package org.apereo.cas.support.oauth.validator;

import javax.servlet.http.HttpServletRequest;
import org.apereo.cas.services.RegisteredService;
import org.apereo.cas.services.ServicesManager;
import org.apereo.cas.support.oauth.OAuth20GrantTypes;
import org.apereo.cas.support.oauth.services.OAuthRegisteredService;
import org.apereo.cas.support.oauth.util.OAuth20Utils;
import org.pac4j.core.context.J2EContext;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apereo/cas/support/oauth/validator/OAuth20RefreshTokenGrantTypeRequestValidator.class */
public class OAuth20RefreshTokenGrantTypeRequestValidator implements OAuth20RequestValidator {
    private static final Logger LOGGER = LoggerFactory.getLogger(OAuth20RefreshTokenGrantTypeRequestValidator.class);
    private final ServicesManager servicesManager;
    private final OAuth20Validator validator;

    public OAuth20RefreshTokenGrantTypeRequestValidator(ServicesManager servicesManager, OAuth20Validator oAuth20Validator) {
        this.servicesManager = servicesManager;
        this.validator = oAuth20Validator;
    }

    @Override // org.apereo.cas.support.oauth.validator.OAuth20RequestValidator
    public boolean validate(J2EContext j2EContext) {
        HttpServletRequest request = j2EContext.getRequest();
        if (!this.validator.checkParameterExist(request, "grant_type")) {
            LOGGER.warn("Grant type must be specified");
            return false;
        }
        String requestParameter = j2EContext.getRequestParameter("grant_type");
        if (!this.validator.checkParameterExist(request, "client_id")) {
            LOGGER.warn("Client id not specified for grant type [{}]", requestParameter);
            return false;
        }
        if (!this.validator.checkParameterExist(request, "secret")) {
            LOGGER.warn("Client secret is not specified for grant type [{}]", requestParameter);
            return false;
        }
        if (!this.validator.checkParameterExist(request, "refresh_token")) {
            LOGGER.warn("Refresh token is not specified for grant type [{}]", requestParameter);
            return false;
        }
        RegisteredService registeredServiceByClientId = getRegisteredServiceByClientId(j2EContext.getRequestParameter("client_id"));
        if (this.validator.checkServiceValid(registeredServiceByClientId)) {
            return OAuth20Utils.isAuthorizedGrantTypeForService(j2EContext, registeredServiceByClientId);
        }
        LOGGER.warn("Registered service [{}] is not found or is not authorized for access.", registeredServiceByClientId);
        return false;
    }

    protected OAuthRegisteredService getRegisteredServiceByClientId(String str) {
        return OAuth20Utils.getRegisteredOAuthService(this.servicesManager, str);
    }

    @Override // org.apereo.cas.support.oauth.validator.OAuth20RequestValidator
    public boolean supports(J2EContext j2EContext) {
        return OAuth20Utils.isGrantType(j2EContext.getRequestParameter("grant_type"), OAuth20GrantTypes.PASSWORD);
    }
}
