package de.adorsys.oauth.server;

import com.nimbusds.oauth2.sdk.OAuth2Error;
import com.nimbusds.oauth2.sdk.TokenErrorResponse;
import com.nimbusds.oauth2.sdk.auth.ClientAuthentication;
import com.nimbusds.oauth2.sdk.http.ServletUtils;
import javax.enterprise.context.ApplicationScoped;
import javax.inject.Inject;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.ws.rs.Consumes;
import javax.ws.rs.FormParam;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.Response;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Path("revoke")
@ApplicationScoped
/* loaded from: input_file:de/adorsys/oauth/server/RevokeResource.class */
public class RevokeResource {
    private static final Logger LOG = LoggerFactory.getLogger(RevokeResource.class);

    @Context
    private HttpServletRequest servletRequest;

    @Context
    private HttpServletResponse servletResponse;

    @Inject
    private TokenStore tokenStore;

    @POST
    @Consumes({"application/x-www-form-urlencoded"})
    public Response revoke(@FormParam("token") String str, @FormParam("token_type_hint") String str2) throws Exception {
        if (str == null) {
            ServletUtils.applyHTTPResponse(new TokenErrorResponse(OAuth2Error.INVALID_GRANT).toHTTPResponse(), this.servletResponse);
            return null;
        }
        ClientAuthentication parse = ClientAuthentication.parse(FixedServletUtils.createHTTPRequest(this.servletRequest));
        if ("login_session".equals(str2)) {
            LoginSessionToken loginSessionToken = new LoginSessionToken(str);
            this.tokenStore.remove(loginSessionToken);
            this.tokenStore.invalidateLoginSession(loginSessionToken);
        } else {
            this.tokenStore.remove(str, parse.getClientID());
        }
        return Response.ok("token revoked").header("Pragma", "no-cache").header("Cache-Control", "no-store").build();
    }
}
