package org.butor.sso.oauth2.servlet;

import java.io.IOException;
import java.io.PrintWriter;
import java.util.Map;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.oltu.oauth2.as.issuer.MD5Generator;
import org.apache.oltu.oauth2.as.issuer.OAuthIssuer;
import org.apache.oltu.oauth2.as.issuer.OAuthIssuerImpl;
import org.apache.oltu.oauth2.as.request.OAuthTokenRequest;
import org.apache.oltu.oauth2.as.response.OAuthASResponse;
import org.apache.oltu.oauth2.common.error.OAuthError;
import org.apache.oltu.oauth2.common.exception.OAuthProblemException;
import org.apache.oltu.oauth2.common.exception.OAuthSystemException;
import org.apache.oltu.oauth2.common.message.OAuthResponse;
import org.apache.oltu.oauth2.common.message.types.GrantType;
import org.butor.sso.oauth2.OauthTokenAuthenticator;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.web.HttpRequestHandler;

/* loaded from: input_file:WEB-INF/lib/butor-sso-oauth2-1.0.17.jar:org/butor/sso/oauth2/servlet/OAuth2AuthTokenRequestHandler.class */
public class OAuth2AuthTokenRequestHandler implements HttpRequestHandler {
    protected OauthTokenAuthenticator apiKeyValidator;
    protected OAuthIssuer oauthIssuer = new OAuthIssuerImpl(new MD5Generator());
    protected final Logger logger = LoggerFactory.getLogger(getClass());

    @Override // org.springframework.web.HttpRequestHandler
    public void handleRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        try {
            try {
                OAuthTokenRequest oAuthTokenRequest = new OAuthTokenRequest(httpServletRequest);
                String clientId = oAuthTokenRequest.getClientId();
                String grantType = oAuthTokenRequest.getGrantType();
                String accessToken = this.oauthIssuer.accessToken();
                String refreshToken = this.oauthIssuer.refreshToken();
                if (GrantType.REFRESH_TOKEN.toString().equals(grantType)) {
                    if (!this.apiKeyValidator.authenticateRefreshToken(clientId, oAuthTokenRequest.getRefreshToken(), accessToken, refreshToken)) {
                        throw OAuthProblemException.error(OAuthError.TokenResponse.INVALID_GRANT);
                    }
                } else {
                    if (!GrantType.CLIENT_CREDENTIALS.toString().equals(grantType)) {
                        throw OAuthProblemException.error(OAuthError.TokenResponse.UNSUPPORTED_GRANT_TYPE);
                    }
                    if (!this.apiKeyValidator.authenticateClientSecret(clientId, oAuthTokenRequest.getClientSecret(), accessToken, refreshToken)) {
                        throw OAuthProblemException.error(OAuthError.TokenResponse.INVALID_CLIENT);
                    }
                }
                OAuthResponse buildJSONMessage = OAuthASResponse.tokenResponse(200).setAccessToken(accessToken).setExpiresIn(String.valueOf(this.apiKeyValidator.getTicketTTL())).setRefreshToken(refreshToken).buildJSONMessage();
                for (Map.Entry<String, String> entry : buildJSONMessage.getHeaders().entrySet()) {
                    httpServletResponse.setHeader(entry.getKey(), entry.getValue());
                }
                httpServletResponse.setHeader("Pragma", "no-cache");
                httpServletResponse.setHeader("Cache-Control", "no-store");
                httpServletResponse.setStatus(buildJSONMessage.getResponseStatus());
                PrintWriter writer = httpServletResponse.getWriter();
                writer.print(buildJSONMessage.getBody());
                writer.flush();
                writer.close();
            } catch (OAuthProblemException e) {
                this.logger.warn("Exception while processing token request", (Throwable) e);
                OAuthResponse buildJSONMessage2 = OAuthResponse.errorResponse(401).error(e).buildJSONMessage();
                httpServletResponse.sendError(buildJSONMessage2.getResponseStatus());
                PrintWriter writer2 = httpServletResponse.getWriter();
                writer2.print(buildJSONMessage2.getBody());
                writer2.flush();
                writer2.close();
            }
        } catch (OAuthSystemException e2) {
            this.logger.error("{}", (Throwable) e2);
            try {
                OAuthResponse buildJSONMessage3 = OAuthResponse.errorResponse(400).error(OAuthProblemException.error("invalid_request")).buildJSONMessage();
                httpServletResponse.sendError(buildJSONMessage3.getResponseStatus());
                PrintWriter writer3 = httpServletResponse.getWriter();
                writer3.print(buildJSONMessage3.getBody());
                writer3.flush();
                writer3.close();
            } catch (OAuthSystemException e3) {
                this.logger.error("Unable to send response ?!! {}", (Throwable) e2);
            }
        }
    }

    public void setOauthIssuer(OAuthIssuer oAuthIssuer) {
        this.oauthIssuer = oAuthIssuer;
    }

    public void setApiKeyValidator(OauthTokenAuthenticator oauthTokenAuthenticator) {
        this.apiKeyValidator = oauthTokenAuthenticator;
    }
}
