package org.gluu.oxd.server.op;

import com.google.common.base.Strings;
import com.google.inject.Injector;
import org.gluu.oxauth.client.OpenIdConfigurationResponse;
import org.gluu.oxauth.model.jwt.Jwt;
import org.gluu.oxd.common.Command;
import org.gluu.oxd.common.ErrorResponseCode;
import org.gluu.oxd.common.params.ValidateParams;
import org.gluu.oxd.common.response.IOpResponse;
import org.gluu.oxd.common.response.POJOResponse;
import org.gluu.oxd.server.HttpException;
import org.gluu.oxd.server.op.Validator;
import org.gluu.oxd.server.service.Rp;

/* loaded from: input_file:org/gluu/oxd/server/op/ValidateOperation.class */
public class ValidateOperation extends BaseOperation<ValidateParams> {
    /* JADX INFO: Access modifiers changed from: protected */
    public ValidateOperation(Command command, Injector injector) {
        super(command, injector, ValidateParams.class);
    }

    @Override // org.gluu.oxd.server.op.IOperation
    public IOpResponse execute(ValidateParams validateParams) throws Exception {
        validateParams(validateParams);
        Rp rp = getRp();
        OpenIdConfigurationResponse connectDiscoveryResponseByOxdId = getDiscoveryService().getConnectDiscoveryResponseByOxdId(validateParams.getOxdId());
        Validator build = new Validator.Builder().discoveryResponse(connectDiscoveryResponseByOxdId).idToken(Jwt.parse(validateParams.getIdToken())).keyService(getKeyService()).opClientFactory(getOpClientFactory()).rp(rp).build();
        build.validateNonce(getStateService());
        build.validateIdToken(rp.getClientId());
        build.validateAccessToken(validateParams.getAccessToken());
        build.validateAuthorizationCode(validateParams.getCode());
        return new POJOResponse("");
    }

    private void validateParams(ValidateParams validateParams) {
        if (Strings.isNullOrEmpty(validateParams.getCode())) {
            throw new HttpException(ErrorResponseCode.BAD_REQUEST_NO_CODE);
        }
        if (Strings.isNullOrEmpty(validateParams.getState())) {
            throw new HttpException(ErrorResponseCode.BAD_REQUEST_NO_STATE);
        }
        if (!getStateService().isStateValid(validateParams.getState())) {
            throw new HttpException(ErrorResponseCode.BAD_REQUEST_STATE_NOT_VALID);
        }
        if (!Strings.isNullOrEmpty(validateParams.getIdToken())) {
            throw new HttpException(ErrorResponseCode.NO_ID_TOKEN_PARAM);
        }
    }
}
