package org.wso2.carbon.identity.oauth2.handlers.authz;

import org.apache.amber.oauth2.as.issuer.MD5Generator;
import org.apache.amber.oauth2.as.issuer.OAuthIssuerImpl;
import org.apache.amber.oauth2.common.message.types.ResponseType;
import org.wso2.carbon.identity.oauth.callback.OAuthCallback;
import org.wso2.carbon.identity.oauth.callback.OAuthCallbackManager;
import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception;
import org.wso2.carbon.identity.oauth2.dao.TokenMgtDAO;
import org.wso2.carbon.identity.oauth2.dto.OAuth2AuthorizeReqDTO;
import org.wso2.carbon.identity.oauth2.dto.OAuth2AuthorizeRespDTO;
import org.wso2.carbon.identity.oauth2.util.OAuth2Util;

/* loaded from: input_file:org/wso2/carbon/identity/oauth2/handlers/authz/AbstractAuthorizationHandler.class */
public abstract class AbstractAuthorizationHandler implements AuthorizationHandler {
    protected OAuth2AuthorizeReqDTO authorizationReqDTO;
    protected ResponseType responseType;
    protected String[] approvedScope;
    private OAuthCallbackManager callbackManager = new OAuthCallbackManager();
    protected OAuthIssuerImpl oauthIssuerImpl = new OAuthIssuerImpl(new MD5Generator());
    protected TokenMgtDAO tokenMgtDAO = new TokenMgtDAO();

    public AbstractAuthorizationHandler(OAuth2AuthorizeReqDTO oAuth2AuthorizeReqDTO) throws IdentityOAuth2Exception {
        this.authorizationReqDTO = oAuth2AuthorizeReqDTO;
    }

    @Override // org.wso2.carbon.identity.oauth2.handlers.authz.AuthorizationHandler
    public boolean authenticateResourceOwner() throws IdentityOAuth2Exception {
        return OAuth2Util.authenticateUser(this.authorizationReqDTO.getUsername(), this.authorizationReqDTO.getPassword());
    }

    @Override // org.wso2.carbon.identity.oauth2.handlers.authz.AuthorizationHandler
    public boolean validateAccessDelegation() throws IdentityOAuth2Exception {
        OAuthCallback oAuthCallback = new OAuthCallback(this.authorizationReqDTO.getUsername(), this.authorizationReqDTO.getConsumerKey(), OAuthCallback.OAuthCallbackType.ACCESS_DELEGATION);
        oAuthCallback.setRequestedScope(this.authorizationReqDTO.getScopes());
        oAuthCallback.setResponseType(this.responseType);
        this.callbackManager.handleCallback(oAuthCallback);
        return oAuthCallback.isAuthorized();
    }

    public String getScopeString() {
        return this.approvedScope != null ? OAuth2Util.buildScopeString(this.approvedScope) : OAuth2Util.buildScopeString(this.authorizationReqDTO.getScopes());
    }

    @Override // org.wso2.carbon.identity.oauth2.handlers.authz.AuthorizationHandler
    public boolean validateScope() throws IdentityOAuth2Exception {
        OAuthCallback oAuthCallback = new OAuthCallback(this.authorizationReqDTO.getUsername(), this.authorizationReqDTO.getConsumerKey(), OAuthCallback.OAuthCallbackType.SCOPE_VALIDATION);
        oAuthCallback.setRequestedScope(this.authorizationReqDTO.getScopes());
        this.callbackManager.handleCallback(oAuthCallback);
        this.approvedScope = oAuthCallback.getApprovedScope();
        return oAuthCallback.isInvalidScope();
    }

    @Override // org.wso2.carbon.identity.oauth2.handlers.authz.AuthorizationHandler
    public abstract OAuth2AuthorizeRespDTO issue() throws IdentityOAuth2Exception;
}
