package org.wso2.carbon.identity.provider;

import java.io.ByteArrayInputStream;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import javax.xml.parsers.DocumentBuilderFactory;
import org.apache.axiom.om.util.UUIDGenerator;
import org.apache.axis2.context.MessageContext;
import org.apache.axis2.transport.http.HTTPConstants;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.openid4java.message.AuthFailure;
import org.openid4java.message.AuthRequest;
import org.openid4java.message.AuthSuccess;
import org.openid4java.message.DirectError;
import org.openid4java.message.MessageExtension;
import org.openid4java.message.Parameter;
import org.openid4java.message.ParameterList;
import org.openid4java.server.ServerManager;
import org.wso2.carbon.CarbonException;
import org.wso2.carbon.identity.base.IdentityException;
import org.wso2.carbon.identity.core.IdentityClaimManager;
import org.wso2.carbon.identity.core.dao.InfoCardDAO;
import org.wso2.carbon.identity.core.dao.OpenIDRememberMeDAO;
import org.wso2.carbon.identity.core.model.OpenIDRememberMeDO;
import org.wso2.carbon.identity.core.model.XMPPSettingsDO;
import org.wso2.carbon.identity.core.persistence.IdentityPersistenceManager;
import org.wso2.carbon.identity.core.util.IdentityTenantUtil;
import org.wso2.carbon.identity.core.util.IdentityUtil;
import org.wso2.carbon.identity.provider.dto.InfoCardDTO;
import org.wso2.carbon.identity.provider.dto.InfoCardSignInDTO;
import org.wso2.carbon.identity.provider.dto.OpenIDAuthRequestDTO;
import org.wso2.carbon.identity.provider.dto.OpenIDAuthResponseDTO;
import org.wso2.carbon.identity.provider.dto.OpenIDClaimDTO;
import org.wso2.carbon.identity.provider.dto.OpenIDParameterDTO;
import org.wso2.carbon.identity.provider.dto.OpenIDProviderInfoDTO;
import org.wso2.carbon.identity.provider.dto.OpenIDRememberMeDTO;
import org.wso2.carbon.identity.provider.dto.OpenIDUserProfileDTO;
import org.wso2.carbon.identity.provider.dto.PapeInfoRequestDTO;
import org.wso2.carbon.identity.provider.dto.PapeInfoResponseDTO;
import org.wso2.carbon.identity.provider.openid.OpenIDProvider;
import org.wso2.carbon.identity.provider.openid.OpenIDUtil;
import org.wso2.carbon.identity.provider.openid.extensions.OpenIDExtension;
import org.wso2.carbon.identity.provider.openid.extensions.OpenIDPape;
import org.wso2.carbon.identity.provider.openid.handlers.OpenIDAuthenticationRequest;
import org.wso2.carbon.identity.provider.openid.handlers.OpenIDExtensionFactory;
import org.wso2.carbon.identity.provider.xmpp.MPAuthenticationProvider;
import org.wso2.carbon.identity.relyingparty.RelyingPartyData;
import org.wso2.carbon.identity.relyingparty.RelyingPartyException;
import org.wso2.carbon.identity.relyingparty.saml.SAMLTokenVerifier;
import org.wso2.carbon.registry.core.Registry;
import org.wso2.carbon.registry.core.exceptions.RegistryException;
import org.wso2.carbon.user.core.UserRealm;
import org.wso2.carbon.user.core.UserStoreException;
import org.wso2.carbon.user.core.claim.Claim;
import org.wso2.carbon.user.core.util.UserCoreUtil;
import org.wso2.carbon.utils.TenantUtils;

/* loaded from: input_file:org/wso2/carbon/identity/provider/OpenIDProviderService.class */
public class OpenIDProviderService {
    private static final String OPENID_LOGGEDIN_USER = "OPENID_LOGGEDIN_USER";
    protected Log log = LogFactory.getLog(OpenIDProviderService.class);

