package org.wso2.carbon.identity.oauth.ui.endpoints.authz;

import java.io.IOException;
import java.rmi.RemoteException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.amber.oauth2.as.request.OAuthAuthzRequest;
import org.apache.amber.oauth2.as.response.OAuthASResponse;
import org.apache.amber.oauth2.common.exception.OAuthProblemException;
import org.apache.amber.oauth2.common.exception.OAuthSystemException;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.identity.oauth.ui.OAuth2Parameters;
import org.wso2.carbon.identity.oauth.ui.OAuthConstants;
import org.wso2.carbon.identity.oauth.ui.client.OAuth2ServiceClient;
import org.wso2.carbon.identity.oauth.ui.internal.OAuthUIServiceComponent;
import org.wso2.carbon.identity.oauth.ui.internal.OAuthUIServiceComponentHolder;
import org.wso2.carbon.identity.oauth2.stub.dto.OAuth2ClientValidationResponseDTO;
import org.wso2.carbon.ui.CarbonUIUtil;
import org.wso2.carbon.ui.util.CharacterEncoder;

/* loaded from: input_file:org/wso2/carbon/identity/oauth/ui/endpoints/authz/OAuth2AuthzEndpoint.class */
public class OAuth2AuthzEndpoint extends HttpServlet {
    private static final Log log = LogFactory.getLog(OAuth2AuthzEndpoint.class);

    protected void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        service(httpServletRequest, httpServletResponse);
    }

    protected void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        service(httpServletRequest, httpServletResponse);
    }

    protected void service(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        try {
            if (httpServletRequest.getRequestURI().endsWith("authorize")) {
                httpServletResponse.sendRedirect(handleOAuthAuthorizationRequest(httpServletRequest));
            } else {
                HttpSession session = httpServletRequest.getSession();
                session.setAttribute(OAuthConstants.OAUTH_ERROR_CODE, "invalid_request_url");
                session.setAttribute(OAuthConstants.OAUTH_ERROR_MESSAGE, "Invalid OAuth request URL.");
                httpServletResponse.sendRedirect((CarbonUIUtil.getAdminConsoleURL(httpServletRequest) + "oauth/oauth-error.jsp").replace(OAuthUIServiceComponent.OAUTH2_AUTHORIZE_URL, ""));
            }
        } catch (OAuthSystemException e) {
            log.error("Error when processing the authorization request.", e);
            HttpSession session2 = httpServletRequest.getSession();
            session2.setAttribute(OAuthConstants.OAUTH_ERROR_CODE, "server_error");
            session2.setAttribute(OAuthConstants.OAUTH_ERROR_MESSAGE, "Error when processing the authorization request.");
            httpServletResponse.sendRedirect((CarbonUIUtil.getAdminConsoleURL(httpServletRequest) + "oauth/oauth-error.jsp").replace(OAuthUIServiceComponent.OAUTH2_AUTHORIZE_URL, ""));
        }
    }

    private String handleOAuthAuthorizationRequest(HttpServletRequest httpServletRequest) throws IOException, OAuthSystemException {
        OAuth2ClientValidationResponseDTO oAuth2ClientValidationResponseDTO = null;
        try {
            String safeText = CharacterEncoder.getSafeText(httpServletRequest.getParameter("client_id"));
            String safeText2 = CharacterEncoder.getSafeText(httpServletRequest.getParameter("redirect_uri"));
            if (safeText == null) {
                log.warn("Client Id is not present in the authorization request.");
                HttpSession session = httpServletRequest.getSession();
                session.setAttribute(OAuthConstants.OAUTH_ERROR_CODE, "invalid_request");
                session.setAttribute(OAuthConstants.OAUTH_ERROR_MESSAGE, "Invalid Request. Client Id is not present in the request");
                return (CarbonUIUtil.getAdminConsoleURL(httpServletRequest) + "oauth/oauth-error.jsp").replace(OAuthUIServiceComponent.OAUTH2_AUTHORIZE_URL, "");
            }
            OAuth2ClientValidationResponseDTO validateClient = validateClient(httpServletRequest, safeText, safeText2);
            if (!validateClient.getValidClient()) {
                HttpSession session2 = httpServletRequest.getSession();
                session2.setAttribute(OAuthConstants.OAUTH_ERROR_CODE, validateClient.getErrorCode());
                session2.setAttribute(OAuthConstants.OAUTH_ERROR_MESSAGE, validateClient.getErrorMsg());
                return (CarbonUIUtil.getAdminConsoleURL(httpServletRequest) + "oauth/oauth-error.jsp").replace(OAuthUIServiceComponent.OAUTH2_AUTHORIZE_URL, "");
            }
            OAuthAuthzRequest oAuthAuthzRequest = new OAuthAuthzRequest(httpServletRequest);
            OAuth2Parameters oAuth2Parameters = new OAuth2Parameters();
            oAuth2Parameters.setApplicationName(validateClient.getApplicationName());
            oAuth2Parameters.setRedirectURI(validateClient.getCallbackURL());
            oAuth2Parameters.setResponseType(oAuthAuthzRequest.getResponseType());
            oAuth2Parameters.setScopes(oAuthAuthzRequest.getScopes());
            oAuth2Parameters.setState(oAuthAuthzRequest.getState());
            oAuth2Parameters.setClientId(safeText);
            httpServletRequest.getSession().setAttribute(OAuthConstants.OAUTH2_PARAMS, oAuth2Parameters);
            return (CarbonUIUtil.getAdminConsoleURL(httpServletRequest) + "oauth/oauth2_authn_ajaxprocessor.jsp").replace(OAuthUIServiceComponent.OAUTH2_AUTHORIZE_URL, "");
        } catch (OAuthProblemException e) {
            log.error(e.getError(), e.getCause());
            return OAuthASResponse.errorResponse(302).error(e).location(oAuth2ClientValidationResponseDTO.getCallbackURL()).buildQueryMessage().getLocationUri();
        }
    }

    private OAuth2ClientValidationResponseDTO validateClient(HttpServletRequest httpServletRequest, String str, String str2) throws OAuthSystemException {
        try {
            return new OAuth2ServiceClient(CarbonUIUtil.getServerURL(OAuthUIServiceComponentHolder.getInstance().getServerConfigurationService()), OAuthUIServiceComponentHolder.getInstance().getConfigurationContextService().getServerConfigContext()).validateClient(str, str2);
        } catch (RemoteException e) {
            log.error("Error when invoking the OAuth2Service for client validation.");
            throw new OAuthSystemException(e.getMessage(), e);
        }
    }
}
