package org.picketlink.oauth.filters;

import java.io.IOException;
import java.util.List;
import java.util.Properties;
import javax.persistence.EntityManager;
import javax.persistence.EntityManagerFactory;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.picketlink.idm.IdentityManager;
import org.picketlink.idm.model.basic.User;
import org.picketlink.idm.query.IdentityQuery;
import org.picketlink.oauth.common.OAuthConstants;
import org.picketlink.oauth.messages.ResourceAccessRequest;
import org.picketlink.oauth.server.util.OAuthServerUtil;

/* loaded from: input_file:WEB-INF/classes/org/picketlink/oauth/filters/OAuthResourceFilter.class */
public class OAuthResourceFilter implements Filter {
    protected ServletContext context;
    private EntityManagerFactory entityManagerFactory;
    protected IdentityManager identityManager = null;
    private ThreadLocal<EntityManager> entityManager = new ThreadLocal<>();

    public void init(FilterConfig filterConfig) throws ServletException {
        try {
            this.context = filterConfig.getServletContext();
            this.identityManager = OAuthServerUtil.handleIdentityManager(this.context);
        } catch (IOException e) {
            throw new RuntimeException(e);
        }
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        try {
            ResourceAccessRequest parseResourceRequest = OAuthServerUtil.parseResourceRequest((HttpServletRequest) servletRequest);
            String parameter = httpServletRequest.getParameter(OAuthConstants.CLIENT_ID);
            String accessToken = parseResourceRequest.getAccessToken();
            IdentityQuery createIdentityQuery = this.identityManager.createIdentityQuery(User.class);
            createIdentityQuery.setParameter(User.ID, parameter);
            List resultList = createIdentityQuery.getResultList();
            if (resultList.size() == 0) {
                httpServletResponse.sendError(403, "client_id not found");
                return;
            }
            if (resultList.size() > 1) {
                httpServletResponse.sendError(403, "More than one user with the same client id");
                return;
            }
            User user = (User) resultList.get(0);
            String str = (String) user.getAttribute("clientID").getValue();
            String str2 = (String) user.getAttribute("accessToken").getValue();
            if (!str.equals(parameter)) {
                httpServletResponse.sendError(403, "Client ID is wrong");
            } else if (str2.equals(accessToken)) {
                filterChain.doFilter(httpServletRequest, httpServletResponse);
            } else {
                httpServletResponse.sendError(403, "UnAuthorized");
            }
        } catch (Exception e) {
            httpServletResponse.sendError(403, e.getLocalizedMessage());
        }
    }

    public void destroy() {
    }

    private Properties getProperties() throws IOException {
        Properties properties = new Properties();
        properties.load(this.context.getResourceAsStream("/WEB-INF/idm.properties"));
        return properties;
    }
}
