package io.corbel.iam.auth.provider;

import io.corbel.iam.auth.OauthParams;
import io.corbel.iam.auth.provider.Provider;
import io.corbel.iam.exception.ExchangeOauthCodeException;
import io.corbel.iam.exception.MissingOAuthParamsException;
import io.corbel.iam.repository.IdentityRepository;
import java.util.Map;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.social.connect.support.OAuth2ConnectionFactory;
import org.springframework.social.oauth2.AccessGrant;
import org.springframework.social.oauth2.GrantType;
import org.springframework.social.oauth2.OAuth2Operations;
import org.springframework.social.oauth2.OAuth2Parameters;
import org.springframework.util.MultiValueMap;
import org.springframework.web.client.HttpClientErrorException;

/* loaded from: input_file:io/corbel/iam/auth/provider/AbstractOAuth2Provider.class */
public abstract class AbstractOAuth2Provider<T> implements Provider {
    private static final Logger LOG = LoggerFactory.getLogger(AbstractOAuth2Provider.class);
    protected static final String ASSERTION = "assertion";
    protected OAuth2ConnectionFactory<T> connectionFactory;
    protected String redirectUri;
    protected final IdentityRepository identityRepository;

    public AbstractOAuth2Provider(IdentityRepository identityRepository) {
        this.identityRepository = identityRepository;
    }

    @Override // io.corbel.iam.auth.provider.Provider
    public void setConfiguration(Map<String, String> map) {
        this.redirectUri = map.get("redirectUri");
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public AccessGrant getAccessGrant(OauthParams oauthParams) throws ExchangeOauthCodeException, MissingOAuthParamsException {
        validateParams(oauthParams);
        return oauthParams.getCode() != null ? exchangeForAccessGrant(oauthParams) : new AccessGrant(oauthParams.getAccessToken());
    }

    private AccessGrant exchangeForAccessGrant(OauthParams oauthParams) throws ExchangeOauthCodeException {
        try {
            return this.connectionFactory.getOAuthOperations().exchangeForAccess(oauthParams.getCode(), oauthParams.getRedirectUri(), (MultiValueMap) null);
        } catch (HttpClientErrorException e) {
            LOG.warn("Unexpected HTTP error response when exchanging oauth code: " + e.getMessage(), e);
            throw new ExchangeOauthCodeException("Unable to exchange oauth code");
        }
    }

    private void validateParams(OauthParams oauthParams) throws MissingOAuthParamsException {
        if (oauthParams.getCode() != null && oauthParams.getRedirectUri() == null) {
            throwMissingParameterException("redirectUri");
            return;
        }
        if (oauthParams.getCode() == null && oauthParams.getRedirectUri() != null) {
            throwMissingParameterException("code");
        } else if (oauthParams.getCode() == null && oauthParams.getAccessToken() == null) {
            throwMissingParameterException("code or token");
        }
    }

    private void throwMissingParameterException(String str) throws MissingOAuthParamsException {
        throw new MissingOAuthParamsException("Missing parameter: " + str);
    }

    @Override // io.corbel.iam.auth.provider.Provider
    public String getAuthUrl(String str) {
        OAuth2Operations oAuthOperations = this.connectionFactory.getOAuthOperations();
        OAuth2Parameters oAuth2Parameters = new OAuth2Parameters();
        oAuth2Parameters.setRedirectUri(Provider.UrlGenerator.generateUrl(this.redirectUri, ASSERTION, str));
        return oAuthOperations.buildAuthorizeUrl(GrantType.IMPLICIT_GRANT, oAuth2Parameters);
    }
}
