package com.nimbusds.common.oauth2;

import com.nimbusds.oauth2.sdk.ParseException;
import com.nimbusds.oauth2.sdk.token.BearerAccessToken;
import com.nimbusds.oauth2.sdk.token.BearerTokenError;
import javax.ws.rs.WebApplicationException;
import javax.ws.rs.core.Response;
import net.minidev.json.JSONObject;
import org.apache.commons.lang3.StringUtils;

/* loaded from: input_file:com/nimbusds/common/oauth2/BasicAccessTokenValidator.class */
public class BasicAccessTokenValidator {
    private final BearerAccessToken accessToken;
    public static final WebApplicationException MISSING_BEARER_TOKEN;
    public static final WebApplicationException INVALID_BEARER_TOKEN;
    public static final WebApplicationException WEB_API_DISABLED;

    public BasicAccessTokenValidator(BearerAccessToken bearerAccessToken) {
        this.accessToken = bearerAccessToken;
    }

    public BearerAccessToken getAccessToken() {
        return this.accessToken;
    }

    public void validateBearerAccessToken(String str) throws WebApplicationException {
        if (StringUtils.isBlank(str)) {
            throw MISSING_BEARER_TOKEN;
        }
        try {
            BearerAccessToken parse = BearerAccessToken.parse(str);
            if (this.accessToken == null) {
                throw WEB_API_DISABLED;
            }
            if (!parse.equals(this.accessToken)) {
                throw INVALID_BEARER_TOKEN;
            }
        } catch (ParseException e) {
            throw MISSING_BEARER_TOKEN;
        }
    }

    static {
        JSONObject jSONObject = new JSONObject();
        jSONObject.put("error", "missing_token");
        jSONObject.put("error_description", "Unauthorized: Missing Bearer access token");
        MISSING_BEARER_TOKEN = new WebApplicationException(Response.status(BearerTokenError.MISSING_TOKEN.getHTTPStatusCode()).header("WWW-Authenticate", BearerTokenError.MISSING_TOKEN.toWWWAuthenticateHeader()).entity(jSONObject.toJSONString()).type("application/json").build());
        JSONObject jSONObject2 = new JSONObject();
        jSONObject2.put("error", BearerTokenError.INVALID_TOKEN.getCode());
        jSONObject2.put("error_description", "Unauthorized: Invalid Bearer access token");
        INVALID_BEARER_TOKEN = new WebApplicationException(Response.status(BearerTokenError.INVALID_TOKEN.getHTTPStatusCode()).header("WWW-Authenticate", BearerTokenError.INVALID_TOKEN.toWWWAuthenticateHeader()).entity(jSONObject2.toJSONString()).type("application/json").build());
        JSONObject jSONObject3 = new JSONObject();
        jSONObject3.put("error", "web_api_disabled");
        jSONObject3.put("error_description", "Forbidden: Web API disabled");
        WEB_API_DISABLED = new WebApplicationException(Response.status(Response.Status.FORBIDDEN).entity(jSONObject3.toJSONString()).type("application/json").build());
    }
}
