package org.geoserver.security.oauth2;

import java.net.MalformedURLException;
import java.net.URL;
import org.geoserver.security.GeoServerSecurityManager;
import org.geoserver.security.config.SecurityNamedServiceConfig;
import org.geoserver.security.validation.FilterConfigException;
import org.geoserver.security.validation.FilterConfigValidator;
import org.springframework.util.StringUtils;

/* loaded from: input_file:org/geoserver/security/oauth2/OAuth2FilterConfigValidator.class */
public class OAuth2FilterConfigValidator extends FilterConfigValidator {
    public OAuth2FilterConfigValidator(GeoServerSecurityManager geoServerSecurityManager) {
        super(geoServerSecurityManager);
    }

    public void validateFilterConfig(SecurityNamedServiceConfig securityNamedServiceConfig) throws FilterConfigException {
        if (securityNamedServiceConfig instanceof OAuth2FilterConfig) {
            validateOAuth2FilterConfig((OAuth2FilterConfig) securityNamedServiceConfig);
        } else {
            super.validateFilterConfig(securityNamedServiceConfig);
        }
    }

    public void validateOAuth2FilterConfig(OAuth2FilterConfig oAuth2FilterConfig) throws FilterConfigException {
        if (StringUtils.hasLength(oAuth2FilterConfig.getLogoutUri())) {
            try {
                new URL(oAuth2FilterConfig.getLogoutUri());
            } catch (MalformedURLException e) {
                throw m3createFilterException(OAuth2FilterConfigException.OAUTH2_URL_IN_LOGOUT_URI_MALFORMED, new Object[0]);
            }
        }
        super.validateFilterConfig((SecurityNamedServiceConfig) oAuth2FilterConfig);
        if (!StringUtils.hasLength(oAuth2FilterConfig.getCheckTokenEndpointUrl())) {
            throw m3createFilterException(OAuth2FilterConfigException.OAUTH2_CHECKTOKENENDPOINT_URL_REQUIRED, new Object[0]);
        }
        try {
            new URL(oAuth2FilterConfig.getCheckTokenEndpointUrl());
            if (StringUtils.hasLength(oAuth2FilterConfig.getAccessTokenUri())) {
                try {
                    URL url = new URL(oAuth2FilterConfig.getAccessTokenUri());
                    if (oAuth2FilterConfig.getForceAccessTokenUriHttps().booleanValue() && !"https".equalsIgnoreCase(url.getProtocol())) {
                        throw m3createFilterException(OAuth2FilterConfigException.OAUTH2_ACCESSTOKENURI_NOT_HTTPS, new Object[0]);
                    }
                } catch (MalformedURLException e2) {
                    throw m3createFilterException(OAuth2FilterConfigException.OAUTH2_ACCESSTOKENURI_MALFORMED, new Object[0]);
                }
            }
            if (StringUtils.hasLength(oAuth2FilterConfig.getUserAuthorizationUri())) {
                try {
                    URL url2 = new URL(oAuth2FilterConfig.getUserAuthorizationUri());
                    if (oAuth2FilterConfig.getForceUserAuthorizationUriHttps().booleanValue() && !"https".equalsIgnoreCase(url2.getProtocol())) {
                        throw m3createFilterException(OAuth2FilterConfigException.OAUTH2_USERAUTHURI_NOT_HTTPS, new Object[0]);
                    }
                } catch (MalformedURLException e3) {
                    throw m3createFilterException(OAuth2FilterConfigException.OAUTH2_USERAUTHURI_MALFORMED, new Object[0]);
                }
            }
            if (StringUtils.hasLength(oAuth2FilterConfig.getRedirectUri())) {
                try {
                    new URL(oAuth2FilterConfig.getRedirectUri());
                } catch (MalformedURLException e4) {
                    throw m3createFilterException(OAuth2FilterConfigException.OAUTH2_REDIRECT_URI_MALFORMED, new Object[0]);
                }
            }
            if (!StringUtils.hasLength(oAuth2FilterConfig.getCliendId())) {
                throw m3createFilterException(OAuth2FilterConfigException.OAUTH2_CLIENT_ID_REQUIRED, new Object[0]);
            }
            if (!StringUtils.hasLength(oAuth2FilterConfig.getClientSecret())) {
                throw m3createFilterException(OAuth2FilterConfigException.OAUTH2_CLIENT_SECRET_REQUIRED, new Object[0]);
            }
            if (!StringUtils.hasLength(oAuth2FilterConfig.getScopes())) {
                throw m3createFilterException(OAuth2FilterConfigException.OAUTH2_SCOPE_REQUIRED, new Object[0]);
            }
        } catch (MalformedURLException e5) {
            throw m3createFilterException(OAuth2FilterConfigException.OAUTH2_CHECKTOKENENDPOINT_URL_MALFORMED, new Object[0]);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    /* renamed from: createFilterException, reason: merged with bridge method [inline-methods] */
    public OAuth2FilterConfigException m3createFilterException(String str, Object... objArr) {
        return new OAuth2FilterConfigException(str, objArr);
    }
}
