package org.wso2.carbon.auth.oauth.impl;

import com.nimbusds.oauth2.sdk.AuthorizationCode;
import com.nimbusds.oauth2.sdk.AuthorizationRequest;
import com.nimbusds.oauth2.sdk.ErrorObject;
import com.nimbusds.oauth2.sdk.OAuth2Error;
import com.nimbusds.oauth2.sdk.ParseException;
import com.nimbusds.oauth2.sdk.ResponseType;
import com.nimbusds.oauth2.sdk.Scope;
import com.nimbusds.oauth2.sdk.token.AccessTokenType;
import com.nimbusds.oauth2.sdk.token.BearerAccessToken;
import java.net.URI;
import java.net.URISyntaxException;
import java.util.Map;
import java.util.Optional;
import org.apache.commons.lang3.mutable.MutableBoolean;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.wso2.carbon.auth.oauth.AuthRequestHandler;
import org.wso2.carbon.auth.oauth.OAuthConstants;
import org.wso2.carbon.auth.oauth.dao.OAuthDAO;
import org.wso2.carbon.auth.oauth.dto.AuthResponseContext;
import org.wso2.carbon.auth.oauth.exception.OAuthDAOException;

/* loaded from: input_file:org/wso2/carbon/auth/oauth/impl/AuthRequestHandlerImpl.class */
public class AuthRequestHandlerImpl implements AuthRequestHandler {
    private static final Logger log = LoggerFactory.getLogger(AuthRequestHandlerImpl.class);
    private OAuthDAO oauthDAO;

    public AuthRequestHandlerImpl(OAuthDAO oAuthDAO) {
        this.oauthDAO = oAuthDAO;
    }

    @Override // org.wso2.carbon.auth.oauth.AuthRequestHandler
    public AuthResponseContext generateCode(Map<String, String> map) {
        AuthResponseContext authResponseContext;
        log.debug("Calling generateCode");
        try {
            authResponseContext = processAuthRequest(AuthorizationRequest.parse(map));
        } catch (ParseException e) {
            log.info("Error while parsing AuthorizationRequest: ", e.getMessage());
            authResponseContext = new AuthResponseContext();
            authResponseContext.setRedirectUri(e.getRedirectionURI());
            authResponseContext.setErrorObject(e.getErrorObject());
            authResponseContext.setState(e.getState());
        }
        return authResponseContext;
    }

    private AuthResponseContext processAuthRequest(AuthorizationRequest authorizationRequest) {
        log.debug("Calling processAuthRequest");
        AuthResponseContext authResponseContext = new AuthResponseContext();
        authResponseContext.setState(authorizationRequest.getState());
        MutableBoolean mutableBoolean = new MutableBoolean(false);
        updateRedirectUriIfNotSent(authResponseContext, authorizationRequest, mutableBoolean);
        if (mutableBoolean.isTrue()) {
            return authResponseContext;
        }
        if (authorizationRequest.getResponseType().equals(new ResponseType(new ResponseType.Value[]{ResponseType.Value.CODE}))) {
            generateAuthCode(authResponseContext, authorizationRequest);
        } else if (authorizationRequest.getResponseType().equals(new ResponseType(new ResponseType.Value[]{ResponseType.Value.TOKEN}))) {
            generateAccessToken(authResponseContext, authorizationRequest);
        } else {
            log.info("Value of response_type: " + authorizationRequest.getResponseType().toString() + " is invalid(client Id: " + authorizationRequest.getClientID().getValue());
            authResponseContext.setErrorObject(new ErrorObject(OAuth2Error.INVALID_REQUEST.getCode()));
        }
        return authResponseContext;
    }

    private void updateRedirectUriIfNotSent(AuthResponseContext authResponseContext, AuthorizationRequest authorizationRequest, MutableBoolean mutableBoolean) {
        log.debug("Calling updateRedirectUriIfNotSent");
        URI redirectionURI = authorizationRequest.getRedirectionURI();
        if (redirectionURI != null) {
            authResponseContext.setRedirectUri(redirectionURI);
            return;
        }
        try {
            Optional<Optional<String>> redirectUri = this.oauthDAO.getRedirectUri(authorizationRequest.getClientID().getValue());
            if (redirectUri.isPresent()) {
                Optional<String> optional = redirectUri.get();
                if (optional.isPresent()) {
                    authResponseContext.setRedirectUri(new URI(optional.get()));
                } else {
                    log.error("Pre-registered Client Redirect Uri was not found");
                    authResponseContext.setErrorObject(new ErrorObject(OAuth2Error.SERVER_ERROR.getCode()));
                    mutableBoolean.setTrue();
                }
            } else {
                log.info("Client Id: " + authorizationRequest.getClientID().getValue() + ", does not exist ");
                authResponseContext.setErrorObject(new ErrorObject(OAuth2Error.UNAUTHORIZED_CLIENT.getCode()));
                mutableBoolean.setTrue();
            }
        } catch (URISyntaxException e) {
            log.error("Pre-registered Client Redirect Uri syntax is invalid", e);
            authResponseContext.setErrorObject(new ErrorObject(OAuth2Error.SERVER_ERROR.getCode()));
            mutableBoolean.setTrue();
        } catch (OAuthDAOException e2) {
            log.error("Error while getting public client information for client Id: " + authorizationRequest.getClientID().getValue(), e2);
            authResponseContext.setErrorObject(new ErrorObject(OAuth2Error.SERVER_ERROR.getCode()));
            mutableBoolean.setTrue();
        }
    }

    private void generateAuthCode(AuthResponseContext authResponseContext, AuthorizationRequest authorizationRequest) {
        log.debug("Calling generateAuthCode");
        try {
            String value = new AuthorizationCode().getValue();
            this.oauthDAO.addAuthCodeInfo(value, authorizationRequest.getClientID().getValue(), getScope(authorizationRequest), authorizationRequest.getRedirectionURI());
            authResponseContext.setAuthCode(value);
        } catch (OAuthDAOException e) {
            log.error("Error while saving auth code information for client Id: " + authorizationRequest.getClientID().getValue(), e);
            authResponseContext.setErrorObject(new ErrorObject(OAuth2Error.SERVER_ERROR.getCode()));
        }
    }

    private void generateAccessToken(AuthResponseContext authResponseContext, AuthorizationRequest authorizationRequest) {
        log.debug("Calling generateAccessToken");
        Scope scope = authorizationRequest.getScope();
        if (scope == null) {
            scope = new Scope(new String[]{OAuthConstants.SCOPE_DEFAULT});
        }
        authResponseContext.setAccessToken(new BearerAccessToken(3600L, scope));
        authResponseContext.setTokenType(AccessTokenType.BEARER);
        authResponseContext.setExpiresIn(3600L);
        authResponseContext.setScope(scope);
        authResponseContext.setState(authorizationRequest.getState());
    }

    private String getScope(AuthorizationRequest authorizationRequest) {
        log.debug("Calling getScope");
        Scope scope = authorizationRequest.getScope();
        return scope != null ? scope.toString() : OAuthConstants.SCOPE_DEFAULT;
    }
}
