package org.apache.shindig.social.core.oauth2.validators;

import com.google.inject.Inject;
import java.util.ArrayList;
import java.util.List;
import org.apache.shindig.social.core.oauth2.OAuth2Client;
import org.apache.shindig.social.core.oauth2.OAuth2DataService;
import org.apache.shindig.social.core.oauth2.OAuth2Exception;
import org.apache.shindig.social.core.oauth2.OAuth2NormalizedRequest;
import org.apache.shindig.social.core.oauth2.OAuth2NormalizedResponse;
import org.apache.shindig.social.core.oauth2.OAuth2Types;

/* loaded from: input_file:WEB-INF/lib/shindig-social-api-2.5.2-wso2v11.jar:org/apache/shindig/social/core/oauth2/validators/AccessTokenRequestValidator.class */
public class AccessTokenRequestValidator implements OAuth2RequestValidator {
    private OAuth2DataService store;
    private List<OAuth2GrantValidator> grantValidators = new ArrayList();

    @Inject
    public AccessTokenRequestValidator(OAuth2DataService oAuth2DataService) {
        this.store = null;
        this.grantValidators.add(new AuthCodeGrantValidator(oAuth2DataService));
        this.grantValidators.add(new ClientCredentialsGrantValidator(oAuth2DataService));
        this.store = oAuth2DataService;
    }

    @Override // org.apache.shindig.social.core.oauth2.validators.OAuth2RequestValidator
    public void validateRequest(OAuth2NormalizedRequest oAuth2NormalizedRequest) throws OAuth2Exception {
        if (oAuth2NormalizedRequest.getGrantType() != null) {
            for (OAuth2GrantValidator oAuth2GrantValidator : this.grantValidators) {
                if (oAuth2GrantValidator.getGrantType().equals(oAuth2NormalizedRequest.getGrantType())) {
                    oAuth2GrantValidator.validateRequest(oAuth2NormalizedRequest);
                    return;
                }
            }
            OAuth2NormalizedResponse oAuth2NormalizedResponse = new OAuth2NormalizedResponse();
            oAuth2NormalizedResponse.setStatus(400);
            oAuth2NormalizedResponse.setError(OAuth2Types.ErrorType.UNSUPPORTED_GRANT_TYPE.toString());
            oAuth2NormalizedResponse.setErrorDescription("Unsupported grant type");
            oAuth2NormalizedResponse.setBodyReturned(true);
            throw new OAuth2Exception(oAuth2NormalizedResponse);
        }
        if (oAuth2NormalizedRequest.getResponseType() == null || !oAuth2NormalizedRequest.getResponseType().equals("token")) {
            OAuth2NormalizedResponse oAuth2NormalizedResponse2 = new OAuth2NormalizedResponse();
            oAuth2NormalizedResponse2.setError(OAuth2Types.ErrorType.UNSUPPORTED_RESPONSE_TYPE.toString());
            oAuth2NormalizedResponse2.setErrorDescription("Unsupported response type");
            oAuth2NormalizedResponse2.setStatus(403);
            throw new OAuth2Exception(oAuth2NormalizedResponse2);
        }
        OAuth2Client client = this.store.getClient(oAuth2NormalizedRequest.getClientId());
        if (client == null || client.getFlow() != OAuth2Client.Flow.IMPLICIT) {
            OAuth2NormalizedResponse oAuth2NormalizedResponse3 = new OAuth2NormalizedResponse();
            oAuth2NormalizedResponse3.setError(OAuth2Types.ErrorType.INVALID_CLIENT.toString());
            oAuth2NormalizedResponse3.setErrorDescription(oAuth2NormalizedRequest.getClientId() + " is not a registered implicit client");
            oAuth2NormalizedResponse3.setBodyReturned(true);
            oAuth2NormalizedResponse3.setStatus(403);
            throw new OAuth2Exception(oAuth2NormalizedResponse3);
        }
        if (oAuth2NormalizedRequest.getRedirectURI() == null && client.getRedirectURI() == null) {
            OAuth2NormalizedResponse oAuth2NormalizedResponse4 = new OAuth2NormalizedResponse();
            oAuth2NormalizedResponse4.setError(OAuth2Types.ErrorType.INVALID_REQUEST.toString());
            oAuth2NormalizedResponse4.setErrorDescription("No redirect_uri registered or received in request");
            oAuth2NormalizedResponse4.setBodyReturned(true);
            oAuth2NormalizedResponse4.setStatus(403);
            throw new OAuth2Exception(oAuth2NormalizedResponse4);
        }
        if (oAuth2NormalizedRequest.getRedirectURI() == null || oAuth2NormalizedRequest.getRedirectURI().equals(client.getRedirectURI())) {
            return;
        }
        OAuth2NormalizedResponse oAuth2NormalizedResponse5 = new OAuth2NormalizedResponse();
        oAuth2NormalizedResponse5.setError(OAuth2Types.ErrorType.INVALID_REQUEST.toString());
        oAuth2NormalizedResponse5.setErrorDescription("Redirect URI does not match the one registered for this client");
        oAuth2NormalizedResponse5.setBodyReturned(true);
        oAuth2NormalizedResponse5.setStatus(403);
        throw new OAuth2Exception(oAuth2NormalizedResponse5);
    }
}
