package org.xdi.oxd.server.op;

import com.google.inject.Injector;
import java.util.List;
import java.util.Map;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.xdi.oxauth.client.uma.UmaClientFactory;
import org.xdi.oxauth.model.uma.ClaimToken;
import org.xdi.oxauth.model.uma.ClaimTokenList;
import org.xdi.oxauth.model.uma.RptAuthorizationRequest;
import org.xdi.oxauth.model.uma.UmaConfiguration;
import org.xdi.oxd.common.Command;
import org.xdi.oxd.common.CommandResponse;
import org.xdi.oxd.common.CoreUtils;
import org.xdi.oxd.common.ErrorResponseCode;
import org.xdi.oxd.common.params.AuthorizeRptParams;
import org.xdi.oxd.server.DiscoveryService;
import org.xdi.oxd.server.HttpService;
import org.xdi.oxd.server.Utils;

/* loaded from: input_file:org/xdi/oxd/server/op/AuthorizeRptOperation.class */
public class AuthorizeRptOperation extends BaseOperation {
    private static final Logger LOG = LoggerFactory.getLogger(AuthorizeRptOperation.class);

    /* JADX INFO: Access modifiers changed from: protected */
    public AuthorizeRptOperation(Command command, Injector injector) {
        super(command, injector);
    }

    @Override // org.xdi.oxd.server.op.IOperation
    public CommandResponse execute() {
        AuthorizeRptParams authorizeRptParams;
        try {
            authorizeRptParams = (AuthorizeRptParams) asParams(AuthorizeRptParams.class);
        } catch (Throwable th) {
            LOG.error(th.getMessage(), th);
        }
        if (authorizeRptParams == null || !CoreUtils.allNotBlank(authorizeRptParams.getRptToken(), authorizeRptParams.getTicket(), authorizeRptParams.getAatToken())) {
            return CommandResponse.createErrorResponse(ErrorResponseCode.INVALID_REQUEST);
        }
        UmaConfiguration umaDiscovery = DiscoveryService.getInstance().getUmaDiscovery(Utils.getUmaDiscoveryUrl(authorizeRptParams.getAmHost()));
        if (umaDiscovery == null) {
            LOG.error("Unable to fetch uma discovery for amHost: {}", authorizeRptParams.getAmHost());
            return CommandResponse.INTERNAL_ERROR_RESPONSE;
        }
        ClaimTokenList claimTokenList = new ClaimTokenList();
        for (Map.Entry<String, List<String>> entry : authorizeRptParams.getClaims().entrySet()) {
            claimTokenList.add(new ClaimToken(entry.getKey(), (entry.getValue() == null || entry.getValue().isEmpty()) ? "" : entry.getValue().get(0)));
        }
        RptAuthorizationRequest rptAuthorizationRequest = new RptAuthorizationRequest(authorizeRptParams.getRptToken(), authorizeRptParams.getTicket());
        rptAuthorizationRequest.setClaims(claimTokenList);
        LOG.debug("Try to authorize RPT with ticket: {}...", authorizeRptParams.getTicket());
        if (UmaClientFactory.instance().createAuthorizationRequestService(umaDiscovery, HttpService.getInstance().getClientExecutor()).requestRptPermissionAuthorization("Bearer " + authorizeRptParams.getAatToken(), authorizeRptParams.getAmHost(), rptAuthorizationRequest) != null) {
            LOG.trace("RPT is authorized. RPT: {} ", authorizeRptParams.getRptToken());
            return CommandResponse.ok();
        }
        LOG.trace("Failed to authorize RPT: {}", authorizeRptParams.getRptToken());
        return CommandResponse.createErrorResponse(ErrorResponseCode.RPT_NOT_AUTHORIZED);
    }
}
