package org.apache.cxf.rs.security.oauth.services;

import java.util.HashMap;
import java.util.List;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.servlet.http.HttpServletResponse;
import javax.ws.rs.core.Response;
import net.oauth.OAuth;
import net.oauth.OAuthMessage;
import net.oauth.OAuthProblemException;
import net.oauth.OAuthValidator;
import org.apache.cxf.common.logging.LogUtils;
import org.apache.cxf.common.util.StringUtils;
import org.apache.cxf.jaxrs.ext.MessageContext;
import org.apache.cxf.rs.security.oauth.data.Client;
import org.apache.cxf.rs.security.oauth.data.RequestToken;
import org.apache.cxf.rs.security.oauth.data.RequestTokenRegistration;
import org.apache.cxf.rs.security.oauth.provider.OAuthDataProvider;
import org.apache.cxf.rs.security.oauth.provider.OAuthServiceException;
import org.apache.cxf.rs.security.oauth.utils.OAuthConstants;
import org.apache.cxf.rs.security.oauth.utils.OAuthUtils;

/* loaded from: input_file:WEB-INF/lib/cxf-rt-rs-security-oauth-3.1.7.jar:org/apache/cxf/rs/security/oauth/services/RequestTokenHandler.class */
public class RequestTokenHandler {
    private static final Logger LOG = LogUtils.getL7dLogger(RequestTokenHandler.class);
    private static final String[] REQUIRED_PARAMETERS = {OAuth.OAUTH_CONSUMER_KEY, OAuth.OAUTH_SIGNATURE_METHOD, OAuth.OAUTH_SIGNATURE, OAuth.OAUTH_TIMESTAMP, OAuth.OAUTH_NONCE, OAuth.OAUTH_CALLBACK};
    private long tokenLifetime = 3600;
    private String defaultScope;

    public Response handle(MessageContext messageContext, OAuthDataProvider oAuthDataProvider, OAuthValidator oAuthValidator) {
        try {
            OAuthMessage oAuthMessage = OAuthUtils.getOAuthMessage(messageContext, messageContext.getHttpServletRequest(), REQUIRED_PARAMETERS);
            Client client = oAuthDataProvider.getClient(oAuthMessage.getParameter(OAuth.OAUTH_CONSUMER_KEY));
            if (client == null) {
                throw new OAuthProblemException(OAuth.Problems.CONSUMER_KEY_UNKNOWN);
            }
            OAuthUtils.validateMessage(oAuthMessage, client, null, oAuthDataProvider, oAuthValidator);
            String parameter = oAuthMessage.getParameter(OAuth.OAUTH_CALLBACK);
            validateCallbackURL(client, parameter);
            List<String> parseParamValue = OAuthUtils.parseParamValue(oAuthMessage.getParameter("scope"), this.defaultScope);
            RequestTokenRegistration requestTokenRegistration = new RequestTokenRegistration();
            requestTokenRegistration.setClient(client);
            requestTokenRegistration.setCallback(parameter);
            requestTokenRegistration.setState(oAuthMessage.getParameter(OAuthConstants.X_OAUTH_STATE));
            requestTokenRegistration.setScopes(parseParamValue);
            requestTokenRegistration.setLifetime(this.tokenLifetime);
            requestTokenRegistration.setIssuedAt(System.currentTimeMillis() / 1000);
            RequestToken createRequestToken = oAuthDataProvider.createRequestToken(requestTokenRegistration);
            if (LOG.isLoggable(Level.FINE)) {
                LOG.log(Level.FINE, "Preparing Temporary Credentials Endpoint correct response");
            }
            HashMap hashMap = new HashMap();
            hashMap.put(OAuth.OAUTH_TOKEN, createRequestToken.getTokenKey());
            hashMap.put(OAuth.OAUTH_TOKEN_SECRET, createRequestToken.getTokenSecret());
            hashMap.put(OAuth.OAUTH_CALLBACK_CONFIRMED, Boolean.TRUE);
            return Response.ok(OAuth.formEncode(hashMap.entrySet())).build();
        } catch (OAuthProblemException e) {
            LOG.log(Level.WARNING, "An OAuth-related problem: {0}", new Object[]{e.fillInStackTrace()});
            int httpStatusCode = e.getHttpStatusCode();
            if (httpStatusCode == 200) {
                httpStatusCode = e.getProblem() == OAuth.Problems.CONSUMER_KEY_UNKNOWN ? HttpServletResponse.SC_UNAUTHORIZED : HttpServletResponse.SC_BAD_REQUEST;
            }
            return OAuthUtils.handleException(messageContext, e, httpStatusCode);
        } catch (OAuthServiceException e2) {
            return OAuthUtils.handleException(messageContext, e2, HttpServletResponse.SC_BAD_REQUEST);
        } catch (Exception e3) {
            LOG.log(Level.SEVERE, "Unexpected internal server exception: {0}", new Object[]{e3.fillInStackTrace()});
            return OAuthUtils.handleException(messageContext, e3, 500);
        }
    }

    protected void validateCallbackURL(Client client, String str) throws OAuthProblemException {
        if (!StringUtils.isEmpty(str)) {
            boolean isEmpty = StringUtils.isEmpty(client.getCallbackURI());
            if (!isEmpty && str.equals(client.getCallbackURI())) {
                return;
            }
            if (isEmpty && !StringUtils.isEmpty(client.getApplicationURI()) && str.startsWith(client.getApplicationURI())) {
                return;
            }
        }
        OAuthProblemException oAuthProblemException = new OAuthProblemException("parameter_rejected - oauth_callback");
        oAuthProblemException.setParameter(OAuthProblemException.HTTP_STATUS_CODE, Integer.valueOf(HttpServletResponse.SC_BAD_REQUEST));
        throw oAuthProblemException;
    }

    public void setTokenLifetime(long j) {
        this.tokenLifetime = j;
    }

    public void setDefaultScope(String str) {
        this.defaultScope = str;
    }
}
