package de.adorsys.sts.token.passwordgrant;

import de.adorsys.sts.ResponseUtils;
import de.adorsys.sts.common.config.TokenResource;
import de.adorsys.sts.token.InvalidParameterException;
import de.adorsys.sts.token.MissingParameterException;
import de.adorsys.sts.token.api.TokenResponse;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import io.swagger.annotations.ApiParam;
import io.swagger.annotations.ApiResponse;
import io.swagger.annotations.ApiResponses;
import io.swagger.annotations.ResponseHeader;
import javax.servlet.http.HttpServletRequest;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;

@Api(value = "/token/password-grant", tags = {"Password Grant"}, description = "Extended oAuth2 Password Grant endpoint.")
@RequestMapping(path = {"/token/password-grant"})
@RestController
@TokenResource
/* loaded from: input_file:BOOT-INF/lib/sts-spring-0.28.0.jar:de/adorsys/sts/token/passwordgrant/PasswordGrantController.class */
public class PasswordGrantController {

    @Autowired
    private HttpServletRequest servletRequest;

    @Autowired
    private PasswordGrantService passwordGrantService;

    @ApiResponses({@ApiResponse(code = 200, message = "Ok", response = TokenResponse.class), @ApiResponse(code = 400, message = "Bad request", responseHeaders = {@ResponseHeader(name = "error", description = "invalid request")})})
    @GetMapping(produces = {"application/json"})
    @ApiOperation(value = "Password Grant", notes = "Implements the oauth2 Pasword grant type. Works only if server is configured to accept password grant")
    public ResponseEntity<Object> passwordGrant(@RequestParam("grant_type") @ApiParam(name = "grant_type", value = "Indicates that a token exchange is being performed.", required = true, allowMultiple = false, example = "password", defaultValue = "password") String str, @RequestParam(name = "resource", required = false) @ApiParam(name = "resource", value = "Indicates the physical location of the target service or resource where the client intends to use the requested security token.  This enables the authorization server to apply policy as appropriate for the target, such as determining the type and content of the token to be issued or if and how the token is to be encrypted.", required = false, allowMultiple = true, example = "http://localhost:8080/multibanking-service") String[] strArr, @RequestParam(name = "audience", required = false) @ApiParam(name = "audience", value = "The logical name of the target service where the client intends to use the requested security token.  This serves a purpose similar to the resource parameter, but with the client providing a logical name rather than a physical location.", required = false, allowMultiple = true, example = "http://localhost:8080/multibanking-service") String[] strArr2, @RequestParam(name = "scope", required = false) @ApiParam(name = "scope", value = "A list of space-delimited, case-sensitive strings that allow the client to specify the desired scope of the requested security token in the context of the service or resource where the token will be used.", required = false, allowMultiple = false, example = "user banking") String str2, @RequestParam("username") @ApiParam(name = "username", value = "The resource owner username..", required = true, allowMultiple = false, example = "max.musterman") String str3, @RequestParam("password") @ApiParam(name = "password", value = "The resource owner password.", required = true, allowMultiple = false, example = "SamplePassword") String str4) {
        try {
            return ResponseEntity.ok(this.passwordGrantService.passwordGrant(str, strArr, strArr2, ResponseUtils.getIssuer(this.servletRequest), str2, str3, str4));
        } catch (InvalidParameterException e) {
            return ResponseUtils.invalidParam(e.getMessage());
        } catch (MissingParameterException e2) {
            return ResponseUtils.missingParam(e2.getMessage());
        }
    }
}
