package org.wso2.carbon.identity.oauth.common;

import java.util.ArrayList;
import java.util.Arrays;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.lang.StringUtils;
import org.apache.oltu.oauth2.as.validator.TokenValidator;
import org.apache.oltu.oauth2.common.exception.OAuthProblemException;
import org.wso2.carbon.identity.oauth.common.OAuthConstants;

/* loaded from: input_file:org/wso2/carbon/identity/oauth/common/CodeTokenResponseValidator.class */
public class CodeTokenResponseValidator extends TokenValidator {
    private static boolean isContainOIDCScope(String str) {
        for (String str2 : str.split("\\s+")) {
            if (str2.equals(OAuthConstants.Scope.OPENID)) {
                return true;
            }
        }
        return false;
    }

    public void validateRequiredParameters(HttpServletRequest httpServletRequest) throws OAuthProblemException {
        if (StringUtils.isNotBlank(httpServletRequest.getParameter(OAuthConstants.OAuth20Params.REQUEST_URI))) {
            this.requiredParams = new ArrayList(Arrays.asList(OAuthConstants.OAuth20Params.CLIENT_ID, OAuthConstants.OAuth20Params.RESPONSE_TYPE, OAuthConstants.OAuth20Params.REQUEST_URI));
            this.notAllowedParams.add("request");
        }
        super.validateRequiredParameters(httpServletRequest);
        String parameter = httpServletRequest.getParameter("scope");
        if (StringUtils.isBlank(parameter) || !isContainOIDCScope(parameter)) {
            throw OAuthProblemException.error("invalid_request").description("Request with 'client_id' = '" + httpServletRequest.getParameter(OAuthConstants.OAuth20Params.CLIENT_ID) + "' has 'response_type' for 'hybrid flow'; but 'openid' scope not found.");
        }
    }

    public void validateMethod(HttpServletRequest httpServletRequest) throws OAuthProblemException {
        String method = httpServletRequest.getMethod();
        if (!"GET".equals(method) && !"POST".equals(method)) {
            throw OAuthProblemException.error("invalid_request").description("Method not correct.");
        }
    }

    public void validateContentType(HttpServletRequest httpServletRequest) throws OAuthProblemException {
    }
}
