package org.apache.shindig.gadgets.http;

import com.google.common.collect.Sets;
import com.google.inject.Inject;
import java.util.HashSet;
import java.util.List;
import org.apache.commons.lang.StringUtils;
import org.apache.shindig.auth.AuthenticationMode;
import org.apache.shindig.common.uri.Uri;
import org.apache.shindig.protocol.BaseRequestItem;
import org.apache.shindig.protocol.Operation;
import org.apache.shindig.protocol.ProtocolException;
import org.apache.shindig.protocol.Service;

@Service(name = "cache")
/* loaded from: input_file:WEB-INF/lib/shindig-gadgets-2.0.1.3.jar:org/apache/shindig/gadgets/http/InvalidationHandler.class */
public class InvalidationHandler {
    public static final String KEYS_PARAM = "invalidationKeys";
    private final InvalidationService invalidation;

    @Inject
    public InvalidationHandler(InvalidationService invalidationService) {
        this.invalidation = invalidationService;
    }

    @Operation(httpMethods = {"POST", "GET"}, path = "/invalidate")
    public void invalidate(BaseRequestItem baseRequestItem) {
        if (StringUtils.isEmpty(baseRequestItem.getToken().getAppId()) && StringUtils.isEmpty(baseRequestItem.getToken().getAppUrl())) {
            throw new ProtocolException(400, "Cannot invalidate content without specifying application");
        }
        boolean equals = AuthenticationMode.OAUTH_CONSUMER_REQUEST.name().equals(baseRequestItem.getToken().getAuthenticationMode());
        List<String> listParameter = baseRequestItem.getListParameter(KEYS_PARAM);
        HashSet newHashSet = Sets.newHashSet();
        HashSet newHashSet2 = Sets.newHashSet();
        if (!StringUtils.isEmpty(baseRequestItem.getToken().getViewerId())) {
            newHashSet.add(baseRequestItem.getToken().getViewerId());
        }
        if (listParameter != null) {
            for (String str : listParameter) {
                if (str.toLowerCase().startsWith("http")) {
                    if (!equals) {
                        throw new ProtocolException(400, "Cannot flush application resources from a gadget. Must use OAuth consumer request");
                    }
                    newHashSet2.add(Uri.parse(str));
                } else if ("@viewer".equals(str)) {
                    continue;
                } else {
                    if (!equals && !str.equals(baseRequestItem.getToken().getViewerId())) {
                        throw new ProtocolException(400, "Cannot invalidate the content for a user other than the viewer from a gadget.");
                    }
                    newHashSet.add(str);
                }
            }
        }
        this.invalidation.invalidateApplicationResources(newHashSet2, baseRequestItem.getToken());
        this.invalidation.invalidateUserResources(newHashSet, baseRequestItem.getToken());
    }
}
