package org.apereo.cas.support.oauth.web.response.callback;

import java.util.ArrayList;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import lombok.Generated;
import org.apache.commons.lang3.StringUtils;
import org.apache.http.NameValuePair;
import org.apache.http.client.utils.URIBuilder;
import org.apereo.cas.support.oauth.OAuth20Constants;
import org.apereo.cas.support.oauth.OAuth20ResponseTypes;
import org.apereo.cas.support.oauth.util.OAuth20Utils;
import org.apereo.cas.support.oauth.web.endpoints.OAuth20ConfigurationContext;
import org.apereo.cas.support.oauth.web.response.OAuth20AuthorizationRequest;
import org.apereo.cas.support.oauth.web.response.accesstoken.OAuth20TokenGeneratedResult;
import org.apereo.cas.support.oauth.web.response.accesstoken.ext.AccessTokenRequestContext;
import org.apereo.cas.support.oauth.web.response.accesstoken.response.OAuth20JwtAccessTokenEncoder;
import org.apereo.cas.ticket.accesstoken.OAuth20AccessToken;
import org.apereo.cas.ticket.refreshtoken.OAuth20RefreshToken;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.web.servlet.ModelAndView;

/* loaded from: input_file:WEB-INF/lib/cas-server-support-oauth-core-api-6.6.0.jar:org/apereo/cas/support/oauth/web/response/callback/OAuth20TokenAuthorizationResponseBuilder.class */
public class OAuth20TokenAuthorizationResponseBuilder<T extends OAuth20ConfigurationContext> extends BaseOAuth20AuthorizationResponseBuilder<T> {

    @Generated
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) OAuth20TokenAuthorizationResponseBuilder.class);

    public OAuth20TokenAuthorizationResponseBuilder(T t, OAuth20AuthorizationModelAndViewBuilder oAuth20AuthorizationModelAndViewBuilder) {
        super(t, oAuth20AuthorizationModelAndViewBuilder);
    }

    @Override // org.apereo.cas.support.oauth.web.response.callback.OAuth20AuthorizationResponseBuilder
    public ModelAndView build(AccessTokenRequestContext accessTokenRequestContext) throws Exception {
        LOGGER.debug("Authorize request verification successful for client [{}] with redirect uri [{}]", accessTokenRequestContext.getClientId(), accessTokenRequestContext.getRedirectUri());
        OAuth20TokenGeneratedResult generate = this.configurationContext.getAccessTokenGenerator().generate(accessTokenRequestContext);
        OAuth20AccessToken orElse = generate.getAccessToken().orElse(null);
        OAuth20RefreshToken orElse2 = generate.getRefreshToken().orElse(null);
        LOGGER.debug("Generated OAuth access token: [{}]", orElse);
        return buildCallbackUrlResponseType(accessTokenRequestContext, orElse, new ArrayList(0), orElse2);
    }

    @Override // org.apereo.cas.support.oauth.web.response.callback.OAuth20AuthorizationResponseBuilder
    public boolean supports(OAuth20AuthorizationRequest oAuth20AuthorizationRequest) {
        return StringUtils.equalsIgnoreCase(oAuth20AuthorizationRequest.getResponseType(), OAuth20ResponseTypes.TOKEN.getType());
    }

    /* JADX WARN: Type inference failed for: r0v16, types: [org.apereo.cas.support.oauth.web.response.accesstoken.response.OAuth20JwtAccessTokenEncoder$OAuth20JwtAccessTokenEncoderBuilder] */
    protected ModelAndView buildCallbackUrlResponseType(AccessTokenRequestContext accessTokenRequestContext, OAuth20AccessToken oAuth20AccessToken, List<NameValuePair> list, OAuth20RefreshToken oAuth20RefreshToken) throws Exception {
        Map<String, List<Object>> attributes = accessTokenRequestContext.getAuthentication().getAttributes();
        String obj = attributes.get("state").get(0).toString();
        String obj2 = attributes.get("nonce").get(0).toString();
        URIBuilder uRIBuilder = new URIBuilder(accessTokenRequestContext.getRedirectUri());
        StringBuilder sb = new StringBuilder();
        String encode = OAuth20JwtAccessTokenEncoder.builder().accessToken(oAuth20AccessToken).registeredService(accessTokenRequestContext.getRegisteredService()).service(accessTokenRequestContext.getService()).accessTokenJwtBuilder(this.configurationContext.getAccessTokenJwtBuilder()).casProperties(this.configurationContext.getCasProperties()).build().encode(oAuth20AccessToken.getId());
        sb.append("access_token").append('=').append(encode).append('&').append(OAuth20Constants.TOKEN_TYPE).append('=').append(OAuth20Constants.TOKEN_TYPE_BEARER).append('&').append("expires_in").append('=').append(oAuth20AccessToken.getExpiresIn());
        if (oAuth20RefreshToken != null) {
            sb.append('&').append("refresh_token").append('=').append(oAuth20RefreshToken.getId());
        }
        list.forEach(nameValuePair -> {
            sb.append('&').append(nameValuePair.getName()).append('=').append(nameValuePair.getValue());
        });
        if (StringUtils.isNotBlank(obj)) {
            sb.append('&').append("state").append('=').append(obj);
        }
        if (StringUtils.isNotBlank(obj2)) {
            sb.append('&').append("nonce").append('=').append(obj2);
        }
        uRIBuilder.setFragment(sb.toString());
        String uRIBuilder2 = uRIBuilder.toString();
        LOGGER.debug("Redirecting to URL [{}]", uRIBuilder2);
        return build(OAuth20Utils.getRegisteredOAuthServiceByClientId(this.configurationContext.getServicesManager(), oAuth20AccessToken.getClientId()), accessTokenRequestContext.getResponseMode(), uRIBuilder2, new LinkedHashMap());
    }
}