    public boolean authenticateWithOpenID(String str, String str2) throws Exception {
        HttpSession session;
        String userName = OpenIDUtil.getUserName(str);
        boolean z = true;
        IdentityPersistenceManager persistanceManager = IdentityPersistenceManager.getPersistanceManager();
        String domainNameFromOpenId = TenantUtils.getDomainNameFromOpenId(str);
        String tenantLessUsername = UserCoreUtil.getTenantLessUsername(userName);
        XMPPSettingsDO xmppSettings = persistanceManager.getXmppSettings(IdentityTenantUtil.getRegistry(domainNameFromOpenId, userName), tenantLessUsername);
        boolean authenticate = IdentityTenantUtil.getRealm(domainNameFromOpenId, userName).getUserStoreManager().authenticate(tenantLessUsername, str2);
        if (xmppSettings != null && xmppSettings.isXmppEnabled() && authenticate) {
            z = new MPAuthenticationProvider(xmppSettings).authenticate();
            if (this.log.isDebugEnabled()) {
                this.log.debug("XMPP Multifactor Authentication was completed Successfully.");
            }
        }
        if (z && authenticate && (session = ((HttpServletRequest) MessageContext.getCurrentMessageContext().getProperty(HTTPConstants.MC_HTTP_SERVLETREQUEST)).getSession(false)) != null) {
            session.setAttribute(OPENID_LOGGEDIN_USER, userName);
        }
        return z && authenticate;
    }

    public OpenIDRememberMeDTO authenticateWithOpenIDRememberMe(String str, String str2, String str3, String str4) throws Exception {
        String userName = OpenIDUtil.getUserName(str);
        boolean z = false;
        OpenIDRememberMeDTO openIDRememberMeDTO = new OpenIDRememberMeDTO();
        openIDRememberMeDTO.setAuthenticated(false);
        if (str2 != null && str2.trim().length() > 0) {
            z = authenticateWithOpenID(str, str2);
            if (!z) {
                return openIDRememberMeDTO;
            }
        } else if (str4 == null || "null".equals(str4) || str3 == null) {
            return openIDRememberMeDTO;
        }
        String tenantLessUsername = UserCoreUtil.getTenantLessUsername(userName);
        OpenIDRememberMeDO openIDRememberMeDO = new OpenIDRememberMeDO();
        openIDRememberMeDO.setOpenID(str);
        openIDRememberMeDO.setUserName(tenantLessUsername);
        OpenIDRememberMeDAO openIDRememberMeDAO = new OpenIDRememberMeDAO(IdentityTenantUtil.getRegistry(TenantUtils.getDomainNameFromOpenId(str), (String) null));
        if (str3 == null || str4 == null || "null".equals(str4)) {
            if (str3 == null || !((str4 == null || "null".equals(str4)) && z)) {
                return openIDRememberMeDTO;
            }
            String uuid = UUIDGenerator.getUUID();
            openIDRememberMeDO.setToken(IdentityUtil.getHMAC(str3, uuid));
            openIDRememberMeDAO.updateToken(openIDRememberMeDO);
            openIDRememberMeDTO.setNewCookieValue(uuid);
            openIDRememberMeDTO.setAuthenticated(true);
            HttpSession session = ((HttpServletRequest) MessageContext.getCurrentMessageContext().getProperty(HTTPConstants.MC_HTTP_SERVLETREQUEST)).getSession(false);
            if (session != null) {
                session.setAttribute(OPENID_LOGGEDIN_USER, userName);
            }
            return openIDRememberMeDTO;
        }
        String hmac = IdentityUtil.getHMAC(str3, str4);
        String token = openIDRememberMeDAO.getToken(openIDRememberMeDO);
        if (token == null || !token.equals(hmac)) {
            return openIDRememberMeDTO;
        }
        String uuid2 = UUIDGenerator.getUUID();
        openIDRememberMeDO.setToken(IdentityUtil.getHMAC(str3, uuid2));
        openIDRememberMeDAO.updateToken(openIDRememberMeDO);
        openIDRememberMeDTO.setNewCookieValue(uuid2);
        openIDRememberMeDTO.setAuthenticated(true);
        HttpSession session2 = ((HttpServletRequest) MessageContext.getCurrentMessageContext().getProperty(HTTPConstants.MC_HTTP_SERVLETREQUEST)).getSession(false);
        if (session2 != null) {
            session2.setAttribute(OPENID_LOGGEDIN_USER, userName);
        }
        return openIDRememberMeDTO;
    }

