package net.krotscheck.kangaroo.authz.oauth2.authn.authn;

import java.util.List;
import java.util.Optional;
import javax.annotation.Priority;
import javax.inject.Provider;
import javax.ws.rs.BadRequestException;
import javax.ws.rs.container.ContainerRequestContext;
import javax.ws.rs.core.MultivaluedMap;
import net.krotscheck.kangaroo.authz.common.authenticator.oauth2.AbstractOAuth2Authenticator;
import net.krotscheck.kangaroo.authz.common.database.entity.Client;
import net.krotscheck.kangaroo.authz.oauth2.authn.O2Principal;
import net.krotscheck.kangaroo.authz.oauth2.exception.RFC6749;
import net.krotscheck.kangaroo.common.hibernate.id.IdUtil;
import org.glassfish.jersey.server.ContainerRequest;
import org.hibernate.Session;

@Priority(1000)
/* loaded from: input_file:net/krotscheck/kangaroo/authz/oauth2/authn/authn/O2ClientQueryParameterFilter.class */
public final class O2ClientQueryParameterFilter extends AbstractO2AuthenticationFilter {
    public O2ClientQueryParameterFilter(Provider<ContainerRequest> provider, Provider<Session> provider2) {
        super(provider, provider2);
    }

    public void filter(ContainerRequestContext containerRequestContext) {
        if (containerRequestContext.getMethod().equals("GET")) {
            MultivaluedMap queryParameters = containerRequestContext.getUriInfo().getQueryParameters();
            if (queryParameters.containsKey(AbstractOAuth2Authenticator.CLIENT_SECRET_KEY)) {
                throw new BadRequestException();
            }
            if (queryParameters.containsKey(AbstractOAuth2Authenticator.CLIENT_ID_KEY)) {
                List list = (List) queryParameters.get(AbstractOAuth2Authenticator.CLIENT_ID_KEY);
                if (list.size() > 1) {
                    throw new RFC6749.InvalidClientException();
                }
                try {
                    Client client = (Client) Optional.of(list).map(list2 -> {
                        return (String) list2.get(0);
                    }).map(IdUtil::fromString).map(bigInteger -> {
                        return (Client) getSession().get(Client.class, bigInteger);
                    }).filter((v0) -> {
                        return v0.isPublic();
                    }).orElse(null);
                    if (client == null) {
                        throw new RFC6749.AccessDeniedException();
                    }
                    setPrincipal(new O2Principal(client));
                } catch (NumberFormatException e) {
                    throw new BadRequestException();
                }
            }
        }
    }
}
