package org.nuxeo.ecm.platform.login;

import java.io.IOException;
import java.util.List;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import net.oauth.OAuthMessage;
import net.oauth.server.OAuthServlet;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.nuxeo.ecm.platform.api.login.UserIdentificationInfo;
import org.nuxeo.ecm.platform.oauth.api.OAuthService;
import org.nuxeo.ecm.platform.ui.web.auth.interfaces.NuxeoAuthenticationPlugin;
import org.nuxeo.runtime.api.Framework;

/* loaded from: input_file:org/nuxeo/ecm/platform/login/SignedAuthAuthenticator.class */
public class SignedAuthAuthenticator implements NuxeoAuthenticationPlugin {
    protected static final String XOAUTH_SIGNATURE_PUBLIC_KEY = "xoauth_signature_publickey";
    private static final String OPENSOCIAL_VIEWER_ID = "opensocial_viewer_id";
    private static OAuthService service = null;
    private static final Log log = LogFactory.getLog(SignedAuthAuthenticator.class);

    public List<String> getUnAuthenticatedURLPrefix() {
        return null;
    }

    public Boolean handleLoginPrompt(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) {
        return false;
    }

    public UserIdentificationInfo handleRetrieveIdentity(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        return verifyFetch(httpServletRequest, httpServletResponse);
    }

    private UserIdentificationInfo verifyFetch(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        if (httpServletRequest.getParameter(OPENSOCIAL_VIEWER_ID) == null) {
            return null;
        }
        String parameter = httpServletRequest.getParameter(XOAUTH_SIGNATURE_PUBLIC_KEY);
        OAuthMessage message = OAuthServlet.getMessage(httpServletRequest, null);
        try {
            if (getOAuthService().verify(message, parameter)) {
                return getUserIdenticationInfoFromMessage(message);
            }
            log.info("User has not been recognized : returning null ");
            return null;
        } catch (Exception e) {
            return null;
        }
    }

    private OAuthService getOAuthService() throws Exception {
        if (service == null) {
            service = (OAuthService) Framework.getService(OAuthService.class);
        }
        return service;
    }

    private UserIdentificationInfo getUserIdenticationInfoFromMessage(OAuthMessage oAuthMessage) {
        try {
            String parameter = oAuthMessage.getParameter(OPENSOCIAL_VIEWER_ID);
            log.info("User has been recognized :" + parameter);
            return new UserIdentificationInfo(parameter, parameter);
        } catch (IOException e) {
            log.error(e.getMessage(), e);
            return null;
        }
    }

    public void initPlugin(Map<String, String> map) {
    }

    public Boolean needLoginPrompt(HttpServletRequest httpServletRequest) {
        return false;
    }
}
