package com.atlassian.applinks.ui.validators;

import com.atlassian.applinks.api.ApplicationLink;
import com.atlassian.applinks.api.ApplicationLinkService;
import com.atlassian.applinks.core.util.MessageFactory;
import com.atlassian.applinks.host.spi.InternalHostApplication;
import com.atlassian.applinks.ui.AbstractApplinksServlet;
import com.google.common.base.Predicate;
import com.google.common.collect.Iterables;
import java.net.URI;
import java.net.URISyntaxException;

/* loaded from: input_file:WEB-INF/atlassian-bundled-plugins/applinks-plugin-5.4.7.jar:com/atlassian/applinks/ui/validators/CallbackParameterValidator.class */
public class CallbackParameterValidator {
    private final MessageFactory messageFactory;
    private final InternalHostApplication internalHostApplication;
    private final ApplicationLinkService applicationLinkService;

    public CallbackParameterValidator(MessageFactory messageFactory, InternalHostApplication internalHostApplication, ApplicationLinkService applicationLinkService) {
        this.messageFactory = messageFactory;
        this.internalHostApplication = internalHostApplication;
        this.applicationLinkService = applicationLinkService;
    }

    public boolean isCallbackUrlValid(String str) {
        try {
            validate(str);
            return true;
        } catch (AbstractApplinksServlet.BadRequestException e) {
            return false;
        }
    }

    public void validate(String str) throws AbstractApplinksServlet.BadRequestException {
        URI baseUrl = this.internalHostApplication.getBaseUrl();
        try {
            URI uri = new URI(str);
            if (str.startsWith("//")) {
                throw createBadRequestException(str);
            }
            if (!uri.isAbsolute() && !str.startsWith(baseUrl.getPath())) {
                throw createBadRequestException(str);
            }
            if (uri.isAbsolute() && !validateAbsoluteUri(baseUrl, uri) && !isPointingToAnyApplinkUrl(uri)) {
                throw createBadRequestException(str);
            }
        } catch (URISyntaxException e) {
            throw createBadRequestException(str);
        }
    }

    private boolean isPointingToAnyApplinkUrl(final URI uri) {
        return Iterables.any(this.applicationLinkService.getApplicationLinks(), new Predicate<ApplicationLink>() { // from class: com.atlassian.applinks.ui.validators.CallbackParameterValidator.1
            @Override // com.google.common.base.Predicate
            public boolean apply(ApplicationLink applicationLink) {
                return CallbackParameterValidator.this.validateCallbackUriAgainstApplink(uri, applicationLink);
            }
        });
    }

    public boolean validateCallbackUriAgainstApplink(URI uri, ApplicationLink applicationLink) {
        return validateAbsoluteUri(applicationLink.getDisplayUrl(), uri) || validateAbsoluteUri(applicationLink.getRpcUrl(), uri);
    }

    public boolean validateAbsoluteUri(URI uri, URI uri2) {
        return uri.getScheme().equals(uri2.getScheme()) && uri.getHost().equals(uri2.getHost()) && uri.getPort() == uri2.getPort() && uri2.getPath().startsWith(uri.getPath());
    }

    private AbstractApplinksServlet.BadRequestException createBadRequestException(String str) {
        return new AbstractApplinksServlet.BadRequestException(this.messageFactory.newI18nMessage("auth.config.parameter.callback.invalid", str));
    }
}
