package com.nimbusds.openid.connect.provider.spi.impl.grants.handlers.web.password;

import com.nimbusds.oauth2.sdk.ParseException;
import com.nimbusds.oauth2.sdk.ResourceOwnerPasswordCredentialsGrant;
import com.nimbusds.oauth2.sdk.auth.Secret;
import com.nimbusds.oauth2.sdk.http.HTTPRequest;
import com.nimbusds.oauth2.sdk.id.ClientID;
import com.nimbusds.oauth2.sdk.id.Issuer;
import com.nimbusds.oauth2.sdk.token.BearerAccessToken;
import com.nimbusds.oauth2.sdk.util.JSONObjectUtils;
import com.nimbusds.openid.connect.provider.spi.grants.TokenRequestParameters;
import com.nimbusds.openid.connect.provider.spi.impl.grants.handlers.web.BaseWebHandlerRequest;
import java.net.URL;
import java.util.Objects;
import java.util.Optional;
import net.jcip.annotations.Immutable;
import net.minidev.json.JSONObject;

@Immutable
/* loaded from: input_file:com/nimbusds/openid/connect/provider/spi/impl/grants/handlers/web/password/PasswordGrantHandlerRequest.class */
public final class PasswordGrantHandlerRequest extends BaseWebHandlerRequest {
    private final ResourceOwnerPasswordCredentialsGrant grant;

    public PasswordGrantHandlerRequest(Issuer issuer, URL url, BearerAccessToken bearerAccessToken, ResourceOwnerPasswordCredentialsGrant resourceOwnerPasswordCredentialsGrant, TokenRequestParameters tokenRequestParameters, ClientID clientID, boolean z, JSONObject jSONObject) {
        super(issuer, url, bearerAccessToken, tokenRequestParameters, clientID, Optional.of(Boolean.valueOf(z)), jSONObject);
        Objects.requireNonNull(resourceOwnerPasswordCredentialsGrant);
        this.grant = resourceOwnerPasswordCredentialsGrant;
    }

    public ResourceOwnerPasswordCredentialsGrant getGrant() {
        return this.grant;
    }

    @Override // com.nimbusds.openid.connect.provider.spi.impl.grants.handlers.web.BaseWebHandlerRequest, com.nimbusds.openid.connect.provider.spi.impl.grants.handlers.web.WebHandlerRequest
    public JSONObject toJSONObject() {
        JSONObject jSONObject = super.toJSONObject();
        jSONObject.put("username", this.grant.getUsername());
        jSONObject.put("password", this.grant.getPassword().getValue());
        try {
            JSONObject jSONObject2 = JSONObjectUtils.getJSONObject(jSONObject, "client");
            if (!jSONObject2.containsKey("require_auth_time")) {
                jSONObject2.put("require_auth_time", false);
            }
            jSONObject.put("client", jSONObject2);
            return jSONObject;
        } catch (ParseException e) {
            throw new RuntimeException((Throwable) e);
        }
    }

    public static PasswordGrantHandlerRequest parse(HTTPRequest hTTPRequest) throws ParseException {
        JSONObject bodyAsJSONObject = hTTPRequest.getBodyAsJSONObject();
        String string = JSONObjectUtils.getString(bodyAsJSONObject, "username");
        bodyAsJSONObject.remove("username");
        Secret secret = new Secret(JSONObjectUtils.getString(bodyAsJSONObject, "password"));
        bodyAsJSONObject.remove("password");
        hTTPRequest.setBody(bodyAsJSONObject.toJSONString());
        ResourceOwnerPasswordCredentialsGrant resourceOwnerPasswordCredentialsGrant = new ResourceOwnerPasswordCredentialsGrant(string, secret);
        BaseWebHandlerRequest parse = BaseWebHandlerRequest.parse(hTTPRequest);
        if (parse.isConfidentialClient().isEmpty()) {
            throw new ParseException("Missing boolean client confidential flag");
        }
        return new PasswordGrantHandlerRequest(parse.getIssuer(), parse.getURL(), parse.getAccessToken(), resourceOwnerPasswordCredentialsGrant, parse.getTokenRequestParameters(), parse.getClientID(), parse.isConfidentialClient().get().booleanValue(), parse.getClientMetadata());
    }
}
