package org.openid4java.server;

import com.google.inject.Inject;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.openid4java.OpenIDException;
import org.openid4java.association.Association;
import org.openid4java.association.AssociationException;
import org.openid4java.association.AssociationSessionType;
import org.openid4java.association.DiffieHellmanSession;
import org.openid4java.discovery.yadis.YadisResolver;
import org.openid4java.message.AssociationError;
import org.openid4java.message.AssociationRequest;
import org.openid4java.message.AssociationResponse;
import org.openid4java.message.AuthRequest;
import org.openid4java.message.AuthSuccess;
import org.openid4java.message.DirectError;
import org.openid4java.message.IndirectError;
import org.openid4java.message.Message;
import org.openid4java.message.MessageException;
import org.openid4java.message.ParameterList;
import org.openid4java.util.HttpFetcherFactory;

/* loaded from: classes2.dex */
public class ServerManager {
    private boolean _checkPrivateSharedAssociations;
    private int _expireIn;
    private AssociationSessionType _minAssocSessEnc;
    private NonceGenerator _nonceGenerator;
    private String _opEndpointUrl;
    private AssociationSessionType _prefAssocSessEnc;
    private ServerAssociationStore _privateAssociations;
    private RealmVerifier _realmVerifier;
    private ServerAssociationStore _sharedAssociations;
    private String[] _signExtensions;
    private String _signFields;
    private String _userSetupUrl;
    private static Log _log = LogFactory.getLog(ServerManager.class);
    private static final boolean DEBUG = _log.isDebugEnabled();

    public ServerManager() {
        this(new RealmVerifierFactory(new YadisResolver(new HttpFetcherFactory())));
    }

    @Inject
    public ServerManager(RealmVerifierFactory realmVerifierFactory) {
        this._sharedAssociations = new InMemoryServerAssociationStore();
        this._privateAssociations = new InMemoryServerAssociationStore();
        this._checkPrivateSharedAssociations = true;
        this._nonceGenerator = new IncrementalNonceGenerator();
        this._minAssocSessEnc = AssociationSessionType.NO_ENCRYPTION_SHA1MAC;
        this._prefAssocSessEnc = AssociationSessionType.DH_SHA256;
        this._expireIn = OpenIDException.YADIS_GET_INVALID_RESPONSE;
        this._userSetupUrl = null;
        this._realmVerifier = realmVerifierFactory.getRealmVerifierForServer();
        this._realmVerifier.setEnforceRpId(false);
    }

    public Message associationResponse(ParameterList parameterList) {
        boolean z;
        AssociationRequest createAssociationRequest;
        boolean hasParameter = parameterList.hasParameter("openid.ns");
        _log.info("Processing association request...");
        try {
            createAssociationRequest = AssociationRequest.createAssociationRequest(parameterList);
            z = createAssociationRequest.isVersion2();
        } catch (OpenIDException e) {
            e = e;
            z = hasParameter;
        }
        try {
            AssociationSessionType type = createAssociationRequest.getType();
            if (!Association.isHmacSupported(type.getAssociationType()) || !DiffieHellmanSession.isDhSupported(type) || this._minAssocSessEnc.isBetter(type)) {
                throw new AssociationException("Unable create association for: " + type.getSessionType() + " / " + type.getAssociationType());
            }
            Association generate = this._sharedAssociations.generate(type.getAssociationType(), this._expireIn);
            _log.info("Returning shared association; handle: " + generate.getHandle());
            return AssociationResponse.createAssociationResponse(createAssociationRequest, generate);
        } catch (OpenIDException e2) {
            e = e2;
            if (z) {
                _log.warn("Cannot establish association, responding with an OpenID2 association error.", e);
                return AssociationError.createAssociationError(e.getMessage(), this._prefAssocSessEnc);
            }
            _log.warn("Error processing an OpenID1 association request: " + e.getMessage() + " Responding with a dummy association.", e);
            try {
                return AssociationResponse.createAssociationResponse(AssociationRequest.createAssociationRequest(AssociationSessionType.NO_ENCRYPTION_COMPAT_SHA1MAC), this._sharedAssociations.generate(Association.TYPE_HMAC_SHA1, 0));
            } catch (OpenIDException unused) {
                _log.error("Error creating negative OpenID1 association response.", e);
                return null;
            }
        }
    }

    public Message authResponse(AuthRequest authRequest, String str, String str2, boolean z) {
        return authResponse(authRequest, str, str2, z, this._opEndpointUrl, true);
    }

    public Message authResponse(AuthRequest authRequest, String str, String str2, boolean z, String str3) {
        return authResponse(authRequest, str, str2, z, str3, true);
    }

