package org.apereo.cas.uma.web.controllers;

import com.fasterxml.jackson.databind.ObjectMapper;
import java.util.Optional;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import lombok.Generated;
import org.apereo.cas.authentication.AuthenticationException;
import org.apereo.cas.configuration.CasConfigurationProperties;
import org.apereo.cas.uma.ticket.permission.UmaPermissionTicketFactory;
import org.apereo.cas.uma.ticket.resource.InvalidResourceSetException;
import org.apereo.cas.uma.ticket.resource.ResourceSet;
import org.apereo.cas.uma.ticket.resource.repository.ResourceSetRepository;
import org.apereo.cas.util.CollectionUtils;
import org.apereo.cas.util.Pac4jUtils;
import org.pac4j.core.profile.CommonProfile;
import org.springframework.http.HttpStatus;
import org.springframework.util.MultiValueMap;

/* loaded from: input_file:org/apereo/cas/uma/web/controllers/BaseUmaEndpointController.class */
public abstract class BaseUmaEndpointController {
    protected static final ObjectMapper MAPPER = new ObjectMapper().findAndRegisterModules();
    protected final UmaPermissionTicketFactory umaPermissionTicketFactory;
    protected final ResourceSetRepository umaResourceSetRepository;
    protected final CasConfigurationProperties casProperties;

    /* JADX INFO: Access modifiers changed from: protected */
    public CommonProfile getAuthenticatedProfile(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) {
        Optional optional = Pac4jUtils.getPac4jProfileManager(httpServletRequest, httpServletResponse).get(true);
        if (optional == null || !optional.isPresent()) {
            throw new AuthenticationException("Unable to locate authenticated profile");
        }
        CommonProfile commonProfile = (CommonProfile) optional.get();
        if (commonProfile.getPermissions().contains(str)) {
            return commonProfile;
        }
        throw new AuthenticationException("Authenticated profile does not carry the UMA protection scope");
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public MultiValueMap<String, Object> buildResponseEntityErrorModel(InvalidResourceSetException invalidResourceSetException) {
        return buildResponseEntityErrorModel(invalidResourceSetException.getStatus(), invalidResourceSetException.getMessage());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public MultiValueMap<String, Object> buildResponseEntityErrorModel(HttpStatus httpStatus, String str) {
        return CollectionUtils.asMultiValueMap("code", Integer.valueOf(httpStatus.value()), "message", str);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String getResourceSetUriLocation(ResourceSet resourceSet) {
        return this.casProperties.getAuthn().getUma().getIssuer() + "/oauth2.0/resourceSet/" + resourceSet.getId();
    }

    @Generated
    public BaseUmaEndpointController(UmaPermissionTicketFactory umaPermissionTicketFactory, ResourceSetRepository resourceSetRepository, CasConfigurationProperties casConfigurationProperties) {
        this.umaPermissionTicketFactory = umaPermissionTicketFactory;
        this.umaResourceSetRepository = resourceSetRepository;
        this.casProperties = casConfigurationProperties;
    }
}
