package org.apache.shindig.social.core.oauth2.validators;

import com.google.inject.Inject;
import org.apache.shindig.social.core.oauth2.OAuth2Client;
import org.apache.shindig.social.core.oauth2.OAuth2DataService;
import org.apache.shindig.social.core.oauth2.OAuth2Exception;
import org.apache.shindig.social.core.oauth2.OAuth2NormalizedRequest;
import org.apache.shindig.social.core.oauth2.OAuth2NormalizedResponse;
import org.apache.shindig.social.core.oauth2.OAuth2Types;

/* loaded from: input_file:WEB-INF/lib/shindig-social-api-2.5.0.jar:org/apache/shindig/social/core/oauth2/validators/AuthorizationCodeRequestValidator.class */
public class AuthorizationCodeRequestValidator implements OAuth2RequestValidator {
    private OAuth2DataService store;

    @Inject
    public AuthorizationCodeRequestValidator(OAuth2DataService oAuth2DataService) {
        this.store = null;
        this.store = oAuth2DataService;
    }

    @Override // org.apache.shindig.social.core.oauth2.validators.OAuth2RequestValidator
    public void validateRequest(OAuth2NormalizedRequest oAuth2NormalizedRequest) throws OAuth2Exception {
        OAuth2Client client = this.store.getClient(oAuth2NormalizedRequest.getClientId());
        if (client == null) {
            OAuth2NormalizedResponse oAuth2NormalizedResponse = new OAuth2NormalizedResponse();
            oAuth2NormalizedResponse.setError(OAuth2Types.ErrorType.INVALID_REQUEST.toString());
            oAuth2NormalizedResponse.setErrorDescription("The client is invalid or not registered");
            oAuth2NormalizedResponse.setBodyReturned(true);
            oAuth2NormalizedResponse.setStatus(403);
            throw new OAuth2Exception(oAuth2NormalizedResponse);
        }
        String redirectURI = client.getRedirectURI();
        if (redirectURI == null && oAuth2NormalizedRequest.getRedirectURI() == null) {
            OAuth2NormalizedResponse oAuth2NormalizedResponse2 = new OAuth2NormalizedResponse();
            oAuth2NormalizedResponse2.setError(OAuth2Types.ErrorType.INVALID_REQUEST.toString());
            oAuth2NormalizedResponse2.setErrorDescription("No redirect_uri registered or received in request");
            oAuth2NormalizedResponse2.setBodyReturned(true);
            oAuth2NormalizedResponse2.setStatus(403);
            throw new OAuth2Exception(oAuth2NormalizedResponse2);
        }
        if (oAuth2NormalizedRequest.getRedirectURI() == null || redirectURI == null || oAuth2NormalizedRequest.getRedirectURI().equals(redirectURI)) {
            return;
        }
        OAuth2NormalizedResponse oAuth2NormalizedResponse3 = new OAuth2NormalizedResponse();
        oAuth2NormalizedResponse3.setError(OAuth2Types.ErrorType.INVALID_REQUEST.toString());
        oAuth2NormalizedResponse3.setErrorDescription("Redirect URI does not match the one registered for this client");
        oAuth2NormalizedResponse3.setBodyReturned(true);
        oAuth2NormalizedResponse3.setStatus(403);
        throw new OAuth2Exception(oAuth2NormalizedResponse3);
    }
}