    /* JADX WARN: Removed duplicated region for block: B:29:0x0049 A[Catch: OpenIDException -> 0x0132, TryCatch #1 {OpenIDException -> 0x0132, blocks: (B:23:0x0020, B:24:0x0025, B:29:0x0049, B:31:0x004d, B:32:0x006b, B:34:0x0071, B:36:0x0079, B:38:0x00ad, B:39:0x00d8, B:41:0x00e0, B:42:0x00e6, B:44:0x00f4, B:45:0x00f9, B:47:0x00fd, B:49:0x0104, B:50:0x010f, B:53:0x0091, B:55:0x012a, B:56:0x0131, B:61:0x0043, B:62:0x003b, B:8:0x0156, B:10:0x015c, B:13:0x0182, B:16:0x0197, B:19:0x0180, B:20:0x01b0, B:65:0x0136), top: B:6:0x001e, inners: #0 }] */
    /* JADX WARN: Removed duplicated region for block: B:55:0x012a A[Catch: OpenIDException -> 0x0132, TryCatch #1 {OpenIDException -> 0x0132, blocks: (B:23:0x0020, B:24:0x0025, B:29:0x0049, B:31:0x004d, B:32:0x006b, B:34:0x0071, B:36:0x0079, B:38:0x00ad, B:39:0x00d8, B:41:0x00e0, B:42:0x00e6, B:44:0x00f4, B:45:0x00f9, B:47:0x00fd, B:49:0x0104, B:50:0x010f, B:53:0x0091, B:55:0x012a, B:56:0x0131, B:61:0x0043, B:62:0x003b, B:8:0x0156, B:10:0x015c, B:13:0x0182, B:16:0x0197, B:19:0x0180, B:20:0x01b0, B:65:0x0136), top: B:6:0x001e, inners: #0 }] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public org.openid4java.message.Message authResponse(org.openid4java.message.AuthRequest r15, java.lang.String r16, java.lang.String r17, boolean r18, java.lang.String r19, boolean r20) {
        /*
            Method dump skipped, instructions count: 510
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: org.openid4java.server.ServerManager.authResponse(org.openid4java.message.AuthRequest, java.lang.String, java.lang.String, boolean, java.lang.String, boolean):org.openid4java.message.Message");
    }

    public Message authResponse(AuthRequest authRequest, String str, String str2, boolean z, boolean z2) {
        return authResponse(authRequest, str, str2, z, this._opEndpointUrl, z2);
    }

    public Message authResponse(ParameterList parameterList, String str, String str2, boolean z) {
        return authResponse(parameterList, str, str2, z, this._opEndpointUrl, true);
    }

    public Message authResponse(ParameterList parameterList, String str, String str2, boolean z, String str3) {
        return authResponse(parameterList, str, str2, z, str3, true);
    }

    public Message authResponse(ParameterList parameterList, String str, String str2, boolean z, String str3, boolean z2) {
        _log.info("Parsing authentication request...");
        boolean equals = Message.OPENID2_NS.equals(parameterList.getParameterValue("openid.ns"));
        try {
            return authResponse(AuthRequest.createAuthRequest(parameterList, this._realmVerifier), str, str2, z, str3, z2);
        } catch (MessageException e) {
            if (parameterList.hasParameter("openid.return_to")) {
                _log.error("Invalid authentication request; responding with an indirect error message.", e);
                return IndirectError.createIndirectError(e, parameterList.getParameterValue("openid.return_to"), !equals);
            }
            _log.error("Invalid authentication request; responding with a direct error message.", e);
            return DirectError.createDirectError(e, !equals);
        }
    }

    public Message authResponse(ParameterList parameterList, String str, String str2, boolean z, boolean z2) {
        return authResponse(parameterList, str, str2, z, this._opEndpointUrl, z2);
    }

    public boolean getEnforceRpId() {
        return this._realmVerifier.getEnforceRpId();
    }

    public int getExpireIn() {
        return this._expireIn;
    }

    public AssociationSessionType getMinAssocSessEnc() {
        return this._minAssocSessEnc;
    }

