package org.apereo.cas.support.oauth.validator.authorization;

import lombok.Generated;
import org.apereo.cas.audit.AuditableExecution;
import org.apereo.cas.authentication.principal.ServiceFactory;
import org.apereo.cas.authentication.principal.WebApplicationService;
import org.apereo.cas.services.ServicesManager;
import org.apereo.cas.support.oauth.OAuth20ResponseTypes;
import org.apereo.cas.support.oauth.util.OAuth20Utils;
import org.apereo.cas.support.oauth.web.OAuth20RequestParameterResolver;
import org.pac4j.core.context.WebContext;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/lib/cas-server-support-oauth-core-api-6.6.15.jar:org/apereo/cas/support/oauth/validator/authorization/OAuth20AuthorizationCodeResponseTypeAuthorizationRequestValidator.class */
public class OAuth20AuthorizationCodeResponseTypeAuthorizationRequestValidator extends BaseOAuth20AuthorizationRequestValidator {

    @Generated
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) OAuth20AuthorizationCodeResponseTypeAuthorizationRequestValidator.class);
    private int order;

    public OAuth20AuthorizationCodeResponseTypeAuthorizationRequestValidator(ServicesManager servicesManager, ServiceFactory<WebApplicationService> serviceFactory, AuditableExecution auditableExecution, OAuth20RequestParameterResolver oAuth20RequestParameterResolver) {
        super(servicesManager, serviceFactory, auditableExecution, oAuth20RequestParameterResolver);
        this.order = Integer.MAX_VALUE;
    }

    @Override // org.apereo.cas.support.oauth.validator.OAuth20RequestValidator
    public boolean validate(WebContext webContext) {
        return ((Boolean) this.requestParameterResolver.resolveRequestParameter(webContext, "client_id").map(str -> {
            if (this.requestParameterResolver.isAuthorizedResponseTypeForService(webContext, getRegisteredServiceByClientId(str))) {
                return true;
            }
            String format = String.format("Client is not allowed to use the [%s] response type", this.requestParameterResolver.resolveRequestParameter(webContext, "response_type").orElse("unknown"));
            LOGGER.warn(format);
            setErrorDetails(webContext, "unauthorized_client", format, true);
            return false;
        }).orElse(false)).booleanValue();
    }

    @Override // org.apereo.cas.support.oauth.validator.OAuth20RequestValidator
    public boolean supports(WebContext webContext) throws Exception {
        if (preValidate(webContext)) {
            return OAuth20Utils.isResponseType((String) this.requestParameterResolver.resolveRequestParameter(webContext, "response_type").map((v0) -> {
                return String.valueOf(v0);
            }).orElse(""), getResponseType());
        }
        return false;
    }

    public OAuth20ResponseTypes getResponseType() {
        return OAuth20ResponseTypes.CODE;
    }

    @Override // org.springframework.core.Ordered
    @Generated
    public int getOrder() {
        return this.order;
    }

    @Generated
    public void setOrder(int i) {
        this.order = i;
    }
}
