package leap.oauth2.as.endpoint;

import leap.core.annotation.Inject;
import leap.oauth2.OAuth2Errors;
import leap.oauth2.as.OAuth2AuthzServerConfig;
import leap.oauth2.as.endpoint.userinfo.UserInfoHandler;
import leap.oauth2.as.token.AuthzAccessToken;
import leap.oauth2.as.token.AuthzTokenManager;
import leap.oauth2.server.token.Token;
import leap.oauth2.server.token.TokenExtractor;
import leap.web.App;
import leap.web.Endpoint;
import leap.web.Handler;
import leap.web.Request;
import leap.web.Response;
import leap.web.route.Routes;
import leap.web.security.user.UserDetails;
import leap.web.security.user.UserManager;

/* loaded from: input_file:leap/oauth2/as/endpoint/UserInfoEndpoint.class */
public class UserInfoEndpoint extends AbstractAuthzEndpoint implements Endpoint, Handler {

    @Inject
    protected OAuth2AuthzServerConfig config;

    @Inject
    protected AuthzTokenManager tokenManager;

    @Inject
    protected TokenExtractor tokenExtractor;

    @Inject
    protected UserManager userManager;

    @Inject
    protected UserInfoHandler[] handlers;

    public void startEndpoint(App app, Routes routes) {
        if (this.config.isEnabled() && this.config.isUserInfoEnabled()) {
            this.sc.ignore(this.config.getUserInfoEndpointPath());
            routes.create().handle(this.config.getUserInfoEndpointPath(), this).enableCors().disableCsrf().apply();
        }
    }

    public void handle(Request request, Response response) throws Throwable {
        Token extractTokenFromRequest = this.tokenExtractor.extractTokenFromRequest(request);
        if (null == extractTokenFromRequest) {
            OAuth2Errors.invalidRequest(request, response, null, "Invalid access token");
            return;
        }
        AuthzAccessToken loadAccessToken = this.tokenManager.loadAccessToken(extractTokenFromRequest.getValue());
        if (null == loadAccessToken) {
            OAuth2Errors.invalidToken(request, response, null, "Invalid access token");
            return;
        }
        if (loadAccessToken.isClientOnly()) {
            OAuth2Errors.invalidToken(request, response, null, "Invalid access token");
            return;
        }
        UserDetails loadUserDetails = this.userManager.loadUserDetails(loadAccessToken.getUserId());
        if (null == loadUserDetails) {
            OAuth2Errors.invalidToken(request, response, null, "User not found");
            return;
        }
        if (!loadUserDetails.isEnabled()) {
            OAuth2Errors.invalidToken(request, response, null, "User disabled");
            return;
        }
        UserInfoHandler[] userInfoHandlerArr = this.handlers;
        int length = userInfoHandlerArr.length;
        for (int i = 0; i < length && !userInfoHandlerArr[i].handleUserInfoResponse(request, response, loadAccessToken, loadUserDetails); i++) {
        }
    }
}