    public NonceGenerator getNonceGenerator() {
        return this._nonceGenerator;
    }

    public String getOPEndpointUrl() {
        return this._opEndpointUrl;
    }

    public AssociationSessionType getPrefAssocSessEnc() {
        return this._prefAssocSessEnc;
    }

    public ServerAssociationStore getPrivateAssociations() {
        return this._privateAssociations;
    }

    public RealmVerifier getRealmVerifier() {
        return this._realmVerifier;
    }

    public ServerAssociationStore getSharedAssociations() {
        return this._sharedAssociations;
    }

    public String[] getSignExtensions() {
        return this._signExtensions;
    }

    public String getSignFields() {
        return this._signFields;
    }

    public String getUserSetupUrl() {
        return this._userSetupUrl;
    }

    public boolean isCheckPrivateSharedAssociations() {
        return this._checkPrivateSharedAssociations;
    }

    public void setCheckPrivateSharedAssociations(boolean z) {
        this._checkPrivateSharedAssociations = z;
    }

    public void setEnforceRpId(boolean z) {
        this._realmVerifier.setEnforceRpId(z);
    }

    public void setExpireIn(int i) {
        this._expireIn = i;
    }

    public void setMinAssocSessEnc(AssociationSessionType associationSessionType) {
        this._minAssocSessEnc = associationSessionType;
    }

    public void setNonceGenerator(NonceGenerator nonceGenerator) {
        this._nonceGenerator = nonceGenerator;
    }

    public void setOPEndpointUrl(String str) {
        this._opEndpointUrl = str;
    }

    public void setPrefAssocSessEnc(AssociationSessionType associationSessionType) throws ServerException {
        if (Association.isHmacSupported(associationSessionType.getAssociationType()) && DiffieHellmanSession.isDhSupported(associationSessionType)) {
            if (this._minAssocSessEnc.isBetter(associationSessionType)) {
                throw new ServerException("Minimum encryption settings cannot be better than the preferred");
            }
            this._prefAssocSessEnc = associationSessionType;
        } else {
            throw new ServerException("Unsupported association / session type: " + associationSessionType.getSessionType() + " : " + associationSessionType.getAssociationType());
        }
    }

    public void setPrivateAssociations(ServerAssociationStore serverAssociationStore) {
        this._privateAssociations = serverAssociationStore;
    }

    public void setRealmVerifier(RealmVerifier realmVerifier) {
        this._realmVerifier = realmVerifier;
    }

    public void setSharedAssociations(ServerAssociationStore serverAssociationStore) {
        this._sharedAssociations = serverAssociationStore;
    }

    public void setSignExtensions(String[] strArr) {
        this._signExtensions = strArr;
    }

    public void setSignFields(String str) {
        this._signFields = str;
    }

    public void setUserSetupUrl(String str) {
        this._userSetupUrl = str;
    }

    public void sign(AuthSuccess authSuccess) throws ServerException, AssociationException {
        String handle = authSuccess.getHandle();
        Association load = this._sharedAssociations.load(handle);
        if (load == null) {
            load = this._privateAssociations.load(handle);
        }
        if (load != null) {
            authSuccess.setSignature(load.sign(authSuccess.getSignedText()));
            return;
        }
        throw new ServerException("No association found for handle: " + handle);
    }

