package org.cloudfoundry.identity.uaa.oauth.token;

import java.security.Principal;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashSet;
import java.util.Map;
import java.util.Set;
import javax.servlet.http.HttpServletRequest;
import org.apache.tools.ant.types.selectors.SelectorUtils;
import org.cloudfoundry.identity.uaa.oauth.advice.HttpMethodNotSupportedAdvice;
import org.springframework.http.HttpMethod;
import org.springframework.http.ResponseEntity;
import org.springframework.security.oauth2.common.OAuth2AccessToken;
import org.springframework.security.oauth2.common.exceptions.OAuth2Exception;
import org.springframework.security.oauth2.provider.endpoint.TokenEndpoint;
import org.springframework.stereotype.Controller;
import org.springframework.util.StringUtils;
import org.springframework.web.HttpRequestMethodNotSupportedException;
import org.springframework.web.bind.annotation.ExceptionHandler;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;

@RequestMapping({"/oauth/token"})
@Controller
/* loaded from: input_file:WEB-INF/lib/cloudfoundry-identity-server-4.12.1.jar:org/cloudfoundry/identity/uaa/oauth/token/UaaTokenEndpoint.class */
public class UaaTokenEndpoint extends TokenEndpoint {
    private Boolean allowQueryString = null;

    public UaaTokenEndpoint() {
        setAllowedRequestMethods(new HashSet(Arrays.asList(HttpMethod.GET, HttpMethod.POST)));
    }

    public boolean isAllowQueryString() {
        if (this.allowQueryString == null) {
            return true;
        }
        return this.allowQueryString.booleanValue();
    }

    public void setAllowQueryString(boolean z) {
        this.allowQueryString = Boolean.valueOf(z);
        if (z) {
            setAllowedRequestMethods(new HashSet(Arrays.asList(HttpMethod.GET, HttpMethod.POST)));
        } else {
            setAllowedRequestMethods(Collections.singleton(HttpMethod.POST));
        }
    }

    @RequestMapping(value = {SelectorUtils.DEEP_TREE_MATCH}, method = {RequestMethod.GET})
    public ResponseEntity<OAuth2AccessToken> doDelegateGet(Principal principal, @RequestParam Map<String, String> map) throws HttpRequestMethodNotSupportedException {
        return getAccessToken(principal, map);
    }

    @RequestMapping(value = {SelectorUtils.DEEP_TREE_MATCH}, method = {RequestMethod.POST})
    public ResponseEntity<OAuth2AccessToken> doDelegatePost(Principal principal, @RequestParam Map<String, String> map, HttpServletRequest httpServletRequest) throws HttpRequestMethodNotSupportedException {
        if (!StringUtils.hasText(httpServletRequest.getQueryString()) || isAllowQueryString()) {
            return postAccessToken(principal, map);
        }
        this.logger.debug("Call to /oauth/token contains a query string. Aborting.");
        throw new HttpRequestMethodNotSupportedException("POST");
    }

    @RequestMapping({SelectorUtils.DEEP_TREE_MATCH})
    public void methodsNotAllowed(HttpServletRequest httpServletRequest) throws HttpRequestMethodNotSupportedException {
        throw new HttpRequestMethodNotSupportedException(httpServletRequest.getMethod());
    }

    @Override // org.springframework.security.oauth2.provider.endpoint.TokenEndpoint
    @ExceptionHandler({HttpRequestMethodNotSupportedException.class})
    public ResponseEntity<OAuth2Exception> handleHttpRequestMethodNotSupportedException(HttpRequestMethodNotSupportedException httpRequestMethodNotSupportedException) throws Exception {
        return new HttpMethodNotSupportedAdvice().handleMethodNotSupportedException(httpRequestMethodNotSupportedException);
    }

    @Override // org.springframework.security.oauth2.provider.endpoint.TokenEndpoint
    @ExceptionHandler({Exception.class})
    public ResponseEntity<OAuth2Exception> handleException(Exception exc) throws Exception {
        this.logger.error("Handling error: " + exc.getClass().getSimpleName() + ", " + exc.getMessage(), exc);
        return getExceptionTranslator().translate(exc);
    }

    @Override // org.springframework.security.oauth2.provider.endpoint.TokenEndpoint
    public void setAllowedRequestMethods(Set<HttpMethod> set) {
        if (isAllowQueryString()) {
            super.setAllowedRequestMethods(set);
        } else {
            super.setAllowedRequestMethods(Collections.singleton(HttpMethod.POST));
        }
    }
}
