package org.apache.shindig.gadgets.oauth2.handler;

import com.google.common.collect.Maps;
import com.google.inject.Inject;
import java.io.UnsupportedEncodingException;
import java.util.HashMap;
import java.util.List;
import org.apache.shindig.auth.AnonymousSecurityToken;
import org.apache.shindig.common.uri.Uri;
import org.apache.shindig.gadgets.http.HttpRequest;
import org.apache.shindig.gadgets.oauth2.OAuth2Accessor;
import org.apache.shindig.gadgets.oauth2.OAuth2Error;
import org.apache.shindig.gadgets.oauth2.OAuth2Message;
import org.apache.shindig.gadgets.oauth2.OAuth2RequestException;
import org.apache.shindig.gadgets.oauth2.OAuth2Utils;

/* loaded from: input_file:WEB-INF/lib/shindig-gadgets-2.5.2-wso2v6.jar:org/apache/shindig/gadgets/oauth2/handler/ClientCredentialsGrantTypeHandler.class */
public class ClientCredentialsGrantTypeHandler implements GrantRequestHandler {
    private static final OAuth2Error ERROR = OAuth2Error.CLIENT_CREDENTIALS_PROBLEM;
    private final List<ClientAuthenticationHandler> clientAuthenticationHandlers;

    @Inject
    public ClientCredentialsGrantTypeHandler(List<ClientAuthenticationHandler> list) {
        this.clientAuthenticationHandlers = list;
    }

    private String getAuthorizationBody(OAuth2Accessor oAuth2Accessor) throws OAuth2RequestException {
        HashMap newHashMap = Maps.newHashMap();
        newHashMap.put(OAuth2Message.GRANT_TYPE, getGrantType());
        String clientId = oAuth2Accessor.getClientId();
        try {
            String str = new String(oAuth2Accessor.getClientSecret(), "UTF-8");
            newHashMap.put(OAuth2Message.CLIENT_ID, clientId);
            newHashMap.put(OAuth2Message.CLIENT_SECRET, str);
            String buildUrl = OAuth2Utils.buildUrl("", newHashMap, null);
            char charAt = buildUrl.charAt(0);
            if (charAt == '?' || charAt == '&') {
                buildUrl = buildUrl.substring(1);
            }
            return buildUrl;
        } catch (UnsupportedEncodingException e) {
            throw new OAuth2RequestException(OAuth2Error.CLIENT_CREDENTIALS_PROBLEM, "error getting authorization body", e);
        }
    }

    @Override // org.apache.shindig.gadgets.oauth2.handler.GrantRequestHandler
    public HttpRequest getAuthorizationRequest(OAuth2Accessor oAuth2Accessor, String str) throws OAuth2RequestException {
        OAuth2HandlerError addOAuth2Authentication;
        if (str == null || str.length() == 0) {
            throw new OAuth2RequestException(ERROR, "completeAuthorizationUrl is null", null);
        }
        if (oAuth2Accessor == null) {
            throw new OAuth2RequestException(ERROR, "accessor is null", null);
        }
        if (!oAuth2Accessor.isValid() || oAuth2Accessor.isErrorResponse() || oAuth2Accessor.isRedirecting()) {
            throw new OAuth2RequestException(ERROR, "accessor is invalid", null);
        }
        if (!oAuth2Accessor.getGrantType().equalsIgnoreCase(OAuth2Message.CLIENT_CREDENTIALS)) {
            throw new OAuth2RequestException(ERROR, "grant type is not client_credentials", null);
        }
        HttpRequest httpRequest = new HttpRequest(Uri.parse(str));
        httpRequest.setMethod("POST");
        httpRequest.setHeader("Content-Type", "application/x-www-form-urlencoded; charset=utf-8");
        httpRequest.setSecurityToken(new AnonymousSecurityToken("", 0L, oAuth2Accessor.getGadgetUri()));
        for (ClientAuthenticationHandler clientAuthenticationHandler : this.clientAuthenticationHandlers) {
            if (clientAuthenticationHandler.geClientAuthenticationType().equalsIgnoreCase(oAuth2Accessor.getClientAuthenticationType()) && (addOAuth2Authentication = clientAuthenticationHandler.addOAuth2Authentication(httpRequest, oAuth2Accessor)) != null) {
                throw new OAuth2RequestException(addOAuth2Authentication.getError(), addOAuth2Authentication.getContextMessage(), addOAuth2Authentication.getCause(), addOAuth2Authentication.getUri(), addOAuth2Authentication.getDescription());
            }
        }
        try {
            httpRequest.setPostBody(getAuthorizationBody(oAuth2Accessor).getBytes("UTF-8"));
            return httpRequest;
        } catch (UnsupportedEncodingException e) {
            throw new OAuth2RequestException(OAuth2Error.CLIENT_CREDENTIALS_PROBLEM, "ClientCredentialsGrantTypeHandler - exception setting post body", e);
        }
    }

    @Override // org.apache.shindig.gadgets.oauth2.handler.GrantRequestHandler
    public String getCompleteUrl(OAuth2Accessor oAuth2Accessor) throws OAuth2RequestException {
        if (oAuth2Accessor == null) {
            throw new OAuth2RequestException(ERROR, "accessor is null", null);
        }
        if (!oAuth2Accessor.isValid() || oAuth2Accessor.isErrorResponse() || oAuth2Accessor.isRedirecting()) {
            throw new OAuth2RequestException(ERROR, "accessor is invalid", null);
        }
        if (!oAuth2Accessor.getGrantType().equalsIgnoreCase(OAuth2Message.CLIENT_CREDENTIALS)) {
            throw new OAuth2RequestException(ERROR, "grant type is not client_credentials", null);
        }
        try {
            HashMap newHashMapWithExpectedSize = Maps.newHashMapWithExpectedSize(4);
            newHashMapWithExpectedSize.put(OAuth2Message.GRANT_TYPE, getGrantType());
            String clientId = oAuth2Accessor.getClientId();
            String str = new String(oAuth2Accessor.getClientSecret(), "UTF-8");
            newHashMapWithExpectedSize.put(OAuth2Message.CLIENT_ID, clientId);
            newHashMapWithExpectedSize.put(OAuth2Message.CLIENT_SECRET, str);
            String scope = oAuth2Accessor.getScope();
            if (scope != null && scope.length() > 0) {
                newHashMapWithExpectedSize.put("scope", scope);
            }
            return OAuth2Utils.buildUrl(oAuth2Accessor.getTokenUrl(), newHashMapWithExpectedSize, null);
        } catch (UnsupportedEncodingException e) {
            throw new OAuth2RequestException(OAuth2Error.CLIENT_CREDENTIALS_PROBLEM, "problem getting complete url", e);
        }
    }

    @Override // org.apache.shindig.gadgets.oauth2.handler.GrantRequestHandler
    public String getGrantType() {
        return OAuth2Message.CLIENT_CREDENTIALS;
    }

    @Override // org.apache.shindig.gadgets.oauth2.handler.GrantRequestHandler
    public boolean isAuthorizationEndpointResponse() {
        return false;
    }

    @Override // org.apache.shindig.gadgets.oauth2.handler.GrantRequestHandler
    public boolean isRedirectRequired() {
        return false;
    }

    @Override // org.apache.shindig.gadgets.oauth2.handler.GrantRequestHandler
    public boolean isTokenEndpointResponse() {
        return true;
    }
}