    /* JADX WARN: Removed duplicated region for block: B:14:0x0086 A[Catch: OpenIDException -> 0x00e7, TryCatch #1 {OpenIDException -> 0x00e7, blocks: (B:6:0x0011, B:8:0x001f, B:10:0x0027, B:12:0x0078, B:14:0x0086, B:16:0x008c, B:18:0x0094, B:19:0x00c4, B:22:0x00d7, B:27:0x00ae, B:29:0x004f), top: B:5:0x0011 }] */
    /* JADX WARN: Removed duplicated region for block: B:21:0x00d2  */
    /* JADX WARN: Removed duplicated region for block: B:26:0x00d5  */
    /* JADX WARN: Removed duplicated region for block: B:27:0x00ae A[Catch: OpenIDException -> 0x00e7, TryCatch #1 {OpenIDException -> 0x00e7, blocks: (B:6:0x0011, B:8:0x001f, B:10:0x0027, B:12:0x0078, B:14:0x0086, B:16:0x008c, B:18:0x0094, B:19:0x00c4, B:22:0x00d7, B:27:0x00ae, B:29:0x004f), top: B:5:0x0011 }] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public org.openid4java.message.Message verify(org.openid4java.message.ParameterList r9) {
        /*
            r8 = this;
            org.apache.commons.logging.Log r0 = org.openid4java.server.ServerManager._log
            java.lang.String r1 = "Processing verification request..."
            r0.info(r1)
            r0 = 0
            r1 = 1
            org.openid4java.message.VerifyRequest r9 = org.openid4java.message.VerifyRequest.createVerifyRequest(r9)     // Catch: org.openid4java.OpenIDException -> Le9
            boolean r2 = r9.isVersion2()     // Catch: org.openid4java.OpenIDException -> Le9
            java.lang.String r3 = r9.getHandle()     // Catch: org.openid4java.OpenIDException -> Le7
            org.openid4java.server.ServerAssociationStore r4 = r8._privateAssociations     // Catch: org.openid4java.OpenIDException -> Le7
            org.openid4java.association.Association r4 = r4.load(r3)     // Catch: org.openid4java.OpenIDException -> Le7
            boolean r5 = r8._checkPrivateSharedAssociations     // Catch: org.openid4java.OpenIDException -> Le7
            if (r5 == 0) goto L4d
            org.openid4java.server.ServerAssociationStore r5 = r8._sharedAssociations     // Catch: org.openid4java.OpenIDException -> Le7
            org.openid4java.association.Association r5 = r5.load(r3)     // Catch: org.openid4java.OpenIDException -> Le7
            if (r5 == 0) goto L4d
            org.apache.commons.logging.Log r4 = org.openid4java.server.ServerManager._log     // Catch: org.openid4java.OpenIDException -> Le7
            java.lang.StringBuilder r5 = new java.lang.StringBuilder     // Catch: org.openid4java.OpenIDException -> Le7
            r5.<init>()     // Catch: org.openid4java.OpenIDException -> Le7
            java.lang.String r6 = "association for handle: "
            r5.append(r6)     // Catch: org.openid4java.OpenIDException -> Le7
            r5.append(r3)     // Catch: org.openid4java.OpenIDException -> Le7
            java.lang.String r6 = " expected to be private "
            r5.append(r6)     // Catch: org.openid4java.OpenIDException -> Le7
            java.lang.String r6 = "but was found in shared association store, denying direct verification request; "
            r5.append(r6)     // Catch: org.openid4java.OpenIDException -> Le7
            java.lang.String r6 = "please configure different association store/instances for private vs shared associations"
            r5.append(r6)     // Catch: org.openid4java.OpenIDException -> Le7
            java.lang.String r5 = r5.toString()     // Catch: org.openid4java.OpenIDException -> Le7
            r4.warn(r5)     // Catch: org.openid4java.OpenIDException -> Le7
            goto L77
        L4d:
            if (r4 == 0) goto L77
            org.apache.commons.logging.Log r5 = org.openid4java.server.ServerManager._log     // Catch: org.openid4java.OpenIDException -> Le7
            java.lang.StringBuilder r6 = new java.lang.StringBuilder     // Catch: org.openid4java.OpenIDException -> Le7
            r6.<init>()     // Catch: org.openid4java.OpenIDException -> Le7
            java.lang.String r7 = "Loaded private association; handle: "
            r6.append(r7)     // Catch: org.openid4java.OpenIDException -> Le7
            r6.append(r3)     // Catch: org.openid4java.OpenIDException -> Le7
            java.lang.String r6 = r6.toString()     // Catch: org.openid4java.OpenIDException -> Le7
            r5.info(r6)     // Catch: org.openid4java.OpenIDException -> Le7
            java.lang.String r5 = r9.getSignedText()     // Catch: org.openid4java.OpenIDException -> Le7
            java.lang.String r6 = r9.getSignature()     // Catch: org.openid4java.OpenIDException -> Le7
            boolean r4 = r4.verifySignature(r5, r6)     // Catch: org.openid4java.OpenIDException -> Le7
