package edu.uiuc.ncsa.security.oauth_2_0.client;

import edu.uiuc.ncsa.security.delegation.client.request.AGRequest;
import edu.uiuc.ncsa.security.delegation.client.request.AGResponse;
import edu.uiuc.ncsa.security.delegation.client.server.AGServer;
import edu.uiuc.ncsa.security.delegation.token.impl.AuthorizationGrantImpl;
import edu.uiuc.ncsa.security.oauth_2_0.NonceHerder;
import edu.uiuc.ncsa.security.oauth_2_0.OA2Constants;
import edu.uiuc.ncsa.security.oauth_2_0.OA2Scopes;
import edu.uiuc.ncsa.security.servlet.ServiceClient;
import java.net.URI;
import java.security.SecureRandom;
import java.util.HashMap;
import net.sf.json.JSONObject;
import org.apache.commons.codec.binary.Hex;

/* loaded from: input_file:WEB-INF/lib/ncsa-security-oauth-2.0-3.1.jar:edu/uiuc/ncsa/security/oauth_2_0/client/AGServer2.class */
public class AGServer2 extends ASImpl implements AGServer {
    public static int STATE_LENGTH = 16;
    ServiceClient serviceClient;
    SecureRandom secureRandom;

    public ServiceClient getServiceClient() {
        return this.serviceClient;
    }

    public AGServer2(ServiceClient serviceClient) {
        super(serviceClient.host(new URI[0]));
        this.secureRandom = new SecureRandom();
        this.serviceClient = serviceClient;
    }

    @Override // edu.uiuc.ncsa.security.delegation.client.server.AGServer
    public AGResponse processAGRequest(AGRequest aGRequest) {
        String createNonce = NonceHerder.createNonce();
        HashMap hashMap = new HashMap();
        hashMap.put(OA2Constants.RESPONSE_TYPE, OA2Constants.AUTHORIZATION_CODE);
        hashMap.put(OA2Constants.CLIENT_ID, aGRequest.getClient().getIdentifierString());
        hashMap.put(OA2Constants.SCOPE, OA2Scopes.SCOPE_OPENID);
        hashMap.put(OA2Constants.REDIRECT_URI, aGRequest.getParameters().get(OA2Constants.REDIRECT_URI));
        byte[] bArr = new byte[STATE_LENGTH];
        this.secureRandom.nextBytes(bArr);
        String encodeHexString = Hex.encodeHexString(bArr);
        hashMap.put(OA2Constants.STATE, encodeHexString);
        hashMap.put(OA2Constants.NONCE, createNonce);
        hashMap.put(OA2Constants.PROMPT, OA2Constants.PROMPT_LOGIN);
        JSONObject fromObject = JSONObject.fromObject(getServiceClient().getRawResponse(hashMap));
        String string = fromObject.getString(OA2Constants.AUTHORIZATION_CODE);
        if (string == null) {
            throw new IllegalArgumentException("Error: server did not return an access code.");
        }
        String string2 = fromObject.getString(OA2Constants.STATE);
        if (!encodeHexString.equals(string2)) {
            throw new IllegalStateException("The state string returned by the server does not match the one sent.");
        }
        HashMap hashMap2 = new HashMap();
        hashMap2.put(OA2Constants.STATE, string2);
        AGResponse aGResponse = new AGResponse(new AuthorizationGrantImpl(URI.create(string), null));
        aGResponse.setParameters(hashMap2);
        return aGResponse;
    }
}
