package org.wso2.carbon.identity.oauth.endpoint.user;

import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.GET;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.Response;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.oltu.oauth2.as.response.OAuthASResponse;
import org.apache.oltu.oauth2.common.exception.OAuthSystemException;
import org.apache.oltu.oauth2.common.message.OAuthResponse;
import org.wso2.carbon.identity.oauth.IdentityOAuthAdminException;
import org.wso2.carbon.identity.oauth.dao.OAuthAppDAO;
import org.wso2.carbon.identity.oauth.endpoint.user.impl.UserInfoEndpointConfig;
import org.wso2.carbon.identity.oauth.user.UserInfoEndpointException;
import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception;
import org.wso2.carbon.identity.oauth2.dao.TokenMgtDAO;
import org.wso2.carbon.identity.oauth2.model.AccessTokenDO;

@Path("/userinfo")
/* loaded from: input_file:WEB-INF/classes/org/wso2/carbon/identity/oauth/endpoint/user/OpenIDConnectUserEndpoint.class */
public class OpenIDConnectUserEndpoint {
    private static final Log log = LogFactory.getLog(OpenIDConnectUserEndpoint.class);

    @GET
    @Produces({"application/json"})
    @Path("/")
    public Response getUserClaims(@Context HttpServletRequest httpServletRequest) throws OAuthSystemException {
        try {
            String validateRequest = UserInfoEndpointConfig.getInstance().getUserInfoRequestValidator().validateRequest(httpServletRequest);
            OAuthAppDAO oAuthAppDAO = new OAuthAppDAO();
            try {
                AccessTokenDO retrieveAccessToken = new TokenMgtDAO().retrieveAccessToken(validateRequest, false);
                if (retrieveAccessToken == null || "ACTIVE".equalsIgnoreCase(oAuthAppDAO.getConsumerAppState(retrieveAccessToken.getConsumerKey()))) {
                    String responseString = UserInfoEndpointConfig.getInstance().getUserInfoResponseBuilder().getResponseString(UserInfoEndpointConfig.getInstance().getUserInfoAccessTokenValidator().validateToken(validateRequest));
                    Response.ResponseBuilder header = Response.status(200).header("Cache-Control", "no-store").header("Pragma", "no-cache");
                    return responseString != null ? header.entity(responseString).build() : header.build();
                }
                if (log.isDebugEnabled()) {
                    log.debug("Oauth App is not in active state.");
                }
                OAuthResponse buildJSONMessage = OAuthASResponse.errorResponse(401).setError("invalid_client").setErrorDescription("Oauth application is not in active state.").buildJSONMessage();
                return Response.status(buildJSONMessage.getResponseStatus()).entity(buildJSONMessage.getBody()).build();
            } catch (IdentityOAuthAdminException | IdentityOAuth2Exception | OAuthSystemException e) {
                if (log.isDebugEnabled()) {
                    log.debug("Error in getting oauth app state.", e);
                }
                OAuthResponse buildJSONMessage2 = OAuthASResponse.errorResponse(404).setError("server_error").setErrorDescription("Error in getting oauth app state.").buildJSONMessage();
                return Response.status(buildJSONMessage2.getResponseStatus()).entity(buildJSONMessage2.getBody()).build();
            }
        } catch (UserInfoEndpointException e2) {
            return handleError(e2);
        } catch (OAuthSystemException e3) {
            log.error("UserInfoEndpoint Failed", e3);
            throw new OAuthSystemException("UserInfoEndpoint Failed");
        }
    }

    private Response handleError(UserInfoEndpointException userInfoEndpointException) throws OAuthSystemException {
        log.debug(userInfoEndpointException);
        try {
            OAuthResponse buildJSONMessage = OAuthASResponse.errorResponse(400).setError(userInfoEndpointException.getErrorCode()).setErrorDescription(userInfoEndpointException.getErrorMessage()).buildJSONMessage();
            return Response.status(buildJSONMessage.getResponseStatus()).entity(buildJSONMessage.getBody()).build();
        } catch (OAuthSystemException e) {
            log.error("Error while building the JSON message", e);
            OAuthResponse buildJSONMessage2 = OAuthASResponse.errorResponse(500).setError("server_error").setErrorDescription(e.getMessage()).buildJSONMessage();
            return Response.status(buildJSONMessage2.getResponseStatus()).entity(buildJSONMessage2.getBody()).build();
        }
    }
}
