package net.krotscheck.kangaroo.authz.oauth2.resource.token;

import java.util.SortedMap;
import javax.inject.Inject;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.UriInfo;
import net.krotscheck.kangaroo.authz.common.database.entity.ApplicationScope;
import net.krotscheck.kangaroo.authz.common.database.entity.Client;
import net.krotscheck.kangaroo.authz.common.database.entity.ClientType;
import net.krotscheck.kangaroo.authz.common.database.entity.OAuthToken;
import net.krotscheck.kangaroo.authz.common.database.entity.OAuthTokenType;
import net.krotscheck.kangaroo.authz.common.util.ValidationUtil;
import net.krotscheck.kangaroo.authz.oauth2.exception.RFC6749;
import net.krotscheck.kangaroo.authz.oauth2.resource.TokenResponseEntity;
import org.apache.commons.lang3.StringUtils;
import org.glassfish.jersey.internal.inject.AbstractBinder;
import org.glassfish.jersey.process.internal.RequestScoped;
import org.hibernate.Session;

/* loaded from: input_file:net/krotscheck/kangaroo/authz/oauth2/resource/token/ClientCredentialsGrantHandler.class */
public final class ClientCredentialsGrantHandler {
    private final Session session;
    private final UriInfo uriInfo;

    /* loaded from: input_file:net/krotscheck/kangaroo/authz/oauth2/resource/token/ClientCredentialsGrantHandler$Binder.class */
    public static final class Binder extends AbstractBinder {
        @Override // org.glassfish.jersey.internal.inject.AbstractBinder
        protected void configure() {
            bind(ClientCredentialsGrantHandler.class).to(ClientCredentialsGrantHandler.class).in(RequestScoped.class);
        }
    }

    @Inject
    public ClientCredentialsGrantHandler(Session session, @Context UriInfo uriInfo) {
        this.session = session;
        this.uriInfo = uriInfo;
    }

    public TokenResponseEntity handle(Client client, String str, String str2) {
        if (!client.getType().equals(ClientType.ClientCredentials)) {
            throw new RFC6749.InvalidGrantException();
        }
        if (StringUtils.isEmpty(client.getClientSecret())) {
            throw new RFC6749.UnauthorizedClientException();
        }
        SortedMap<String, ApplicationScope> validateScope = ValidationUtil.validateScope(str, client.getApplication().getScopes());
        OAuthToken oAuthToken = new OAuthToken();
        oAuthToken.setClient(client);
        oAuthToken.setTokenType(OAuthTokenType.Bearer);
        oAuthToken.setExpiresIn(client.getAccessTokenExpireIn());
        oAuthToken.setScopes(validateScope);
        oAuthToken.setIssuer(this.uriInfo.getAbsolutePath().getHost());
        this.session.save(oAuthToken);
        return TokenResponseEntity.factory(oAuthToken, str2);
    }
}
