package org.apereo.cas.support.oauth.validator.token;

import java.util.Optional;
import lombok.Generated;
import org.apereo.cas.support.oauth.OAuth20GrantTypes;
import org.apereo.cas.support.oauth.services.OAuthRegisteredService;
import org.apereo.cas.support.oauth.util.OAuth20Utils;
import org.apereo.cas.support.oauth.web.OAuth20RequestParameterResolver;
import org.apereo.cas.support.oauth.web.endpoints.OAuth20ConfigurationContext;
import org.pac4j.core.context.WebContext;
import org.pac4j.core.profile.ProfileManager;
import org.pac4j.core.profile.UserProfile;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/lib/cas-server-support-oauth-core-api-6.6.14.jar:org/apereo/cas/support/oauth/validator/token/BaseOAuth20TokenRequestValidator.class */
public abstract class BaseOAuth20TokenRequestValidator implements OAuth20TokenRequestValidator {

    @Generated
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) BaseOAuth20TokenRequestValidator.class);
    private final OAuth20ConfigurationContext configurationContext;
    private int order = Integer.MAX_VALUE;

    private static boolean isGrantTypeSupported(String str, OAuth20GrantTypes... oAuth20GrantTypesArr) {
        LOGGER.debug("Grant type received: [{}]", str);
        for (OAuth20GrantTypes oAuth20GrantTypes : oAuth20GrantTypesArr) {
            if (OAuth20Utils.isGrantType(str, oAuth20GrantTypes)) {
                return true;
            }
        }
        LOGGER.error("Unsupported grant type: [{}]", str);
        return false;
    }

    @Override // org.apereo.cas.support.oauth.validator.OAuth20RequestValidator
    public boolean validate(WebContext webContext) {
        String orElse = this.configurationContext.getRequestParameterResolver().resolveRequestParameter(webContext, "grant_type").orElse("");
        if (!isGrantTypeSupported(orElse, OAuth20GrantTypes.values())) {
            LOGGER.warn("Grant type is not supported: [{}]", orElse);
            return false;
        }
        ProfileManager profileManager = new ProfileManager(webContext, getConfigurationContext().getSessionStore());
        Optional<UserProfile> profile = profileManager.getProfile();
        if (!profile.isEmpty()) {
            return validateInternal(webContext, orElse, profileManager, profile.get());
        }
        LOGGER.warn("Could not locate authenticated profile for this request. Request is not authenticated");
        return false;
    }

    @Override // org.apereo.cas.support.oauth.validator.OAuth20RequestValidator
    public boolean supports(WebContext webContext) {
        return OAuth20Utils.isGrantType((String) this.configurationContext.getRequestParameterResolver().resolveRequestParameter(webContext, "grant_type").map((v0) -> {
            return String.valueOf(v0);
        }).orElse(""), getGrantType());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean isGrantTypeSupportedBy(OAuthRegisteredService oAuthRegisteredService, String str) {
        return OAuth20RequestParameterResolver.isAuthorizedGrantTypeForService(str, oAuthRegisteredService);
    }

    protected boolean validateInternal(WebContext webContext, String str, ProfileManager profileManager, UserProfile userProfile) {
        return false;
    }

    protected abstract OAuth20GrantTypes getGrantType();

    /* JADX INFO: Access modifiers changed from: protected */
    @Generated
    public BaseOAuth20TokenRequestValidator(OAuth20ConfigurationContext oAuth20ConfigurationContext) {
        this.configurationContext = oAuth20ConfigurationContext;
    }

    @Generated
    public OAuth20ConfigurationContext getConfigurationContext() {
        return this.configurationContext;
    }

    @Override // org.springframework.core.Ordered
    @Generated
    public int getOrder() {
        return this.order;
    }

    @Generated
    public void setOrder(int i) {
        this.order = i;
    }
}
