package org.wso2.solutions.identity.relyingparty.openid.extensions;

import java.util.HashMap;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import org.openid4java.OpenIDException;
import org.openid4java.infocard.InfocardException;
import org.openid4java.infocard.OpenIDToken;
import org.openid4java.message.AuthSuccess;
import org.openid4java.message.MessageExtension;
import org.openid4java.message.ParameterList;
import org.openid4java.message.ax.FetchResponse;
import org.wso2.solutions.identity.relyingparty.RelyingPartyException;
import org.wso2.solutions.identity.relyingparty.TokenVerifierConstants;
import org.wso2.solutions.identity.relyingparty.openid.OpenIDConsumer;

/* loaded from: input_file:org/wso2/solutions/identity/relyingparty/openid/extensions/OpenIDInfoCardExtension.class */
public class OpenIDInfoCardExtension {
    private static Map<String, String> axMapping = new HashMap();

    public void setSessionAttributes(HttpServletRequest httpServletRequest) throws RelyingPartyException {
        String parameter = httpServletRequest.getParameter("xmlToken");
        HttpSession session = httpServletRequest.getSession();
        if (parameter == null) {
            throw new RelyingPartyException("invalidXMLToken");
        }
        try {
            parseOpenIDInfoCardToken(httpServletRequest, session, getOpenIDResponse(httpServletRequest));
            httpServletRequest.setAttribute(TokenVerifierConstants.SERVLET_ATTR_STATE, TokenVerifierConstants.STATE_SUCCESS);
        } catch (OpenIDException e) {
            throw new RelyingPartyException(e.getMessage(), (Throwable) e);
        }
    }

    protected void parseOpenIDInfoCardToken(HttpServletRequest httpServletRequest, HttpSession httpSession, ParameterList parameterList) throws OpenIDException, RelyingPartyException {
        MessageExtension extension;
        AuthSuccess verifyOpenID = OpenIDConsumer.getInstance().verifyOpenID(httpServletRequest, parameterList);
        httpServletRequest.setAttribute("openid_identifier", parameterList.getParameter("openid.identity").getValue());
        if (verifyOpenID instanceof AuthSuccess) {
            AuthSuccess authSuccess = verifyOpenID;
            if (authSuccess.hasExtension("http://openid.net/srv/ax/1.0") && (extension = authSuccess.getExtension("http://openid.net/srv/ax/1.0")) != null && (extension instanceof FetchResponse)) {
                setSessionAttributes((FetchResponse) extension, httpServletRequest);
            }
        }
    }

    private ParameterList getOpenIDResponse(HttpServletRequest httpServletRequest) throws RelyingPartyException {
        String parameter = httpServletRequest.getParameter("xmlToken");
        httpServletRequest.getSession().setAttribute("openidAssertion", parameter);
        try {
            return OpenIDToken.createFromXmlToken(parameter).getOpenIDParams();
        } catch (InfocardException e) {
            throw new RelyingPartyException("openIDTokenExtractionFailed", (Throwable) e);
        }
    }

    private void setSessionAttributes(FetchResponse fetchResponse, HttpServletRequest httpServletRequest) {
        for (Object obj : fetchResponse.getAttributeAliases()) {
            httpServletRequest.setAttribute((String) (axMapping.containsKey((String) obj) ? axMapping.get(obj) : obj), (String) fetchResponse.getAttributeValues((String) obj).get(0));
        }
    }

    static {
        axMapping.put("http://axschema.org/contact/postalCode/home", "postcode");
        axMapping.put("http://axschema.org/namePerson/friendly", "nickname");
        axMapping.put("http://axschema.org/pref/language", "language");
        axMapping.put("http://axschema.org/person/gender", "gender");
        axMapping.put("http://axschema.org/contact/country/home", "country");
        axMapping.put("http://axschema.org/birthDate", "dob");
        axMapping.put("http://axschema.org/namePerson", "fullname");
        axMapping.put("http://axschema.org/pref/timezone", "timezone");
        axMapping.put("http://axschema.org/contact/email", "email");
    }
}
