package net.unit8.sastruts.oauth.provider.logic;

import java.io.IOException;
import java.net.URI;
import java.net.URISyntaxException;
import java.net.URL;
import java.util.HashMap;
import java.util.Map;
import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import net.unit8.sastruts.oauth.provider.entity.ClientApplication;
import net.unit8.sastruts.oauth.provider.entity.Oauth2Token;
import net.unit8.sastruts.oauth.provider.entity.Oauth2Verifier;
import net.unit8.sastruts.oauth.provider.entity.OauthToken;
import net.unit8.sastruts.oauth.provider.entity.OauthTokenBase;
import net.unit8.sastruts.oauth.provider.entity.ResourceOwner;
import net.unit8.sastruts.oauth.provider.service.ClientApplicationService;
import net.unit8.sastruts.oauth.provider.service.OauthTokenService;
import org.seasar.framework.beans.util.BeanMap;
import org.seasar.framework.exception.IORuntimeException;
import org.seasar.framework.util.StringConversionUtil;
import org.seasar.framework.util.StringUtil;
import org.seasar.framework.util.URLUtil;
import org.seasar.framework.util.tiger.CollectionsUtil;
import org.seasar.struts.util.RequestUtil;
import org.seasar.struts.util.URLEncoderUtil;

/* loaded from: input_file:net/unit8/sastruts/oauth/provider/logic/AuthorizerLogic.class */
public class AuthorizerLogic {

    @Resource
    protected OauthTokenService oauthTokenService;

    @Resource
    protected ClientApplicationService clientApplicationService;
    private boolean authorized;
    private ResourceOwner resourceOwner;
    private ClientApplication clientApplication;
    private BeanMap params;
    private OauthToken code;
    private OauthToken token;

    public void build(ResourceOwner resourceOwner, Boolean bool, BeanMap beanMap) {
        this.resourceOwner = resourceOwner;
        this.authorized = bool.booleanValue();
        this.params = beanMap;
    }

    public boolean isAuthorized() {
        return this.authorized;
    }

    public ClientApplication getClientApplication() {
        if (this.clientApplication == null) {
            this.clientApplication = this.clientApplicationService.findByKey(StringConversionUtil.toString(this.params.get("client_id")));
        }
        return this.clientApplication;
    }

    public URL getRedirectUri() {
        HttpServletRequest request = RequestUtil.getRequest();
        URL baseUri = getBaseUri(request);
        if (!StringUtil.equals(request.getParameter("response_type"), "code")) {
            try {
                return new URI(baseUri.getProtocol(), null, baseUri.getHost(), baseUri.getPort(), baseUri.getPath(), baseUri.getQuery(), encodeResponse()).toURL();
            } catch (IOException e) {
                throw new IORuntimeException(e);
            } catch (URISyntaxException e2) {
                throw new IllegalArgumentException(e2);
            }
        }
        StringBuilder sb = new StringBuilder(baseUri.getQuery() == null ? "" : baseUri.getQuery());
        if (sb.length() > 0) {
            sb.append("&");
        }
        sb.append(encodeResponse());
        try {
            return new URI(baseUri.getProtocol(), null, baseUri.getHost(), baseUri.getPort(), baseUri.getPath(), sb.toString(), null).toURL();
        } catch (IOException e3) {
            throw new IORuntimeException(e3);
        } catch (URISyntaxException e4) {
            throw new IllegalArgumentException(e4);
        }
    }

    public OauthToken getCode() {
        if (this.code == null) {
            BeanMap beanMap = new BeanMap();
            beanMap.put("clientApplicationId", getClientApplication().id);
            beanMap.put("userId", this.resourceOwner.getResourceOwnerId());
            if (this.params.containsKey("scope")) {
                beanMap.put("scope", this.params.get("scope"));
            }
            if (this.params.containsKey("redirect_uri")) {
                beanMap.put("callbackUrl", this.params.get("redirect_uri"));
            }
            this.code = this.oauthTokenService.create(Oauth2Verifier.class, beanMap);
        }
        return this.code;
    }

    public OauthToken getToken() {
        if (this.token == null) {
            BeanMap beanMap = new BeanMap();
            beanMap.put("clientApplicationId", getClientApplication().id);
            beanMap.put("userId", this.resourceOwner.getResourceOwnerId());
            if (this.params.containsKey("scope")) {
                beanMap.put("scope", this.params.get("scope"));
            }
            if (this.params.containsKey("redirect_uri")) {
                beanMap.put("callbackUrl", this.params.get("redirect_uri"));
            }
            this.token = this.oauthTokenService.create(Oauth2Token.class, beanMap);
        }
        return this.token;
    }

    protected Map<String, Object> response() {
        HashMap newHashMap = CollectionsUtil.newHashMap();
        String stringConversionUtil = StringConversionUtil.toString(this.params.get("response_type"));
        if (!StringUtil.equals(stringConversionUtil, "token") && !StringUtil.equals(stringConversionUtil, "code")) {
            newHashMap.put("error", "unsupported_response_type");
        } else if (!this.authorized) {
            newHashMap.put("error", "access_denied");
        } else if (StringUtil.equals(stringConversionUtil, "code")) {
            newHashMap.put("code", ((OauthTokenBase) getCode()).token);
        } else {
            newHashMap.put("access_token", ((OauthTokenBase) getCode()).token);
        }
        if (this.params.containsKey("state")) {
            newHashMap.put("state", this.params.get("state"));
        }
        return newHashMap;
    }

    protected String encodeResponse() {
        StringBuilder sb = new StringBuilder();
        for (Map.Entry<String, Object> entry : response().entrySet()) {
            sb.append(URLEncoderUtil.encode(entry.getKey())).append("=").append(URLEncoderUtil.encode(StringConversionUtil.toString(entry.getValue()))).append("&");
        }
        if (sb.charAt(sb.length() - 1) == '&') {
            sb.deleteCharAt(sb.length() - 1);
        }
        return sb.toString();
    }

    protected URL getBaseUri(HttpServletRequest httpServletRequest) {
        return StringUtil.isNotEmpty(httpServletRequest.getParameter("redirect_url")) ? URLUtil.create(httpServletRequest.getParameter("redirect_url")) : URLUtil.create(getClientApplication().callbackUrl);
    }
}
