package at.gv.egovernment.moa.id.protocols.oauth20.protocol;

import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
import at.gv.egovernment.moa.id.protocols.oauth20.OAuth20Constants;
import at.gv.egovernment.moa.id.protocols.oauth20.exceptions.OAuth20AccessDeniedException;
import at.gv.egovernment.moa.id.protocols.oauth20.exceptions.OAuth20Exception;
import at.gv.egovernment.moa.id.protocols.oauth20.exceptions.OAuth20InvalidGrantException;
import at.gv.egovernment.moa.id.protocols.oauth20.exceptions.OAuth20OANotSupportedException;
import at.gv.egovernment.moa.logging.Logger;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.lang.StringUtils;
import org.springframework.context.annotation.Scope;
import org.springframework.stereotype.Component;

@Scope("prototype")
@Component("OAuth20TokenRequest")
/* loaded from: input_file:at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20TokenRequest.class */
class OAuth20TokenRequest extends OAuth20BaseRequest {
    private static final long serialVersionUID = 1;
    private String code;
    private String grantType;
    private String clientID;
    private String clientSecret;

    public OAuth20TokenRequest() {
        setNeedAuthentication(false);
        setAction(OAuth20TokenAction.class.getName());
    }

    public String getCode() {
        return this.code;
    }

    public void setCode(String str) {
        this.code = str;
    }

    public String getGrantType() {
        return this.grantType;
    }

    public void setGrantType(String str) {
        this.grantType = str;
    }

    public String getClientID() {
        return this.clientID;
    }

    public void setClientID(String str) {
        this.clientID = str;
    }

    public String getClientSecret() {
        return this.clientSecret;
    }

    public void setClientSecret(String str) {
        this.clientSecret = str;
    }

    @Override // at.gv.egovernment.moa.id.protocols.oauth20.protocol.OAuth20BaseRequest
    protected void populateSpecialParameters(HttpServletRequest httpServletRequest, IConfiguration iConfiguration, ISPConfiguration iSPConfiguration) throws OAuth20Exception {
        setCode(getParam(httpServletRequest, OAuth20Constants.RESPONSE_CODE, true));
        setGrantType(getParam(httpServletRequest, OAuth20Constants.PARAM_GRANT_TYPE, true));
        setClientID(getParam(httpServletRequest, OAuth20Constants.PARAM_CLIENT_ID, true));
        setClientSecret(getParam(httpServletRequest, OAuth20Constants.PARAM_CLIENT_SECRET, true));
        if (!getGrantType().equals(OAuth20Constants.PARAM_GRANT_TYPE_VALUE_AUTHORIZATION_CODE)) {
            throw new OAuth20InvalidGrantException();
        }
        if (StringUtils.isEmpty(iSPConfiguration.getConfigurationValue("protocols.openID.secret")) || StringUtils.isEmpty(iSPConfiguration.getConfigurationValue("protocols.openID.clientID"))) {
            throw new OAuth20OANotSupportedException();
        }
        if (!getClientID().equals(iSPConfiguration.getConfigurationValue("protocols.openID.clientID"))) {
            throw new OAuth20AccessDeniedException();
        }
        if (!getClientSecret().equals(iSPConfiguration.getConfigurationValue("protocols.openID.secret"))) {
            throw new OAuth20AccessDeniedException();
        }
        setOnlineApplicationConfiguration(iSPConfiguration);
        Logger.info("Dispatch OpenIDConnect TokenRequest: ClientID=" + this.clientID);
        this.allowedParameters.add(OAuth20Constants.PARAM_SCOPE);
        this.allowedParameters.add(OAuth20Constants.PARAM_REDIRECT_URI);
    }
}
