package org.mitre.oauth2.service.impl;

import org.mitre.openid.connect.service.BlacklistedSiteService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.oauth2.common.exceptions.InvalidRequestException;
import org.springframework.security.oauth2.common.exceptions.OAuth2Exception;
import org.springframework.security.oauth2.provider.ClientDetails;
import org.springframework.security.oauth2.provider.endpoint.DefaultRedirectResolver;
import org.springframework.stereotype.Component;

@Component("blacklistAwareRedirectResolver")
/* loaded from: input_file:org/mitre/oauth2/service/impl/BlacklistAwareRedirectResolver.class */
public class BlacklistAwareRedirectResolver extends DefaultRedirectResolver {

    @Autowired
    private BlacklistedSiteService blacklistService;

    public String resolveRedirect(String str, ClientDetails clientDetails) throws OAuth2Exception {
        String resolveRedirect = super.resolveRedirect(str, clientDetails);
        if (this.blacklistService.isBlacklisted(resolveRedirect)) {
            throw new InvalidRequestException("The supplied redirect_uri is not allowed on this server.");
        }
        return resolveRedirect;
    }
}
