package io.jans.as.server.bcauthorize.ws.rs;

import io.jans.as.common.model.common.User;
import io.jans.as.common.service.common.UserService;
import io.jans.as.model.ciba.BackchannelAuthenticationErrorResponseType;
import io.jans.as.model.ciba.BackchannelDeviceRegistrationErrorResponseType;
import io.jans.as.model.common.FeatureFlagType;
import io.jans.as.model.configuration.AppConfiguration;
import io.jans.as.model.error.DefaultErrorResponse;
import io.jans.as.model.error.ErrorResponseFactory;
import io.jans.as.server.audit.ApplicationAuditLogger;
import io.jans.as.server.ciba.CIBADeviceRegistrationValidatorService;
import io.jans.as.server.model.audit.Action;
import io.jans.as.server.model.audit.OAuth2AuditLog;
import io.jans.as.server.model.common.AuthorizationGrant;
import io.jans.as.server.model.common.AuthorizationGrantList;
import io.jans.as.server.util.ServerUtil;
import jakarta.inject.Inject;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import jakarta.ws.rs.Path;
import jakarta.ws.rs.core.Response;
import jakarta.ws.rs.core.SecurityContext;
import org.slf4j.Logger;

@Path("/")
/* loaded from: input_file:io/jans/as/server/bcauthorize/ws/rs/BackchannelDeviceRegistrationRestWebServiceImpl.class */
public class BackchannelDeviceRegistrationRestWebServiceImpl implements BackchannelDeviceRegistrationRestWebService {

    @Inject
    private Logger log;

    @Inject
    private ApplicationAuditLogger applicationAuditLogger;

    @Inject
    private AppConfiguration appConfiguration;

    @Inject
    private ErrorResponseFactory errorResponseFactory;

    @Inject
    private UserService userService;

    @Inject
    private AuthorizationGrantList authorizationGrantList;

    @Inject
    private CIBADeviceRegistrationValidatorService cibaDeviceRegistrationValidatorService;

    @Override // io.jans.as.server.bcauthorize.ws.rs.BackchannelDeviceRegistrationRestWebService
    public Response requestBackchannelDeviceRegistrationPost(String str, String str2, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, SecurityContext securityContext) {
        OAuth2AuditLog oAuth2AuditLog = new OAuth2AuditLog(ServerUtil.getIpAddress(httpServletRequest), Action.BACKCHANNEL_DEVICE_REGISTRATION);
        this.log.debug("Attempting to request backchannel device registration: idTokenHint = {}, deviceRegistrationToken = {}, isSecure = {}", new Object[]{str, str2, Boolean.valueOf(securityContext.isSecure())});
        this.errorResponseFactory.validateFeatureEnabled(FeatureFlagType.CIBA);
        Response.ResponseBuilder ok = Response.ok();
        DefaultErrorResponse validateParams = this.cibaDeviceRegistrationValidatorService.validateParams(str, str2);
        if (validateParams != null) {
            Response.ResponseBuilder status = Response.status(validateParams.getStatus());
            status.entity(this.errorResponseFactory.errorAsJson(validateParams.getType(), validateParams.getReason()));
            return status.build();
        }
        AuthorizationGrant authorizationGrantByIdToken = this.authorizationGrantList.getAuthorizationGrantByIdToken(str);
        if (authorizationGrantByIdToken == null) {
            Response.ResponseBuilder status2 = Response.status(Response.Status.BAD_REQUEST.getStatusCode());
            status2.entity(this.errorResponseFactory.getErrorAsJson(BackchannelAuthenticationErrorResponseType.UNKNOWN_USER_ID));
            return status2.build();
        }
        User user = authorizationGrantByIdToken.getUser();
        if (user == null) {
            Response.ResponseBuilder status3 = Response.status(Response.Status.BAD_REQUEST.getStatusCode());
            status3.entity(this.errorResponseFactory.getErrorAsJson(BackchannelDeviceRegistrationErrorResponseType.UNKNOWN_USER_ID));
            return status3.build();
        }
        this.userService.setCustomAttribute(user, "jansBackchannelDeviceRegistrationTkn", str2);
        this.userService.updateUser(user);
        this.applicationAuditLogger.sendMessage(oAuth2AuditLog);
        return ok.build();
    }
}
