package org.wso2.carbon.identity.oauth2.token.handlers;

import java.sql.Timestamp;
import java.util.Date;
import org.apache.amber.oauth2.common.exception.OAuthSystemException;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.identity.oauth.cache.OAuthCacheKey;
import org.wso2.carbon.identity.oauth.config.OAuthServerConfiguration;
import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception;
import org.wso2.carbon.identity.oauth2.dto.OAuth2AccessTokenReqDTO;
import org.wso2.carbon.identity.oauth2.dto.OAuth2AccessTokenRespDTO;
import org.wso2.carbon.identity.oauth2.model.AccessTokenDO;
import org.wso2.carbon.identity.oauth2.model.RefreshTokenValidationDataDO;
import org.wso2.carbon.identity.oauth2.token.OAuthTokenReqMessageContext;
import org.wso2.carbon.identity.oauth2.util.OAuth2Constants;
import org.wso2.carbon.identity.oauth2.util.OAuth2Util;

/* loaded from: input_file:org/wso2/carbon/identity/oauth2/token/handlers/RefreshGrantTypeHandler.class */
public class RefreshGrantTypeHandler extends AbstractAuthorizationGrantHandler {
    private static Log log = LogFactory.getLog(RefreshGrantTypeHandler.class);
    private static final String PREV_ACCESS_TOKEN = "previousAccessToken";

    @Override // org.wso2.carbon.identity.oauth2.token.handlers.AbstractAuthorizationGrantHandler, org.wso2.carbon.identity.oauth2.token.handlers.AuthorizationGrantHandler
    public boolean validateGrant(OAuthTokenReqMessageContext oAuthTokenReqMessageContext) throws IdentityOAuth2Exception {
        OAuth2AccessTokenReqDTO oauth2AccessTokenReqDTO = oAuthTokenReqMessageContext.getOauth2AccessTokenReqDTO();
        RefreshTokenValidationDataDO validateRefreshToken = this.tokenMgtDAO.validateRefreshToken(oauth2AccessTokenReqDTO.getClientId(), this.tokenPersistencePreprocessor.getPreprocessedToken(oauth2AccessTokenReqDTO.getRefreshToken()));
        if (validateRefreshToken.getAccessToken() == null) {
            log.debug("Invalid Refresh Token provided for Client with Client Id : " + oauth2AccessTokenReqDTO.getClientId());
            return false;
        }
        if (log.isDebugEnabled()) {
            log.debug("Refresh token validation successful for Client id : " + oauth2AccessTokenReqDTO.getClientId() + ", Authorized User : " + validateRefreshToken.getAuthorizedUser() + ", Token Scope : " + OAuth2Util.buildScopeString(validateRefreshToken.getScope()));
        }
        oAuthTokenReqMessageContext.setAuthorizedUser(validateRefreshToken.getAuthorizedUser());
        oAuthTokenReqMessageContext.setScope(validateRefreshToken.getScope());
        oAuthTokenReqMessageContext.addProperty(PREV_ACCESS_TOKEN, validateRefreshToken.getAccessToken());
        return true;
    }

    @Override // org.wso2.carbon.identity.oauth2.token.handlers.AbstractAuthorizationGrantHandler, org.wso2.carbon.identity.oauth2.token.handlers.AuthorizationGrantHandler
    public OAuth2AccessTokenRespDTO issue(OAuthTokenReqMessageContext oAuthTokenReqMessageContext) throws IdentityOAuth2Exception {
        OAuth2AccessTokenRespDTO oAuth2AccessTokenRespDTO = new OAuth2AccessTokenRespDTO();
        OAuth2AccessTokenReqDTO oauth2AccessTokenReqDTO = oAuthTokenReqMessageContext.getOauth2AccessTokenReqDTO();
        try {
            String accessToken = this.oauthIssuerImpl.accessToken();
            Timestamp timestamp = new Timestamp(new Date().getTime());
            long defaultAccessTokenValidityPeriodInSeconds = OAuthServerConfiguration.getInstance().getDefaultAccessTokenValidityPeriodInSeconds();
            long validityPeriod = oAuthTokenReqMessageContext.getValidityPeriod();
            if (validityPeriod != OAuth2Constants.UNASSIGNED_VALIDITY_PERIOD && validityPeriod > 0) {
                defaultAccessTokenValidityPeriodInSeconds = validityPeriod;
            }
            long j = defaultAccessTokenValidityPeriodInSeconds * 1000;
            String refreshToken = oauth2AccessTokenReqDTO.getRefreshToken();
            String preprocessedToken = this.tokenPersistencePreprocessor.getPreprocessedToken(accessToken);
            String preprocessedToken2 = this.tokenPersistencePreprocessor.getPreprocessedToken(refreshToken);
            AccessTokenDO accessTokenDO = new AccessTokenDO(oAuthTokenReqMessageContext.getAuthorizedUser(), oAuthTokenReqMessageContext.getScope(), timestamp, j);
            accessTokenDO.setTokenState(OAuth2Constants.TokenStates.TOKEN_STATE_ACTIVE);
            accessTokenDO.setRefreshToken(preprocessedToken2);
            String clientId = oauth2AccessTokenReqDTO.getClientId();
            String property = oAuthTokenReqMessageContext.getProperty(PREV_ACCESS_TOKEN);
            this.tokenMgtDAO.storeAccessToken(preprocessedToken, clientId, accessTokenDO);
            this.tokenMgtDAO.cleanUpAccessToken(property);
            if (this.cacheEnabled) {
                this.oauthCache.addToCache(new OAuthCacheKey(accessToken), accessTokenDO);
                this.oauthCache.clearCacheEntry(new OAuthCacheKey(property));
                if (log.isDebugEnabled()) {
                    log.debug("Access Token info for the refresh token was added to the cache for the client id : " + clientId + ". Old access token entry was also removed from the cache.");
                }
            }
            if (log.isDebugEnabled()) {
                log.debug("Persisted an access token for the refresh token, Client ID : " + clientId + "authorized user : " + oAuthTokenReqMessageContext.getAuthorizedUser() + "timestamp : " + timestamp + "validity period : " + j + "scope : " + OAuth2Util.buildScopeString(oAuthTokenReqMessageContext.getScope()) + "Token State : " + OAuth2Constants.TokenStates.TOKEN_STATE_ACTIVE);
            }
            oAuth2AccessTokenRespDTO.setAccessToken(accessToken);
            oAuth2AccessTokenRespDTO.setRefreshToken(refreshToken);
            oAuth2AccessTokenRespDTO.setExpiresIn(j / 1000);
            return oAuth2AccessTokenRespDTO;
        } catch (OAuthSystemException e) {
            throw new IdentityOAuth2Exception("Error when generating the tokens.", e);
        }
    }
}