    public OpenIDProviderInfoDTO getOpenIDProviderInfo(String str, String str2) throws Exception {
        String str3 = null;
        UserRealm userRealm = null;
        OpenIDProviderInfoDTO openIDProviderInfoDTO = new OpenIDProviderInfoDTO();
        try {
            str3 = TenantUtils.getDomainNameFromOpenId(str2);
            userRealm = IdentityTenantUtil.getRealm(str3, str);
        } catch (Exception e) {
            this.log.error(e);
        }
        if (userRealm == null) {
            return openIDProviderInfoDTO;
        }
        openIDProviderInfoDTO.setSubDomain(str3);
        String tenantLessUsername = UserCoreUtil.getTenantLessUsername(str);
        openIDProviderInfoDTO.setUserExist(userRealm.getUserStoreManager().isExistingUser(tenantLessUsername));
        openIDProviderInfoDTO.setOpenIDProviderServerUrl(IdentityUtil.getProperty("OpenIDServerUrl"));
        openIDProviderInfoDTO.setOpenID(IdentityUtil.getProperty("OpenIDUserPattern") + tenantLessUsername);
        return openIDProviderInfoDTO;
    }

    public OpenIDClaimDTO[] getClaimValues(String str, String str2, OpenIDParameterDTO[] openIDParameterDTOArr) throws Exception {
        validateInputParameters(new String[]{str, str2}, "Invalid parameters provided to getClaimValues");
        checkUserAuthorization(OpenIDUtil.getUserName(str), "getClaimValues");
        return getOpenIDClaimValues(str, str2, getRequestedAttributes(AuthRequest.createAuthRequest(getParameterList(openIDParameterDTOArr), OpenIDProvider.getInstance().getManager().getRealmVerifier())));
    }

    public String getOpenIDAssociationResponse(OpenIDParameterDTO[] openIDParameterDTOArr) throws Exception {
        return OpenIDProvider.getInstance().getManager().associationResponse(getParameterList(openIDParameterDTOArr)).keyValueFormEncoding();
    }

    public String verify(OpenIDParameterDTO[] openIDParameterDTOArr) throws Exception {
        return OpenIDProvider.getInstance().getManager().verify(getParameterList(openIDParameterDTOArr)).keyValueFormEncoding();
    }

    public OpenIDAuthResponseDTO getOpenIDAuthResponse(OpenIDAuthRequestDTO openIDAuthRequestDTO) throws Exception {
        MessageExtension messageExtension;
        ParameterList parameterList = getParameterList(openIDAuthRequestDTO.getParams());
        OpenIDAuthResponseDTO openIDAuthResponseDTO = new OpenIDAuthResponseDTO();
        ServerManager manager = OpenIDProvider.getInstance().getManager();
        AuthRequest createAuthRequest = AuthRequest.createAuthRequest(parameterList, manager.getRealmVerifier());
        AuthSuccess authResponse = manager.authResponse(parameterList, openIDAuthRequestDTO.getOpLocalId(), openIDAuthRequestDTO.getUserSelectedClaimedId(), openIDAuthRequestDTO.isAuthenticated());
        if ((authResponse instanceof DirectError) || (authResponse instanceof AuthFailure)) {
            openIDAuthResponseDTO.setDestinationUrl(authResponse.getDestinationUrl(true));
            openIDAuthResponseDTO.setValidated(false);
        } else {
            OpenIDAuthenticationRequest openIDAuthenticationRequest = new OpenIDAuthenticationRequest();
            if (openIDAuthRequestDTO.isPhishiingResistanceAuthRequest()) {
                openIDAuthenticationRequest.setPhishingResistanceLogin(true);
            }
            if (openIDAuthRequestDTO.isMultiFactorAuthRequested()) {
                openIDAuthenticationRequest.setMultifactorLogin(true);
            }
            openIDAuthenticationRequest.setAuthRequest(createAuthRequest);
            for (Object obj : createAuthRequest.getExtensions()) {
                openIDAuthenticationRequest.setExtensionAlias((String) obj);
                OpenIDExtension extension = OpenIDExtensionFactory.getInstance().getExtension(openIDAuthenticationRequest);
                if (extension != null && (messageExtension = extension.getMessageExtension(openIDAuthRequestDTO.getOpenID(), openIDAuthRequestDTO.getProfileName())) != null) {
                    authResponse.addExtension(messageExtension);
                    AuthSuccess authSuccess = authResponse;
                    authSuccess.addSignExtension((String) obj);
                    manager.sign(authSuccess);
                }
            }
            openIDAuthResponseDTO.setDestinationUrl(authResponse.getDestinationUrl(true));
            openIDAuthResponseDTO.setValidated(true);
        }
        return openIDAuthResponseDTO;
    }