            org.openid4java.server.ServerAssociationStore r5 = r8._privateAssociations     // Catch: org.openid4java.OpenIDException -> Le7
            r5.remove(r3)     // Catch: org.openid4java.OpenIDException -> Le7
            goto L78
        L77:
            r4 = 0
        L78:
            boolean r5 = r9.isVersion2()     // Catch: org.openid4java.OpenIDException -> Le7
            r5 = r5 ^ r1
            org.openid4java.message.VerifyResponse r5 = org.openid4java.message.VerifyResponse.createVerifyResponse(r5)     // Catch: org.openid4java.OpenIDException -> Le7
            r5.setSignatureVerified(r4)     // Catch: org.openid4java.OpenIDException -> Le7
            if (r4 == 0) goto Lae
            java.lang.String r9 = r9.getInvalidateHandle()     // Catch: org.openid4java.OpenIDException -> Le7
            if (r9 == 0) goto Lc4
            org.openid4java.server.ServerAssociationStore r3 = r8._sharedAssociations     // Catch: org.openid4java.OpenIDException -> Le7
            org.openid4java.association.Association r3 = r3.load(r9)     // Catch: org.openid4java.OpenIDException -> Le7
            if (r3 != 0) goto Lc4
            org.apache.commons.logging.Log r3 = org.openid4java.server.ServerManager._log     // Catch: org.openid4java.OpenIDException -> Le7
            java.lang.StringBuilder r6 = new java.lang.StringBuilder     // Catch: org.openid4java.OpenIDException -> Le7
            r6.<init>()     // Catch: org.openid4java.OpenIDException -> Le7
            java.lang.String r7 = "Confirming shared association invalidate handle: "
            r6.append(r7)     // Catch: org.openid4java.OpenIDException -> Le7
            r6.append(r9)     // Catch: org.openid4java.OpenIDException -> Le7
            java.lang.String r6 = r6.toString()     // Catch: org.openid4java.OpenIDException -> Le7
            r3.info(r6)     // Catch: org.openid4java.OpenIDException -> Le7
            r5.setInvalidateHandle(r9)     // Catch: org.openid4java.OpenIDException -> Le7
            goto Lc4
        Lae:
            org.apache.commons.logging.Log r9 = org.openid4java.server.ServerManager._log     // Catch: org.openid4java.OpenIDException -> Le7
            java.lang.StringBuilder r6 = new java.lang.StringBuilder     // Catch: org.openid4java.OpenIDException -> Le7
            r6.<init>()     // Catch: org.openid4java.OpenIDException -> Le7
            java.lang.String r7 = "Signature verification failed, handle: "
            r6.append(r7)     // Catch: org.openid4java.OpenIDException -> Le7
            r6.append(r3)     // Catch: org.openid4java.OpenIDException -> Le7
            java.lang.String r3 = r6.toString()     // Catch: org.openid4java.OpenIDException -> Le7
            r9.error(r3)     // Catch: org.openid4java.OpenIDException -> Le7
        Lc4:
            org.apache.commons.logging.Log r9 = org.openid4java.server.ServerManager._log     // Catch: org.openid4java.OpenIDException -> Le7
            java.lang.StringBuilder r3 = new java.lang.StringBuilder     // Catch: org.openid4java.OpenIDException -> Le7
            r3.<init>()     // Catch: org.openid4java.OpenIDException -> Le7
            java.lang.String r6 = "Responding with "
            r3.append(r6)     // Catch: org.openid4java.OpenIDException -> Le7
            if (r4 == 0) goto Ld5
            java.lang.String r4 = "positive"
            goto Ld7
        Ld5:
            java.lang.String r4 = "negative"
        Ld7:
            r3.append(r4)     // Catch: org.openid4java.OpenIDException -> Le7
            java.lang.String r4 = " verification response"
            r3.append(r4)     // Catch: org.openid4java.OpenIDException -> Le7
            java.lang.String r3 = r3.toString()     // Catch: org.openid4java.OpenIDException -> Le7
            r9.info(r3)     // Catch: org.openid4java.OpenIDException -> Le7
            return r5
        Le7:
            r9 = move-exception
            goto Leb
        Le9:
            r9 = move-exception
            r2 = 1
        Leb:
            org.apache.commons.logging.Log r3 = org.openid4java.server.ServerManager._log
            java.lang.String r4 = "Error processing verification request; responding with verification error."
            r3.error(r4, r9)
            if (r2 != 0) goto Lf5
            r0 = 1
        Lf5:
            org.openid4java.message.DirectError r9 = org.openid4java.message.DirectError.createDirectError(r9, r0)
            return r9
        */
        throw new UnsupportedOperationException("Method not decompiled: org.openid4java.server.ServerManager.verify(org.openid4java.message.ParameterList):org.openid4java.message.Message");
    }
}
