package com.ibm.ws.security.openidconnect.server.plugins;

import com.ibm.oauth.core.api.config.OAuthComponentConfigurationConstants;
import com.ibm.oauth.core.api.error.OAuthConfigurationException;
import com.ibm.oauth.core.api.error.OAuthException;
import com.ibm.oauth.core.api.error.oauth20.OAuth20Exception;
import com.ibm.oauth.core.api.error.oauth20.OAuth20InvalidGrantTypeException;
import com.ibm.oauth.core.internal.oauth20.OAuth20Constants;
import com.ibm.oauth.core.internal.oauth20.config.OAuth20ConfigProvider;
import com.ibm.oauth.core.internal.oauth20.granttype.OAuth20GrantTypeHandler;
import com.ibm.oauth.core.internal.oauth20.granttype.OAuth20GrantTypeHandlerFactory;
import com.ibm.oauth.core.internal.oauth20.granttype.impl.OAuth20GrantTypeHandlerClientCredentialsImpl;
import com.ibm.oauth.core.internal.oauth20.granttype.impl.OAuth20GrantTypeHandlerResourceOwnerCredentialsImpl;
import com.ibm.websphere.ras.Tr;
import com.ibm.websphere.ras.TraceComponent;
import com.ibm.websphere.ras.annotation.TraceObjectField;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.ras.instrument.annotation.InjectedFFDC;
import com.ibm.ws.security.oauth20.api.OAuth20Provider;
import com.ibm.ws.security.oauth20.plugins.JwtGrantTypeHandlerFactory;
import com.ibm.ws.security.openidconnect.server.internal.Utils;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import org.osgi.service.component.ComponentContext;

@InjectedFFDC
@TraceObjectField(fieldName = "tc", fieldDesc = "Lcom/ibm/websphere/ras/TraceComponent;")
/* loaded from: input_file:wlp/lib/com.ibm.ws.security.openidconnect.server_1.0.14.jar:com/ibm/ws/security/openidconnect/server/plugins/OIDCGrantTypeHandlerFactoryImpl.class */
public class OIDCGrantTypeHandlerFactoryImpl implements OAuth20GrantTypeHandlerFactory {
    private static final TraceComponent tc = Tr.register((Class<?>) OIDCGrantTypeHandlerFactoryImpl.class, "OpenIdConnect", "com.ibm.ws.security.openidconnect.server.internal.resources.OidcServerMessages");
    static final long serialVersionUID = 7858524191268687216L;

    protected void activate(ComponentContext componentContext, Map<String, Object> map) {
    }

    protected void deactivate(ComponentContext componentContext, Map<String, Object> map) {
    }

    protected void modified(ComponentContext componentContext, Map<String, Object> map) {
    }

    public String toStringHelper(Set<String> set) {
        StringBuilder sb = new StringBuilder("{");
        String str = "";
        Iterator<String> it = set.iterator();
        while (it.hasNext()) {
            sb.append(str).append(it.next());
            str = ",";
        }
        return sb.append("}").toString();
    }

    @Override // com.ibm.oauth.core.internal.oauth20.granttype.OAuth20GrantTypeHandlerFactory
    public synchronized OAuth20GrantTypeHandler getHandler(String str, String str2, OAuth20ConfigProvider oAuth20ConfigProvider) throws OAuthException {
        OAuth20GrantTypeHandler oAuth20GrantTypeHandler = null;
        if (str2 != null) {
            if (!OAuth20Constants.ALL_GRANT_TYPES_SET.contains(str2)) {
                Tr.error(tc, "OIDC_SERVER_INVALID_GRANT_TYPE_ERR", str2, toStringHelper(OAuth20Constants.ALL_GRANT_TYPES_SET));
                throw new OAuth20InvalidGrantTypeException("security.oauth20.error.invalid.granttype", str2);
            }
            if (!oAuth20ConfigProvider.isGrantTypeAllowed(str2)) {
                Tr.error(tc, "OIDC_SERVER_GRANT_TYPE_NOT_ALLOWED_ERR", str2, oAuth20ConfigProvider instanceof OAuth20Provider ? Utils.toString(((OAuth20Provider) oAuth20ConfigProvider).getGrantTypesAllowed()) : "");
                throw new OAuthConfigurationException(OAuthComponentConfigurationConstants.OAUTH20_GRANT_TYPES_ALLOWED, str2, null);
            }
            if (str2.equals("authorization_code")) {
                oAuth20GrantTypeHandler = new OIDCGrantTypeHandlerCodeImpl();
            } else if (str2.equals("client_credentials")) {
                oAuth20GrantTypeHandler = new OAuth20GrantTypeHandlerClientCredentialsImpl();
            } else if (str2.equals("password")) {
                oAuth20GrantTypeHandler = new OAuth20GrantTypeHandlerResourceOwnerCredentialsImpl();
            } else if (str2.equals("refresh_token")) {
                oAuth20GrantTypeHandler = new OIDCGrantTypeHandlerRefreshImpl();
            } else if (str2.equals("urn:ietf:params:oauth:grant-type:jwt-bearer")) {
                oAuth20GrantTypeHandler = getJwtHandlerInstance(str, oAuth20ConfigProvider);
            }
        }
        if (oAuth20GrantTypeHandler != null) {
            return oAuth20GrantTypeHandler;
        }
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "Cannot get handler to process the grant type : ", str2);
        }
        throw new OAuth20InvalidGrantTypeException("security.oauth20.error.invalid.granttype", str2);
    }

    public synchronized OAuth20GrantTypeHandler getJwtHandlerInstance(String str, OAuth20ConfigProvider oAuth20ConfigProvider) throws OAuth20Exception {
        OAuth20GrantTypeHandler oAuth20GrantTypeHandler = null;
        try {
            try {
                JwtGrantTypeHandlerFactory jwtGrantTypeHandlerFactory = (JwtGrantTypeHandlerFactory) Class.forName("com.ibm.ws.security.oauth20.jwt.GrantTypeCustomizedHandlerJwtImpl").newInstance();
                jwtGrantTypeHandlerFactory.setHandlerInfo(str, (OAuth20Provider) oAuth20ConfigProvider);
                oAuth20GrantTypeHandler = jwtGrantTypeHandlerFactory.getHandlerInstance();
            } catch (Exception e) {
                FFDCFilter.processException(e, "com.ibm.ws.security.openidconnect.server.plugins.OIDCGrantTypeHandlerFactoryImpl", "124", this, new Object[]{str, oAuth20ConfigProvider});
                Tr.error(tc, "JWT_UNEXPECTED_EXCEPTION_ERR", e.toString());
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Get an unexpected exception ", e);
                }
            }
        } catch (ClassNotFoundException e2) {
            FFDCFilter.processException(e2, "com.ibm.ws.security.openidconnect.server.plugins.OIDCGrantTypeHandlerFactoryImpl", "131", this, new Object[]{str, oAuth20ConfigProvider});
            Tr.error(tc, "JWT_UNEXPECTED_EXCEPTION_ERR", e2.toString());
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Get an unexpected exception ", e2);
            }
        }
        return oAuth20GrantTypeHandler;
    }
}
