package fi.foyt.fni.view.users;

import fi.foyt.fni.auth.OAuthController;
import fi.foyt.fni.persistence.model.oauth.OAuthAuthorizationCode;
import fi.foyt.fni.persistence.model.oauth.OAuthClient;
import fi.foyt.fni.persistence.model.oauth.OAuthClientType;
import java.io.IOException;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.inject.Inject;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.transaction.Transactional;
import org.apache.commons.io.IOUtils;
import org.apache.oltu.oauth2.as.issuer.MD5Generator;
import org.apache.oltu.oauth2.as.issuer.OAuthIssuerImpl;
import org.apache.oltu.oauth2.as.request.OAuthTokenRequest;
import org.apache.oltu.oauth2.as.response.OAuthASResponse;
import org.apache.oltu.oauth2.common.OAuth;
import org.apache.oltu.oauth2.common.exception.OAuthProblemException;
import org.apache.oltu.oauth2.common.exception.OAuthSystemException;
import org.apache.oltu.oauth2.common.message.OAuthResponse;
import org.apache.oltu.oauth2.common.message.types.GrantType;

@WebServlet(urlPatterns = {"/oauth2/token"}, name = "oauth2-token")
@Transactional
/* loaded from: input_file:WEB-INF/classes/fi/foyt/fni/view/users/OAuth2TokenServlet.class */
public class OAuth2TokenServlet extends HttpServlet {
    private static final long serialVersionUID = 299062857600491172L;
    private static final long TOKEN_EXPIRES = 3600;

    @Inject
    private Logger logger;

    @Inject
    private OAuthController oAuthController;

    protected void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        OAuthResponse buildJSONMessage;
        try {
            OAuthTokenRequest oAuthTokenRequest = new OAuthTokenRequest(httpServletRequest);
            OAuthClient findClientByClientIdAndClientSecret = this.oAuthController.findClientByClientIdAndClientSecret(oAuthTokenRequest.getClientId(), oAuthTokenRequest.getClientSecret());
            if (findClientByClientIdAndClientSecret == null) {
                this.logger.warning("Invalid clientId or clientSecret");
                httpServletResponse.sendError(403, "Invalid clientId or clientSecret");
                return;
            }
            Long valueOf = Long.valueOf((System.currentTimeMillis() / 1000) + TOKEN_EXPIRES);
            String accessToken = new OAuthIssuerImpl(new MD5Generator()).accessToken();
            String upperCase = oAuthTokenRequest.getParam(OAuth.OAUTH_GRANT_TYPE).toUpperCase();
            switch (GrantType.valueOf(upperCase)) {
                case AUTHORIZATION_CODE:
                    OAuthAuthorizationCode findAuthorizationCodeByClientAndCode = this.oAuthController.findAuthorizationCodeByClientAndCode(findClientByClientIdAndClientSecret, oAuthTokenRequest.getParam("code"));
                    if (findAuthorizationCodeByClientAndCode != null) {
                        buildJSONMessage = OAuthASResponse.tokenResponse(200).setAccessToken(this.oAuthController.createAccessToken(findClientByClientIdAndClientSecret, findAuthorizationCodeByClientAndCode, accessToken, valueOf).getAccessToken()).setExpiresIn(String.valueOf(TOKEN_EXPIRES)).buildJSONMessage();
                        break;
                    } else {
                        this.logger.warning("Invalid authorization code");
                        httpServletResponse.sendError(403, "Invalid authorization code");
                        return;
                    }
                case CLIENT_CREDENTIALS:
                    if (findClientByClientIdAndClientSecret.getType() == OAuthClientType.SERVICE) {
                        buildJSONMessage = OAuthASResponse.tokenResponse(200).setAccessToken(this.oAuthController.createAccessToken(findClientByClientIdAndClientSecret, null, accessToken, valueOf).getAccessToken()).setExpiresIn(String.valueOf(TOKEN_EXPIRES)).buildJSONMessage();
                        break;
                    } else {
                        this.logger.warning("Invalid client for grant client credentials grant type");
                        httpServletResponse.sendError(403, "Invalid client for grant client credentials grant type");
                        return;
                    }
                default:
                    this.logger.log(Level.WARNING, "Received request for unimplemented grant type " + upperCase);
                    httpServletResponse.sendError(501);
                    return;
            }
            httpServletResponse.setStatus(buildJSONMessage.getResponseStatus());
            IOUtils.write(buildJSONMessage.getBody(), httpServletResponse.getOutputStream());
        } catch (OAuthProblemException | OAuthSystemException e) {
            this.logger.log(Level.SEVERE, "Could not process oauth token request", (Throwable) e);
            httpServletResponse.sendError(500, e.getMessage());
        }
    }
}
