package com.nimbusds.openid.connect.provider.spi.grants.handlers.web;

import com.nimbusds.oauth2.sdk.ErrorObject;
import com.nimbusds.oauth2.sdk.GeneralException;
import com.nimbusds.oauth2.sdk.OAuth2Error;
import com.nimbusds.oauth2.sdk.Scope;
import com.nimbusds.oauth2.sdk.http.HTTPRequest;
import com.nimbusds.oauth2.sdk.http.HTTPResponse;
import com.nimbusds.openid.connect.provider.spi.InitContext;
import com.nimbusds.openid.connect.provider.spi.grants.GrantHandler;
import com.nimbusds.openid.connect.provider.spi.grants.TokenRequestParameters;
import java.io.IOException;
import java.io.InputStream;
import java.net.URI;
import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Properties;
import net.jcip.annotations.ThreadSafe;
import net.minidev.json.JSONObject;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;

@ThreadSafe
/* loaded from: input_file:com/nimbusds/openid/connect/provider/spi/grants/handlers/web/BaseGrantDelegator.class */
public abstract class BaseGrantDelegator implements GrantHandler {
    protected static final Logger mainLog = LogManager.getLogger("MAIN");
    protected static final Logger tokenEndpointLog = LogManager.getLogger("TOKEN");
    private final String configFilePath;
    protected BaseConfiguration config;

    public BaseGrantDelegator(String str) {
        this.configFilePath = str;
    }

    public abstract <T extends BaseConfiguration> T loadConfiguration(Properties properties);

    public void init(InitContext initContext) throws Exception {
        Properties properties = new Properties();
        InputStream resourceAsStream = initContext.getResourceAsStream(this.configFilePath);
        if (resourceAsStream != null) {
            properties.load(resourceAsStream);
        }
        this.config = loadConfiguration(properties);
        this.config.log();
    }

    public BaseConfiguration getConfiguration() {
        return this.config;
    }

    public boolean isEnabled() {
        return this.config.enable;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void ensureEnabled() throws GeneralException {
        if (!this.config.enable) {
            throw new GeneralException("Grant handler disabled", OAuth2Error.UNSUPPORTED_GRANT_TYPE);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public JSONObject send(HandlerRequest handlerRequest) throws GeneralException {
        ensureEnabled();
        HTTPRequest hTTPRequest = handlerRequest.toHTTPRequest(this.config.connectTimeout, this.config.readTimeout);
        tokenEndpointLog.debug("[{}0007] {} grant handler: New HTTP POST to {}", this.config.logPrefix, this.config.grantShortName, hTTPRequest.getURL());
        try {
            HTTPResponse send = hTTPRequest.send();
            if (!send.indicatesSuccess()) {
                ErrorObject processNon200Response = processNon200Response(send);
                throw new GeneralException(processNon200Response.getCode(), processNon200Response);
            }
            tokenEndpointLog.debug("[{}0009] {} grant handler: Received authorization response: {}", this.config.logPrefix, this.config.grantShortName, send.getBody());
            try {
                return send.getBodyAsJSONObject();
            } catch (Exception e) {
                tokenEndpointLog.error("[{}0010] {} grant handler: Invalid authorization response: {}", this.config.logPrefix, this.config.grantShortName, e.getMessage(), e);
                throw new GeneralException(OAuth2Error.SERVER_ERROR);
            }
        } catch (IOException e2) {
            tokenEndpointLog.error("[{}0008] {} grant handler: HTTP exception: {}", this.config.logPrefix, this.config.grantShortName, e2.getMessage(), e2);
            throw new GeneralException(OAuth2Error.SERVER_ERROR);
        }
    }

    public ErrorObject processNon200Response(HTTPResponse hTTPResponse) {
        if (hTTPResponse.getStatusCode() != 400) {
            tokenEndpointLog.error("[{}0011] {} handler: Unexpected HTTP response: {}", this.config.logPrefix, this.config.grantShortName, Integer.valueOf(hTTPResponse.getStatusCode()));
            return OAuth2Error.SERVER_ERROR;
        }
        ErrorObject parse = ErrorObject.parse(hTTPResponse);
        if (parse.getCode() == null) {
            tokenEndpointLog.error("[{}0012] {} grant handler: Missing OAuth 2.0 error code: {}", this.config.logPrefix, this.config.grantShortName, parse.getCode());
            return OAuth2Error.SERVER_ERROR;
        }
        tokenEndpointLog.info("[{}0013] {} grant handler: Token request denied: {}", this.config.logPrefix, this.config.grantShortName, parse.getCode());
        return parse;
    }

    public void shutdown() {
        mainLog.info("[{}0014] Shutting down {} grant handler...", this.config.logPrefix, this.config.grantShortName);
    }

    public TokenRequestParameters keepAllowedCustomParams(final TokenRequestParameters tokenRequestParameters) {
        return new TokenRequestParameters() { // from class: com.nimbusds.openid.connect.provider.spi.grants.handlers.web.BaseGrantDelegator.1
            public Scope getScope() {
                return tokenRequestParameters.getScope();
            }

            public List<URI> getResources() {
                return tokenRequestParameters.getResources();
            }

            public Map<String, List<String>> getCustomParameters() {
                if (BaseGrantDelegator.this.config.customParams.isEmpty() || tokenRequestParameters.getCustomParameters() == null) {
                    return Collections.emptyMap();
                }
                HashMap hashMap = new HashMap();
                for (Map.Entry entry : tokenRequestParameters.getCustomParameters().entrySet()) {
                    if (BaseGrantDelegator.this.config.customParams.contains(entry.getKey())) {
                        hashMap.put((String) entry.getKey(), (List) entry.getValue());
                    }
                }
                return Collections.unmodifiableMap(hashMap);
            }
        };
    }
}
