package org.apereo.cas.oidc.web.controllers.introspection;

import java.util.Optional;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apereo.cas.oidc.OidcConfigurationContext;
import org.apereo.cas.services.OidcRegisteredService;
import org.apereo.cas.support.oauth.OAuth20Constants;
import org.apereo.cas.support.oauth.util.OAuth20Utils;
import org.apereo.cas.support.oauth.web.endpoints.OAuth20IntrospectionEndpointController;
import org.apereo.cas.support.oauth.web.response.introspection.BaseOAuth20IntrospectionAccessTokenResponse;
import org.apereo.cas.support.oauth.web.response.introspection.OAuth20IntrospectionAccessTokenSuccessResponse;
import org.apereo.cas.ticket.OAuth20Token;
import org.apereo.cas.util.CollectionUtils;
import org.apereo.cas.util.function.FunctionUtils;
import org.pac4j.jee.context.JEEContext;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;

/* loaded from: input_file:WEB-INF/lib/cas-server-support-oidc-core-api-6.6.15.jar:org/apereo/cas/oidc/web/controllers/introspection/OidcIntrospectionEndpointController.class */
public class OidcIntrospectionEndpointController extends OAuth20IntrospectionEndpointController<OidcConfigurationContext> {
    public OidcIntrospectionEndpointController(OidcConfigurationContext oidcConfigurationContext) {
        super(oidcConfigurationContext);
    }

    /* JADX WARN: Multi-variable type inference failed */
    @Override // org.apereo.cas.support.oauth.web.endpoints.OAuth20IntrospectionEndpointController
    @GetMapping(consumes = {"application/x-www-form-urlencoded", "application/json"}, produces = {"application/json"}, value = {"/oidc/introspect", "/**/introspect"})
    public ResponseEntity<? extends BaseOAuth20IntrospectionAccessTokenResponse> handleRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        return !((OidcConfigurationContext) getConfigurationContext()).getIssuerService().validateIssuer(new JEEContext(httpServletRequest, httpServletResponse), "introspect") ? new ResponseEntity<>(OAuth20Utils.toJson(OAuth20Utils.getErrorResponseBody("invalid_request", "Invalid issuer")), HttpStatus.BAD_REQUEST) : super.handleRequest(httpServletRequest, httpServletResponse);
    }

    @Override // org.apereo.cas.support.oauth.web.endpoints.OAuth20IntrospectionEndpointController
    @PostMapping(consumes = {"application/json", "application/x-www-form-urlencoded"}, produces = {"application/json"}, value = {"/oidc/introspect", "/**/introspect"})
    public ResponseEntity<? extends BaseOAuth20IntrospectionAccessTokenResponse> handlePostRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        return super.handlePostRequest(httpServletRequest, httpServletResponse);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.apereo.cas.support.oauth.web.endpoints.OAuth20IntrospectionEndpointController
    public OAuth20IntrospectionAccessTokenSuccessResponse createIntrospectionValidResponse(String str, OAuth20Token oAuth20Token) {
        OAuth20IntrospectionAccessTokenSuccessResponse createIntrospectionValidResponse = super.createIntrospectionValidResponse(str, oAuth20Token);
        if (oAuth20Token != null) {
            Optional.ofNullable(oAuth20Token.getService()).ifPresent(service -> {
                createIntrospectionValidResponse.setIss(((OidcConfigurationContext) getConfigurationContext()).getIssuerService().determineIssuer(Optional.ofNullable((OidcRegisteredService) ((OidcConfigurationContext) getConfigurationContext()).getServicesManager().findServiceBy(service, OidcRegisteredService.class))));
            });
            FunctionUtils.doIf(createIntrospectionValidResponse.isActive(), obj -> {
                createIntrospectionValidResponse.setScope(String.join(" ", oAuth20Token.getScopes()));
            }).accept(createIntrospectionValidResponse);
            CollectionUtils.firstElement(oAuth20Token.getAuthentication().getAttributes().get(OAuth20Constants.DPOP_CONFIRMATION)).ifPresent(obj2 -> {
                createIntrospectionValidResponse.setDPopConfirmation(new OAuth20IntrospectionAccessTokenSuccessResponse.DPopConfirmation(obj2.toString()));
            });
        }
        return createIntrospectionValidResponse;
    }
}