    public InfoCardSignInDTO signInWithInfoCard(InfoCardDTO infoCardDTO) throws Exception {
        SAMLTokenVerifier sAMLTokenVerifier = new SAMLTokenVerifier();
        HttpSession session = ((HttpServletRequest) MessageContext.getCurrentMessageContext().getProperty(HTTPConstants.MC_HTTP_SERVLETREQUEST)).getSession();
        InfoCardSignInDTO infoCardSignInDTO = new InfoCardSignInDTO();
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(infoCardDTO.getXmlToken().getBytes());
        DocumentBuilderFactory newInstance = DocumentBuilderFactory.newInstance();
        newInstance.setNamespaceAware(true);
        boolean z = false;
        if (sAMLTokenVerifier.verifyDecryptedToken(newInstance.newDocumentBuilder().parse(byteArrayInputStream).getDocumentElement(), RelyingPartyData.getInstance())) {
            Hashtable attributeTable = sAMLTokenVerifier.getAttributeTable();
            if (validateIssuerInfoPolicy(sAMLTokenVerifier, RelyingPartyData.getInstance())) {
                String str = (String) attributeTable.get("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier");
                String str2 = (String) attributeTable.get("http://wso2.org/claims/tenant");
                String userName = getUserName(str, str2);
                String tenantLessUsername = UserCoreUtil.getTenantLessUsername(OpenIDUtil.getUserName(infoCardDTO.getOpenId()));
                String domainNameFromOpenId = TenantUtils.getDomainNameFromOpenId(infoCardDTO.getOpenId());
                if (domainNameFromOpenId == null) {
                    domainNameFromOpenId = "identity.cloud.wso2.com";
                }
                if (str2.equals(domainNameFromOpenId) && tenantLessUsername.equals(userName)) {
                    if ("http://schemas.xmlsoap.org/ws/2005/05/identity/issuer/self".equals(sAMLTokenVerifier.getIssuerName())) {
                        infoCardSignInDTO.setPpid(str);
                    }
                    if (session != null) {
                        session.setAttribute(OPENID_LOGGEDIN_USER, userName);
                    }
                    z = true;
                    infoCardSignInDTO.setAuthenticated(true);
                    infoCardSignInDTO.setUserID(userName);
                }
            }
        }
        if (!z) {
            session.removeAttribute(OPENID_LOGGEDIN_USER);
        }
        return infoCardSignInDTO;
    }

    public PapeInfoResponseDTO retrievePapeInfo(PapeInfoRequestDTO papeInfoRequestDTO) throws IdentityProviderException {
        PapeInfoResponseDTO papeInfoResponseDTO = new PapeInfoResponseDTO();
        if (papeInfoRequestDTO == null) {
            throw new IllegalArgumentException("Invalid parameters provided to retrievePapeInfo");
        }
        validateInputParameters(new String[]{papeInfoRequestDTO.getOpenID()}, "Invalid parameters provided to retrievePapeInfo");
        papeInfoResponseDTO.setPolicies(getPapeInfo(papeInfoRequestDTO));
        return papeInfoResponseDTO;
    }

    private List<String> getRequestedAttributes(AuthRequest authRequest) throws IdentityException {
        OpenIDAuthenticationRequest openIDAuthenticationRequest = new OpenIDAuthenticationRequest();
        openIDAuthenticationRequest.setAuthRequest(authRequest);
        ArrayList arrayList = new ArrayList();
        Iterator it = authRequest.getExtensions().iterator();
        while (it.hasNext()) {
            openIDAuthenticationRequest.setExtensionAlias((String) it.next());
            OpenIDExtension extension = OpenIDExtensionFactory.getInstance().getExtension(openIDAuthenticationRequest);
            if (extension != null) {
                extension.addRequiredAttributes(arrayList);
            }
        }
        return arrayList;
    }

    private String getUserName(String str, String str2) throws IdentityException, RegistryException, CarbonException {
        return IdentityPersistenceManager.getPersistanceManager().getUserByPPID((str2 == null || str2.equals("identity.cloud.wso2.com")) ? IdentityTenantUtil.getRegistry((String) null, (String) null) : IdentityTenantUtil.getRegistry(str2, (String) null), str);
    }

    private ParameterList getParameterList(OpenIDParameterDTO[] openIDParameterDTOArr) {
        HashMap hashMap = new HashMap();
        for (int i = 0; i < openIDParameterDTOArr.length; i++) {
            hashMap.put(openIDParameterDTOArr[i].getName(), openIDParameterDTOArr[i].getValue());
        }
        return new ParameterList(hashMap);
    }

