package org.wso2.carbon.auth.oauth.impl;

import com.nimbusds.oauth2.sdk.ParseException;
import com.nimbusds.oauth2.sdk.ResourceOwnerPasswordCredentialsGrant;
import com.nimbusds.oauth2.sdk.Scope;
import com.nimbusds.oauth2.sdk.auth.Secret;
import java.util.Map;
import javax.annotation.Nullable;
import org.apache.commons.lang3.mutable.MutableBoolean;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.wso2.carbon.auth.oauth.ClientLookup;
import org.wso2.carbon.auth.oauth.GrantHandler;
import org.wso2.carbon.auth.oauth.OAuthConstants;
import org.wso2.carbon.auth.oauth.dao.OAuthDAO;
import org.wso2.carbon.auth.oauth.dto.AccessTokenContext;
import org.wso2.carbon.auth.oauth.dto.AccessTokenData;
import org.wso2.carbon.auth.oauth.exception.OAuthDAOException;
import org.wso2.carbon.auth.user.mgt.UserStoreException;
import org.wso2.carbon.auth.user.mgt.impl.JDBCUserStoreManager;

/* loaded from: input_file:org/wso2/carbon/auth/oauth/impl/PasswordGrantHandlerImpl.class */
public class PasswordGrantHandlerImpl implements GrantHandler {
    private static final Logger log = LoggerFactory.getLogger(PasswordGrantHandlerImpl.class);
    private OAuthDAO oauthDAO;
    private ClientLookup clientLookup;

    /* JADX INFO: Access modifiers changed from: package-private */
    public PasswordGrantHandlerImpl(OAuthDAO oAuthDAO) {
        this.oauthDAO = oAuthDAO;
        this.clientLookup = new ClientLookupImpl(oAuthDAO);
    }

    @Override // org.wso2.carbon.auth.oauth.GrantHandler
    public void process(String str, AccessTokenContext accessTokenContext, Map<String, String> map) throws OAuthDAOException {
        log.debug("Calling PasswordGrantHandlerImpl:process");
        try {
            processPasswordGrantRequest(str, accessTokenContext, map.get(OAuthConstants.SCOPE_QUERY_PARAM), ResourceOwnerPasswordCredentialsGrant.parse(map));
        } catch (ParseException e) {
            log.info("Error while parsing Password Grant request: ", e.getMessage());
            accessTokenContext.setErrorObject(e.getErrorObject());
        }
    }

    private void processPasswordGrantRequest(String str, AccessTokenContext accessTokenContext, @Nullable String str2, ResourceOwnerPasswordCredentialsGrant resourceOwnerPasswordCredentialsGrant) throws OAuthDAOException {
        log.debug("calling processPasswordGrantRequest");
        MutableBoolean mutableBoolean = new MutableBoolean(false);
        String clientId = this.clientLookup.getClientId(str, accessTokenContext, mutableBoolean);
        if (validateGrant(resourceOwnerPasswordCredentialsGrant)) {
            accessTokenContext.getParams().put("AUTH_USER", resourceOwnerPasswordCredentialsGrant.getUsername());
            if (mutableBoolean.isTrue()) {
                return;
            }
            TokenGenerator.generateAccessToken(str2 != null ? new Scope(new String[]{str2}) : new Scope(new String[]{OAuthConstants.SCOPE_DEFAULT}), accessTokenContext);
            AccessTokenData generateTokenData = TokenDataUtil.generateTokenData(accessTokenContext);
            generateTokenData.setAuthUser((String) accessTokenContext.getParams().get("AUTH_USER"));
            generateTokenData.setClientId(clientId);
            this.oauthDAO.addAccessTokenInfo(generateTokenData);
        }
    }

    private boolean validateGrant(ResourceOwnerPasswordCredentialsGrant resourceOwnerPasswordCredentialsGrant) {
        String username = resourceOwnerPasswordCredentialsGrant.getUsername();
        Secret password = resourceOwnerPasswordCredentialsGrant.getPassword();
        try {
            return new JDBCUserStoreManager().doAuthenticate(username, password.getValue());
        } catch (UserStoreException e) {
            log.error(e.getMessage(), e);
            return false;
        }
    }
}
