package org.ovirt.engine.core.sso.servlets;

import java.io.IOException;
import java.util.Locale;
import java.util.Map;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.ovirt.engine.core.sso.utils.AuthenticationException;
import org.ovirt.engine.core.sso.utils.Credentials;
import org.ovirt.engine.core.sso.utils.OAuthException;
import org.ovirt.engine.core.sso.utils.SsoConstants;
import org.ovirt.engine.core.sso.utils.SsoSession;
import org.ovirt.engine.core.sso.utils.SsoUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/ovirt/engine/core/sso/servlets/OpenIdTokenServlet.class */
public class OpenIdTokenServlet extends OAuthTokenServlet {
    private static Logger log = LoggerFactory.getLogger(OpenIdTokenServlet.class);

    @Override // org.ovirt.engine.core.sso.servlets.OAuthTokenServlet
    protected void service(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        try {
            log.debug("Entered OpenIdTokenServlet Query String: {}, Parameters : {}", httpServletRequest.getQueryString(), SsoUtils.getRequestParameters(httpServletRequest));
            handleRequest(httpServletRequest, httpServletResponse);
        } catch (AuthenticationException e) {
            SsoUtils.sendJsonDataWithMessage(httpServletRequest, httpServletResponse, SsoConstants.ERR_CODE_ACCESS_DENIED, e);
        } catch (OAuthException e2) {
            SsoUtils.sendJsonDataWithMessage(httpServletRequest, httpServletResponse, e2);
        } catch (Exception e3) {
            SsoUtils.sendJsonDataWithMessage(httpServletRequest, httpServletResponse, SsoConstants.ERR_CODE_SERVER_ERROR, e3);
        }
    }

    @Override // org.ovirt.engine.core.sso.servlets.OAuthTokenServlet
    protected void issueTokenForAuthCode(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) throws Exception {
        String[] clientIdClientSecret = SsoUtils.getClientIdClientSecret(httpServletRequest);
        SsoUtils.validateClientRequest(httpServletRequest, clientIdClientSecret[0], clientIdClientSecret[1], str, null);
        SsoSession handleIssueTokenForAuthCode = handleIssueTokenForAuthCode(httpServletRequest, clientIdClientSecret[0], str);
        log.debug("Sending json response");
        SsoUtils.sendJsonData(httpServletResponse, buildResponse(httpServletRequest, handleIssueTokenForAuthCode, clientIdClientSecret[0], clientIdClientSecret[1]));
    }

    @Override // org.ovirt.engine.core.sso.servlets.OAuthTokenServlet
    protected String getTokenForAuthCode(String str) {
        return this.ssoContext.getTokenForOpenIdAuthCode(str);
    }

    @Override // org.ovirt.engine.core.sso.servlets.OAuthTokenServlet
    protected void issueTokenForPasswd(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) throws Exception {
        log.debug("Entered issueTokenForPasswd");
        Credentials credentials = null;
        try {
            String[] clientIdClientSecret = SsoUtils.getClientIdClientSecret(httpServletRequest);
            SsoUtils.validateClientRequest(httpServletRequest, clientIdClientSecret[0], clientIdClientSecret[1], str, null);
            String str2 = clientIdClientSecret[0];
            String str3 = clientIdClientSecret[1];
            credentials = getCredentials(httpServletRequest);
            SsoSession handleIssueTokenForPasswd = handleIssueTokenForPasswd(httpServletRequest, str, credentials);
            log.debug("Sending json response");
            SsoUtils.sendJsonData(httpServletResponse, buildResponse(httpServletRequest, handleIssueTokenForPasswd, str2, str3));
        } catch (AuthenticationException e) {
            String str4 = "N/A";
            if (credentials != null) {
                str4 = credentials.getProfile() == null ? "N/A" : credentials.getProfile();
            }
            String localize = this.ssoContext.getLocalizationUtils().localize(SsoConstants.APP_ERROR_CANNOT_AUTHENTICATE_USER_IN_DOMAIN, (Locale) httpServletRequest.getAttribute(SsoConstants.LOCALE));
            Object[] objArr = new Object[3];
            objArr[0] = credentials == null ? "N/A" : credentials.getUsername();
            objArr[1] = str4;
            objArr[2] = e.getMessage();
            throw new AuthenticationException(String.format(localize, objArr));
        }
    }

    protected Map<String, Object> buildResponse(HttpServletRequest httpServletRequest, SsoSession ssoSession, String str, String str2) throws Exception {
        Map<String, Object> buildResponse = buildResponse(ssoSession);
        buildResponse.put("id_token", OpenIdUtils.createJWT(httpServletRequest, ssoSession, str, str2));
        return buildResponse;
    }

    @Override // org.ovirt.engine.core.sso.servlets.OAuthTokenServlet
    protected void validateClientAcceptHeader(SsoSession ssoSession, HttpServletRequest httpServletRequest) {
    }
}
