package org.wso2.carbon.identity.relyingparty.openid;

import java.net.MalformedURLException;
import java.net.URI;
import java.net.URISyntaxException;
import java.net.URL;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.identity.relyingparty.OpenIDRelyingPartyData;
import org.wso2.carbon.identity.relyingparty.RelyingPartyException;
import org.wso2.carbon.identity.relyingparty.TokenVerifierConstants;
import org.wso2.carbon.identity.relyingparty.saml.IssuerCertificateUtil;

/* loaded from: input_file:org/wso2/carbon/identity/relyingparty/openid/OpenIDUtil.class */
public class OpenIDUtil {
    private static OpenIDRelyingPartyData rpData;
    private static Log log = LogFactory.getLog(OpenIDUtil.class);

    public static String getMappedReturningUrl(String str, OpenIDRelyingPartyData openIDRelyingPartyData) throws RelyingPartyException {
        try {
            try {
                URL url = new URI(str).normalize().toURL();
                String host = url.getHost();
                int port = url.getPort();
                if (log.isDebugEnabled()) {
                    log.debug("Hostname in the received return_to url:" + host);
                    log.debug("Port number in the received return_to url:" + port);
                }
                if (openIDRelyingPartyData != null) {
                    if (log.isDebugEnabled()) {
                        log.debug("Mapped host name facing Apache:" + openIDRelyingPartyData.getMappedHostName());
                        log.debug("Mapped port number facing Apache:" + openIDRelyingPartyData.getMappedPortNumber());
                        log.debug("Mapping host name facing Apache:" + openIDRelyingPartyData.getMappingHostName());
                        log.debug("Mapping port number facing Apache:" + openIDRelyingPartyData.getMappingPortNumber());
                    }
                    if (openIDRelyingPartyData.getMappedHostName() != null && openIDRelyingPartyData.getMappingHostName() != null && openIDRelyingPartyData.getMappingHostName().equals(url.getHost())) {
                        host = openIDRelyingPartyData.getMappedHostName();
                    }
                    if (openIDRelyingPartyData.getMappedPortNumber() != null && openIDRelyingPartyData.getMappingPortNumber() != null && Integer.parseInt(openIDRelyingPartyData.getMappingPortNumber()) == url.getPort()) {
                        port = Integer.parseInt(openIDRelyingPartyData.getMappedPortNumber());
                    }
                }
                try {
                    URL url2 = ((url.getProtocol().toLowerCase().equals("http") && port == 80) || (url.getProtocol().toLowerCase().equals("https") && port == 443)) ? new URL(url.getProtocol().toLowerCase(), host, url.getPath()) : new URL(url.getProtocol().toLowerCase(), host, port, url.getPath());
                    if (log.isDebugEnabled()) {
                        log.debug("Formatted return_to url : " + url2.toString());
                    }
                    return url2.toString();
                } catch (MalformedURLException e) {
                    log.error("Return_to url is malformed", e);
                    throw new RelyingPartyException("Return_to url is malformed", e);
                }
            } catch (MalformedURLException e2) {
                log.error("Return_to url is malformed", e2);
                throw new RelyingPartyException("Return_to url is malformed", e2);
            }
        } catch (URISyntaxException e3) {
            log.error("Return_to url is not in the correct syntax", e3);
            throw new RelyingPartyException("Return_to url is not in the correct syntax", e3);
        }
    }

    public static boolean isOpenIDProviderTrusted(String str) throws Exception {
        if (rpData.getOpValidationPolicy() == null) {
            return true;
        }
        if (rpData.getOpValidationPolicy().equals(TokenVerifierConstants.WHITE_LIST)) {
            if (!IssuerCertificateUtil.isWhiteListed(str, rpData.getOpKeyStore())) {
                return false;
            }
            if (!log.isDebugEnabled()) {
                return true;
            }
            log.debug("Whitelisted OpenID Provider: " + str);
            return true;
        }
        if (!rpData.getOpValidationPolicy().equals(TokenVerifierConstants.BLACK_LIST) || IssuerCertificateUtil.isBlackListed(str, rpData.getOpKeyStore())) {
            return false;
        }
        if (!log.isDebugEnabled()) {
            return true;
        }
        log.debug("Blacklisted OpenID Provider: " + str);
        return true;
    }

    public static void setRpData(OpenIDRelyingPartyData openIDRelyingPartyData) {
        rpData = openIDRelyingPartyData;
    }
}