    private boolean validateIssuerInfoPolicy(SAMLTokenVerifier sAMLTokenVerifier, RelyingPartyData relyingPartyData) throws RelyingPartyException {
        boolean z = false;
        String issuerName = sAMLTokenVerifier.getIssuerName();
        String issuerPolicy = relyingPartyData.getIssuerPolicy();
        try {
            if (!"http://schemas.xmlsoap.org/ws/2005/05/identity/issuer/self".equals(issuerName)) {
                z = !issuerPolicy.equals("SelfOnly");
            } else if (issuerPolicy == null || issuerPolicy.equals("SelfOnly") || issuerPolicy.equals("SelfAndManaged")) {
                z = true;
            }
            return z;
        } catch (Exception e) {
            throw new RelyingPartyException("errorValidatingIssuerPolicy", e);
        }
    }

    private OpenIDParameterDTO[] getPapeInfo(PapeInfoRequestDTO papeInfoRequestDTO) {
        ParameterList parameterList = getParameterList(papeInfoRequestDTO.getParamList());
        String userName = OpenIDUtil.getUserName(papeInfoRequestDTO.getOpenID());
        try {
            AuthRequest createAuthRequest = AuthRequest.createAuthRequest(parameterList, OpenIDProvider.getInstance().getManager().getRealmVerifier());
            OpenIDAuthenticationRequest openIDAuthenticationRequest = new OpenIDAuthenticationRequest();
            openIDAuthenticationRequest.setAuthRequest(createAuthRequest);
            setPAPEProperties(openIDAuthenticationRequest, parameterList);
            String domainNameFromOpenId = TenantUtils.getDomainNameFromOpenId(papeInfoRequestDTO.getOpenID());
            String tenantLessUsername = UserCoreUtil.getTenantLessUsername(userName);
            Registry registry = IdentityTenantUtil.getRegistry(domainNameFromOpenId, userName);
            OpenIDParameterDTO[] papeInfoFromRequest = new OpenIDPape(openIDAuthenticationRequest).getPapeInfoFromRequest();
            if (papeInfoFromRequest[0].getValue().equals("true") && new InfoCardDAO(registry).getInfoCardsForUser(tenantLessUsername).length < 1) {
                papeInfoFromRequest[0].setValue("false");
            }
            if (papeInfoFromRequest[1].getValue().equals("true")) {
                IdentityPersistenceManager persistanceManager = IdentityPersistenceManager.getPersistanceManager();
                InfoCardDAO infoCardDAO = new InfoCardDAO(registry);
                if (infoCardDAO.getInfoCardsForUser(userName).length > 0 || (persistanceManager.hasXMPPSettings(registry, tenantLessUsername) && persistanceManager.isXmppSettingsEnabled(registry, tenantLessUsername))) {
                    if (infoCardDAO.getInfoCardsForUser(tenantLessUsername).length > 0) {
                        papeInfoFromRequest[2].setValue("true");
                    }
                    if (persistanceManager.hasXMPPSettings(registry, tenantLessUsername) && persistanceManager.isXmppSettingsEnabled(registry, tenantLessUsername)) {
                        papeInfoFromRequest[3].setValue("true");
                    }
                } else {
                    papeInfoFromRequest[1].setValue("false");
                }
            }
            return papeInfoFromRequest;
        } catch (Exception e) {
            this.log.error("Error retrieving Pape Information for the user " + userName, e);
            return null;
        }
    }

    private void setPAPEProperties(OpenIDAuthenticationRequest openIDAuthenticationRequest, ParameterList parameterList) {
        for (Parameter parameter : parameterList.getParameters()) {
            if (parameter.getValue().contains("http://schemas.openid.net/pape/policies/2007/06/phishing-resistant")) {
                openIDAuthenticationRequest.setPhishingResistanceLogin(true);
            }
            if (parameter.getValue().contains("http://schemas.openid.net/pape/policies/2007/06/multi-factor")) {
                openIDAuthenticationRequest.setMultifactorLogin(true);
            }
        }
    }

    public boolean doXMPPBasedMultiFactorAuthForInfocard(String str) throws Exception {
        boolean z = true;
        XMPPSettingsDO xmppSettings = IdentityPersistenceManager.getPersistanceManager().getXmppSettings(IdentityTenantUtil.getRegistry((String) null, str), UserCoreUtil.getTenantLessUsername(str));
        if (xmppSettings != null && xmppSettings.isXmppEnabled()) {
            z = new MPAuthenticationProvider(xmppSettings).authenticate();
        }
        if (this.log.isInfoEnabled()) {
            this.log.info("XMPP Multifactor Authentication was completed Successfully.");
        }
        return z;
    }

