package io.jans.as.server.clientinfo.ws.rs;

import io.jans.as.common.model.registration.Client;
import io.jans.as.common.service.AttributeService;
import io.jans.as.model.clientinfo.ClientInfoErrorResponseType;
import io.jans.as.model.common.ComponentType;
import io.jans.as.model.error.ErrorResponseFactory;
import io.jans.as.persistence.model.Scope;
import io.jans.as.server.model.clientinfo.ClientInfoParamsValidator;
import io.jans.as.server.model.common.AbstractToken;
import io.jans.as.server.model.common.AuthorizationGrant;
import io.jans.as.server.model.common.AuthorizationGrantList;
import io.jans.as.server.service.ClientService;
import io.jans.as.server.service.ScopeService;
import io.jans.as.server.service.token.TokenService;
import io.jans.as.server.util.ServerUtil;
import io.jans.model.GluuAttribute;
import io.jans.orm.model.base.LocalizedString;
import jakarta.inject.Inject;
import jakarta.ws.rs.Path;
import jakarta.ws.rs.core.Response;
import jakarta.ws.rs.core.SecurityContext;
import java.util.Iterator;
import java.util.Set;
import org.json.JSONObject;
import org.slf4j.Logger;

@Path("/")
/* loaded from: input_file:io/jans/as/server/clientinfo/ws/rs/ClientInfoRestWebServiceImpl.class */
public class ClientInfoRestWebServiceImpl implements ClientInfoRestWebService {

    @Inject
    private Logger log;

    @Inject
    private ErrorResponseFactory errorResponseFactory;

    @Inject
    private AuthorizationGrantList authorizationGrantList;

    @Inject
    private ScopeService scopeService;

    @Inject
    private ClientService clientService;

    @Inject
    private AttributeService attributeService;

    @Inject
    private TokenService tokenService;

    @Override // io.jans.as.server.clientinfo.ws.rs.ClientInfoRestWebService
    public Response requestClientInfoGet(String str, String str2, SecurityContext securityContext) {
        return requestClientInfo(str, str2, securityContext);
    }

    @Override // io.jans.as.server.clientinfo.ws.rs.ClientInfoRestWebService
    public Response requestClientInfoPost(String str, String str2, SecurityContext securityContext) {
        return requestClientInfo(str, str2, securityContext);
    }

    public Response requestClientInfo(String str, String str2, SecurityContext securityContext) {
        if (this.tokenService.isBearerAuthToken(str2)) {
            str = this.tokenService.getBearerToken(str2);
        }
        this.log.debug("Attempting to request Client Info, Access token = {}, Is Secure = {}", str, Boolean.valueOf(securityContext.isSecure()));
        this.errorResponseFactory.validateComponentEnabled(ComponentType.CLIENTINFO);
        Response.ResponseBuilder ok = Response.ok();
        if (ClientInfoParamsValidator.validateParams(str)) {
            AuthorizationGrant authorizationGrantByAccessToken = this.authorizationGrantList.getAuthorizationGrantByAccessToken(str);
            if (authorizationGrantByAccessToken == null) {
                this.log.trace("Failed to find authorization grant for access token.");
                return Response.status(400).entity(this.errorResponseFactory.getErrorAsJson(ClientInfoErrorResponseType.INVALID_TOKEN, "", "Unable to find grant object associated with access token.")).build();
            }
            AbstractToken accessToken = authorizationGrantByAccessToken.getAccessToken(str);
            if (accessToken == null || !accessToken.isValid()) {
                this.log.trace("Invalid access token.");
                return Response.status(400).entity(this.errorResponseFactory.getErrorAsJson(ClientInfoErrorResponseType.INVALID_TOKEN, "", "Invalid access token.")).build();
            }
            ok.cacheControl(ServerUtil.cacheControlWithNoStoreTransformAndPrivate());
            ok.header("Pragma", "no-cache");
            ok.entity(getJSonResponse(authorizationGrantByAccessToken.getClient(), authorizationGrantByAccessToken.getScopes()));
        } else {
            ok = Response.status(400);
            ok.entity(this.errorResponseFactory.errorAsJson(ClientInfoErrorResponseType.INVALID_REQUEST, "Failed to validate access token."));
        }
        return ok.build();
    }

    public String getJSonResponse(Client client, Set<String> set) {
        JSONObject jSONObject = new JSONObject();
        try {
            Iterator<String> it = set.iterator();
            while (it.hasNext()) {
                Scope scopeById = this.scopeService.getScopeById(it.next());
                if (scopeById.getClaims() != null) {
                    Iterator it2 = scopeById.getClaims().iterator();
                    while (it2.hasNext()) {
                        GluuAttribute attributeByDn = this.attributeService.getAttributeByDn((String) it2.next());
                        Object attribute = this.clientService.getAttribute(client, attributeByDn.getName());
                        String claimName = attributeByDn.getClaimName();
                        if (attribute instanceof LocalizedString) {
                            ((LocalizedString) attribute).addToJSON(jSONObject, claimName);
                        } else {
                            jSONObject.put(claimName, attribute);
                        }
                    }
                }
            }
        } catch (Exception e) {
            this.log.error(e.getMessage(), e);
        }
        return jSONObject.toString();
    }
}
