package edu.uiuc.ncsa.security.oauth_1_0a.server;

import edu.uiuc.ncsa.security.core.exceptions.GeneralException;
import edu.uiuc.ncsa.security.delegation.server.issuers.AbstractIssuer;
import edu.uiuc.ncsa.security.delegation.server.issuers.PAIssuer;
import edu.uiuc.ncsa.security.delegation.server.request.PARequest;
import edu.uiuc.ncsa.security.delegation.server.request.PAResponse;
import edu.uiuc.ncsa.security.delegation.token.AccessToken;
import edu.uiuc.ncsa.security.delegation.token.TokenForge;
import edu.uiuc.ncsa.security.oauth_1_0a.OAuthUtilities;
import edu.uiuc.ncsa.security.oauth_1_0a.client.OAClient;
import edu.uiuc.ncsa.security.util.pkcs.KeyUtil;
import java.net.URI;
import java.security.PublicKey;
import javax.servlet.ServletException;
import net.oauth.OAuth;
import net.oauth.OAuthAccessor;

/* loaded from: input_file:WEB-INF/lib/ncsa-security-oauth-1.0a-1.1.1.jar:edu/uiuc/ncsa/security/oauth_1_0a/server/PAIImpl.class */
public class PAIImpl extends AbstractIssuer implements PAIssuer {
    public PAIImpl(TokenForge tokenForge, URI uri) {
        super(tokenForge, uri);
    }

    @Override // edu.uiuc.ncsa.security.delegation.server.issuers.PAIssuer
    public PAResponse processProtectedAsset(PARequest pARequest) {
        try {
            PARequestImpl pARequestImpl = !(pARequest instanceof PARequestImpl) ? new PARequestImpl(pARequest) : (PARequestImpl) pARequest;
            if (pARequestImpl.getParameters().get(OAuth.OAUTH_TOKEN) == null) {
                throw new ServletException("Error: missing access token");
            }
            OAClient oAClient = (OAClient) pARequestImpl.getClient();
            OAuthAccessor createOAuthAccessor = OAuthUtilities.createOAuthAccessor(this, oAClient);
            if (oAClient.getSignatureMethod().equals("RSA-SHA1")) {
                PublicKey fromX509PEM = KeyUtil.fromX509PEM(oAClient.getSecret());
                createOAuthAccessor.consumer.setProperty("RSA-SHA1.PublicKey", fromX509PEM);
                createOAuthAccessor.setProperty("RSA-SHA1.PublicKey", fromX509PEM);
            }
            AccessToken accessToken = pARequestImpl.getAccessToken();
            if (accessToken == null) {
                accessToken = this.tokenForge.getAccessToken(pARequestImpl.getParameters());
            }
            createOAuthAccessor.tokenSecret = accessToken.getSharedSecret();
            OAuthUtilities.validate(pARequestImpl.getMessage(), createOAuthAccessor);
            PAResponseImpl pAResponseImpl = new PAResponseImpl();
            pAResponseImpl.setAccessToken(accessToken);
            pAResponseImpl.setParameters(OAuthUtilities.whittleMap(pARequestImpl.getParameters()));
            return pAResponseImpl;
        } catch (Exception e) {
            throw new GeneralException(e);
        }
    }
}
