package com.ibm.ws.security.oauth20.error.impl;

import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.oauth.core.api.OAuthResult;
import com.ibm.oauth.core.api.attributes.AttributeList;
import com.ibm.oauth.core.api.error.OAuthConfigurationException;
import com.ibm.oauth.core.api.error.OAuthException;
import com.ibm.oauth.core.api.error.oauth20.OAuth20AccessDeniedException;
import com.ibm.oauth.core.api.error.oauth20.OAuth20Exception;
import com.ibm.oauth.core.api.error.oauth20.OAuth20InvalidClientException;
import com.ibm.oauth.core.api.error.oauth20.OAuth20InvalidGrantTypeException;
import com.ibm.oauth.core.api.error.oauth20.OAuth20InvalidRedirectUriException;
import com.ibm.oauth.core.api.error.oauth20.OAuth20InvalidResponseTypeException;
import com.ibm.oauth.core.api.error.oauth20.OAuth20InvalidScopeException;
import com.ibm.oauth.core.util.JSONUtil;
import com.ibm.websphere.ras.annotation.InjectedTrace;
import com.ibm.websphere.ras.annotation.ManualTrace;
import com.ibm.websphere.ras.annotation.TraceObjectField;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.ras.instrument.annotation.InjectedFFDC;
import com.ibm.ws.security.oauth20.error.OAuthExceptionHandler;
import com.ibm.ws.security.oauth20.util.OIDCConstants;
import com.ibm.wsspi.anno.targets.AnnotationTargets_Serialization;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.net.URLEncoder;
import java.util.HashMap;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.myfaces.shared_impl.renderkit.html.HTML;

@InjectedFFDC
@TraceObjectField(fieldName = "tc", fieldDesc = "Lcom/ibm/ejs/ras/TraceComponent;")
/* loaded from: input_file:wlp/lib/com.ibm.ws.security.oauth20_1.1.jar:com/ibm/ws/security/oauth20/error/impl/OAuth20AuthorizeRequestExceptionHandler.class */
public class OAuth20AuthorizeRequestExceptionHandler implements OAuthExceptionHandler {
    private static TraceComponent tc = Tr.register((Class<?>) OAuth20AuthorizeRequestExceptionHandler.class, "OAuth20Provider", "com.ibm.ws.security.oauth20.resources.ProviderMsgs");
    public static final String HEADER_ACCEPT_LANGUAGE = "Accept-Language";
    public static final String RESPONSE_TYPE_TOKEN = "token";
    public static final String RESPONSE_TYPE_ID_TOKEN = "id_token";
    public static final String RESPONSE_TYPE_TOKEN_ID_TOKEN = "token id_token";
    public static final String RESPONSE_TYPE_ID_TOKEN_TOKEN = "id_token token";
    public static final String STATE = "state";
    private String _responseType;
    private String _redirectUri;
    private String _templateUrl;
    static final long serialVersionUID = 9158947113502005482L;

    @InjectedTrace({"com.ibm.ws.ras.instrument.internal.bci.WebSphereTrTracingMethodAdapter"})
    public OAuth20AuthorizeRequestExceptionHandler(String str, String str2, String str3) {
        if (TraceComponent.isAnyTracingEnabled() && tc != null && tc.isEntryEnabled()) {
            Tr.entry(tc, "<init>", new Object[]{str, str2, str3});
        }
        this._responseType = str;
        this._redirectUri = str2;
        this._templateUrl = str3;
        if (TraceComponent.isAnyTracingEnabled() && tc != null && tc.isEntryEnabled()) {
            Tr.exit(tc, "<init>", this);
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v103, types: [java.lang.Object] */
    /* JADX WARN: Type inference failed for: r0v104 */
    /* JADX WARN: Type inference failed for: r0v111 */
    /* JADX WARN: Type inference failed for: r0v126, types: [java.lang.StringBuilder] */
    /* JADX WARN: Type inference failed for: r0v127 */
    /* JADX WARN: Type inference failed for: r0v154 */
    /* JADX WARN: Type inference failed for: r0v155 */
    /* JADX WARN: Type inference failed for: r0v159, types: [javax.servlet.http.HttpServletResponse] */
    /* JADX WARN: Type inference failed for: r0v177, types: [java.lang.StringBuilder] */
    /* JADX WARN: Type inference failed for: r0v178 */
    /* JADX WARN: Type inference failed for: r0v182, types: [java.lang.String] */
    /* JADX WARN: Type inference failed for: r0v186, types: [java.lang.String] */
    /* JADX WARN: Type inference failed for: r0v45, types: [java.lang.Object] */
    /* JADX WARN: Type inference failed for: r0v46 */
    /* JADX WARN: Type inference failed for: r0v53 */
    /* JADX WARN: Type inference failed for: r0v90, types: [java.lang.String] */
    /* JADX WARN: Type inference failed for: r20v1 */
    /* JADX WARN: Type inference failed for: r2v18, types: [java.lang.Object[], java.lang.Object] */
    @Override // com.ibm.ws.security.oauth20.error.OAuthExceptionHandler
    @InjectedTrace({"com.ibm.ws.ras.instrument.internal.bci.WebSphereTrTracingMethodAdapter"})
    public void handleResultException(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, OAuthResult oAuthResult) {
        ?? r0;
        if (TraceComponent.isAnyTracingEnabled() && tc != null && tc.isEntryEnabled()) {
