package leap.oauth2.as.endpoint.token;

import java.util.function.Consumer;
import leap.core.annotation.Inject;
import leap.lang.http.HTTP;
import leap.oauth2.OAuth2Errors;
import leap.oauth2.OAuth2Params;
import leap.oauth2.Oauth2MessageKey;
import leap.oauth2.as.authc.SimpleAuthzAuthentication;
import leap.oauth2.as.client.AuthzClient;
import leap.oauth2.as.client.SamplingAuthzClientCredentials;
import leap.oauth2.as.token.AuthzAccessToken;
import leap.oauth2.as.token.AuthzTokenManager;
import leap.web.Request;
import leap.web.Response;

/* loaded from: input_file:leap/oauth2/as/endpoint/token/ClientSecretPostGrantTypeHandler.class */
public class ClientSecretPostGrantTypeHandler extends AbstractGrantTypeHandler {

    @Inject
    protected AuthzTokenManager tokenManager;

    @Override // leap.oauth2.as.endpoint.token.GrantTypeHandler
    public void handleRequest(Request request, Response response, OAuth2Params oAuth2Params, Consumer<AuthzAccessToken> consumer) throws Throwable {
        if (!HTTP.Method.valueOf(request.getMethod()).isPost()) {
            handleError(request, response, oAuth2Params, getOauth2Error(messageKey -> {
                return OAuth2Errors.invalidRequestError(request, messageKey, "this grant_type only accept post method.");
            }, Oauth2MessageKey.INVALID_REQUEST_INVALID_HTTP_METHOD, "POST"));
            return;
        }
        AuthzClient validateClientSecret = validateClientSecret(request, response, new SamplingAuthzClientCredentials(oAuth2Params.getClientId(), oAuth2Params.getClientSecret()));
        if (validateClientSecret == null) {
            return;
        }
        consumer.accept(this.tokenManager.createAccessToken(new SimpleAuthzAuthentication(oAuth2Params, validateClientSecret)));
    }
}
