package com.ibm.oauth.core.internal.oauth20.responsetype.impl;

import com.google.gson.JsonArray;
import com.ibm.oauth.core.api.OAuthConstants;
import com.ibm.oauth.core.api.attributes.AttributeList;
import com.ibm.oauth.core.api.error.OAuthException;
import com.ibm.oauth.core.api.error.oauth20.OAuth20AccessDeniedException;
import com.ibm.oauth.core.api.error.oauth20.OAuth20MissingParameterException;
import com.ibm.oauth.core.api.oauth20.token.OAuth20Token;
import com.ibm.oauth.core.internal.oauth20.OAuth20Constants;
import com.ibm.oauth.core.internal.oauth20.OAuth20Util;
import com.ibm.oauth.core.internal.oauth20.responsetype.OAuth20ResponseTypeHandler;
import com.ibm.oauth.core.internal.oauth20.token.OAuth20TokenFactory;
import com.ibm.oauth.core.internal.oauth20.token.OAuth20TokenHelper;
import com.ibm.ws.security.oauth20.util.OidcOAuth20Util;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
import java.util.logging.Logger;

/* loaded from: input_file:wlp/lib/com.ibm.ws.security.oauth20_1.1.14.jar:com/ibm/oauth/core/internal/oauth20/responsetype/impl/OAuth20ResponseTypeHandlerTokenImpl.class */
public class OAuth20ResponseTypeHandlerTokenImpl implements OAuth20ResponseTypeHandler {
    static final String CLASS = OAuth20ResponseTypeHandlerTokenImpl.class.getName();
    private static Logger _log = Logger.getLogger(CLASS);

    @Override // com.ibm.oauth.core.internal.oauth20.responsetype.OAuth20ResponseTypeHandler
    public void validateRequestResponseType(AttributeList attributeList, JsonArray jsonArray) throws OAuthException {
        _log.entering(CLASS, "validateRequestResponseType");
        try {
            if (OidcOAuth20Util.isNullEmpty(attributeList.getAttributeValueByNameAndType("redirect_uri", OAuthConstants.ATTRTYPE_PARAM_QUERY)) && (OidcOAuth20Util.isNullEmpty(jsonArray) || jsonArray.size() != 1)) {
                throw new OAuth20MissingParameterException("security.oauth20.error.missing.parameter", "redirect_uri", null);
            }
            String attributeValueByNameAndType = attributeList.getAttributeValueByNameAndType("username", OAuthConstants.ATTRTYPE_REQUEST);
            if (attributeValueByNameAndType == null || attributeValueByNameAndType.length() == 0) {
                throw new OAuth20AccessDeniedException("security.oauth20.error.access.denied");
            }
            _log.exiting(CLASS, "validateRequestResponseType");
        } catch (Throwable th) {
            _log.exiting(CLASS, "validateRequestResponseType");
            throw th;
        }
    }

    @Override // com.ibm.oauth.core.internal.oauth20.responsetype.OAuth20ResponseTypeHandler
    public List<OAuth20Token> buildTokensResponseType(AttributeList attributeList, OAuth20TokenFactory oAuth20TokenFactory, String str) {
        _log.entering(CLASS, "buildTokensResponseType", new Object[]{str});
        try {
            String attributeValueByNameAndType = attributeList.getAttributeValueByNameAndType("client_id", OAuthConstants.ATTRTYPE_PARAM_QUERY);
            String attributeValueByNameAndType2 = attributeList.getAttributeValueByNameAndType("username", OAuthConstants.ATTRTYPE_REQUEST);
            String attributeValueByNameAndType3 = attributeList.getAttributeValueByNameAndType("redirect_uri", OAuthConstants.ATTRTYPE_PARAM_QUERY);
            String[] attributeValuesByName = attributeList.getAttributeValuesByName("scope");
            if (attributeValueByNameAndType3 == null) {
                attributeValueByNameAndType3 = str;
            }
            Map<String, String[]> buildTokenMap = oAuth20TokenFactory.buildTokenMap(attributeValueByNameAndType, attributeValueByNameAndType2, attributeValueByNameAndType3, null, attributeValuesByName, null, "implicit");
            OAuth20Util.populateJwtAccessTokenData(attributeList, buildTokenMap);
            OAuth20TokenHelper.getExternalClaims(buildTokenMap, attributeList);
            buildTokenMap.put(OAuth20Constants.PROXY_HOST, new String[]{attributeList.getAttributeValueByName(OAuth20Constants.PROXY_HOST)});
            OAuth20Token createAccessToken = oAuth20TokenFactory.createAccessToken(buildTokenMap);
            ArrayList arrayList = new ArrayList();
            arrayList.add(createAccessToken);
            _log.exiting(CLASS, "buildTokensResponseType");
            return arrayList;
        } catch (Throwable th) {
            _log.exiting(CLASS, "buildTokensResponseType");
            throw th;
        }
    }

    @Override // com.ibm.oauth.core.internal.oauth20.responsetype.OAuth20ResponseTypeHandler
    public void buildResponseResponseType(AttributeList attributeList, List<OAuth20Token> list) {
        OAuth20Token oAuth20Token;
        _log.entering(CLASS, "buildResponseResponseType");
        try {
            if (list.size() >= 1 && (oAuth20Token = list.get(0)) != null) {
                attributeList.setAttribute("access_token", OAuthConstants.ATTRTYPE_RESPONSE_ATTRIBUTE, new String[]{oAuth20Token.getTokenString()});
                attributeList.setAttribute(OAuth20Constants.ACCESS_TOKEN_ID, OAuthConstants.ATTRTYPE_RESPONSE_META, new String[]{oAuth20Token.getId()});
                attributeList.setAttribute("token_type", OAuthConstants.ATTRTYPE_RESPONSE_ATTRIBUTE, new String[]{oAuth20Token.getSubType()});
                attributeList.setAttribute(OAuth20Constants.EXPIRES_IN, OAuthConstants.ATTRTYPE_RESPONSE_ATTRIBUTE, new String[]{OAuth20TokenHelper.expiresInSeconds(oAuth20Token)});
                attributeList.setAttribute("scope", OAuthConstants.ATTRTYPE_RESPONSE_ATTRIBUTE, oAuth20Token.getScope());
                attributeList.setAttribute(com.ibm.oauth.core.internal.OAuthConstants.STATE_ID, OAuthConstants.ATTRTYPE_RESPONSE_STATE, new String[]{oAuth20Token.getStateId()});
            }
            _log.exiting(CLASS, "buildResponseResponseType");
        } catch (Throwable th) {
            _log.exiting(CLASS, "buildResponseResponseType");
            throw th;
        }
    }
}
