package com.ibm.ws.security.oauth20.web;

import com.ibm.oauth.core.api.error.OidcServerException;
import com.ibm.oauth.core.api.oauth20.OAuth20Component;
import com.ibm.oauth.core.api.oauth20.token.OAuth20Token;
import com.ibm.oauth.core.internal.oauth20.OAuth20ComponentImpl;
import com.ibm.oauth.core.internal.oauth20.OAuth20Constants;
import com.ibm.oauth.core.internal.oauth20.token.OAuth20TokenFactory;
import com.ibm.websphere.ras.Tr;
import com.ibm.websphere.ras.TraceComponent;
import com.ibm.websphere.ras.annotation.TraceObjectField;
import com.ibm.ws.common.internal.encoder.Base64Coder;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.ras.instrument.annotation.InjectedFFDC;
import com.ibm.ws.security.oauth20.api.OAuth20Provider;
import com.ibm.ws.security.oauth20.plugins.OidcBaseClient;
import javax.servlet.http.HttpServletRequest;

@InjectedFFDC
@TraceObjectField(fieldName = "tc", fieldDesc = "Lcom/ibm/websphere/ras/TraceComponent;")
/* loaded from: input_file:com/ibm/ws/security/oauth20/web/UIAccessTokenBuilder.class */
public class UIAccessTokenBuilder {
    private static TraceComponent tc = Tr.register(UIAccessTokenBuilder.class, "OAUTH", "com.ibm.ws.security.oauth20.internal.resources.OAuthMessages");
    OAuth20Component _component;
    OAuth20Provider _provider;
    HttpServletRequest _req;
    static final long serialVersionUID = -6501855929315703152L;

    /* JADX INFO: Access modifiers changed from: package-private */
    public UIAccessTokenBuilder(OAuth20Provider oAuth20Provider, HttpServletRequest httpServletRequest) {
        this._component = null;
        this._provider = null;
        this._req = null;
        this._component = oAuth20Provider.getComponent();
        this._provider = oAuth20Provider;
        this._req = httpServletRequest;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void createHeaderValuesForUI() {
        OidcBaseClient client = getClient();
        OAuth20Token createAccessTokenForAuthenticatedUser = createAccessTokenForAuthenticatedUser();
        String createAuthHeaderValueFromClientIdAndSecret = createAuthHeaderValueFromClientIdAndSecret();
        if (createAccessTokenForAuthenticatedUser == null || createAuthHeaderValueFromClientIdAndSecret == null) {
            return;
        }
        this._req.setAttribute("ui_token", createAccessTokenForAuthenticatedUser.getId());
        this._req.setAttribute("ui_authheader", createAuthHeaderValueFromClientIdAndSecret);
        this._req.setAttribute("ui_app_pw_enabled", Boolean.valueOf(client == null ? false : client.isAppPasswordAllowed()));
        this._req.setAttribute("ui_app_tok_enabled", Boolean.valueOf(client == null ? false : client.isAppTokenAllowed()));
    }

    OidcBaseClient getClient() {
        String internalClientId = this._provider.getInternalClientId();
        if (internalClientId == null) {
            return null;
        }
        OidcBaseClient oidcBaseClient = null;
        try {
            oidcBaseClient = this._provider.getClientProvider().get(internalClientId);
        } catch (OidcServerException e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.oauth20.web.UIAccessTokenBuilder", "72", this, new Object[0]);
        }
        return oidcBaseClient;
    }

    private OAuth20Token createAccessTokenForAuthenticatedUser() {
        if (this._component == null || this._provider == null || this._req == null) {
            return null;
        }
        OAuth20TokenFactory oAuth20TokenFactory = new OAuth20TokenFactory((OAuth20ComponentImpl) this._component);
        String internalClientId = this._provider.getInternalClientId();
        String name = this._req.getUserPrincipal() != null ? this._req.getUserPrincipal().getName() : null;
        if (internalClientId != null && !internalClientId.isEmpty() && name != null) {
            return oAuth20TokenFactory.createAccessToken(oAuth20TokenFactory.buildTokenMap(internalClientId, name, null, null, null, null, OAuth20Constants.GRANT_TYPE_IMPLICIT_INTERNAL));
        }
        Tr.error(tc, "OAUATH_BASIC_AUTH_FAIL", new Object[0]);
        return null;
    }

    private String createAuthHeaderValueFromClientIdAndSecret() {
        String internalClientId = this._provider.getInternalClientId();
        String internalClientSecret = this._provider.getInternalClientSecret();
        String str = null;
        if (internalClientId != null && internalClientSecret != null && internalClientId.length() > 0 && internalClientSecret.length() > 0) {
            str = "Basic " + Base64Coder.base64Encode(internalClientId + ":" + internalClientSecret);
        }
        return str;
    }
}
