package org.forgerock.openidconnect;

import com.iplanet.sso.SSOTokenManager;
import javax.inject.Inject;
import javax.inject.Named;
import javax.inject.Singleton;
import org.forgerock.json.JsonValue;
import org.forgerock.oauth2.core.OAuth2Request;
import org.forgerock.oauth2.core.exceptions.ServerException;
import org.forgerock.openam.cts.CTSPersistentStore;
import org.forgerock.openam.cts.adapters.TokenAdapter;
import org.forgerock.openam.cts.api.tokens.Token;
import org.forgerock.openam.cts.exceptions.CoreTokenException;
import org.forgerock.openam.oauth2.IdentityManager;
import org.forgerock.openam.utils.CollectionUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Singleton
/* loaded from: input_file:org/forgerock/openidconnect/OpenIDConnectProvider.class */
public class OpenIDConnectProvider {
    private final Logger logger = LoggerFactory.getLogger("OAuth2Provider");
    private final SSOTokenManager tokenManager;
    private final IdentityManager identityManager;
    private final CTSPersistentStore cts;
    private final TokenAdapter<JsonValue> tokenAdapter;

    @Inject
    public OpenIDConnectProvider(SSOTokenManager sSOTokenManager, IdentityManager identityManager, CTSPersistentStore cTSPersistentStore, @Named("oauthTokenAdapter") TokenAdapter<JsonValue> tokenAdapter) {
        this.tokenManager = sSOTokenManager;
        this.identityManager = identityManager;
        this.cts = cTSPersistentStore;
        this.tokenAdapter = tokenAdapter;
    }

    public boolean isUserValid(String str, OAuth2Request oAuth2Request) {
        try {
            this.identityManager.getResourceOwnerIdentity(str, (String) oAuth2Request.getParameter("realm"));
            return true;
        } catch (Exception e) {
            return false;
        }
    }

    public void destroySession(String str) throws ServerException {
        try {
            Token read = this.cts.read(str);
            if (read == null) {
                throw new CoreTokenException("Unable to find id_token");
            }
            JsonValue jsonValue = (JsonValue) this.tokenAdapter.fromToken(read);
            this.cts.delete(str);
            String str2 = (String) CollectionUtils.getFirstItem(jsonValue.get("ops").asCollection(String.class));
            if (str2 != null) {
                this.tokenManager.destroyToken(this.tokenManager.createSSOToken(str2));
            }
        } catch (Exception e) {
            this.logger.warn("Unable to get SsoTokenManager", e);
            throw new ServerException("Unable to get SsoTokenManager");
        } catch (CoreTokenException e2) {
            this.logger.warn("Unable to get id_token meta data", e2);
            throw new ServerException("Unable to get id_token meta data");
        }
    }
}
