package org.apereo.cas.support.oauth.web.endpoints;

import java.util.LinkedHashMap;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.StringUtils;
import org.apereo.cas.authentication.principal.PrincipalFactory;
import org.apereo.cas.authentication.principal.ServiceFactory;
import org.apereo.cas.authentication.principal.WebApplicationService;
import org.apereo.cas.configuration.CasConfigurationProperties;
import org.apereo.cas.services.ServicesManager;
import org.apereo.cas.support.oauth.profile.OAuth20ProfileScopeToAttributesFilter;
import org.apereo.cas.ticket.accesstoken.AccessTokenFactory;
import org.apereo.cas.ticket.device.DeviceTokenFactory;
import org.apereo.cas.ticket.device.DeviceUserCode;
import org.apereo.cas.ticket.registry.TicketRegistry;
import org.apereo.cas.web.support.CookieRetrievingCookieGenerator;
import org.springframework.http.HttpStatus;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.servlet.ModelAndView;

/* loaded from: input_file:org/apereo/cas/support/oauth/web/endpoints/OAuth20DeviceUserCodeApprovalEndpointController.class */
public class OAuth20DeviceUserCodeApprovalEndpointController extends BaseOAuth20Controller {
    public static final String PARAMETER_USER_CODE = "usercode";
    private final DeviceTokenFactory deviceTokenFactory;

    public OAuth20DeviceUserCodeApprovalEndpointController(ServicesManager servicesManager, TicketRegistry ticketRegistry, AccessTokenFactory accessTokenFactory, PrincipalFactory principalFactory, ServiceFactory<WebApplicationService> serviceFactory, OAuth20ProfileScopeToAttributesFilter oAuth20ProfileScopeToAttributesFilter, CasConfigurationProperties casConfigurationProperties, CookieRetrievingCookieGenerator cookieRetrievingCookieGenerator, DeviceTokenFactory deviceTokenFactory) {
        super(servicesManager, ticketRegistry, accessTokenFactory, principalFactory, serviceFactory, oAuth20ProfileScopeToAttributesFilter, casConfigurationProperties, cookieRetrievingCookieGenerator);
        this.deviceTokenFactory = deviceTokenFactory;
    }

    @GetMapping(path = {"/oauth2.0/device"})
    public static ModelAndView handleGetRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        return new ModelAndView("oauthDeviceCodeApprovalView", getApprovalModel(""));
    }

    @PostMapping(path = {"/oauth2.0/device"})
    public ModelAndView handlePostRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        String parameter = httpServletRequest.getParameter(PARAMETER_USER_CODE);
        ModelAndView modelAndViewForFailure = getModelAndViewForFailure("codenotfound");
        if (StringUtils.isBlank(parameter)) {
            return modelAndViewForFailure;
        }
        DeviceUserCode ticket = this.ticketRegistry.getTicket(this.deviceTokenFactory.generateDeviceUserCode(parameter), DeviceUserCode.class);
        if (ticket == null) {
            return modelAndViewForFailure;
        }
        if (ticket.isExpired()) {
            return getModelAndViewForFailure("codeexpired");
        }
        if (ticket.isUserCodeApproved()) {
            return getModelAndViewForFailure("codeapproved");
        }
        ticket.approveUserCode();
        this.ticketRegistry.updateTicket(ticket);
        return new ModelAndView("oauthDeviceCodeApprovedView", HttpStatus.OK);
    }

    private static ModelAndView getModelAndViewForFailure(String str) {
        return new ModelAndView("oauthDeviceCodeApprovalView", getApprovalModel(str));
    }

    private static Map getApprovalModel(String str) {
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        linkedHashMap.put("prefix", "ODUC");
        if (StringUtils.isNotBlank(str)) {
            linkedHashMap.put("error", str);
        }
        return linkedHashMap;
    }
}