            Tr.entry(tc, "handleResultException", new Object[]{httpServletRequest, httpServletResponse, oAuthResult});
        }
        Object obj = null;
        String characterEncoding = httpServletRequest.getCharacterEncoding() != null ? httpServletRequest.getCharacterEncoding() : "utf-8";
        if (oAuthResult.getStatus() != 0) {
            OAuthException cause = oAuthResult.getCause();
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "com.ibm.ws.security.oauth20.web.OAuth20EndpointServlet result is bad", new Object[]{cause, this._responseType, this._redirectUri, this._templateUrl});
            }
            if (cause != null) {
                boolean z = true;
                if ((cause instanceof OAuth20Exception) && "invalid_request".equals(cause.getError()) && OIDCConstants.MESSAGE_LOGIN_REQUIRED_ID_TOKEN_HINT_INVALID.equals(cause.getMessage())) {
                    z = false;
                }
                if ((cause instanceof OAuth20InvalidResponseTypeException) || (cause instanceof OAuth20InvalidClientException) || (cause instanceof OAuth20InvalidGrantTypeException) || (cause instanceof OAuth20InvalidScopeException)) {
                    z = false;
                }
                if (z) {
                    FFDCFilter.processException(cause, "com.ibm.ws.security.oauth20.error.impl.OAuth20AuthorizeRequestExceptionHandler", "96", this);
                }
                if (cause instanceof OAuth20Exception) {
                    OAuth20Exception oAuth20Exception = (OAuth20Exception) cause;
                    String error = oAuth20Exception.getError();
                    boolean equals = "unauthorized_client".equals(error);
                    boolean z2 = equals;
                    if (!equals) {
                        boolean z3 = oAuth20Exception instanceof OAuth20InvalidRedirectUriException;
                        z2 = z3;
                        if (!z3) {
                            ?? r02 = this._redirectUri;
                            z2 = r02;
                            if (r02 != 0) {
                                if (OAuth20Exception.INVALID_GRANT.equals(error) || OAuth20Exception.UNSUPPORED_GRANT_TPE.equals(error)) {
                                    httpServletResponse.setStatus(401);
                                    httpServletResponse.setHeader("Cache-Control", "no-store");
                                    httpServletResponse.setHeader("Pragma", "no-cache");
                                    httpServletResponse.setHeader("Content-Type", "application/json;charset=UTF-8");
                                    String formatSelf = oAuth20Exception.formatSelf(httpServletRequest.getLocale(), characterEncoding);
                                    HashMap hashMap = new HashMap();
                                    hashMap.put("error", error);
                                    ?? put = hashMap.put("error_description", formatSelf);
                                    try {
                                        httpServletResponse.getWriter().print(JSONUtil.getJSON((Map<String, Object>) hashMap));
                                        put = 1;
                                        obj = 1;
                                    } catch (IOException e) {
                                        FFDCFilter.processException(e, "com.ibm.ws.security.oauth20.error.impl.OAuth20AuthorizeRequestExceptionHandler", "203", this, new Object[]{httpServletRequest, httpServletResponse, oAuthResult});
                                        Object obj2 = put;
                                        if (tc.isDebugEnabled()) {
                                            Tr.debug(tc, "Internal error writing JSON response", new Object[]{obj2});
                                        }
                                    }
                                } else {
                                    String str = HTML.HREF_PATH_FROM_PARAM_SEPARATOR;
                                    if ("token".equals(this._responseType) || "id_token".equals(this._responseType) || "id_token token".equals(this._responseType) || "token id_token".equals(this._responseType)) {
                                        str = AnnotationTargets_Serialization.COMMENT_TAG;
                                    }
                                    int indexOf = this._redirectUri.indexOf(str);
                                    StringBuilder sb = new StringBuilder(this._redirectUri);
                                    if (indexOf != sb.length() - 1) {
                                        if (indexOf > -1) {
                                            sb.append("&");
                                        } else {
                                            sb.append(str);
                                        }
                                    }
