package com.wso2.openbanking.accelerator.identity.auth.extensions.response.validator;

import com.wso2.openbanking.accelerator.identity.util.IdentityCommonConstants;
import com.wso2.openbanking.accelerator.identity.util.IdentityCommonUtil;
import java.util.ArrayList;
import java.util.Arrays;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.oltu.oauth2.as.validator.TokenValidator;
import org.apache.oltu.oauth2.common.exception.OAuthProblemException;

/* loaded from: input_file:com/wso2/openbanking/accelerator/identity/auth/extensions/response/validator/OBHybridResponseTypeValidator.class */
public class OBHybridResponseTypeValidator extends TokenValidator {
    private static final Log log = LogFactory.getLog(OBHybridResponseTypeValidator.class);

    private static boolean isContainOIDCScope(String str) {
        for (String str2 : str.split("\\s+")) {
            if (str2.equals(IdentityCommonConstants.OPENID_SCOPE)) {
                return true;
            }
        }
        return false;
    }

    public void validateRequiredParameters(HttpServletRequest httpServletRequest) throws OAuthProblemException {
        String parameter;
        if (StringUtils.isNotBlank(httpServletRequest.getParameter("request_uri"))) {
            this.requiredParams = new ArrayList(Arrays.asList("client_id", "request_uri"));
            this.notAllowedParams.add("request");
            parameter = IdentityCommonUtil.decodeRequestObjectAndGetKey(httpServletRequest, "scope");
        } else {
            parameter = httpServletRequest.getParameter("scope");
        }
        super.validateRequiredParameters(httpServletRequest);
        if (StringUtils.isBlank(parameter) || !isContainOIDCScope(parameter)) {
            throw OAuthProblemException.error("invalid_request").description("Request with 'client_id' = '" + httpServletRequest.getParameter("client_id") + "' has 'response_type' for 'hybrid flow'; but 'openid' scope not found.");
        }
    }

    public void validateMethod(HttpServletRequest httpServletRequest) throws OAuthProblemException {
        String method = httpServletRequest.getMethod();
        if (!"GET".equals(method) && !"POST".equals(method)) {
            throw OAuthProblemException.error("invalid_request").description("Method not correct.");
        }
    }

    public void validateContentType(HttpServletRequest httpServletRequest) throws OAuthProblemException {
    }
}
