package org.apache.shindig.social.core.oauth2;

import com.google.inject.Inject;
import com.google.inject.Singleton;
import com.google.inject.name.Named;
import java.util.ArrayList;
import java.util.UUID;
import org.apache.shindig.social.core.oauth2.OAuth2Client;
import org.apache.shindig.social.core.oauth2.OAuth2Types;
import org.apache.shindig.social.core.oauth2.validators.AccessTokenRequestValidator;
import org.apache.shindig.social.core.oauth2.validators.AuthorizationCodeRequestValidator;
import org.apache.shindig.social.core.oauth2.validators.DefaultResourceRequestValidator;
import org.apache.shindig.social.core.oauth2.validators.OAuth2ProtectedResourceValidator;
import org.apache.shindig.social.core.oauth2.validators.OAuth2RequestValidator;

@Singleton
/* loaded from: input_file:WEB-INF/lib/shindig-social-api-2.5.2-wso2v2.jar:org/apache/shindig/social/core/oauth2/OAuth2ServiceImpl.class */
public class OAuth2ServiceImpl implements OAuth2Service {
    private OAuth2DataService store;
    private long authCodeExpires;
    private long accessTokenExpires;
    private OAuth2RequestValidator accessTokenValidator;
    private OAuth2RequestValidator authCodeValidator;
    private OAuth2ProtectedResourceValidator resourceReqValidator;

    @Inject
    public OAuth2ServiceImpl(OAuth2DataService oAuth2DataService, @Named("shindig.oauth2.authCodeExpiration") long j, @Named("shindig.oauth2.accessTokenExpiration") long j2) {
        this.store = oAuth2DataService;
        this.authCodeExpires = j;
        this.accessTokenExpires = j2;
        this.authCodeValidator = new AuthorizationCodeRequestValidator(oAuth2DataService);
        this.accessTokenValidator = new AccessTokenRequestValidator(oAuth2DataService);
        this.resourceReqValidator = new DefaultResourceRequestValidator(oAuth2DataService);
    }

    @Override // org.apache.shindig.social.core.oauth2.OAuth2Service
    public OAuth2DataService getDataService() {
        return this.store;
    }

    protected long getAuthCodeExpires() {
        return this.authCodeExpires;
    }

    protected long getAccessTokenExpires() {
        return this.accessTokenExpires;
    }

    @Override // org.apache.shindig.social.core.oauth2.OAuth2Service
    public void authenticateClient(OAuth2NormalizedRequest oAuth2NormalizedRequest) throws OAuth2Exception {
        OAuth2Client client = this.store.getClient(oAuth2NormalizedRequest.getClientId());
        if (client == null) {
            OAuth2NormalizedResponse oAuth2NormalizedResponse = new OAuth2NormalizedResponse();
            oAuth2NormalizedResponse.setError(OAuth2Types.ErrorType.INVALID_CLIENT.toString());
            oAuth2NormalizedResponse.setErrorDescription("The client ID is invalid or not registered");
            oAuth2NormalizedResponse.setBodyReturned(true);
            oAuth2NormalizedResponse.setStatus(400);
            throw new OAuth2Exception(oAuth2NormalizedResponse);
        }
        String secret = client.getSecret();
        String clientSecret = oAuth2NormalizedRequest.getClientSecret();
        if (secret == null && clientSecret == null && client.getType() != OAuth2Client.ClientType.CONFIDENTIAL) {
            return;
        }
        if (secret == null || clientSecret == null || !secret.equals(clientSecret)) {
            OAuth2NormalizedResponse oAuth2NormalizedResponse2 = new OAuth2NormalizedResponse();
            oAuth2NormalizedResponse2.setError(OAuth2Types.ErrorType.UNAUTHORIZED_CLIENT.toString());
            oAuth2NormalizedResponse2.setErrorDescription("The client failed to authorize");
            oAuth2NormalizedResponse2.setBodyReturned(true);
            oAuth2NormalizedResponse2.setStatus(400);
            throw new OAuth2Exception(oAuth2NormalizedResponse2);
        }
    }

    @Override // org.apache.shindig.social.core.oauth2.OAuth2Service
    public void validateRequestForAuthCode(OAuth2NormalizedRequest oAuth2NormalizedRequest) throws OAuth2Exception {
        this.authCodeValidator.validateRequest(oAuth2NormalizedRequest);
    }

    @Override // org.apache.shindig.social.core.oauth2.OAuth2Service
    public void validateRequestForAccessToken(OAuth2NormalizedRequest oAuth2NormalizedRequest) throws OAuth2Exception {
        this.accessTokenValidator.validateRequest(oAuth2NormalizedRequest);
    }

