package io.openliberty.security.openidconnect.web;

import com.ibm.websphere.ras.Tr;
import com.ibm.websphere.ras.TraceComponent;
import com.ibm.websphere.ras.annotation.TraceObjectField;
import com.ibm.websphere.ras.annotation.TraceOptions;
import com.ibm.ws.ffdc.annotation.FFDCIgnore;
import com.ibm.ws.ras.instrument.annotation.InjectedFFDC;
import com.ibm.ws.security.oauth20.web.OAuth20Request;
import com.ibm.ws.security.openidconnect.server.internal.OidcServerConfigImpl;
import com.ibm.ws.security.openidconnect.web.OidcEndpointServices;
import com.ibm.ws.security.openidconnect.web.OidcRequest;
import io.openliberty.security.common.http.SupportedHttpMethodHandler;
import io.openliberty.security.oauth20.web.OAuthSupportedHttpMethodHandler;
import io.openliberty.security.openidconnect.server.config.OidcEndpointSettings;
import io.openliberty.security.openidconnect.server.config.SpecificOidcEndpointSettings;
import java.util.HashSet;
import java.util.Set;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

@InjectedFFDC
@TraceObjectField(fieldName = "tc", fieldDesc = "Lcom/ibm/websphere/ras/TraceComponent;")
@TraceOptions
/* loaded from: input_file:io/openliberty/security/openidconnect/web/OidcSupportedHttpMethodHandler.class */
public class OidcSupportedHttpMethodHandler extends OAuthSupportedHttpMethodHandler {
    private static TraceComponent tc = Tr.register(OidcSupportedHttpMethodHandler.class, "OpenIdConnect", "com.ibm.ws.security.openidconnect.server.internal.resources.OidcServerMessages");
    protected OidcRequest oidcRequest;
    protected String oidcProviderName;
    protected OidcEndpointServices endpointServices;
    protected OidcServerConfigImpl oidcConfig;
    static final long serialVersionUID = -3942926019773515083L;

    public OidcSupportedHttpMethodHandler(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, OidcEndpointServices oidcEndpointServices) {
        super(httpServletRequest, httpServletResponse);
        this.oidcRequest = null;
        this.oidcProviderName = null;
        this.endpointServices = null;
        this.oidcConfig = null;
        this.endpointServices = oidcEndpointServices;
        this.oidcRequest = getOidcRequestAttribute();
        if (this.oidcRequest != null) {
            this.oidcProviderName = this.oidcRequest.getProviderName();
            this.oidcConfig = getOidcProviderConfig();
            if (this.oidcConfig != null) {
                this.oauth20ProviderName = this.oidcConfig.getOauthProviderName();
                this.oauthProvider = getOAuth20Provider();
            }
        }
    }

    protected OAuth20Request.EndpointType getEndpointType() {
        return this.oidcRequest != null ? this.oidcRequest.getType() : super.getEndpointType();
    }

    protected Set<SupportedHttpMethodHandler.HttpMethod> getDefaultSupportedMethodsForEndpoint(OAuth20Request.EndpointType endpointType) {
        HashSet hashSet = new HashSet();
        hashSet.add(SupportedHttpMethodHandler.HttpMethod.OPTIONS);
        if (endpointType != OAuth20Request.EndpointType.discovery && endpointType != OAuth20Request.EndpointType.userinfo && endpointType != OAuth20Request.EndpointType.end_session && endpointType != OAuth20Request.EndpointType.check_session_iframe && endpointType != OAuth20Request.EndpointType.jwk) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Received a request for an unknown OIDC endpoint: [" + endpointType + "]. Checking if it's an OAuth endpoint...", new Object[0]);
            }
            return super.getDefaultSupportedMethodsForEndpoint(endpointType);
        }
        hashSet.add(SupportedHttpMethodHandler.HttpMethod.GET);
        hashSet.add(SupportedHttpMethodHandler.HttpMethod.HEAD);
        hashSet.add(SupportedHttpMethodHandler.HttpMethod.POST);
        return hashSet;
    }

    protected Set<SupportedHttpMethodHandler.HttpMethod> getConfiguredSupportedMethodsForEndpoint(OAuth20Request.EndpointType endpointType) {
        OidcEndpointSettings configuredOidcEndpointSettings = getConfiguredOidcEndpointSettings();
        if (configuredOidcEndpointSettings == null) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Did not find any OIDC endpoint settings for provider. Checking for OAuth endpoint settings...", new Object[0]);
            }
            return super.getConfiguredSupportedMethodsForEndpoint(endpointType);
        }
        SpecificOidcEndpointSettings specificOidcEndpointSettings = configuredOidcEndpointSettings.getSpecificOidcEndpointSettings(endpointType);
        if (specificOidcEndpointSettings != null) {
            return specificOidcEndpointSettings.getSupportedHttpMethods();
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "Did not find any specific OIDC endpoint settings for endpoint [" + endpointType + "]. Checking if it's an OAuth endpoint...", new Object[0]);
        }
        return super.getConfiguredSupportedMethodsForEndpoint(endpointType);
    }

    OidcEndpointSettings getConfiguredOidcEndpointSettings() {
        if (this.oidcConfig != null) {
            return this.oidcConfig.getOidcEndpointSettings();
        }
        if (!tc.isDebugEnabled()) {
            return null;
        }
        Tr.debug(tc, "Did not find an OIDC provider matching the name [" + this.oidcProviderName + "]", new Object[0]);
        return null;
    }

    @FFDCIgnore({Exception.class})
    OidcServerConfigImpl getOidcProviderConfig() {
        if (this.oidcProviderName == null) {
            if (!tc.isDebugEnabled()) {
                return null;
            }
            Tr.debug(tc, "Cannot look up configured endpoint settings because OIDC provider name is not known", new Object[0]);
            return null;
        }
        if (this.endpointServices == null) {
            if (!tc.isDebugEnabled()) {
                return null;
            }
            Tr.debug(tc, "Did not find OIDC endpoint services object to use to get configured OIDC endpoint settings", new Object[0]);
            return null;
        }
        try {
            return (OidcServerConfigImpl) this.endpointServices.getOidcServerConfig(this.response, this.oidcProviderName, false);
        } catch (Exception e) {
            if (!tc.isDebugEnabled()) {
                return null;
            }
            Tr.debug(tc, "Caught an exception attempting to get OIDC server configuration for provider [" + this.oidcProviderName + "]: " + e, new Object[0]);
            return null;
        }
    }

    OidcRequest getOidcRequestAttribute() {
        OidcRequest oidcRequest = (OidcRequest) this.request.getAttribute("OidcRequest");
        if (oidcRequest != null) {
            return oidcRequest;
        }
        if (!tc.isDebugEnabled()) {
            return null;
        }
        Tr.debug(tc, "Failed to find OidcRequest information from the inbound request", new Object[0]);
        return null;
    }
}
