package org.xdi.oxd.server.op;

import com.google.common.base.Strings;
import com.google.inject.Injector;
import org.xdi.oxauth.model.jwt.Jwt;
import org.xdi.oxd.common.Command;
import org.xdi.oxd.common.CommandResponse;
import org.xdi.oxd.common.ErrorResponseCode;
import org.xdi.oxd.common.ErrorResponseException;
import org.xdi.oxd.common.params.ValidateParams;
import org.xdi.oxd.server.service.Rp;

/* loaded from: input_file:org/xdi/oxd/server/op/ValidateOperation.class */
public class ValidateOperation extends BaseOperation<ValidateParams> {
    /* JADX INFO: Access modifiers changed from: protected */
    public ValidateOperation(Command command, Injector injector) {
        super(command, injector, ValidateParams.class);
    }

    @Override // org.xdi.oxd.server.op.IOperation
    public CommandResponse execute(ValidateParams validateParams) throws Exception {
        validateParams(validateParams);
        Rp site = getSite();
        Validator validator = new Validator(Jwt.parse(validateParams.getIdToken()), getDiscoveryService().getConnectDiscoveryResponseByOxdId(validateParams.getOxdId()), getKeyService());
        validator.validateNonce(getStateService());
        validator.validateIdToken(site.getClientId());
        validator.validateAccessToken(validateParams.getAccessToken());
        validator.validateAuthorizationCode(validateParams.getCode());
        return CommandResponse.ok();
    }

    private void validateParams(ValidateParams validateParams) {
        if (Strings.isNullOrEmpty(validateParams.getCode())) {
            throw new ErrorResponseException(ErrorResponseCode.BAD_REQUEST_NO_CODE);
        }
        if (Strings.isNullOrEmpty(validateParams.getState())) {
            throw new ErrorResponseException(ErrorResponseCode.BAD_REQUEST_NO_STATE);
        }
        if (!getStateService().isStateValid(validateParams.getState())) {
            throw new ErrorResponseException(ErrorResponseCode.BAD_REQUEST_STATE_NOT_VALID);
        }
        if (!Strings.isNullOrEmpty(validateParams.getIdToken())) {
            throw new ErrorResponseException(ErrorResponseCode.NO_ID_TOKEN_PARAM);
        }
    }
}