    @Override // org.apache.shindig.social.core.oauth2.OAuth2Service
    public void validateRequestForResource(OAuth2NormalizedRequest oAuth2NormalizedRequest, Object obj) throws OAuth2Exception {
        this.resourceReqValidator.validateRequestForResource(oAuth2NormalizedRequest, obj);
    }

    @Override // org.apache.shindig.social.core.oauth2.OAuth2Service
    public OAuth2Code grantAuthorizationCode(OAuth2NormalizedRequest oAuth2NormalizedRequest) {
        OAuth2Code generateAuthorizationCode = generateAuthorizationCode(oAuth2NormalizedRequest);
        this.store.registerAuthorizationCode(oAuth2NormalizedRequest.getClientId(), generateAuthorizationCode);
        return generateAuthorizationCode;
    }

    @Override // org.apache.shindig.social.core.oauth2.OAuth2Service
    public OAuth2Code grantAccessToken(OAuth2NormalizedRequest oAuth2NormalizedRequest) {
        OAuth2Code generateAccessToken = generateAccessToken(oAuth2NormalizedRequest);
        OAuth2Code authorizationCode = this.store.getAuthorizationCode(oAuth2NormalizedRequest.getClientId(), oAuth2NormalizedRequest.getAuthorizationCode());
        if (authorizationCode != null) {
            authorizationCode.setRelatedAccessToken(generateAccessToken);
        }
        this.store.registerAccessToken(oAuth2NormalizedRequest.getClientId(), generateAccessToken);
        return generateAccessToken;
    }

    @Override // org.apache.shindig.social.core.oauth2.OAuth2Service
    public OAuth2Code grantRefreshToken(OAuth2NormalizedRequest oAuth2NormalizedRequest) {
        OAuth2Code generateRefreshToken = generateRefreshToken(oAuth2NormalizedRequest);
        this.store.registerRefreshToken(oAuth2NormalizedRequest.getClientId(), generateRefreshToken);
        return generateRefreshToken;
    }

    @Override // org.apache.shindig.social.core.oauth2.OAuth2Service
    public OAuth2Code generateAuthorizationCode(OAuth2NormalizedRequest oAuth2NormalizedRequest) {
        OAuth2Code oAuth2Code = new OAuth2Code();
        oAuth2Code.setValue(UUID.randomUUID().toString());
        oAuth2Code.setExpiration(System.currentTimeMillis() + this.authCodeExpires);
        OAuth2Client client = this.store.getClient(oAuth2NormalizedRequest.getClientId());
        oAuth2Code.setClient(client);
        if (oAuth2NormalizedRequest.getRedirectURI() != null) {
            oAuth2Code.setRedirectURI(oAuth2NormalizedRequest.getRedirectURI());
        } else {
            oAuth2Code.setRedirectURI(client.getRedirectURI());
        }
        return oAuth2Code;
    }

    @Override // org.apache.shindig.social.core.oauth2.OAuth2Service
    public OAuth2Code generateAccessToken(OAuth2NormalizedRequest oAuth2NormalizedRequest) {
        OAuth2Code oAuth2Code = new OAuth2Code();
        oAuth2Code.setType(OAuth2Types.CodeType.ACCESS_TOKEN);
        oAuth2Code.setValue(UUID.randomUUID().toString());
        oAuth2Code.setExpiration(System.currentTimeMillis() + this.accessTokenExpires);
        if (oAuth2NormalizedRequest.getRedirectURI() != null) {
            oAuth2Code.setRedirectURI(oAuth2NormalizedRequest.getRedirectURI());
        } else {
            oAuth2Code.setRedirectURI(this.store.getClient(oAuth2NormalizedRequest.getClientId()).getRedirectURI());
        }
        if (oAuth2NormalizedRequest.getAuthorizationCode() != null) {
            OAuth2Code authorizationCode = this.store.getAuthorizationCode(oAuth2NormalizedRequest.getClientId(), oAuth2NormalizedRequest.getAuthorizationCode());
            oAuth2Code.setRelatedAuthCode(authorizationCode);
            oAuth2Code.setClient(authorizationCode.getClient());
            if (authorizationCode.getScope() != null) {
                oAuth2Code.setScope(new ArrayList(authorizationCode.getScope()));
            }
        }
        return oAuth2Code;
    }

    @Override // org.apache.shindig.social.core.oauth2.OAuth2Service
    public OAuth2Code generateRefreshToken(OAuth2NormalizedRequest oAuth2NormalizedRequest) {
        throw new RuntimeException("not yet implemented");
    }
}
