package net.oauth.signatures;

import com.github.scribejava.core.model.OAuthConstants;
import java.security.SignatureException;
import java.util.Enumeration;
import javax.servlet.http.HttpServletRequest;
import net.oauth.jsontoken.Clock;
import net.oauth.jsontoken.JsonTokenParser;
import net.oauth.jsontoken.SystemClock;
import net.oauth.jsontoken.discovery.VerifierProviders;
import org.apache.http.NameValuePair;
import org.apache.http.message.BasicHeaderValueParser;
import org.apache.http.message.HeaderValueParser;

/* loaded from: input_file:lib/jsontoken-1.1.jar:net/oauth/signatures/SignedOAuthTokenParser.class */
public class SignedOAuthTokenParser {
    private final VerifierProviders locators;
    private final NonceChecker nonceChecker;
    private final Clock clock;

    public SignedOAuthTokenParser(VerifierProviders verifierProviders, NonceChecker nonceChecker) {
        this(verifierProviders, nonceChecker, new SystemClock());
    }

    public SignedOAuthTokenParser(VerifierProviders verifierProviders, NonceChecker nonceChecker, Clock clock) {
        this.locators = verifierProviders;
        this.nonceChecker = nonceChecker;
        this.clock = clock;
    }

    public SignedOAuthToken parseToken(HttpServletRequest httpServletRequest) throws SignatureException {
        String authHeader = getAuthHeader(httpServletRequest);
        if (authHeader == null) {
            throw new SignatureException("missing Authorization header of type 'Token'");
        }
        NameValuePair parseNameValuePair = BasicHeaderValueParser.parseNameValuePair(authHeader.substring(0, SignedOAuthToken.AUTH_METHOD.length()).trim(), (HeaderValueParser) null);
        if (parseNameValuePair == null) {
            throw new SignatureException("missing signed_token in Authorization header: " + authHeader);
        }
        if (!SignedOAuthToken.SIGNED_TOKEN_PARAM.equals(parseNameValuePair.getName())) {
            throw new SignatureException("missing signed_token in Authorization header");
        }
        String trim = parseNameValuePair.getValue().trim();
        String method = httpServletRequest.getMethod();
        StringBuffer requestURL = httpServletRequest.getRequestURL();
        if (httpServletRequest.getQueryString() != null) {
            requestURL.append("?");
            requestURL.append(httpServletRequest.getQueryString());
        }
        return parseToken(trim, method, requestURL.toString());
    }

    public SignedOAuthToken parseToken(String str, String str2, String str3) throws SignatureException {
        SignedOAuthToken signedOAuthToken = new SignedOAuthToken(new JsonTokenParser(this.clock, this.locators, new SignedTokenAudienceChecker(str3)).verifyAndDeserialize(str));
        if (!str2.equalsIgnoreCase(signedOAuthToken.getMethod())) {
            throw new SignatureException("method does not equal in token (" + signedOAuthToken.getMethod() + ")");
        }
        if (this.nonceChecker != null) {
            this.nonceChecker.checkNonce(signedOAuthToken.getNonce());
        }
        return signedOAuthToken;
    }

    private String getAuthHeader(HttpServletRequest httpServletRequest) {
        Enumeration headers = httpServletRequest.getHeaders(OAuthConstants.HEADER);
        if (headers == null) {
            return null;
        }
        while (headers.hasMoreElements()) {
            String str = (String) headers.nextElement();
            if (str.trim().startsWith(SignedOAuthToken.AUTH_METHOD)) {
                return str.trim();
            }
        }
        return null;
    }
}
