package org.mitre.oauth2.token;

import com.nimbusds.jwt.JWT;
import com.nimbusds.jwt.JWTParser;
import java.text.ParseException;
import org.mitre.jwt.assertion.AssertionValidator;
import org.mitre.oauth2.assertion.AssertionOAuth2RequestFactory;
import org.mitre.oauth2.service.ClientDetailsEntityService;
import org.mitre.oauth2.service.OAuth2TokenEntityService;
import org.mitre.openid.connect.assertion.JWTBearerAssertionAuthenticationToken;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.oauth2.common.exceptions.InvalidTokenException;
import org.springframework.security.oauth2.provider.ClientDetails;
import org.springframework.security.oauth2.provider.OAuth2Authentication;
import org.springframework.security.oauth2.provider.OAuth2RequestFactory;
import org.springframework.security.oauth2.provider.TokenRequest;
import org.springframework.security.oauth2.provider.token.AbstractTokenGranter;
import org.springframework.stereotype.Component;

@Component("jwtAssertionTokenGranter")
/* loaded from: input_file:org/mitre/oauth2/token/JWTAssertionTokenGranter.class */
public class JWTAssertionTokenGranter extends AbstractTokenGranter {
    private static final String grantType = "urn:ietf:params:oauth:grant-type:jwt-bearer";

    @Autowired
    @Qualifier("jwtAssertionValidator")
    private AssertionValidator validator;

    @Autowired
    private AssertionOAuth2RequestFactory assertionFactory;

    @Autowired
    public JWTAssertionTokenGranter(OAuth2TokenEntityService oAuth2TokenEntityService, ClientDetailsEntityService clientDetailsEntityService, OAuth2RequestFactory oAuth2RequestFactory) {
        super(oAuth2TokenEntityService, clientDetailsEntityService, oAuth2RequestFactory, grantType);
    }

    protected OAuth2Authentication getOAuth2Authentication(ClientDetails clientDetails, TokenRequest tokenRequest) throws AuthenticationException, InvalidTokenException {
        try {
            JWT parse = JWTParser.parse((String) tokenRequest.getRequestParameters().get("assertion"));
            if (this.validator.isValid(parse)) {
                return new OAuth2Authentication(this.assertionFactory.createOAuth2Request(clientDetails, tokenRequest, parse), new JWTBearerAssertionAuthenticationToken(parse, clientDetails.getAuthorities()));
            }
            this.logger.warn("Incoming assertion did not pass validator, rejecting");
            return null;
        } catch (ParseException e) {
            this.logger.warn("Unable to parse incoming assertion");
            return null;
        }
    }
}
