package com.authlete.jaxrs;

import com.authlete.common.api.AuthleteApi;
import com.authlete.common.dto.AuthorizationFailRequest;
import com.authlete.common.dto.AuthorizationResponse;
import com.authlete.common.dto.Property;
import com.authlete.jaxrs.spi.AuthorizationRequestHandlerSpi;
import java.util.Map;
import javax.ws.rs.WebApplicationException;
import javax.ws.rs.core.MultivaluedMap;
import javax.ws.rs.core.Response;

/* loaded from: input_file:com/authlete/jaxrs/AuthorizationRequestHandler.class */
public class AuthorizationRequestHandler extends BaseHandler {
    private final AuthorizationRequestHandlerSpi mSpi;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: com.authlete.jaxrs.AuthorizationRequestHandler$1, reason: invalid class name */
    /* loaded from: input_file:com/authlete/jaxrs/AuthorizationRequestHandler$1.class */
    public static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$com$authlete$common$dto$AuthorizationResponse$Action = new int[AuthorizationResponse.Action.values().length];

        static {
            try {
                $SwitchMap$com$authlete$common$dto$AuthorizationResponse$Action[AuthorizationResponse.Action.INTERNAL_SERVER_ERROR.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$com$authlete$common$dto$AuthorizationResponse$Action[AuthorizationResponse.Action.BAD_REQUEST.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$com$authlete$common$dto$AuthorizationResponse$Action[AuthorizationResponse.Action.LOCATION.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
            try {
                $SwitchMap$com$authlete$common$dto$AuthorizationResponse$Action[AuthorizationResponse.Action.FORM.ordinal()] = 4;
            } catch (NoSuchFieldError e4) {
            }
            try {
                $SwitchMap$com$authlete$common$dto$AuthorizationResponse$Action[AuthorizationResponse.Action.INTERACTION.ordinal()] = 5;
            } catch (NoSuchFieldError e5) {
            }
            try {
                $SwitchMap$com$authlete$common$dto$AuthorizationResponse$Action[AuthorizationResponse.Action.NO_INTERACTION.ordinal()] = 6;
            } catch (NoSuchFieldError e6) {
            }
        }
    }

    public AuthorizationRequestHandler(AuthleteApi authleteApi, AuthorizationRequestHandlerSpi authorizationRequestHandlerSpi) {
        super(authleteApi);
        this.mSpi = authorizationRequestHandlerSpi;
    }

    public Response handle(MultivaluedMap<String, String> multivaluedMap) throws WebApplicationException {
        try {
            return process(multivaluedMap);
        } catch (WebApplicationException e) {
            throw e;
        } catch (Throwable th) {
            throw unexpected("Unexpected error in AuthorizationRequestHandler", th);
        }
    }

    private Response process(MultivaluedMap<String, String> multivaluedMap) {
        AuthorizationResponse callAuthorization = getApiCaller().callAuthorization(multivaluedMap);
        AuthorizationResponse.Action action = callAuthorization.getAction();
        String responseContent = callAuthorization.getResponseContent();
        switch (AnonymousClass1.$SwitchMap$com$authlete$common$dto$AuthorizationResponse$Action[action.ordinal()]) {
            case 1:
                return ResponseUtil.internalServerError(responseContent);
            case 2:
                return ResponseUtil.badRequest(responseContent);
            case 3:
                return ResponseUtil.location(responseContent);
            case 4:
                return ResponseUtil.form(responseContent);
            case 5:
                return handleInteraction(callAuthorization);
            case 6:
                return handleNoInteraction(callAuthorization);
            default:
                throw getApiCaller().unknownAction("/api/auth/authorization", action);
        }
    }

    private Response handleInteraction(AuthorizationResponse authorizationResponse) {
        return this.mSpi.generateAuthorizationPage(authorizationResponse);
    }

    private Response handleNoInteraction(AuthorizationResponse authorizationResponse) {
        noInteractionCheckAuthentication(authorizationResponse);
        long userAuthenticatedAt = this.mSpi.getUserAuthenticatedAt();
        noInteractionCheckMaxAge(authorizationResponse, userAuthenticatedAt);
        String userSubject = this.mSpi.getUserSubject();
        String sub = this.mSpi.getSub();
        noInteractionCheckSubject(authorizationResponse, userSubject);
        String acr = this.mSpi.getAcr();
        noInteractionCheckAcr(authorizationResponse, acr);
        return noInteractionIssue(authorizationResponse, userAuthenticatedAt, userSubject, acr, this.mSpi.getProperties(), this.mSpi.getScopes(), sub);
    }

    private void noInteractionCheckAuthentication(AuthorizationResponse authorizationResponse) {
        if (!this.mSpi.isUserAuthenticated()) {
            throw getApiCaller().authorizationFail(authorizationResponse.getTicket(), AuthorizationFailRequest.Reason.NOT_LOGGED_IN);
        }
    }

    private void noInteractionCheckMaxAge(AuthorizationResponse authorizationResponse, long j) {
        int maxAge = authorizationResponse.getMaxAge();
        if (maxAge == 0) {
            return;
        }
        if (System.currentTimeMillis() >= (j + maxAge) * 1000) {
            throw getApiCaller().authorizationFail(authorizationResponse.getTicket(), AuthorizationFailRequest.Reason.EXCEEDS_MAX_AGE);
        }
    }

    private void noInteractionCheckSubject(AuthorizationResponse authorizationResponse, String str) {
        String subject = authorizationResponse.getSubject();
        if (subject != null && !subject.equals(str)) {
            throw getApiCaller().authorizationFail(authorizationResponse.getTicket(), AuthorizationFailRequest.Reason.DIFFERENT_SUBJECT);
        }
    }

    private void noInteractionCheckAcr(AuthorizationResponse authorizationResponse, String str) {
        String[] acrs = authorizationResponse.getAcrs();
        if (acrs == null || acrs.length == 0) {
            return;
        }
        for (String str2 : acrs) {
            if (str2.equals(str)) {
                return;
            }
        }
        if (authorizationResponse.isAcrEssential()) {
            throw getApiCaller().authorizationFail(authorizationResponse.getTicket(), AuthorizationFailRequest.Reason.ACR_NOT_SATISFIED);
        }
    }

    private Response noInteractionIssue(AuthorizationResponse authorizationResponse, long j, String str, String str2, Property[] propertyArr, String[] strArr, String str3) {
        return getApiCaller().authorizationIssue(authorizationResponse.getTicket(), str, j, str2, (Map) null, propertyArr, strArr, str3);
    }
}
