package org.forgerock.oauth2.core;

import java.util.Collections;
import java.util.Comparator;
import java.util.HashMap;
import java.util.Map;
import java.util.Set;
import javax.inject.Inject;
import javax.inject.Singleton;
import org.forgerock.oauth2.core.exceptions.InvalidClientException;
import org.forgerock.oauth2.core.exceptions.InvalidScopeException;
import org.forgerock.oauth2.core.exceptions.NotFoundException;
import org.forgerock.oauth2.core.exceptions.ServerException;
import org.forgerock.oauth2.core.exceptions.UnsupportedResponseTypeException;
import org.forgerock.openam.oauth2.OAuth2Constants;
import org.forgerock.openam.oauth2.OAuth2UrisFactory;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Singleton
/* loaded from: input_file:org/forgerock/oauth2/core/AuthorizationTokenIssuer.class */
public class AuthorizationTokenIssuer {
    private final Logger logger = LoggerFactory.getLogger("OAuth2Provider");
    private final OAuth2UrisFactory urisFactory;

    /* loaded from: input_file:org/forgerock/oauth2/core/AuthorizationTokenIssuer$KeyStringComparator.class */
    private class KeyStringComparator implements Comparator<String> {
        private final String key;

        public KeyStringComparator(String str) {
            this.key = str;
        }

        @Override // java.util.Comparator
        public int compare(String str, String str2) {
            if (str.equals(this.key)) {
                return 1;
            }
            return str2.equals(this.key) ? -1 : 0;
        }
    }

    @Inject
    public AuthorizationTokenIssuer(OAuth2UrisFactory oAuth2UrisFactory) {
        this.urisFactory = oAuth2UrisFactory;
    }

    /* JADX WARN: Multi-variable type inference failed */
    public AuthorizationToken issueTokens(OAuth2Request oAuth2Request, ClientRegistration clientRegistration, ResourceOwner resourceOwner, Set<String> set, OAuth2ProviderSettings oAuth2ProviderSettings) throws InvalidClientException, UnsupportedResponseTypeException, ServerException, InvalidScopeException, NotFoundException {
        Set<String> splitResponseType = Utils.splitResponseType((String) oAuth2Request.getParameter("response_type"));
        if (Utils.isEmpty(splitResponseType)) {
            this.logger.debug("Response type is not supported");
            throw new UnsupportedResponseTypeException("Response type is not supported");
        }
        Set<String> validateAccessTokenScope = oAuth2ProviderSettings.validateAccessTokenScope(clientRegistration, set, oAuth2Request);
        Map<String, ResponseTypeHandler> allowedResponseTypes = oAuth2ProviderSettings.getAllowedResponseTypes();
        String accessTokenType = clientRegistration.getAccessTokenType();
        String clientId = clientRegistration.getClientId();
        String str = (String) oAuth2Request.getParameter("redirect_uri");
        String str2 = (String) oAuth2Request.getParameter("nonce");
        String str3 = (String) oAuth2Request.getParameter("code_challenge");
        String str4 = (String) oAuth2Request.getParameter("code_challenge_method");
        Map<String, Token> hashMap = new HashMap<>();
        boolean z = false;
        for (String str5 : Utils.asSortedList(splitResponseType, new KeyStringComparator("id_token"))) {
            if (Utils.isEmpty(str5)) {
                throw new UnsupportedResponseTypeException("Response type is not supported");
            }
            ResponseTypeHandler responseTypeHandler = allowedResponseTypes.get(str5);
            Map.Entry<String, Token> handle = responseTypeHandler.handle(accessTokenType, validateAccessTokenScope, resourceOwner, clientId, str, str2, oAuth2Request, str3, str4);
            if (handle != null) {
                if (hashMap.containsKey(handle.getKey())) {
                    this.logger.debug("Returning multiple response types with the same url value");
                    throw new UnsupportedResponseTypeException("Returning multiple response types with the same url value");
                }
                hashMap.put(handle.getKey(), handle.getValue());
                if (!z) {
                    z = OAuth2Constants.UrlLocation.FRAGMENT.equals(responseTypeHandler.getReturnLocation());
                }
            }
        }
        Map<String, String> flattenTokens = flattenTokens(hashMap);
        Map<String, String> additionalDataToReturnFromAuthorizeEndpoint = oAuth2ProviderSettings.additionalDataToReturnFromAuthorizeEndpoint(Collections.unmodifiableMap(hashMap), oAuth2Request);
        if (!Utils.isEmpty(additionalDataToReturnFromAuthorizeEndpoint)) {
            String remove = additionalDataToReturnFromAuthorizeEndpoint.remove("returnLocation");
            if (!Utils.isEmpty(remove)) {
                OAuth2Constants.UrlLocation valueOf = OAuth2Constants.UrlLocation.valueOf(remove.toUpperCase());
                if (!z && OAuth2Constants.UrlLocation.FRAGMENT.equals(valueOf)) {
                    z = true;
                }
            }
            flattenTokens.putAll(additionalDataToReturnFromAuthorizeEndpoint);
        }
        flattenTokens.put("scope", Utils.joinScope(validateAccessTokenScope));
        if (oAuth2Request.getParameter("state") != null) {
            flattenTokens.put("state", oAuth2Request.getParameter("state"));
        }
        if (!flattenTokens.containsKey("id_token")) {
            flattenTokens.put("iss", this.urisFactory.get(oAuth2Request).getIssuer());
            flattenTokens.put("client_id", clientRegistration.getClientId());
        }
        return new AuthorizationToken(flattenTokens, z);
    }

    private Map<String, String> flattenTokens(Map<String, Token> map) throws ServerException {
        HashMap hashMap = new HashMap();
        for (Map.Entry<String, Token> entry : map.entrySet()) {
            Map<String, Object> map2 = entry.getValue().toMap();
            if (!hashMap.containsKey(entry.getKey())) {
                hashMap.put(entry.getKey(), entry.getValue().getTokenId());
            }
            if (entry.getValue().getTokenName().equalsIgnoreCase("access_token")) {
                for (Map.Entry<String, Object> entry2 : map2.entrySet()) {
                    if (!hashMap.containsKey(entry2.getKey())) {
                        hashMap.put(entry2.getKey(), entry2.getValue().toString());
                    }
                }
            }
        }
        return hashMap;
    }
}
