package io.jans.as.server.authorize.ws.rs;

import io.jans.as.common.model.registration.Client;
import io.jans.as.model.authorize.AuthorizeErrorResponseType;
import io.jans.as.model.common.GrantType;
import io.jans.as.model.configuration.AppConfiguration;
import io.jans.as.model.error.ErrorResponseFactory;
import jakarta.enterprise.context.RequestScoped;
import jakarta.inject.Inject;
import jakarta.ws.rs.WebApplicationException;
import jakarta.ws.rs.core.Response;
import java.util.Arrays;
import java.util.Set;
import javax.inject.Named;
import org.slf4j.Logger;

@RequestScoped
@Named
/* loaded from: input_file:io/jans/as/server/authorize/ws/rs/AuthorizationChallengeValidator.class */
public class AuthorizationChallengeValidator {

    @Inject
    private Logger log;

    @Inject
    private AppConfiguration appConfiguration;

    @Inject
    private ErrorResponseFactory errorResponseFactory;

    public void validateGrantType(Client client, String str) {
        if (client == null) {
            this.log.debug("Unable to find client.");
            throw new WebApplicationException(this.errorResponseFactory.newErrorResponse(Response.Status.BAD_REQUEST).entity(this.errorResponseFactory.getErrorAsJson(AuthorizeErrorResponseType.UNAUTHORIZED_CLIENT, str, "Unable to find client.")).build());
        }
        if (client.getGrantTypes() == null || !Arrays.asList(client.getGrantTypes()).contains(GrantType.AUTHORIZATION_CODE)) {
            String format = String.format("Client %s does not support grant_type=authorization_code", client.getClientId());
            this.log.debug(format);
            throw new WebApplicationException(this.errorResponseFactory.newErrorResponse(Response.Status.BAD_REQUEST).entity(this.errorResponseFactory.getErrorAsJson(AuthorizeErrorResponseType.UNAUTHORIZED_CLIENT, str, format)).build());
        }
        Set grantTypesSupported = this.appConfiguration.getGrantTypesSupported();
        if (grantTypesSupported == null || !grantTypesSupported.contains(GrantType.AUTHORIZATION_CODE)) {
            this.log.debug("AS configuration does not allow grant_type=authorization_code");
            throw new WebApplicationException(this.errorResponseFactory.newErrorResponse(Response.Status.BAD_REQUEST).entity(this.errorResponseFactory.getErrorAsJson(AuthorizeErrorResponseType.UNAUTHORIZED_CLIENT, str, "AS configuration does not allow grant_type=authorization_code")).build());
        }
    }
}
