package org.wso2.carbon.identity.oauth.ui.client;

import java.rmi.RemoteException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.amber.oauth2.as.response.OAuthASResponse;
import org.apache.amber.oauth2.common.exception.OAuthProblemException;
import org.apache.amber.oauth2.common.exception.OAuthSystemException;
import org.apache.amber.oauth2.common.message.OAuthResponse;
import org.apache.amber.oauth2.common.message.types.ResponseType;
import org.apache.axis2.context.ConfigurationContext;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.identity.oauth.ui.OAuth2Parameters;
import org.wso2.carbon.identity.oauth.ui.OAuthConstants;
import org.wso2.carbon.identity.oauth2.stub.dto.OAuth2AuthorizeReqDTO;
import org.wso2.carbon.identity.oauth2.stub.dto.OAuth2AuthorizeRespDTO;
import org.wso2.carbon.ui.CarbonUIUtil;

/* loaded from: input_file:org/wso2/carbon/identity/oauth/ui/client/OAuth2AuthzClient.class */
public class OAuth2AuthzClient {
    private static Log log = LogFactory.getLog(OAuth2AuthzClient.class);

    public String handleAuthorizationRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws OAuthSystemException {
        OAuthResponse buildQueryMessage;
        OAuth2Parameters oAuth2Parameters = (OAuth2Parameters) httpServletRequest.getSession().getAttribute(OAuthConstants.OAUTH2_PARAMS);
        if ("true".equals(httpServletRequest.getParameter("deny"))) {
            return OAuthASResponse.errorResponse(302).setError("access_denied").location(oAuth2Parameters.getRedirectURI()).setState(oAuth2Parameters.getState()).buildQueryMessage().getLocationUri();
        }
        try {
            OAuth2AuthorizeRespDTO authorize = authorize(httpServletRequest, oAuth2Parameters);
            if (!authorize.getAuthenticated()) {
                return "../../carbon/oauth/oauth2_authn_ajaxprocessor.jsp?auth_status=failed";
            }
            OAuthASResponse.OAuthAuthorizationResponseBuilder authorizationResponse = OAuthASResponse.authorizationResponse(httpServletRequest, 302);
            if (authorize.getAuthorized()) {
                if (ResponseType.CODE.toString().equals(oAuth2Parameters.getResponseType())) {
                    authorizationResponse.setCode(authorize.getAuthorizationCode());
                } else if (ResponseType.TOKEN.toString().equals(oAuth2Parameters.getResponseType())) {
                    authorizationResponse.setAccessToken(authorize.getAccessToken());
                    authorizationResponse.setExpiresIn(String.valueOf(3600));
                }
                authorizationResponse.setParam("state", oAuth2Parameters.getState());
                buildQueryMessage = authorizationResponse.location(authorize.getCallbackURI()).buildQueryMessage();
            } else {
                buildQueryMessage = OAuthASResponse.errorResponse(302).error(OAuthProblemException.error(authorize.getErrorCode(), authorize.getErrorMsg())).location(authorize.getCallbackURI()).setState(oAuth2Parameters.getState()).buildQueryMessage();
            }
            httpServletResponse.setStatus(302);
            httpServletRequest.getSession().removeAttribute(OAuthConstants.OAUTH2_PARAMS);
            return buildQueryMessage.getLocationUri();
        } catch (OAuthProblemException e) {
            log.error(e.getError(), e.getCause());
            return OAuthASResponse.errorResponse(302).error(e).location(oAuth2Parameters.getRedirectURI()).buildQueryMessage().getLocationUri();
        }
    }

    private OAuth2AuthorizeRespDTO authorize(HttpServletRequest httpServletRequest, OAuth2Parameters oAuth2Parameters) throws OAuthProblemException {
        try {
            OAuth2ServiceClient oAuth2ServiceClient = new OAuth2ServiceClient(CarbonUIUtil.getServerURL(httpServletRequest.getSession().getServletContext(), httpServletRequest.getSession()), (ConfigurationContext) httpServletRequest.getSession().getServletContext().getAttribute("ConfigurationContext"));
            OAuth2AuthorizeReqDTO oAuth2AuthorizeReqDTO = new OAuth2AuthorizeReqDTO();
            oAuth2AuthorizeReqDTO.setCallbackUrl(oAuth2Parameters.getRedirectURI());
            oAuth2AuthorizeReqDTO.setConsumerKey(oAuth2Parameters.getClientId());
            oAuth2AuthorizeReqDTO.setResponseType(oAuth2Parameters.getResponseType());
            oAuth2AuthorizeReqDTO.setScopes((String[]) oAuth2Parameters.getScopes().toArray(new String[oAuth2Parameters.getScopes().size()]));
            oAuth2AuthorizeReqDTO.setUsername(httpServletRequest.getParameter(OAuthConstants.REQ_PARAM_OAUTH_USER_NAME));
            oAuth2AuthorizeReqDTO.setPassword(httpServletRequest.getParameter(OAuthConstants.REQ_PARAM_OAUTH_USER_PASSWORD));
            return oAuth2ServiceClient.authorize(oAuth2AuthorizeReqDTO);
        } catch (RemoteException e) {
            log.error("Error when invoking the OAuth2Service to perform authorization.", e);
            throw OAuthProblemException.error("server_error", "Error when invoking the OAuth2Service to perform authorization.");
        }
    }
}
