package ca.nrc.cadc.ac.server.oidc;

import ca.nrc.cadc.auth.AuthenticationUtil;
import ca.nrc.cadc.auth.AuthorizationToken;
import ca.nrc.cadc.auth.NotAuthenticatedException;
import ca.nrc.cadc.rest.InlineContentHandler;
import ca.nrc.cadc.rest.RestAction;
import java.io.OutputStreamWriter;
import javax.security.auth.Subject;
import org.apache.log4j.Logger;

/* loaded from: input_file:ca/nrc/cadc/ac/server/oidc/UserInfoAction.class */
public class UserInfoAction extends RestAction {
    private static final Logger log = Logger.getLogger(UserInfoAction.class);

    public void doAction() throws Exception {
        int lastIndexOf;
        if (log.isDebugEnabled()) {
            log.debug("params:");
            for (String str : this.syncInput.getParameterNames()) {
                log.debug("param: " + str + "=" + this.syncInput.getParameter(str));
            }
        }
        Subject currentSubject = AuthenticationUtil.getCurrentSubject();
        log.debug("Subject: " + currentSubject);
        if (currentSubject == null || currentSubject.getPrincipals().isEmpty()) {
            throw new NotAuthenticatedException("unauthorized");
        }
        String str2 = null;
        for (AuthorizationToken authorizationToken : currentSubject.getPublicCredentials(AuthorizationToken.class)) {
            log.debug("Token: " + authorizationToken);
            if (authorizationToken.getScope() != null) {
                String uri = authorizationToken.getScope().toString();
                if (uri.startsWith(OIDCUtil.ACCESS_TOKEN_SCOPE) && uri.length() > OIDCUtil.ACCESS_TOKEN_SCOPE.length() && (lastIndexOf = uri.lastIndexOf("/")) == OIDCUtil.ACCESS_TOKEN_SCOPE.length()) {
                    str2 = uri.substring(lastIndexOf + 1);
                }
            }
        }
        log.debug("clientID: " + str2);
        if (str2 == null) {
            throw new NotAuthenticatedException("invalid scope");
        }
        RelyParty relyParty = OIDCUtil.getRelyParty(str2);
        if (relyParty == null) {
            throw new NotAuthenticatedException("invalid scope");
        }
        String buildUserInfoResponse = OIDCUtil.buildUserInfoResponse(relyParty, this.syncInput.getRequestURI());
        log.debug("set headers and return json: \n" + buildUserInfoResponse);
        this.syncOutput.setHeader("Content-Type", "application/json");
        this.syncOutput.setHeader("Cache-Control", "no-store");
        this.syncOutput.setHeader("Pragma", "no-cache");
        OutputStreamWriter outputStreamWriter = new OutputStreamWriter(this.syncOutput.getOutputStream());
        outputStreamWriter.write(buildUserInfoResponse);
        outputStreamWriter.flush();
    }

    protected InlineContentHandler getInlineContentHandler() {
        return null;
    }
}
