package edu.uiuc.ncsa.myproxy.oa4mp.server.servlet;

import edu.uiuc.ncsa.security.core.exceptions.GeneralException;
import edu.uiuc.ncsa.security.core.util.DateUtils;
import edu.uiuc.ncsa.security.delegation.server.ServiceTransaction;
import edu.uiuc.ncsa.security.delegation.server.request.ATRequest;
import edu.uiuc.ncsa.security.delegation.server.request.ATResponse;
import edu.uiuc.ncsa.security.delegation.server.request.IssuerResponse;
import edu.uiuc.ncsa.security.delegation.servlet.TransactionState;
import edu.uiuc.ncsa.security.delegation.storage.Client;
import edu.uiuc.ncsa.security.delegation.token.AuthorizationGrant;
import edu.uiuc.ncsa.security.delegation.token.Verifier;
import edu.uiuc.ncsa.security.servlet.ServletDebugUtil;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/* loaded from: input_file:edu/uiuc/ncsa/myproxy/oa4mp/server/servlet/AbstractAccessTokenServlet.class */
public abstract class AbstractAccessTokenServlet extends MyProxyDelegationServlet {
    protected void doIt(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Throwable {
        doDelegation(httpServletRequest, httpServletResponse);
    }

    protected IssuerTransactionState doDelegation(Client client, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Throwable, ServletException {
        printAllParameters(httpServletRequest);
        info("5.a. Starting access token exchange");
        Verifier verifier = getServiceEnvironment().getTokenForge().getVerifier(httpServletRequest);
        AuthorizationGrant authorizationGrant = getServiceEnvironment().getTokenForge().getAuthorizationGrant(httpServletRequest);
        ServiceTransaction serviceTransaction = getServiceEnvironment().getTransactionStore().get(authorizationGrant);
        if (serviceTransaction == null) {
            ServletDebugUtil.trace(this, "No transaction found for grant \"" + authorizationGrant + "\"");
            throw new ServletException("No transaction found for grant \"" + authorizationGrant + "\"");
        }
        ATRequest aTRequest = new ATRequest(httpServletRequest, serviceTransaction);
        aTRequest.setVerifier(verifier);
        aTRequest.setAuthorizationGrant(authorizationGrant);
        aTRequest.setExpiresIn(DateUtils.MAX_TIMEOUT);
        IssuerResponse issuerResponse = (ATResponse) getATI().process(aTRequest);
        ServiceTransaction verifyAndGet = verifyAndGet(issuerResponse);
        String str = "client=" + verifyAndGet.getClient();
        info("5.a. got access token " + str);
        preprocess(new TransactionState(httpServletRequest, httpServletResponse, issuerResponse.getParameters(), verifyAndGet));
        debug("5.a. access token = " + issuerResponse.getAccessToken() + " for verifier = " + verifier);
        verifyAndGet.setAuthGrantValid(false);
        verifyAndGet.setAccessToken(issuerResponse.getAccessToken());
        verifyAndGet.setAccessTokenValid(true);
        try {
            getTransactionStore().save(verifyAndGet);
            info("5.a. updated transaction state for " + str + ", sending response to client");
            info("5.b. done with access token exchange with " + str);
            IssuerTransactionState issuerTransactionState = new IssuerTransactionState(httpServletRequest, httpServletResponse, issuerResponse.getParameters(), verifyAndGet, issuerResponse);
            postprocess(issuerTransactionState);
            return issuerTransactionState;
        } catch (GeneralException e) {
            throw new ServletException("Error saving transaction", e);
        }
    }

    protected IssuerTransactionState doDelegation(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Throwable, ServletException {
        return doDelegation(getClient(httpServletRequest), httpServletRequest, httpServletResponse);
    }
}
