package de.adorsys.oauth.server;

import com.nimbusds.oauth2.sdk.AuthorizationGrant;
import com.nimbusds.oauth2.sdk.GrantType;
import com.nimbusds.oauth2.sdk.ResourceOwnerPasswordCredentialsGrant;
import com.nimbusds.oauth2.sdk.TokenRequest;
import java.io.IOException;
import javax.servlet.ServletException;
import org.apache.catalina.connector.Request;
import org.apache.catalina.connector.Response;
import org.apache.catalina.valves.ValveBase;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/lib/oauth-jboss-support-0.13.jar:de/adorsys/oauth/server/ResourceOwnerPasswordCredentialFlowValve.class */
public class ResourceOwnerPasswordCredentialFlowValve extends ValveBase {
    private static final Logger LOG = LoggerFactory.getLogger(ResourceOwnerPasswordCredentialFlowValve.class);
    private String clientSecurityDomain;

    public void invoke(Request request, Response response) throws IOException, ServletException {
        TokenRequest resolveTokenRequest = resolveTokenRequest(request);
        if (resolveTokenRequest == null) {
            getNext().invoke(request, response);
            return;
        }
        AuthorizationGrant authorizationGrant = resolveTokenRequest.getAuthorizationGrant();
        if (authorizationGrant.getType() != GrantType.PASSWORD) {
            getNext().invoke(request, response);
            return;
        }
        ResourceOwnerPasswordCredentialsGrant resourceOwnerPasswordCredentialsGrant = (ResourceOwnerPasswordCredentialsGrant) authorizationGrant;
        String username = resourceOwnerPasswordCredentialsGrant.getUsername();
        String value = resourceOwnerPasswordCredentialsGrant.getPassword().getValue();
        LOG.debug("ResourceOwnerPasswordCredentialFlow - login {} {}", username, value.replaceAll(".", "x"));
        request.setUserPrincipal(getContainer().getRealm().authenticate(username, value));
        getNext().invoke(request, response);
    }

    private TokenRequest resolveTokenRequest(Request request) {
        try {
            return TokenRequest.parse(de.adorsys.oauth.authdispatcher.FixedServletUtils.createHTTPRequest(request));
        } catch (Exception e) {
            return null;
        }
    }
}
