package at.gv.egovernment.moa.id.protocols.oauth20.protocol;

import at.gv.egiz.eaaf.core.api.IRequest;
import at.gv.egiz.eaaf.core.api.idp.IAction;
import at.gv.egiz.eaaf.core.api.idp.IAuthData;
import at.gv.egiz.eaaf.core.api.idp.slo.SLOInformationInterface;
import at.gv.egiz.eaaf.core.api.logging.IRevisionLogger;
import at.gv.egiz.eaaf.core.api.storage.ITransactionStorage;
import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
import at.gv.egovernment.moa.id.protocols.oauth20.OAuth20SessionObject;
import at.gv.egovernment.moa.id.protocols.oauth20.OAuth20Util;
import at.gv.egovernment.moa.id.protocols.oauth20.exceptions.OAuth20ServerErrorException;
import at.gv.egovernment.moa.id.protocols.oauth20.exceptions.OAuth20UnauthorizedClientException;
import at.gv.egovernment.moa.logging.Logger;
import com.google.gson.JsonObject;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;

@Service("OAuth20TokenAction")
/* loaded from: input_file:at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20TokenAction.class */
class OAuth20TokenAction implements IAction {

    @Autowired
    protected IRevisionLogger revisionsLogger;

    @Autowired
    protected ITransactionStorage transactionStorage;

    OAuth20TokenAction() {
    }

    public SLOInformationInterface processRequest(IRequest iRequest, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, IAuthData iAuthData) throws MOAIDException {
        OAuth20SessionObject oAuth20SessionObject = null;
        try {
            try {
                OAuth20TokenRequest oAuth20TokenRequest = (OAuth20TokenRequest) iRequest;
                this.revisionsLogger.logEvent(iRequest, 3201);
                try {
                    Logger.debug("Loaded OAuth20SessionObject from session: " + oAuth20TokenRequest.getCode());
                    OAuth20SessionObject oAuth20SessionObject2 = (OAuth20SessionObject) this.transactionStorage.get(oAuth20TokenRequest.getCode(), OAuth20SessionObject.class);
                    if (oAuth20SessionObject2 == null || !oAuth20SessionObject2.getCode().equals(oAuth20TokenRequest.getCode())) {
                        throw new OAuth20UnauthorizedClientException();
                    }
                    Logger.debug("Loaded of OAuth20SessionObject was successful. Build jSON response ...");
                    JsonObject jsonObject = new JsonObject();
                    OAuth20Util.addProperytiesToJsonObject(jsonObject, oAuth20SessionObject2.getAuthDataSession());
                    byte[] bytes = jsonObject.toString().getBytes("UTF-8");
                    Logger.debug("jSON response completed.");
                    Logger.trace("jSON response: " + new String(bytes));
                    httpServletResponse.setContentType("application/json");
                    httpServletResponse.setContentLength(bytes.length);
                    httpServletResponse.setStatus(200);
                    httpServletResponse.getOutputStream().write(bytes);
                    if (oAuth20SessionObject2 != null) {
                        Logger.debug("Going to destroy session: " + oAuth20SessionObject2.getCode());
                        this.transactionStorage.remove(oAuth20SessionObject2.getCode());
                    }
                    return null;
                } catch (MOADatabaseException e) {
                    throw new OAuth20UnauthorizedClientException();
                }
            } catch (Exception e2) {
                Logger.error(e2.getMessage(), e2);
                throw new OAuth20ServerErrorException();
            }
        } catch (Throwable th) {
            if (0 != 0) {
                Logger.debug("Going to destroy session: " + oAuth20SessionObject.getCode());
                this.transactionStorage.remove(oAuth20SessionObject.getCode());
            }
            throw th;
        }
    }

    public boolean needAuthentication(IRequest iRequest, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        return false;
    }

    public String getDefaultActionName() {
        return OAuth20Protocol.TOKEN_ACTION;
    }
}
