package org.ovirt.engine.core.sso.servlets;

import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.ovirt.engine.core.sso.utils.AuthenticationException;
import org.ovirt.engine.core.sso.utils.OAuthException;
import org.ovirt.engine.core.sso.utils.SsoConstants;
import org.ovirt.engine.core.sso.utils.SsoSession;
import org.ovirt.engine.core.sso.utils.SsoUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/ovirt/engine/core/sso/servlets/OpenIdUserInfoServlet.class */
public class OpenIdUserInfoServlet extends HttpServlet {
    private static final long serialVersionUID = 7168485079055058668L;
    private static Logger log = LoggerFactory.getLogger(OpenIdUserInfoServlet.class);
    private static final String BEARER = "Bearer";

    protected void service(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        try {
            log.debug("Entered OpenIdUserInfoServlet Query String: {}, Parameters : {}", httpServletRequest.getQueryString(), SsoUtils.getRequestParameters(httpServletRequest));
            String parameter = httpServletRequest.getParameter("access_token");
            if (parameter == null) {
                parameter = getTokenFromHeader(httpServletRequest);
            }
            if (parameter == null) {
                throw new OAuthException(SsoConstants.ERROR, SsoConstants.ERR_CODE_INVALID_REQUEST);
            }
            SsoSession ssoSessionFromRequest = SsoUtils.getSsoSessionFromRequest(httpServletRequest, parameter);
            if (!ssoSessionFromRequest.isActive()) {
                throw new OAuthException(SsoConstants.ERR_CODE_INVALID_TOKEN, SsoConstants.ERR_SESSION_EXPIRED_MSG);
            }
            SsoUtils.sendJsonData(httpServletResponse, buildResponse(httpServletRequest, ssoSessionFromRequest), "application/jwt");
        } catch (AuthenticationException e) {
            SsoUtils.sendJsonDataWithMessage(httpServletRequest, httpServletResponse, SsoConstants.ERR_CODE_ACCESS_DENIED, e);
        } catch (OAuthException e2) {
            SsoUtils.sendJsonDataWithMessage(httpServletRequest, httpServletResponse, e2);
        } catch (Exception e3) {
            SsoUtils.sendJsonDataWithMessage(httpServletRequest, httpServletResponse, SsoConstants.ERR_CODE_SERVER_ERROR, e3);
        }
    }

    private String getTokenFromHeader(HttpServletRequest httpServletRequest) {
        String str = null;
        String header = httpServletRequest.getHeader(SsoConstants.HEADER_AUTHORIZATION);
        if (header != null && header.startsWith(BEARER)) {
            str = header.substring(BEARER.length()).trim();
        }
        return str;
    }

    private String buildResponse(HttpServletRequest httpServletRequest, SsoSession ssoSession) throws Exception {
        return OpenIdUtils.createJWT(httpServletRequest, ssoSession, ssoSession.getClientId()).toString();
    }
}
