package com.nimbusds.openid.connect.provider.spi.impl.grants.handlers.web;

import com.nimbusds.oauth2.sdk.ErrorObject;
import com.nimbusds.oauth2.sdk.GeneralException;
import com.nimbusds.oauth2.sdk.OAuth2Error;
import com.nimbusds.oauth2.sdk.Scope;
import com.nimbusds.oauth2.sdk.http.HTTPRequest;
import com.nimbusds.oauth2.sdk.http.HTTPResponse;
import com.nimbusds.openid.connect.provider.spi.grants.TokenRequestParameters;
import com.nimbusds.openid.connect.provider.spi.impl.common.Loggers;
import com.nimbusds.openid.connect.provider.spi.impl.grants.handlers.BaseGrantHandler;
import java.io.IOException;
import java.net.URI;
import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import net.jcip.annotations.ThreadSafe;
import net.minidev.json.JSONObject;

@ThreadSafe
/* loaded from: input_file:com/nimbusds/openid/connect/provider/spi/impl/grants/handlers/web/BaseGrantDelegator.class */
public abstract class BaseGrantDelegator extends BaseGrantHandler {
    public BaseGrantDelegator(String str) {
        super(str);
    }

    @Override // com.nimbusds.openid.connect.provider.spi.impl.grants.handlers.BaseGrantHandler
    public BaseWebConfiguration getConfiguration() {
        return (BaseWebConfiguration) this.config;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public JSONObject send(WebGrantHandlerRequest webGrantHandlerRequest) throws GeneralException {
        ensureEnabled();
        HTTPRequest hTTPRequest = webGrantHandlerRequest.toHTTPRequest(getConfiguration().connectTimeout, getConfiguration().readTimeout);
        Loggers.TOKEN.debug("[{}0007] {} grant handler: New HTTP POST to {}", this.config.logPrefix, this.config.grantShortName, hTTPRequest.getURL());
        try {
            HTTPResponse send = hTTPRequest.send();
            if (!send.indicatesSuccess()) {
                ErrorObject processNon200Response = processNon200Response(send);
                throw new GeneralException(processNon200Response.getCode(), processNon200Response);
            }
            Loggers.TOKEN.debug("[{}0009] {} grant handler: Received authorization response: {}", this.config.logPrefix, this.config.grantShortName, send.getBody());
            try {
                return send.getBodyAsJSONObject();
            } catch (Exception e) {
                Loggers.TOKEN.error("[{}0010] {} grant handler: Invalid authorization response: {}", this.config.logPrefix, this.config.grantShortName, e.getMessage(), e);
                throw new GeneralException(OAuth2Error.SERVER_ERROR);
            }
        } catch (IOException e2) {
            Loggers.TOKEN.error("[{}0008] {} grant handler: HTTP exception: {}", this.config.logPrefix, this.config.grantShortName, e2.getMessage(), e2);
            throw new GeneralException(OAuth2Error.SERVER_ERROR);
        }
    }

    public ErrorObject processNon200Response(HTTPResponse hTTPResponse) {
        if (hTTPResponse.getStatusCode() != 400) {
            Loggers.TOKEN.error("[{}0011] {} handler: Unexpected HTTP response: {}", this.config.logPrefix, this.config.grantShortName, Integer.valueOf(hTTPResponse.getStatusCode()));
            return OAuth2Error.SERVER_ERROR;
        }
        ErrorObject parse = ErrorObject.parse(hTTPResponse);
        if (parse.getCode() == null) {
            Loggers.TOKEN.error("[{}0012] {} grant handler: Missing OAuth 2.0 error code: {}", this.config.logPrefix, this.config.grantShortName, parse.getCode());
            return OAuth2Error.SERVER_ERROR;
        }
        Loggers.TOKEN.info("[{}0013] {} grant handler: Token request denied: {}", this.config.logPrefix, this.config.grantShortName, parse.getCode());
        return parse;
    }

    public TokenRequestParameters keepAllowedCustomParams(final TokenRequestParameters tokenRequestParameters) {
        return new TokenRequestParameters() { // from class: com.nimbusds.openid.connect.provider.spi.impl.grants.handlers.web.BaseGrantDelegator.1
            public Scope getScope() {
                return tokenRequestParameters.getScope();
            }

            public List<URI> getResources() {
                return tokenRequestParameters.getResources();
            }

            public Map<String, List<String>> getCustomParameters() {
                if (BaseGrantDelegator.this.getConfiguration().customParams.isEmpty() || tokenRequestParameters.getCustomParameters() == null) {
                    return Collections.emptyMap();
                }
                HashMap hashMap = new HashMap();
                for (Map.Entry entry : tokenRequestParameters.getCustomParameters().entrySet()) {
                    if (BaseGrantDelegator.this.getConfiguration().customParams.contains(entry.getKey())) {
                        hashMap.put((String) entry.getKey(), (List) entry.getValue());
                    }
                }
                return Collections.unmodifiableMap(hashMap);
            }
        };
    }
}
