package org.apache.cxf.rs.security.oauth2.services;

import java.net.URI;
import java.util.List;
import javax.ws.rs.Path;
import javax.ws.rs.core.MultivaluedMap;
import javax.ws.rs.core.Response;
import org.apache.cxf.jaxrs.utils.HttpUtils;
import org.apache.cxf.rs.security.oauth2.common.AccessTokenRegistration;
import org.apache.cxf.rs.security.oauth2.common.Client;
import org.apache.cxf.rs.security.oauth2.common.OAuthPermission;
import org.apache.cxf.rs.security.oauth2.common.ServerAccessToken;
import org.apache.cxf.rs.security.oauth2.common.UserSubject;
import org.apache.cxf.rs.security.oauth2.utils.OAuthConstants;
import org.apache.cxf.rs.security.oauth2.utils.OAuthUtils;

@Path("/authorize-implicit")
/* loaded from: input_file:org/apache/cxf/rs/security/oauth2/services/ImplicitGrantService.class */
public class ImplicitGrantService extends RedirectionBasedGrantService {
    private boolean reportClientId;

    public ImplicitGrantService() {
        super("token", OAuthConstants.IMPLICIT_GRANT);
    }

    @Override // org.apache.cxf.rs.security.oauth2.services.RedirectionBasedGrantService
    protected Response createGrant(MultivaluedMap<String, String> multivaluedMap, Client client, String str, List<String> list, List<String> list2, UserSubject userSubject, ServerAccessToken serverAccessToken) {
        ServerAccessToken serverAccessToken2;
        if (serverAccessToken == null) {
            AccessTokenRegistration accessTokenRegistration = new AccessTokenRegistration();
            accessTokenRegistration.setClient(client);
            accessTokenRegistration.setGrantType(OAuthConstants.IMPLICIT_GRANT);
            accessTokenRegistration.setSubject(userSubject);
            accessTokenRegistration.setRequestedScope(list);
            accessTokenRegistration.setApprovedScope(list2);
            accessTokenRegistration.setAudience((String) multivaluedMap.getFirst(OAuthConstants.CLIENT_AUDIENCE));
            serverAccessToken2 = getDataProvider().createAccessToken(accessTokenRegistration);
        } else {
            serverAccessToken2 = serverAccessToken;
        }
        StringBuilder uriWithFragment = getUriWithFragment(str);
        uriWithFragment.append(OAuthConstants.ACCESS_TOKEN).append("=").append(serverAccessToken2.getTokenKey());
        String str2 = (String) multivaluedMap.getFirst(OAuthConstants.STATE);
        if (str2 != null) {
            uriWithFragment.append("&");
            uriWithFragment.append(OAuthConstants.STATE).append("=").append(str2);
        }
        uriWithFragment.append("&").append(OAuthConstants.ACCESS_TOKEN_TYPE).append("=").append(serverAccessToken2.getTokenType());
        if (isWriteOptionalParameters()) {
            uriWithFragment.append("&").append(OAuthConstants.ACCESS_TOKEN_EXPIRES_IN).append("=").append(serverAccessToken2.getExpiresIn());
            List<OAuthPermission> scopes = serverAccessToken2.getScopes();
            if (!scopes.isEmpty()) {
                uriWithFragment.append("&").append(OAuthConstants.SCOPE).append("=").append(HttpUtils.queryEncode(OAuthUtils.convertPermissionsToScope(scopes)));
            }
        }
        if (this.reportClientId) {
            uriWithFragment.append("&").append(OAuthConstants.CLIENT_ID).append("=").append(client.getClientId());
        }
        return Response.seeOther(URI.create(uriWithFragment.toString())).build();
    }

    @Override // org.apache.cxf.rs.security.oauth2.services.RedirectionBasedGrantService
    protected Response createErrorResponse(MultivaluedMap<String, String> multivaluedMap, String str, String str2) {
        StringBuilder uriWithFragment = getUriWithFragment(str);
        uriWithFragment.append(OAuthConstants.ERROR_KEY).append("=").append(str2);
        String str3 = (String) multivaluedMap.getFirst(OAuthConstants.STATE);
        if (str3 != null) {
            uriWithFragment.append("&");
            uriWithFragment.append(OAuthConstants.STATE).append("=").append(str3);
        }
        return Response.seeOther(URI.create(uriWithFragment.toString())).build();
    }

    private StringBuilder getUriWithFragment(String str) {
        StringBuilder sb = new StringBuilder();
        sb.append(str);
        sb.append("#");
        return sb;
    }

    public void setReportClientId(boolean z) {
        this.reportClientId = z;
    }

    @Override // org.apache.cxf.rs.security.oauth2.services.RedirectionBasedGrantService
    protected boolean canSupportPublicClient(Client client) {
        return true;
    }

    @Override // org.apache.cxf.rs.security.oauth2.services.RedirectionBasedGrantService
    protected boolean canRedirectUriBeEmpty(Client client) {
        return false;
    }
}