                                    sb.append("error");
                                    ?? append = sb.append("=");
                                    try {
                                        append = URLEncoder.encode(error, "utf-8");
                                        error = append;
                                    } catch (UnsupportedEncodingException e2) {
                                        FFDCFilter.processException(e2, "com.ibm.ws.security.oauth20.error.impl.OAuth20AuthorizeRequestExceptionHandler", "241", this, new Object[]{httpServletRequest, httpServletResponse, oAuthResult});
                                    }
                                    sb.append(error);
                                    sb.append("&");
                                    sb.append("error_description");
                                    sb.append("=");
                                    String formatSelf2 = oAuth20Exception.formatSelf(httpServletRequest.getLocale(), characterEncoding);
                                    String str2 = formatSelf2;
                                    try {
                                        formatSelf2 = URLEncoder.encode(str2, "utf-8");
                                        str2 = formatSelf2;
                                    } catch (UnsupportedEncodingException e3) {
                                        FFDCFilter.processException(e3, "com.ibm.ws.security.oauth20.error.impl.OAuth20AuthorizeRequestExceptionHandler", "252", this, new Object[]{httpServletRequest, httpServletResponse, oAuthResult});
                                        String str3 = formatSelf2;
                                        if (tc.isDebugEnabled()) {
                                            Tr.debug(tc, "Internal error encoding error description", new Object[]{str3});
                                        }
                                    }
                                    sb.append(str2);
                                    AttributeList attributeList = oAuthResult.getAttributeList();
                                    if (attributeList != null) {
                                        String attributeValueByName = attributeList.getAttributeValueByName("state");
                                        if (attributeValueByName != null) {
                                            sb.append("&");
                                            sb.append("state");
                                            ?? append2 = sb.append("=");
                                            try {
                                                append2 = URLEncoder.encode(attributeValueByName, "utf-8");
                                                attributeValueByName = append2;
                                            } catch (UnsupportedEncodingException e4) {
                                                FFDCFilter.processException(e4, "com.ibm.ws.security.oauth20.error.impl.OAuth20AuthorizeRequestExceptionHandler", "270", this, new Object[]{httpServletRequest, httpServletResponse, oAuthResult});
                                            }
                                            sb.append(attributeValueByName);
                                        }
                                        String attributeValueByName2 = attributeList.getAttributeValueByName("WWW-Authenticate");
                                        if (attributeValueByName2 != null && attributeValueByName2.length() > 0) {
                                            httpServletResponse.setHeader("WWW-Authenticate", attributeValueByName2);
                                        }
                                    }
                                    int i = 302;
                                    if (oAuth20Exception instanceof OAuth20AccessDeniedException) {
                                        i = ((OAuth20AccessDeniedException) oAuth20Exception).getHttpStatusCode();
                                    }
                                    if (i < 400 || (r0 = i) >= 600) {
                                        httpServletResponse.setStatus(i);
                                        httpServletResponse.setHeader("Location", sb.toString());
                                    } else {
                                        try {
                                            r0 = httpServletResponse;
                                            r0.sendError(i, "error=" + error + "&error_description=" + oAuth20Exception.formatSelf(httpServletRequest.getLocale(), characterEncoding));
                                        } catch (IOException e5) {
                                            FFDCFilter.processException(e5, "com.ibm.ws.security.oauth20.error.impl.OAuth20AuthorizeRequestExceptionHandler", "289", this, new Object[]{httpServletRequest, httpServletResponse, oAuthResult});
