package org.apereo.cas.support.oauth.web.response.callback;

import java.util.ArrayList;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import lombok.Generated;
import org.apache.commons.lang3.StringUtils;
import org.apache.http.NameValuePair;
import org.apache.http.client.utils.URIBuilder;
import org.apereo.cas.configuration.CasConfigurationProperties;
import org.apereo.cas.services.ServicesManager;
import org.apereo.cas.support.oauth.OAuth20Constants;
import org.apereo.cas.support.oauth.OAuth20ResponseTypes;
import org.apereo.cas.support.oauth.util.OAuth20Utils;
import org.apereo.cas.support.oauth.web.response.accesstoken.OAuth20TokenGeneratedResult;
import org.apereo.cas.support.oauth.web.response.accesstoken.OAuth20TokenGenerator;
import org.apereo.cas.support.oauth.web.response.accesstoken.ext.AccessTokenRequestDataHolder;
import org.apereo.cas.support.oauth.web.response.accesstoken.response.OAuth20JwtAccessTokenEncoder;
import org.apereo.cas.ticket.accesstoken.OAuth20AccessToken;
import org.apereo.cas.ticket.refreshtoken.OAuth20RefreshToken;
import org.apereo.cas.token.JwtBuilder;
import org.pac4j.core.context.WebContext;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.web.servlet.ModelAndView;

/* loaded from: input_file:org/apereo/cas/support/oauth/web/response/callback/OAuth20TokenAuthorizationResponseBuilder.class */
public class OAuth20TokenAuthorizationResponseBuilder extends BaseOAuth20AuthorizationResponseBuilder {

    @Generated
    private static final Logger LOGGER = LoggerFactory.getLogger(OAuth20TokenAuthorizationResponseBuilder.class);
    private final OAuth20TokenGenerator accessTokenGenerator;
    private final JwtBuilder accessTokenJwtBuilder;

    public OAuth20TokenAuthorizationResponseBuilder(ServicesManager servicesManager, CasConfigurationProperties casConfigurationProperties, OAuth20TokenGenerator oAuth20TokenGenerator, JwtBuilder jwtBuilder, OAuth20AuthorizationModelAndViewBuilder oAuth20AuthorizationModelAndViewBuilder) {
        super(servicesManager, casConfigurationProperties, oAuth20AuthorizationModelAndViewBuilder);
        this.accessTokenGenerator = oAuth20TokenGenerator;
        this.accessTokenJwtBuilder = jwtBuilder;
    }

    public ModelAndView build(WebContext webContext, String str, AccessTokenRequestDataHolder accessTokenRequestDataHolder) {
        String str2 = (String) OAuth20Utils.getRequestParameter(webContext, OAuth20Constants.REDIRECT_URI).map((v0) -> {
            return String.valueOf(v0);
        }).orElse("");
        LOGGER.debug("Authorize request verification successful for client [{}] with redirect uri [{}]", str, str2);
        OAuth20TokenGeneratedResult generate = this.accessTokenGenerator.generate(accessTokenRequestDataHolder);
        OAuth20AccessToken orElse = generate.getAccessToken().orElse(null);
        OAuth20RefreshToken orElse2 = generate.getRefreshToken().orElse(null);
        LOGGER.debug("Generated OAuth access token: [{}]", orElse);
        return buildCallbackUrlResponseType(accessTokenRequestDataHolder, str2, orElse, new ArrayList(0), orElse2, webContext);
    }

    public boolean supports(WebContext webContext) {
        return StringUtils.equalsIgnoreCase((String) OAuth20Utils.getRequestParameter(webContext, OAuth20Constants.RESPONSE_TYPE).map((v0) -> {
            return String.valueOf(v0);
        }).orElse(""), OAuth20ResponseTypes.TOKEN.getType());
    }

    protected ModelAndView buildCallbackUrlResponseType(AccessTokenRequestDataHolder accessTokenRequestDataHolder, String str, OAuth20AccessToken oAuth20AccessToken, List<NameValuePair> list, OAuth20RefreshToken oAuth20RefreshToken, WebContext webContext) throws Exception {
        Map attributes = accessTokenRequestDataHolder.getAuthentication().getAttributes();
        String obj = ((List) attributes.get(OAuth20Constants.STATE)).get(0).toString();
        String obj2 = ((List) attributes.get(OAuth20Constants.NONCE)).get(0).toString();
        URIBuilder uRIBuilder = new URIBuilder(str);
        StringBuilder sb = new StringBuilder();
        String encode = OAuth20JwtAccessTokenEncoder.builder().accessToken(oAuth20AccessToken).registeredService(accessTokenRequestDataHolder.getRegisteredService()).service(accessTokenRequestDataHolder.getService()).accessTokenJwtBuilder(this.accessTokenJwtBuilder).casProperties(this.casProperties).build().encode();
        sb.append(OAuth20Constants.ACCESS_TOKEN).append('=').append(encode).append('&').append(OAuth20Constants.TOKEN_TYPE).append('=').append(OAuth20Constants.TOKEN_TYPE_BEARER).append('&').append(OAuth20Constants.EXPIRES_IN).append('=').append(oAuth20AccessToken.getExpiresIn());
        if (oAuth20RefreshToken != null) {
            sb.append('&').append(OAuth20Constants.REFRESH_TOKEN).append('=').append(oAuth20RefreshToken.getId());
        }
        list.forEach(nameValuePair -> {
            sb.append('&').append(nameValuePair.getName()).append('=').append(nameValuePair.getValue());
        });
        if (StringUtils.isNotBlank(obj)) {
            sb.append('&').append(OAuth20Constants.STATE).append('=').append(obj);
        }
        if (StringUtils.isNotBlank(obj2)) {
            sb.append('&').append(OAuth20Constants.NONCE).append('=').append(obj2);
        }
        uRIBuilder.setFragment(sb.toString());
        String uRIBuilder2 = uRIBuilder.toString();
        LOGGER.debug("Redirecting to URL [{}]", uRIBuilder2);
        return build(webContext, OAuth20Utils.getRegisteredOAuthServiceByClientId(this.servicesManager, oAuth20AccessToken.getClientId()), uRIBuilder2, new LinkedHashMap());
    }

    @Generated
    public OAuth20TokenGenerator getAccessTokenGenerator() {
        return this.accessTokenGenerator;
    }

    @Generated
    public JwtBuilder getAccessTokenJwtBuilder() {
        return this.accessTokenJwtBuilder;
    }
}
