package org.wso2.carbon.identity.oauth2;

import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.core.AbstractAdmin;
import org.wso2.carbon.identity.core.model.OAuthAppDO;
import org.wso2.carbon.identity.oauth.IdentityOAuthAdminException;
import org.wso2.carbon.identity.oauth.common.OAuth2ErrorCodes;
import org.wso2.carbon.identity.oauth.dao.OAuthAppDAO;
import org.wso2.carbon.identity.oauth2.authz.AuthorizationHandlerManager;
import org.wso2.carbon.identity.oauth2.dto.OAuth2AccessTokenReqDTO;
import org.wso2.carbon.identity.oauth2.dto.OAuth2AccessTokenRespDTO;
import org.wso2.carbon.identity.oauth2.dto.OAuth2AuthorizeReqDTO;
import org.wso2.carbon.identity.oauth2.dto.OAuth2AuthorizeRespDTO;
import org.wso2.carbon.identity.oauth2.dto.OAuth2ClientValidationResponseDTO;
import org.wso2.carbon.identity.oauth2.token.AccessTokenIssuer;
import org.wso2.carbon.identity.oauth2.util.OAuth2Util;

/* loaded from: input_file:org/wso2/carbon/identity/oauth2/OAuth2Service.class */
public class OAuth2Service extends AbstractAdmin {
    private static Log log = LogFactory.getLog(OAuth2Service.class);

    public OAuth2AuthorizeRespDTO authorize(OAuth2AuthorizeReqDTO oAuth2AuthorizeReqDTO) {
        if (log.isDebugEnabled()) {
            log.debug("Authorization Request received for user : " + oAuth2AuthorizeReqDTO.getUsername() + ", Client ID : " + oAuth2AuthorizeReqDTO.getConsumerKey() + ", Authorization Response Type : " + oAuth2AuthorizeReqDTO.getResponseType() + ", Requested callback URI : " + oAuth2AuthorizeReqDTO.getCallbackUrl() + ", Requested Scope : " + OAuth2Util.buildScopeString(oAuth2AuthorizeReqDTO.getScopes()));
        }
        try {
            return AuthorizationHandlerManager.getInstance().handleAuthorization(oAuth2AuthorizeReqDTO);
        } catch (Exception e) {
            log.error("Error occurred when processing the authorization request. Returning an error back to client.", e);
            OAuth2AuthorizeRespDTO oAuth2AuthorizeRespDTO = new OAuth2AuthorizeRespDTO();
            oAuth2AuthorizeRespDTO.setAuthorized(false);
            oAuth2AuthorizeRespDTO.setErrorCode(OAuth2ErrorCodes.SERVER_ERROR);
            oAuth2AuthorizeRespDTO.setErrorMsg("Error occurred when processing the authorization request. Returning an error back to client.");
            oAuth2AuthorizeRespDTO.setCallbackURI(oAuth2AuthorizeReqDTO.getCallbackUrl());
            return oAuth2AuthorizeRespDTO;
        }
    }

    public OAuth2ClientValidationResponseDTO validateClientInfo(String str, String str2) {
        OAuth2ClientValidationResponseDTO oAuth2ClientValidationResponseDTO = new OAuth2ClientValidationResponseDTO();
        if (log.isDebugEnabled()) {
            log.debug("Validate Client information request for client_id : " + str + " and callback_uri " + str2);
        }
        try {
            OAuthAppDO appInformation = new OAuthAppDAO().getAppInformation(str);
            if (appInformation == null) {
                log.warn("No registered Client Id found against the given Client id : " + str);
                oAuth2ClientValidationResponseDTO.setValidClient(false);
                oAuth2ClientValidationResponseDTO.setErrorCode(OAuth2ErrorCodes.UNAUTHORIZED_CLIENT);
                oAuth2ClientValidationResponseDTO.setErrorMsg("Invalid Client Id.");
                return oAuth2ClientValidationResponseDTO;
            }
            if (str2 == null) {
                oAuth2ClientValidationResponseDTO.setValidClient(true);
                oAuth2ClientValidationResponseDTO.setCallbackURL(appInformation.getCallbackUrl());
                oAuth2ClientValidationResponseDTO.setApplicationName(appInformation.getApplicationName());
                return oAuth2ClientValidationResponseDTO;
            }
            if (log.isDebugEnabled()) {
                log.debug("Registered App found for the given Client Id : " + str + " ,App Name : " + appInformation.getApplicationName() + ", Callback URL : " + appInformation.getCallbackUrl());
            }
            if (appInformation.getCallbackUrl().equals(str2)) {
                oAuth2ClientValidationResponseDTO.setValidClient(true);
                oAuth2ClientValidationResponseDTO.setApplicationName(appInformation.getApplicationName());
                oAuth2ClientValidationResponseDTO.setCallbackURL(str2);
                return oAuth2ClientValidationResponseDTO;
            }
            log.warn("Provided Callback URL does not match with the provided one.");
            oAuth2ClientValidationResponseDTO.setValidClient(false);
            oAuth2ClientValidationResponseDTO.setErrorCode(OAuth2ErrorCodes.INVALID_CALLBACK);
            oAuth2ClientValidationResponseDTO.setErrorMsg("Registered callback does not match with the provided url.");
            return oAuth2ClientValidationResponseDTO;
        } catch (IdentityOAuthAdminException e) {
            log.error("Error when reading the Application Information.", e);
            oAuth2ClientValidationResponseDTO.setValidClient(false);
            oAuth2ClientValidationResponseDTO.setErrorCode(OAuth2ErrorCodes.SERVER_ERROR);
            oAuth2ClientValidationResponseDTO.setErrorMsg("Error when processing the authorization request.");
            return oAuth2ClientValidationResponseDTO;
        }
    }

    public OAuth2AccessTokenRespDTO issueAccessToken(OAuth2AccessTokenReqDTO oAuth2AccessTokenReqDTO) {
        if (log.isDebugEnabled()) {
            log.debug("Access Token Request Received with the Client Id : " + oAuth2AccessTokenReqDTO.getClientId() + ", Grant Type : " + oAuth2AccessTokenReqDTO.getGrantType());
        }
        try {
            return AccessTokenIssuer.getInstance().issue(oAuth2AccessTokenReqDTO);
        } catch (Exception e) {
            log.error("Error when issuing the access token. ", e);
            OAuth2AccessTokenRespDTO oAuth2AccessTokenRespDTO = new OAuth2AccessTokenRespDTO();
            oAuth2AccessTokenRespDTO.setError(true);
            oAuth2AccessTokenRespDTO.setErrorCode(OAuth2ErrorCodes.SERVER_ERROR);
            oAuth2AccessTokenRespDTO.setErrorMsg("Error when issuing the access token");
            return oAuth2AccessTokenRespDTO;
        }
    }
}
