package org.forgerock.oauth2.core;

import java.util.Iterator;
import java.util.List;
import java.util.Set;
import javax.inject.Inject;
import javax.inject.Singleton;
import org.forgerock.oauth2.core.exceptions.InvalidClientException;
import org.forgerock.oauth2.core.exceptions.InvalidRequestException;
import org.forgerock.oauth2.core.exceptions.InvalidScopeException;
import org.forgerock.oauth2.core.exceptions.NotFoundException;
import org.forgerock.oauth2.core.exceptions.RedirectUriMismatchException;
import org.forgerock.oauth2.core.exceptions.ServerException;
import org.forgerock.oauth2.core.exceptions.UnauthorizedClientException;
import org.forgerock.openam.oauth2.OAuth2UrisFactory;

@Singleton
/* loaded from: input_file:org/forgerock/oauth2/core/ClientCredentialsGrantTypeHandler.class */
public class ClientCredentialsGrantTypeHandler extends GrantTypeHandler {
    private final List<ClientCredentialsRequestValidator> requestValidators;
    private final TokenStore tokenStore;

    @Inject
    public ClientCredentialsGrantTypeHandler(ClientAuthenticator clientAuthenticator, List<ClientCredentialsRequestValidator> list, TokenStore tokenStore, OAuth2UrisFactory oAuth2UrisFactory, OAuth2ProviderSettingsFactory oAuth2ProviderSettingsFactory) {
        super(oAuth2ProviderSettingsFactory, oAuth2UrisFactory, clientAuthenticator);
        this.requestValidators = list;
        this.tokenStore = tokenStore;
    }

    @Override // org.forgerock.oauth2.core.GrantTypeHandler
    public AccessToken handle(OAuth2Request oAuth2Request, ClientRegistration clientRegistration, OAuth2ProviderSettings oAuth2ProviderSettings) throws InvalidRequestException, ServerException, UnauthorizedClientException, InvalidScopeException, NotFoundException, InvalidClientException, RedirectUriMismatchException {
        Iterator<ClientCredentialsRequestValidator> it = this.requestValidators.iterator();
        while (it.hasNext()) {
            it.next().validateRequest(oAuth2Request, clientRegistration);
        }
        Set<String> validateAccessTokenScope = oAuth2ProviderSettings.validateAccessTokenScope(clientRegistration, Utils.splitScope((String) oAuth2Request.getParameter("scope")), oAuth2Request);
        String validateRequestedClaims = oAuth2ProviderSettings.validateRequestedClaims((String) oAuth2Request.getParameter("claims"));
        AccessToken createAccessToken = this.tokenStore.createAccessToken((String) oAuth2Request.getParameter("grant_type"), "Bearer", null, clientRegistration.getClientId(), clientRegistration.getClientId(), null, validateAccessTokenScope, null, null, validateRequestedClaims, oAuth2Request);
        oAuth2ProviderSettings.additionalDataToReturnFromTokenEndpoint(createAccessToken, oAuth2Request);
        if (validateAccessTokenScope != null && !validateAccessTokenScope.isEmpty()) {
            createAccessToken.addExtraData("scope", Utils.joinScope(validateAccessTokenScope));
        }
        this.tokenStore.updateAccessToken(oAuth2Request, createAccessToken);
        return createAccessToken;
    }
}
