package io.jans.as.server.model.authorize;

import io.jans.as.common.model.registration.Client;
import io.jans.as.model.common.GrantType;
import io.jans.as.model.common.Prompt;
import io.jans.as.model.common.ResponseMode;
import io.jans.as.model.common.ResponseType;
import io.jans.as.model.configuration.AppConfiguration;
import java.util.Arrays;
import java.util.List;
import java.util.Set;
import org.apache.commons.lang.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:io/jans/as/server/model/authorize/AuthorizeParamsValidator.class */
public class AuthorizeParamsValidator {
    private static final Logger log = LoggerFactory.getLogger(AuthorizeParamsValidator.class);

    private AuthorizeParamsValidator() {
    }

    public static boolean validateParams(List<ResponseType> list, List<Prompt> list2, String str, boolean z, ResponseMode responseMode) {
        if (z) {
            if (list.size() == 1 && list.contains(ResponseType.CODE) && responseMode != ResponseMode.JWT) {
                return false;
            }
            if (responseMode == ResponseMode.QUERY) {
                log.trace("ResponseMode=query is not allowed for FAPI.");
                return false;
            }
        }
        if (!StringUtils.isNotBlank(str)) {
            if (list.contains(ResponseType.CODE) && list.contains(ResponseType.ID_TOKEN)) {
                return false;
            }
            if (list.contains(ResponseType.ID_TOKEN) && list.size() == 1) {
                return false;
            }
            if (list.contains(ResponseType.ID_TOKEN) && list.contains(ResponseType.TOKEN)) {
                return false;
            }
            if (list.contains(ResponseType.TOKEN) && list.size() == 1) {
                return false;
            }
        }
        return (!list.isEmpty()) && noNonePrompt(list2);
    }

    public static boolean noNonePrompt(List<Prompt> list) {
        return !list.contains(Prompt.NONE) || list.size() <= 1;
    }

    public static boolean validateResponseTypes(List<ResponseType> list, Client client) {
        if (list == null || list.isEmpty()) {
            log.debug("Response type validation failed. Response type is not specified.");
            return false;
        }
        if (client == null) {
            log.debug("Response type validation failed. Client is null.");
            return false;
        }
        if (client.getResponseTypes() == null) {
            log.debug("Response type validation failed. Client does not have response type configured.");
            return false;
        }
        List asList = Arrays.asList(client.getResponseTypes());
        boolean containsAll = asList.containsAll(list);
        if (!containsAll) {
            log.debug("Response type validation failed for {}. Client does not allow all values, clientSupportedResponseTypes {}", list, asList);
        }
        return containsAll;
    }

    public static boolean validateGrantType(List<ResponseType> list, GrantType[] grantTypeArr, AppConfiguration appConfiguration) {
        List asList = Arrays.asList(grantTypeArr);
        Set grantTypesSupported = appConfiguration.getGrantTypesSupported();
        if (list == null) {
            log.debug("Grant type validation failed. No response type in request.");
            return false;
        }
        if (grantTypesSupported == null) {
            log.debug("Grant type validation failed. No supported grant types in AS configuration ('grantTypesSupported').");
            return false;
        }
        if (list.contains(ResponseType.CODE)) {
            GrantType grantType = GrantType.AUTHORIZATION_CODE;
            if (!asList.contains(grantType)) {
                log.debug("Grant type validation failed. response_type=code but authorization_code grant type is not allowed by client configuration.");
                return false;
            }
            if (!grantTypesSupported.contains(grantType)) {
                log.debug("Grant type validation failed. response_type=code but authorization_code grant type is not allowed by AS configuration ('grantTypesSupported').");
                return false;
            }
        }
        if (!list.contains(ResponseType.TOKEN) && (!list.contains(ResponseType.ID_TOKEN) || appConfiguration.getAllowIdTokenWithoutImplicitGrantType().booleanValue())) {
            return true;
        }
        GrantType grantType2 = GrantType.IMPLICIT;
        if (!asList.contains(grantType2)) {
            log.debug("Grant type validation failed. response_type=token (or response_type=id_token) but 'implicit' grant type is not allowed by client configuration.");
            return false;
        }
        if (grantTypesSupported.contains(grantType2)) {
            return true;
        }
        log.debug("Grant type validation failed. response_type=token (or response_type=id_token) but 'implicit' grant type is not allowed by AS configuration ('grantTypesSupported').");
        return false;
    }
}
