package org.springframework.security.oauth2.provider.approval;

import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.security.core.Authentication;
import org.springframework.security.oauth2.common.OAuth2AccessToken;
import org.springframework.security.oauth2.common.util.OAuth2Utils;
import org.springframework.security.oauth2.provider.AuthorizationRequest;
import org.springframework.security.oauth2.provider.ClientDetails;
import org.springframework.security.oauth2.provider.ClientDetailsService;
import org.springframework.security.oauth2.provider.ClientRegistrationException;
import org.springframework.security.oauth2.provider.OAuth2Authentication;
import org.springframework.security.oauth2.provider.OAuth2RequestFactory;
import org.springframework.security.oauth2.provider.token.TokenStore;
import org.springframework.util.Assert;

/* loaded from: input_file:lib/spring-security-oauth2-2.0.7.RELEASE.jar:org/springframework/security/oauth2/provider/approval/TokenStoreUserApprovalHandler.class */
public class TokenStoreUserApprovalHandler implements UserApprovalHandler, InitializingBean {
    private static Log logger = LogFactory.getLog(TokenStoreUserApprovalHandler.class);
    private String approvalParameter = OAuth2Utils.USER_OAUTH_APPROVAL;
    private TokenStore tokenStore;
    private ClientDetailsService clientDetailsService;
    private OAuth2RequestFactory requestFactory;

    public void setClientDetailsService(ClientDetailsService clientDetailsService) {
        this.clientDetailsService = clientDetailsService;
    }

    public void setApprovalParameter(String str) {
        this.approvalParameter = str;
    }

    public void setTokenStore(TokenStore tokenStore) {
        this.tokenStore = tokenStore;
    }

    public void setRequestFactory(OAuth2RequestFactory oAuth2RequestFactory) {
        this.requestFactory = oAuth2RequestFactory;
    }

    @Override // org.springframework.beans.factory.InitializingBean
    public void afterPropertiesSet() {
        Assert.state(this.tokenStore != null, "TokenStore must be provided");
        Assert.state(this.requestFactory != null, "OAuth2RequestFactory must be provided");
    }

    @Override // org.springframework.security.oauth2.provider.approval.UserApprovalHandler
    public boolean isApproved(AuthorizationRequest authorizationRequest, Authentication authentication) {
        return authorizationRequest.isApproved();
    }

    @Override // org.springframework.security.oauth2.provider.approval.UserApprovalHandler
    public AuthorizationRequest checkForPreApproval(AuthorizationRequest authorizationRequest, Authentication authentication) {
        boolean z;
        boolean z2 = false;
        String clientId = authorizationRequest.getClientId();
        Set scope = authorizationRequest.getScope();
        if (this.clientDetailsService != null) {
            try {
                ClientDetails loadClientByClientId = this.clientDetailsService.loadClientByClientId(clientId);
                z2 = true;
                Iterator it = scope.iterator();
                while (it.hasNext()) {
                    if (!loadClientByClientId.isAutoApprove((String) it.next())) {
                        z2 = false;
                    }
                }
                if (z2) {
                    authorizationRequest.setApproved(true);
                    return authorizationRequest;
                }
            } catch (ClientRegistrationException e) {
                logger.warn("Client registration problem prevent autoapproval check for client=" + clientId);
            }
        }
        OAuth2Authentication oAuth2Authentication = new OAuth2Authentication(this.requestFactory.createOAuth2Request(authorizationRequest), authentication);
        if (logger.isDebugEnabled()) {
            StringBuilder sb = new StringBuilder("Looking up existing token for ");
            sb.append("client_id=" + clientId);
            sb.append(", scope=" + scope);
            sb.append(" and username=" + authentication.getName());
            logger.debug(sb.toString());
        }
        OAuth2AccessToken accessToken = this.tokenStore.getAccessToken(oAuth2Authentication);
        logger.debug("Existing access token=" + accessToken);
        if (accessToken == null || accessToken.isExpired()) {
            logger.debug("Checking explicit approval");
            z = authentication.isAuthenticated() && z2;
        } else {
            logger.debug("User already approved with token=" + accessToken);
            z = true;
        }
        authorizationRequest.setApproved(z);
        return authorizationRequest;
    }

    @Override // org.springframework.security.oauth2.provider.approval.UserApprovalHandler
    public AuthorizationRequest updateAfterApproval(AuthorizationRequest authorizationRequest, Authentication authentication) {
        String str = authorizationRequest.getApprovalParameters().get(this.approvalParameter);
        authorizationRequest.setApproved(str != null && str.toLowerCase().equals("true"));
        return authorizationRequest;
    }

    @Override // org.springframework.security.oauth2.provider.approval.UserApprovalHandler
    public Map<String, Object> getUserApprovalRequest(AuthorizationRequest authorizationRequest, Authentication authentication) {
        HashMap hashMap = new HashMap();
        hashMap.putAll(authorizationRequest.getRequestParameters());
        return hashMap;
    }
}
