package com.bornium.security.oauth2openid.server.endpoints;

import com.bornium.http.Exchange;
import com.bornium.http.Method;
import com.bornium.http.util.UriUtil;
import com.bornium.security.oauth2openid.Constants;
import com.bornium.security.oauth2openid.User;
import com.bornium.security.oauth2openid.Util;
import com.bornium.security.oauth2openid.providers.Session;
import com.bornium.security.oauth2openid.responsegenerators.DeviceAuthorizationResponseGenerator;
import com.bornium.security.oauth2openid.server.ServerServices;
import java.util.Map;

/* loaded from: input_file:WEB-INF/lib/oauth2-openid-1.2.0.jar:com/bornium/security/oauth2openid/server/endpoints/DeviceAuthorizationEndpoint.class */
public class DeviceAuthorizationEndpoint extends Endpoint {
    public DeviceAuthorizationEndpoint(ServerServices serverServices) {
        super(serverServices, Constants.ENDPOINT_DEVICE_AUTHORIZATION);
    }

    @Override // com.bornium.security.oauth2openid.server.endpoints.Endpoint
    public void invokeOn(Exchange exchange) throws Exception {
        if (exchange.getRequest().getMethod() != Method.POST) {
            exchange.setResponse(answerWithError(400, Constants.ERROR_INVALID_REQUEST));
            return;
        }
        boolean z = false;
        String str = null;
        if (exchange.getRequest().getHeader().getValue("Authorization") != null) {
            try {
                User decodeFromBasicAuthValue = Util.decodeFromBasicAuthValue(exchange.getRequest().getHeader().getValue("Authorization"));
                z = this.serverServices.getProvidedServices().getClientDataProvider().verify(decodeFromBasicAuthValue.getName(), decodeFromBasicAuthValue.getPassword());
                if (z) {
                    str = decodeFromBasicAuthValue.getName();
                }
            } catch (Exception e) {
                z = false;
                str = null;
            }
        }
        Session session = this.serverServices.getProvidedServices().getSessionProvider().getSession(exchange);
        Map<String, String> stripEmptyParams = Parameters.stripEmptyParams(UriUtil.queryToParameters(exchange.getRequest().getBody()));
        if (str == null) {
            str = stripEmptyParams.get("client_id");
        }
        if (str == null) {
            this.log.debug("No clientId detected.");
            exchange.setResponse(answerWithError(400, Constants.ERROR_INVALID_REQUEST));
            return;
        }
        if (!this.serverServices.getProvidedServices().getClientDataProvider().clientExists(str)) {
            this.log.debug("Client ('" + str + "') does not exist.");
            exchange.setResponse(answerWithError(400, Constants.ERROR_INVALID_CLIENT));
            return;
        }
        if (!z && this.serverServices.getProvidedServices().getClientDataProvider().isConfidential(str)) {
            this.log.debug("Client is confidential and client_secret incorrect.");
            exchange.setResponse(answerWithError(401, Constants.ERROR_ACCESS_DENIED));
            return;
        }
        session.putValue("client_id", str);
        if (this.serverServices.getSupportedScopes().scopesSupported(stripEmptyParams.get("scope"))) {
            session.putValue("scope", stripEmptyParams.get("scope"));
            exchange.setResponse(okWithJSONBody(new DeviceAuthorizationResponseGenerator(this.serverServices, exchange).invokeResponse()));
        } else {
            this.log.debug("Scope ('" + stripEmptyParams.get("scope") + "') not supported.");
            exchange.setResponse(answerWithError(400, Constants.ERROR_INVALID_SCOPE));
        }
    }

    @Override // com.bornium.security.oauth2openid.server.endpoints.Endpoint
    public String getScope(Exchange exchange) throws Exception {
        Map<String, String> stripEmptyParams = Parameters.stripEmptyParams(UriUtil.queryToParameters(exchange.getRequest().getBody()));
        return (stripEmptyParams.isEmpty() || stripEmptyParams.get("scope") == null) ? this.serverServices.getProvidedServices().getSessionProvider().getSession(exchange).getValue("scope") : stripEmptyParams.get("scope");
    }
}
