package org.wso2.carbon.apimgt.core.authenticate;

import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.apimgt.api.APIManagementException;
import org.wso2.carbon.apimgt.core.internal.ServiceReferenceHolder;
import org.wso2.carbon.apimgt.impl.dao.ApiMgtDAO;
import org.wso2.carbon.apimgt.impl.dto.APIKeyValidationInfoDTO;

/* loaded from: input_file:org/wso2/carbon/apimgt/core/authenticate/APITokenValidator.class */
public class APITokenValidator {
    private static final Log log = LogFactory.getLog(APITokenValidator.class);

    public APIKeyValidationInfoDTO validateKey(String str, String str2, String str3, String str4, String str5) throws APIManagementException {
        ApiMgtDAO apiMgtDAO = new ApiMgtDAO();
        if (str3 == null || ApiMgtDAO.findConsumerKeyFromAccessToken(str3) == null || !ApiMgtDAO.isDomainRestricted(str3, str5)) {
            return apiMgtDAO.validateKey(str, str2, str3, str4);
        }
        String authorizedDomains = ApiMgtDAO.getAuthorizedDomains(str3);
        log.error("Unauthorized client domain :" + str5 + ". Only \"" + authorizedDomains + "\" domains are authorized to access the API.");
        throw new APIManagementException("Unauthorized client domain :" + str5 + ". Only \"" + authorizedDomains + "\" domains are authorized to access the API.");
    }

    public static String getAPIManagerClientDomainHeader() {
        return ServiceReferenceHolder.getInstance().getAPIManagerConfigurationService().getAPIManagerConfiguration().getFirstProperty("APIGateway.ClientDomainHeader");
    }
}
