package org.xdi.oxauth.introspection.ws.rs;

import javax.ws.rs.FormParam;
import javax.ws.rs.GET;
import javax.ws.rs.HeaderParam;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import javax.ws.rs.QueryParam;
import javax.ws.rs.core.Response;
import org.apache.commons.lang.StringUtils;
import org.jboss.seam.annotations.In;
import org.jboss.seam.annotations.Logger;
import org.jboss.seam.annotations.Name;
import org.jboss.seam.log.Log;
import org.xdi.oxauth.model.authorize.AuthorizeErrorResponseType;
import org.xdi.oxauth.model.common.AbstractToken;
import org.xdi.oxauth.model.common.AuthorizationGrant;
import org.xdi.oxauth.model.common.AuthorizationGrantList;
import org.xdi.oxauth.model.common.IntrospectionResponse;
import org.xdi.oxauth.model.error.ErrorResponseFactory;
import org.xdi.oxauth.service.token.TokenService;
import org.xdi.oxauth.util.ServerUtil;

@Name("introspectionWS")
@Path("/introspection")
/* loaded from: input_file:org/xdi/oxauth/introspection/ws/rs/IntrospectionWebService.class */
public class IntrospectionWebService {

    @Logger
    private Log log;

    @In
    private TokenService tokenService;

    @In
    private ErrorResponseFactory errorResponseFactory;

    @In
    private AuthorizationGrantList authorizationGrantList;

    @GET
    @Produces({"application/json"})
    public Response introspectGet(@HeaderParam("Authorization") String str, @QueryParam("token") String str2) {
        return introspect(str, str2);
    }

    @POST
    @Produces({"application/json"})
    public Response introspectPost(@HeaderParam("Authorization") String str, @FormParam("token") String str2) {
        return introspect(str, str2);
    }

    private Response introspect(String str, String str2) {
        AbstractToken accessToken;
        AbstractToken accessToken2;
        try {
            this.log.trace("Introspect token, authorization: {}, token to introsppect: {}", new Object[]{str, str2});
            if (!StringUtils.isNotBlank(str) || !StringUtils.isNotBlank(str2)) {
                return Response.status(Response.Status.BAD_REQUEST).entity(this.errorResponseFactory.getErrorAsJson(AuthorizeErrorResponseType.INVALID_REQUEST)).build();
            }
            AuthorizationGrant authorizationGrant = this.tokenService.getAuthorizationGrant(str);
            if (authorizationGrant == null || (accessToken = authorizationGrant.getAccessToken(this.tokenService.getTokenFromAuthorizationParameter(str))) == null || !accessToken.isValid()) {
                return Response.status(Response.Status.BAD_REQUEST).entity(this.errorResponseFactory.getErrorAsJson(AuthorizeErrorResponseType.ACCESS_DENIED)).build();
            }
            IntrospectionResponse introspectionResponse = new IntrospectionResponse(false);
            AuthorizationGrant authorizationGrantByAccessToken = this.authorizationGrantList.getAuthorizationGrantByAccessToken(str2);
            if (authorizationGrantByAccessToken != null && (accessToken2 = authorizationGrantByAccessToken.getAccessToken(str2)) != null) {
                introspectionResponse.setActive(accessToken2.isValid());
                introspectionResponse.setExpiresAt(accessToken2.getExpirationDate());
                introspectionResponse.setIssuedAt(accessToken2.getCreationDate());
                introspectionResponse.setAuthLevel(accessToken2.getAuthLevel());
                introspectionResponse.setAuthMode(accessToken2.getAuthMode());
            }
            return Response.status(Response.Status.OK).entity(ServerUtil.asJson(introspectionResponse)).build();
        } catch (Exception e) {
            this.log.error(e.getMessage(), e, new Object[0]);
            return Response.status(Response.Status.INTERNAL_SERVER_ERROR).build();
        }
    }
}
