package org.forgerock.openam.oauth2;

import java.net.URI;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import org.forgerock.guice.core.InjectorHolder;
import org.restlet.Request;
import org.restlet.data.Form;
import org.restlet.data.Status;
import org.restlet.resource.ResourceException;

/* loaded from: input_file:org/forgerock/openam/oauth2/OAuthProblemException.class */
public class OAuthProblemException extends ResourceException {
    private static final long serialVersionUID = 1934721539808864898L;
    private String description;
    private String errorUri;
    private Request request;
    private URI redirectTargetPattern;
    private String state;
    private String scope;
    private Map<String, String> parameters;
    private OAuth2Utils oAuth2Utils;

    /* loaded from: input_file:org/forgerock/openam/oauth2/OAuthProblemException$OAuthError.class */
    public enum OAuthError {
        REDIRECT_TEMPORARY("redirection_temporary", "The request requires a redirect.", "", Status.REDIRECTION_TEMPORARY.getCode()),
        INTERACTION_REQUIRED("interaction_required", "The request requires some interaction that is not allowed.", "", 400),
        LOGIN_REQUIRED("login_required", "The request requires login.", "", 400),
        CONSENT_REQUIRED("consent_required", "The request requires consent.", "", 400),
        METHOD_NOT_ALLOWED("method_not_allowed", "The Method is not allowed.", "", 405),
        INVALID_REQUEST("invalid_request", "The request is missing a required parameter, includes an invalid parameter value, or is otherwise malformed.", "", 400),
        UNAUTHORIZED_CLIENT("unauthorized_client", "The client is not authorized to request an authorization code using this method.", ""),
        ACCESS_DENIED("access_denied", "The resource owner or authorization server denied the request.", ""),
        UNSUPPORTED_RESPONSE_TYPE("unsupported_response_type", "The authorization server does not support obtaining an authorization code using this method.", "", 400),
        INVALID_SCOPE("invalid_scope", "The requested scope is invalid, unknown, or malformed.", ""),
        SERVER_ERROR("server_error", "The authorization server encountered an unexpected condition which prevented it from fulfilling the request.", ""),
        TEMPORARILY_UNAVAILABLE("temporarily_unavailable", "The authorization server is currently unable to handle the request due to a temporary overloading or maintenance of the server.", ""),
        INVALID_TOKEN("invalid_token", "The access token provided is expired, revoked, malformed, or invalid for other reasons.", "", 403),
        INSUFFICIENT_SCOPE("insufficient_scope", "The request requires higher privileges than provided by the access token.", "", 403),
        EXPIRED_TOKEN("expired_token", "The request contains a token no longer valid.", "", 401),
        INVALID_CLIENT("invalid_client", "The client identifier provided is invalid, the client failed to authenticate, the client did not include its credentials, provided multiple client credentials, or used unsupported credentials type.", "", 400),
        INVALID_CLIENT_401("invalid_client", "The client identifier provided is invalid, the client failed to authenticate, the client did not include its credentials, provided multiple client credentials, or used unsupported credentials type.", "", 401),
        UNKNOWN_ERROR("unknown_error", "The authenticated client is not authorized to use the access grant type provided.", "", 403),
        INVALID_GRANT("invalid_grant", "The provided access grant is invalid, expired, or revoked.", "", 400),
        UNSUPPORTED_GRANT_TYPE("unsupported_grant_type", "The provided access grant is invalid, expired, or revoked (e.g. invalid assertion, expired authorization token, bad end-user password credentials, or mismatching authorization code and redirection URI).", "", 400),
        INVALID_CODE("invalid_code", "The code provided is invalid.", ""),
        REDIRECT_URI_MISMATCH("redirect_uri_mismatch", "The redirection URI provided does not match a pre-registered value.", "", 400),
        UNSUPPORTED_AUTH_TYPE("unsupported_auth_type", "The requested authentication type is not supported by the authorization server.", ""),
        NOT_FOUND("not_found", "The request is for data which does not exist.", "", 404),
        INVALID_CLIENT_METADATA("invalid_client_metadata", "The request contains invalid metadata.", "", 400),
        BAD_REQUEST("bad_request", "The request could not be understood by the server due to malformed syntax", "", 400);

        Status status;

        OAuthError(String str, String str2, String str3) {
            this.status = new Status(400, str, str2, str3);
        }

        OAuthError(String str, String str2, String str3, int i) {
            this.status = new Status(i, str, str2, str3);
        }

        public OAuthProblemException handle(Request request) {
            return new OAuthProblemException(this, request);
        }

        public OAuthProblemException handle(Request request, String str) {
            return new OAuthProblemException(this, request).description(str);
        }
    }

    private OAuthProblemException(OAuthError oAuthError, Request request) {
        super(oAuthError.status);
        this.parameters = new HashMap();
        this.description = null;
        this.errorUri = null;
        this.request = request;
        if (null == this.request) {
            this.redirectTargetPattern = null;
            this.state = null;
            this.scope = null;
        } else {
            this.oAuth2Utils = (OAuth2Utils) InjectorHolder.getInstance(OAuth2Utils.class);
            String str = (String) this.oAuth2Utils.getRequestParameter(request, "redirect_uri", String.class);
            this.redirectTargetPattern = null != str ? URI.create(str) : null;
            this.state = (String) this.oAuth2Utils.getRequestParameter(request, "state", String.class);
            this.scope = (String) this.oAuth2Utils.getRequestParameter(request, "scope", String.class);
        }
    }