    public OpenIDUserProfileDTO[] getUserProfiles(String str, OpenIDParameterDTO[] openIDParameterDTOArr) throws Exception {
        try {
            String userName = OpenIDUtil.getUserName(str);
            String[] profileNames = IdentityTenantUtil.getRealm(TenantUtils.getDomainNameFromOpenId(str), userName).getUserStoreManager().getProfileNames(UserCoreUtil.getTenantLessUsername(userName));
            OpenIDUserProfileDTO[] openIDUserProfileDTOArr = new OpenIDUserProfileDTO[profileNames.length];
            List<String> requestedAttributes = getRequestedAttributes(AuthRequest.createAuthRequest(getParameterList(openIDParameterDTOArr), OpenIDProvider.getInstance().getManager().getRealmVerifier()));
            for (int i = 0; i < profileNames.length; i++) {
                OpenIDUserProfileDTO openIDUserProfileDTO = new OpenIDUserProfileDTO();
                OpenIDClaimDTO[] openIDClaimValues = getOpenIDClaimValues(str, profileNames[i], requestedAttributes);
                openIDUserProfileDTO.setProfileName(profileNames[i]);
                openIDUserProfileDTO.setClaimSet(openIDClaimValues);
                openIDUserProfileDTOArr[i] = openIDUserProfileDTO;
            }
            return openIDUserProfileDTOArr;
        } catch (UserStoreException e) {
            throw new Exception(e.getMessage(), e);
        }
    }

    private OpenIDClaimDTO[] getOpenIDClaimValues(String str, String str2, List<String> list) throws Exception {
        String[] strArr = new String[list.size()];
        String userName = OpenIDUtil.getUserName(str);
        String domainNameFromOpenId = TenantUtils.getDomainNameFromOpenId(str);
        String tenantLessUsername = UserCoreUtil.getTenantLessUsername(userName);
        UserRealm realm = IdentityTenantUtil.getRealm(domainNameFromOpenId, userName);
        Map userClaimValues = realm.getUserStoreManager().getUserClaimValues(tenantLessUsername, (String[]) list.toArray(strArr), str2);
        OpenIDClaimDTO[] openIDClaimDTOArr = new OpenIDClaimDTO[userClaimValues.size()];
        int i = 0;
        Claim[] allSupportedClaims = IdentityClaimManager.getInstance().getAllSupportedClaims(realm);
        for (int i2 = 0; i2 < allSupportedClaims.length; i2++) {
            if (userClaimValues.containsKey(allSupportedClaims[i2].getClaimUri())) {
                OpenIDClaimDTO openIDClaimDTO = new OpenIDClaimDTO();
                openIDClaimDTO.setClaimUri(allSupportedClaims[i2].getClaimUri());
                openIDClaimDTO.setClaimValue((String) userClaimValues.get(allSupportedClaims[i2].getClaimUri()));
                openIDClaimDTO.setDisplayTag(allSupportedClaims[i2].getDisplayTag());
                openIDClaimDTO.setDescription(allSupportedClaims[i2].getDescription());
                int i3 = i;
                i++;
                openIDClaimDTOArr[i3] = openIDClaimDTO;
            }
        }
        return openIDClaimDTOArr;
    }

    private void checkUserAuthorization(String str, String str2) throws IdentityProviderException {
        HttpSession session = ((HttpServletRequest) MessageContext.getCurrentMessageContext().getProperty(HTTPConstants.MC_HTTP_SERVLETREQUEST)).getSession(false);
        if (session == null) {
            throw new IdentityProviderException("Unauthorised action by user " + str + " to access " + str2);
        }
        if (!str.equals((String) session.getAttribute(OPENID_LOGGEDIN_USER))) {
            throw new IdentityProviderException("Unauthorised action by user " + str + " to access " + str2);
        }
    }

    private void validateInputParameters(String[] strArr, String str) {
        for (int i = 0; i < strArr.length; i++) {
            if (strArr[i] == null || strArr[i].trim().length() == 0) {
                if (this.log.isDebugEnabled()) {
                    this.log.debug(str);
                }
                throw new IllegalArgumentException(str);
            }
        }
    }
}