                                            Object obj3 = r0;
                                            if (tc.isDebugEnabled()) {
                                                Tr.debug(tc, "Internal error", new Object[]{obj3});
                                            }
                                        }
                                    }
                                    obj = 1;
                                }
                            }
                        }
                    }
                    try {
                        if (this._templateUrl == null || "".equals(this._templateUrl.trim())) {
                            httpServletResponse.getWriter().print(oAuth20Exception.formatSelf(httpServletRequest.getLocale(), characterEncoding));
                        } else {
                            renderErrorPage(httpServletRequest, httpServletResponse, oAuth20Exception);
                        }
                        obj = 1;
                    } catch (IOException e6) {
                        FFDCFilter.processException(e6, "com.ibm.ws.security.oauth20.error.impl.OAuth20AuthorizeRequestExceptionHandler", "155", this, new Object[]{httpServletRequest, httpServletResponse, oAuthResult});
                        ?? r20 = z2;
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "Internal error writing JSON response", new Object[]{r20});
                        }
                    }
                } else if (cause instanceof OAuthConfigurationException) {
                    OAuthConfigurationException oAuthConfigurationException = (OAuthConfigurationException) cause;
                    String error2 = oAuthConfigurationException.getError();
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "processing exception with OAuthResult: " + error2);
                    }
                    httpServletResponse.setStatus(500);
                    httpServletResponse.setHeader("Cache-Control", "no-store");
                    httpServletResponse.setHeader("Pragma", "no-cache");
                    httpServletResponse.setHeader("Content-Type", "application/json;charset=UTF-8");
                    String formatSelf3 = oAuthConfigurationException.formatSelf(httpServletRequest.getLocale(), characterEncoding);
                    HashMap hashMap2 = new HashMap();
                    hashMap2.put("error", error2);
                    ?? put2 = hashMap2.put("error_description", formatSelf3);
                    try {
                        httpServletResponse.getWriter().print(JSONUtil.getJSON((Map<String, Object>) hashMap2));
                        put2 = 1;
                        obj = 1;
                    } catch (IOException e7) {
                        FFDCFilter.processException(e7, "com.ibm.ws.security.oauth20.error.impl.OAuth20AuthorizeRequestExceptionHandler", "351", this, new Object[]{httpServletRequest, httpServletResponse, oAuthResult});
                        Object obj4 = put2;
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "Internal error writing JSON response", new Object[]{obj4});
                        }
                    }
                }
                Object obj5 = obj;
                if (obj5 == null) {
                    try {
                        if (this._templateUrl == null || "".equals(this._templateUrl.trim())) {
                            httpServletResponse.getWriter().print(cause.getMessage());
                        } else {
                            renderErrorPage(httpServletRequest, httpServletResponse, cause);
                        }
                    } catch (IOException e8) {
                        FFDCFilter.processException(e8, "com.ibm.ws.security.oauth20.error.impl.OAuth20AuthorizeRequestExceptionHandler", "370", this, new Object[]{httpServletRequest, httpServletResponse, oAuthResult});
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "Internal error", new Object[]{obj5});
                        }
                    }
                }
            }
        }
        if (TraceComponent.isAnyTracingEnabled() && tc != null && tc.isEntryEnabled()) {
            Tr.exit(tc, "handleResultException");
        }
    }

    @ManualTrace
    @InjectedTrace({"com.ibm.ws.ras.instrument.internal.bci.WebSphereTrTracingMethodAdapter"})
    private void renderErrorPage(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, OAuthException oAuthException) throws IOException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "renderErrorPage");
        }
        new ErrorPageRenderer().renderErrorPage(oAuthException, this._templateUrl, httpServletRequest.getHeader("Accept-Language"), httpServletRequest, httpServletResponse);
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "renderErrorPage");
        }
    }
}