    public OAuthProblemException(int i, String str, String str2, String str3) {
        super(new Status(i, str, str2, str3));
        this.parameters = new HashMap();
        this.description = null;
        this.errorUri = null;
        this.request = null;
        this.redirectTargetPattern = null;
        this.state = null;
        this.scope = null;
    }

    public OAuthProblemException(Status status, String str, Throwable th) {
        super(new Status(status.getCode(), status.getReasonPhrase(), str, status.getUri()), th);
        this.parameters = new HashMap();
        this.description = null;
        this.errorUri = null;
        this.request = null;
        this.redirectTargetPattern = null;
        this.state = null;
        this.scope = null;
    }

    public OAuthProblemException description(String str) {
        this.description = str;
        return this;
    }

    public OAuthProblemException errorUri(String str) {
        this.errorUri = str;
        return this;
    }

    public OAuthProblemException redirectUri(URI uri) {
        this.redirectTargetPattern = uri;
        return this;
    }

    public OAuthProblemException state(String str) {
        this.state = str;
        return this;
    }

    public OAuthProblemException scope(String str) {
        this.scope = str;
        return this;
    }

    public OAuthProblemException setParameter(String str, String str2) {
        this.parameters.put(str, str2);
        return this;
    }

    public String getError() {
        return getStatus().getReasonPhrase();
    }

    public String getDescription() {
        return this.description != null ? this.description : super.getStatus().getDescription();
    }

    public String getErrorUri() {
        return this.errorUri != null ? this.errorUri : getStatus().getUri();
    }

    public String getState() {
        return this.state;
    }

    public String getScope() {
        return this.scope;
    }

    public String getParameter(String str) {
        return this.parameters.get(str);
    }

    public Map<String, String> getParameters() {
        return this.parameters;
    }

    public URI getRedirectUri() {
        return this.redirectTargetPattern;
    }

    public Status getStatus() {
        return null == this.description ? super.getStatus() : new Status(super.getStatus(), getCause(), this.description);
    }

    /* JADX WARN: Multi-variable type inference failed */
    public Object pushException() throws ResourceException {
        if (null == this.request) {
            throw new ResourceException(Status.SERVER_ERROR_INTERNAL, "Failed to push Exception", this);
        }
        this.request.getAttributes().put(OAuthProblemException.class.getName(), this);
        return null;
    }

    public Map<String, Object> getErrorMessage() {
        HashMap hashMap = new HashMap(3);
        hashMap.put("error", getError());
        if (this.oAuth2Utils.isNotBlank(getDescription())) {
            hashMap.put("error_description", getDescription());
        }
        if (this.errorUri != null && this.errorUri.length() > 0) {
            hashMap.put("error_uri", getError().toString());
        }
        return hashMap;
    }

    public Form getErrorForm() {
        Form form = new Form();
        form.add("error", getError());
        if (this.oAuth2Utils.isNotBlank(getDescription())) {
            form.add("error_description", getDescription());
        }
        if (this.errorUri != null && this.errorUri.length() > 0) {
            form.add("error_uri", this.errorUri);
        }
        if (this.oAuth2Utils.isNotBlank(getState())) {
            form.add("state", getState());
        }
        return form;
    }

    public static OAuthProblemException error(String str) {
        return new OAuthProblemException(401, str, null, null);
    }

    public static OAuthProblemException error(String str, String str2) {
        return new OAuthProblemException(401, str, str2, null);
    }

    public static OAuthProblemException error(int i, String str, String str2) {
        return new OAuthProblemException(i, str, str2, null);
    }

    public static OAuthProblemException handleOAuthProblemException(String str) {
        return error("invalid_request").description(str);
    }

    public static OAuthProblemException handleMissingParameters(Set<String> set) {
        StringBuilder sb = new StringBuilder("Missing parameters: ");
        if (null != set && !set.isEmpty()) {
            Iterator<String> it = set.iterator();
            while (it.hasNext()) {
                sb.append(it.next()).append(OAuth2Utils.SCOPE_DELIMITER);
            }
        }
        return handleOAuthProblemException(sb.toString().trim());
    }

    public static OAuthProblemException handleBadContentTypeException(String str) {
        return handleOAuthProblemException("Bad request content type. Expecting: " + str);
    }

    public static OAuthProblemException handleNotAllowedParametersOAuthException(List<String> list) {
        StringBuffer stringBuffer = new StringBuffer("Not allowed parameters: ");
        if (list != null) {
            Iterator<String> it = list.iterator();
            while (it.hasNext()) {
                stringBuffer.append(it.next()).append(OAuth2Utils.SCOPE_DELIMITER);
            }
        }
        return handleOAuthProblemException(stringBuffer.toString().trim());
    }

    public static OAuthProblemException popException(Request request) {
        Object remove = request.getAttributes().remove(OAuthProblemException.class.getName());
        if (remove instanceof OAuthProblemException) {
            return (OAuthProblemException) remove;
        }
        return null;
    }
}
