package org.keycloak.validate.validators;

import java.net.MalformedURLException;
import java.net.URI;
import java.net.URISyntaxException;
import java.net.URL;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
import org.apache.http.HttpHost;
import org.keycloak.provider.ConfiguredProvider;
import org.keycloak.provider.ProviderConfigProperty;
import org.keycloak.validate.SimpleValidator;
import org.keycloak.validate.ValidationContext;
import org.keycloak.validate.ValidationError;
import org.keycloak.validate.ValidatorConfig;

/* loaded from: input_file:org/keycloak/validate/validators/UriValidator.class */
public class UriValidator implements SimpleValidator, ConfiguredProvider {
    public static final String KEY_ALLOWED_SCHEMES = "allowedSchemes";
    public static final String KEY_ALLOW_FRAGMENT = "allowFragment";
    public static final String KEY_REQUIRE_VALID_URL = "requireValidUrl";
    public static final String MESSAGE_INVALID_URI = "error-invalid-uri";
    public static final String MESSAGE_INVALID_SCHEME = "error-invalid-uri-scheme";
    public static final String MESSAGE_INVALID_FRAGMENT = "error-invalid-uri-fragment";
    public static final String ID = "uri";
    public static final UriValidator INSTANCE = new UriValidator();
    public static final Set<String> DEFAULT_ALLOWED_SCHEMES = Collections.unmodifiableSet(new HashSet(Arrays.asList(HttpHost.DEFAULT_SCHEME_NAME, "https")));
    public static boolean DEFAULT_ALLOW_FRAGMENT = true;
    public static boolean DEFAULT_REQUIRE_VALID_URL = true;

    @Override // org.keycloak.provider.ProviderFactory
    public String getId() {
        return ID;
    }

    @Override // org.keycloak.validate.Validator
    public ValidationContext validate(Object obj, String str, ValidationContext validationContext, ValidatorConfig validatorConfig) {
        if (obj == null || ((obj instanceof String) && ((String) obj).isEmpty())) {
            return validationContext;
        }
        try {
            URI uri = toUri(obj);
            if (uri == null) {
                validationContext.addError(new ValidationError(ID, str, MESSAGE_INVALID_URI, obj));
            } else {
                validateUri(uri, str, validationContext, validatorConfig.getStringSetOrDefault(KEY_ALLOWED_SCHEMES, DEFAULT_ALLOWED_SCHEMES), validatorConfig.getBooleanOrDefault(KEY_ALLOW_FRAGMENT, Boolean.valueOf(DEFAULT_ALLOW_FRAGMENT)).booleanValue(), validatorConfig.getBooleanOrDefault(KEY_REQUIRE_VALID_URL, Boolean.valueOf(DEFAULT_REQUIRE_VALID_URL)).booleanValue());
            }
        } catch (IllegalArgumentException | MalformedURLException | URISyntaxException e) {
            validationContext.addError(new ValidationError(ID, str, MESSAGE_INVALID_URI, obj, e.getMessage()));
        }
        return validationContext;
    }

    private URI toUri(Object obj) throws URISyntaxException {
        if (obj instanceof String) {
            return new URI((String) obj);
        }
        if (obj instanceof URI) {
            return (URI) obj;
        }
        if (obj instanceof URL) {
            return ((URL) obj).toURI();
        }
        return null;
    }

    public boolean validateUri(URI uri, Set<String> set, boolean z, boolean z2) {
        try {
            return validateUri(uri, "url", new ValidationContext(), set, z, z2);
        } catch (MalformedURLException e) {
            return false;
        }
    }

    public boolean validateUri(URI uri, String str, ValidationContext validationContext, Set<String> set, boolean z, boolean z2) throws MalformedURLException {
        boolean z3 = true;
        if (uri.getScheme() != null && !set.contains(uri.getScheme())) {
            validationContext.addError(new ValidationError(ID, str, MESSAGE_INVALID_SCHEME, uri, uri.getScheme()));
            z3 = false;
        }
        if (!z && uri.getFragment() != null) {
            validationContext.addError(new ValidationError(ID, str, MESSAGE_INVALID_FRAGMENT, uri, uri.getFragment()));
            z3 = false;
        }
        if (z2 && z3) {
            uri.toURL();
        }
        return z3;
    }

    @Override // org.keycloak.provider.ConfiguredProvider
    public String getHelpText() {
        return "Uri Validator";
    }

    @Override // org.keycloak.provider.ConfiguredProvider
    public List<ProviderConfigProperty> getConfigProperties() {
        return Collections.emptyList();
    }
}
