package com.atlassian.applinks.internal.common.auth.oauth;

import com.atlassian.annotations.Internal;
import com.atlassian.sal.api.net.Response;
import com.atlassian.sal.api.net.ResponseException;
import javax.annotation.Nonnull;
import javax.ws.rs.core.Response;
import net.oauth.OAuth;
import net.oauth.OAuthMessage;
import net.oauth.OAuthProblemException;
import org.apache.commons.lang.StringUtils;

@Internal
/* loaded from: input_file:WEB-INF/atlassian-bundled-plugins/applinks-plugin-5.2.2.jar:com/atlassian/applinks/internal/common/auth/oauth/ApplinksOAuth.class */
public final class ApplinksOAuth {
    public static final String WWW_AUTHENTICATE = String.valueOf("WWW-Authenticate");
    public static final String OAUTH = String.valueOf(OAuthMessage.AUTH_SCHEME);
    public static final String AUTH_CONFIG_CONSUMER_KEY_OUTBOUND = String.valueOf("consumerKey.outbound");
    public static final String PROPERTY_INCOMING_CONSUMER_KEY = String.valueOf("oauth.incoming.consumerkey");
    public static final String SERVICE_PROVIDER_REQUEST_TOKEN_URL = String.valueOf("serviceProvider.requestTokenUrl");
    public static final String SERVICE_PROVIDER_ACCESS_TOKEN_URL = String.valueOf("serviceProvider.accessTokenUrl");
    public static final String SERVICE_PROVIDER_AUTHORIZE_URL = String.valueOf("serviceProvider.authorizeUrl");
    public static final String OAUTH_PROBLEM = String.valueOf(OAuthProblemException.OAUTH_PROBLEM);
    public static final String PROBLEM_CONSUMER_KEY_UNKNOWN = String.valueOf(OAuth.Problems.CONSUMER_KEY_UNKNOWN);
    public static final String PROBLEM_TIMESTAMP_REFUSED = String.valueOf(OAuth.Problems.TIMESTAMP_REFUSED);
    public static final String PROBLEM_SIGNATURE_INVALID = String.valueOf(OAuth.Problems.SIGNATURE_INVALID);

    private ApplinksOAuth() {
    }

    public static boolean hasOAuthChallenge(@Nonnull Response response) {
        return response.getHeaders().containsKey(WWW_AUTHENTICATE) && response.getHeader(WWW_AUTHENTICATE).trim().startsWith(OAUTH);
    }

    public static boolean isAuthLevelDisabled(@Nonnull Response response) throws ResponseException {
        return Response.Status.UNAUTHORIZED.getStatusCode() == response.getStatusCode() && hasOAuthChallenge(response) && StringUtils.isEmpty(response.getResponseBodyAsString());
    }
}
