package org.xdi.oxauth.clientinfo.ws.rs;

import java.util.Iterator;
import java.util.Set;
import javax.inject.Inject;
import javax.ws.rs.Path;
import javax.ws.rs.core.CacheControl;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.SecurityContext;
import org.codehaus.jettison.json.JSONException;
import org.codehaus.jettison.json.JSONObject;
import org.slf4j.Logger;
import org.xdi.model.GluuAttribute;
import org.xdi.oxauth.model.clientinfo.ClientInfoErrorResponseType;
import org.xdi.oxauth.model.clientinfo.ClientInfoParamsValidator;
import org.xdi.oxauth.model.common.AuthorizationGrant;
import org.xdi.oxauth.model.common.AuthorizationGrantList;
import org.xdi.oxauth.model.common.Scope;
import org.xdi.oxauth.model.error.ErrorResponseFactory;
import org.xdi.oxauth.model.registration.Client;
import org.xdi.oxauth.service.AttributeService;
import org.xdi.oxauth.service.ClientService;
import org.xdi.oxauth.service.ScopeService;

@Path("/")
/* loaded from: input_file:org/xdi/oxauth/clientinfo/ws/rs/ClientInfoRestWebServiceImpl.class */
public class ClientInfoRestWebServiceImpl implements ClientInfoRestWebService {

    @Inject
    private Logger log;

    @Inject
    private ErrorResponseFactory errorResponseFactory;

    @Inject
    private AuthorizationGrantList authorizationGrantList;

    @Inject
    private ScopeService scopeService;

    @Inject
    private ClientService clientService;

    @Inject
    private AttributeService attributeService;

    @Override // org.xdi.oxauth.clientinfo.ws.rs.ClientInfoRestWebService
    public Response requestClientInfoGet(String str, String str2, SecurityContext securityContext) {
        return requestClientInfo(str, str2, securityContext);
    }

    @Override // org.xdi.oxauth.clientinfo.ws.rs.ClientInfoRestWebService
    public Response requestClientInfoPost(String str, String str2, SecurityContext securityContext) {
        return requestClientInfo(str, str2, securityContext);
    }

    public Response requestClientInfo(String str, String str2, SecurityContext securityContext) {
        if (str2 != null && !str2.isEmpty() && str2.startsWith("Bearer ")) {
            str = str2.substring(7);
        }
        this.log.debug("Attempting to request Client Info, Access token = {}, Is Secure = {}", new Object[]{str, Boolean.valueOf(securityContext.isSecure())});
        Response.ResponseBuilder ok = Response.ok();
        if (ClientInfoParamsValidator.validateParams(str)) {
            AuthorizationGrant authorizationGrantByAccessToken = this.authorizationGrantList.getAuthorizationGrantByAccessToken(str);
            if (authorizationGrantByAccessToken == null) {
                ok = Response.status(400);
                ok.entity(this.errorResponseFactory.getErrorAsJson(ClientInfoErrorResponseType.INVALID_TOKEN));
            } else {
                CacheControl cacheControl = new CacheControl();
                cacheControl.setPrivate(true);
                cacheControl.setNoTransform(false);
                cacheControl.setNoStore(true);
                ok.cacheControl(cacheControl);
                ok.header("Pragma", "no-cache");
                ok.entity(getJSonResponse(authorizationGrantByAccessToken.getClient(), authorizationGrantByAccessToken.getScopes()));
            }
        } else {
            ok = Response.status(400);
            ok.entity(this.errorResponseFactory.getErrorAsJson(ClientInfoErrorResponseType.INVALID_REQUEST));
        }
        return ok.build();
    }

    public String getJSonResponse(Client client, Set<String> set) {
        JSONObject jSONObject = new JSONObject();
        try {
            Iterator<String> it = set.iterator();
            while (it.hasNext()) {
                Scope scopeByDisplayName = this.scopeService.getScopeByDisplayName(it.next());
                if (scopeByDisplayName.getOxAuthClaims() != null) {
                    Iterator<String> it2 = scopeByDisplayName.getOxAuthClaims().iterator();
                    while (it2.hasNext()) {
                        GluuAttribute attributeByDn = this.attributeService.getAttributeByDn(it2.next());
                        jSONObject.put(attributeByDn.getName(), this.clientService.getAttribute(client, attributeByDn.getName()));
                    }
                }
            }
        } catch (Exception e) {
            this.log.error(e.getMessage(), e);
        } catch (JSONException e2) {
            this.log.error(e2.getMessage(), e2);
        }
        return jSONObject.toString();
    }
}
