package io.jans.ca.server.op;

import com.google.common.base.Strings;
import io.jans.as.client.OpenIdConfigurationResponse;
import io.jans.as.model.jwt.Jwt;
import io.jans.ca.common.ErrorResponseCode;
import io.jans.ca.common.params.ValidateParams;
import io.jans.ca.common.response.IOpResponse;
import io.jans.ca.common.response.POJOResponse;
import io.jans.ca.server.HttpException;
import io.jans.ca.server.configuration.model.Rp;
import io.jans.ca.server.op.Validator;
import io.jans.ca.server.service.DiscoveryService;
import io.jans.ca.server.service.PublicOpKeyService;
import io.jans.ca.server.service.StateService;
import jakarta.enterprise.context.RequestScoped;
import jakarta.inject.Inject;
import jakarta.inject.Named;
import jakarta.servlet.http.HttpServletRequest;

@Named
@RequestScoped
/* loaded from: input_file:io/jans/ca/server/op/ValidateOperation.class */
public class ValidateOperation extends BaseOperation<ValidateParams> {

    @Inject
    DiscoveryService discoveryService;

    @Inject
    PublicOpKeyService publicOpKeyService;

    @Inject
    StateService stateService;

    @Inject
    OpClientFactoryImpl opClientFactory;

    @Override // io.jans.ca.server.op.IOperation
    public IOpResponse execute(ValidateParams validateParams, HttpServletRequest httpServletRequest) throws Exception {
        validateParams(validateParams);
        Rp rp = getRp(validateParams);
        OpenIdConfigurationResponse connectDiscoveryResponseByRpId = this.discoveryService.getConnectDiscoveryResponseByRpId(validateParams.getRpId());
        Validator build = new Validator.Builder().discoveryResponse(connectDiscoveryResponseByRpId).idToken(Jwt.parse(validateParams.getIdToken())).keyService(this.publicOpKeyService).opClientFactory(this.opClientFactory).rpServerConfiguration(getJansConfigurationService().find()).rp(rp).build();
        build.validateNonce(this.stateService);
        build.validateIdToken(rp.getClientId());
        build.validateAccessToken(validateParams.getAccessToken());
        build.validateAuthorizationCode(validateParams.getCode());
        return new POJOResponse("");
    }

    @Override // io.jans.ca.server.op.IOperation
    public Class<ValidateParams> getParameterClass() {
        return ValidateParams.class;
    }

    @Override // io.jans.ca.server.op.IOperation
    public String getReturnType() {
        return "application/json";
    }

    private void validateParams(ValidateParams validateParams) {
        if (Strings.isNullOrEmpty(validateParams.getCode())) {
            throw new HttpException(ErrorResponseCode.BAD_REQUEST_NO_CODE);
        }
        if (Strings.isNullOrEmpty(validateParams.getState())) {
            throw new HttpException(ErrorResponseCode.BAD_REQUEST_NO_STATE);
        }
        if (!this.stateService.isExpiredObjectPresent(validateParams.getState())) {
            throw new HttpException(ErrorResponseCode.BAD_REQUEST_STATE_NOT_VALID);
        }
        if (!Strings.isNullOrEmpty(validateParams.getIdToken())) {
            throw new HttpException(ErrorResponseCode.NO_ID_TOKEN_PARAM);
        }
    }
}
