package org.opends.server.protocols.http.authz;

import org.forgerock.http.oauth2.AccessTokenResolver;
import org.forgerock.opendj.adapter.server3x.Adapters;
import org.forgerock.opendj.config.server.ConfigException;
import org.forgerock.opendj.ldap.DN;
import org.forgerock.opendj.rest2ldap.authz.Authorization;
import org.forgerock.opendj.server.config.server.HTTPOauth2CtsAuthorizationMechanismCfg;
import org.opends.messages.ConfigMessages;
import org.opends.server.core.DirectoryServer;
import org.opends.server.core.ServerContext;
import org.opends.server.types.DirectoryException;

/* loaded from: input_file:WEB-INF/lib/opendj.jar:org/opends/server/protocols/http/authz/HttpOAuth2CtsAuthorizationMechanism.class */
final class HttpOAuth2CtsAuthorizationMechanism extends HttpOAuth2AuthorizationMechanism<HTTPOauth2CtsAuthorizationMechanismCfg> {
    HttpOAuth2CtsAuthorizationMechanism(HTTPOauth2CtsAuthorizationMechanismCfg hTTPOauth2CtsAuthorizationMechanismCfg, ServerContext serverContext) throws ConfigException {
        super(hTTPOauth2CtsAuthorizationMechanismCfg, serverContext);
    }

    @Override // org.opends.server.protocols.http.authz.HttpOAuth2AuthorizationMechanism
    AccessTokenResolver newAccessTokenResolver() throws ConfigException {
        try {
            if (DirectoryServer.getEntry(DN.valueOf(((HTTPOauth2CtsAuthorizationMechanismCfg) this.config).getBaseDN())) == null) {
                throw new ConfigException(ConfigMessages.ERR_CONFIG_AUTHZ_REFERENCED_DN_DOESNT_EXISTS.get(((HTTPOauth2CtsAuthorizationMechanismCfg) this.config).dn(), ((HTTPOauth2CtsAuthorizationMechanismCfg) this.config).getBaseDN()));
            }
            return Authorization.newCtsAccessTokenResolver(Adapters.newRootConnectionFactory(), ((HTTPOauth2CtsAuthorizationMechanismCfg) this.config).getBaseDN());
        } catch (DirectoryException e) {
            throw new ConfigException(e.getMessageObject());
        }
    }
}
