IDTOKEN_BUILDER)).getText().trim();
            }
            if (firstChildWithName.getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.OPENID_CONNECT_IDTOKEN_CUSTOM_CLAIM_CALLBACK_HANDLER)) != null) {
                this.openIDConnectIDTokenCustomClaimsHanlderClassName = firstChildWithName.getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.OPENID_CONNECT_IDTOKEN_CUSTOM_CLAIM_CALLBACK_HANDLER)).getText().trim();
            }
            if (firstChildWithName.getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.OPENID_CONNECT_IDTOKEN_SUB_CLAIM)) != null) {
                this.openIDConnectIDTokenSubClaim = firstChildWithName.getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.OPENID_CONNECT_IDTOKEN_SUB_CLAIM)).getText().trim();
            }
            if (firstChildWithName.getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.OPENID_CONNECT_SKIP_USER_CONSENT)) != null) {
                this.openIDConnectSkipUserConsent = firstChildWithName.getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.OPENID_CONNECT_SKIP_USER_CONSENT)).getText().trim();
            }
            if (firstChildWithName.getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.OPENID_CONNECT_IDTOKEN_ISSUER_ID)) != null) {
                this.openIDConnectIDTokenIssuerIdentifier = firstChildWithName.getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.OPENID_CONNECT_IDTOKEN_ISSUER_ID)).getText().trim();
            }
            if (firstChildWithName.getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.OPENID_CONNECT_IDTOKEN_EXPIRATION)) != null) {
                this.openIDConnectIDTokenExpiration = firstChildWithName.getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.OPENID_CONNECT_IDTOKEN_EXPIRATION)).getText().trim();
            }
            if (firstChildWithName.getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.OPENID_CONNECT_USERINFO_ENDPOINT_CLAIM_DIALECT)) != null) {
                this.openIDConnectUserInfoEndpointClaimDialect = firstChildWithName.getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.OPENID_CONNECT_USERINFO_ENDPOINT_CLAIM_DIALECT)).getText().trim();
            }
            if (firstChildWithName.getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.OPENID_CONNECT_USERINFO_ENDPOINT_CLAIM_RETRIEVER)) != null) {
                this.openIDConnectUserInfoEndpointClaimRetriever = firstChildWithName.getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.OPENID_CONNECT_USERINFO_ENDPOINT_CLAIM_RETRIEVER)).getText().trim();
            }
            if (firstChildWithName.getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.OPENID_CONNECT_USERINFO_ENDPOINT_REQUEST_VALIDATOR)) != null) {
                this.openIDConnectUserInfoEndpointRequestValidator = firstChildWithName.getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.OPENID_CONNECT_USERINFO_ENDPOINT_REQUEST_VALIDATOR)).getText().trim();
            }
            if (firstChildWithName.getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.OPENID_CONNECT_USERINFO_ENDPOINT_ACCESS_TOKEN_VALIDATOR)) != null) {
                this.openIDConnectUserInfoEndpointAccessTokenValidator = firstChildWithName.getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.OPENID_CONNECT_USERINFO_ENDPOINT_ACCESS_TOKEN_VALIDATOR)).getText().trim();
            }
            if (firstChildWithName.getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.OPENID_CONNECT_USERINFO_ENDPOINT_RESPONSE_BUILDER)) != null) {
                this.openIDConnectUserInfoEndpointResponseBuilder = firstChildWithName.getFirstChildWithName(getQNameWithIdentityNS(ConfigElements.OPENID_CONNECT_USERINFO_ENDPOINT_RESPONSE_BUILDER)).getText().trim();
            }
        }
    }

    private void parseLoginConfig(OMElement oMElement) {
        OMElement firstChildWithName = oMElement.getFirstChildWithName(getQNameWithIdentityNS("LoginConfig"));
        if (firstChildWithName != null) {
            if (log.isDebugEnabled()) {
                log.debug("Login configuration is set ");
            }
            OMElement firstChildWithName2 = firstChildWithName.getFirstChildWithName(getQNameWithIdentityNS("EmailLogin"));
            OMElement firstChildWithName3 = firstChildWithName.getFirstChildWithName(getQNameWithIdentityNS("UserIdLogin"));
            HashMap hashMap = new HashMap(2);
            hashMap.put("primary", firstChildWithName2.getAttributeValue(new QName("primary")));
            hashMap.put("ClaimUri", firstChildWithName2.getFirstChildWithName(getQNameWithIdentityNS("ClaimUri")).getText());
            HashMap hashMap2 = new HashMap(2);
            hashMap2.put("primary", firstChildWithName3.getAttributeValue(new QName("primary")));
            hashMap2.put("ClaimUri", firstChildWithName3.getFirstChildWithName(getQNameWithIdentityNS("ClaimUri")).getText());
            this.loginConfiguration.put("EmailLogin", hashMap);
            this.loginConfiguration.put("UserIdLogin", hashMap2);
        }
    }
}
