package org.picketlink.identity.federation.bindings.wildfly.rest;

import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.Consumes;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.Response;
import org.jboss.logging.Logger;
import org.picketlink.identity.federation.core.saml.v2.util.AssertionUtil;
import org.picketlink.identity.federation.saml.v2.assertion.AssertionType;

@Path("/samloauth")
/* loaded from: input_file:org/picketlink/identity/federation/bindings/wildfly/rest/SAMLOAuthEndpoint.class */
public class SAMLOAuthEndpoint extends STSEndpoint {
    private static final long serialVersionUID = 1;
    private static Logger log = Logger.getLogger(SAMLOAuthEndpoint.class.getName());
    private boolean debugEnabled = log.isDebugEnabled();

    @POST
    @Produces({"application/json"})
    @Consumes({"application/x-www-form-urlencoded"})
    public Response exchange(@Context HttpServletRequest httpServletRequest) throws Exception {
        if (httpServletRequest.getUserPrincipal() == null) {
            return Response.status(Response.Status.FORBIDDEN).build();
        }
        String parameter = httpServletRequest.getParameter("grant_type");
        if (parameter == null) {
            if (this.debugEnabled) {
                log.debug("Grant Type parameter missing");
            }
            return Response.status(Response.Status.NOT_FOUND).build();
        }
        if (!parameter.equals("urn:ietf:params:oauth:grant-type:saml2-bearer")) {
            if (this.debugEnabled) {
                log.debug("Wrong Grant Type:" + parameter);
            }
            return Response.status(Response.Status.NOT_FOUND).build();
        }
        String parameter2 = httpServletRequest.getParameter("assertion");
        if (parameter2 == null) {
            if (this.debugEnabled) {
                log.debug("No SAML Assertion Found");
            }
            return Response.status(Response.Status.NOT_FOUND).build();
        }
        AssertionType parseAssertion = parseAssertion(parameter2);
        if (AssertionUtil.hasExpired(parseAssertion)) {
            log.error("Expired Assertion with ID = " + parseAssertion.getID());
            return Response.status(Response.Status.NOT_ACCEPTABLE).build();
        }
        String id = parseAssertion.getID();
        String issueOAuthToken = issueOAuthToken(id);
        if (issueOAuthToken == null) {
            Response.serverError().build();
        }
        return Response.status(Response.Status.OK).entity(new SAMLOauthInfo(id, issueOAuthToken).asJSON()).build();
    }
}
