package com.liferay.oauth2.provider.web.internal.portlet.action;

import com.liferay.document.library.util.DLURLHelper;
import com.liferay.oauth2.provider.exception.NoSuchOAuth2ApplicationException;
import com.liferay.oauth2.provider.model.OAuth2Application;
import com.liferay.oauth2.provider.model.OAuth2ApplicationScopeAliases;
import com.liferay.oauth2.provider.scope.liferay.ApplicationDescriptorLocator;
import com.liferay.oauth2.provider.scope.liferay.ScopeDescriptorLocator;
import com.liferay.oauth2.provider.scope.liferay.ScopeLocator;
import com.liferay.oauth2.provider.service.OAuth2ApplicationScopeAliasesLocalService;
import com.liferay.oauth2.provider.service.OAuth2ApplicationService;
import com.liferay.oauth2.provider.service.OAuth2ScopeGrantLocalService;
import com.liferay.oauth2.provider.web.internal.AssignableScopes;
import com.liferay.oauth2.provider.web.internal.constants.OAuth2ProviderWebKeys;
import com.liferay.oauth2.provider.web.internal.display.context.OAuth2AuthorizePortletDisplayContext;
import com.liferay.portal.kernel.exception.PortalException;
import com.liferay.portal.kernel.log.Log;
import com.liferay.portal.kernel.log.LogFactoryUtil;
import com.liferay.portal.kernel.portlet.bridges.mvc.MVCRenderCommand;
import com.liferay.portal.kernel.security.auth.PrincipalException;
import com.liferay.portal.kernel.servlet.SessionErrors;
import com.liferay.portal.kernel.theme.ThemeDisplay;
import com.liferay.portal.kernel.util.OrderByComparator;
import com.liferay.portal.kernel.util.ParamUtil;
import com.liferay.portal.kernel.util.Portal;
import com.liferay.portal.kernel.util.StringUtil;
import com.liferay.portal.kernel.util.Validator;
import java.util.Arrays;
import java.util.Collections;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Map;
import java.util.stream.Stream;
import javax.portlet.PortletException;
import javax.portlet.RenderRequest;
import javax.portlet.RenderResponse;
import javax.servlet.http.HttpServletRequest;
import org.osgi.service.component.annotations.Component;
import org.osgi.service.component.annotations.Reference;

@Component(property = {"javax.portlet.name=com_liferay_oauth2_provider_web_internal_portlet_OAuth2AuthorizePortlet", "mvc.command.name=/", "mvc.command.name=/authorize/view_authorization_request"}, service = {MVCRenderCommand.class})
/* loaded from: input_file:com/liferay/oauth2/provider/web/internal/portlet/action/ViewAuthorizationRequestMVCRenderCommand.class */
public class ViewAuthorizationRequestMVCRenderCommand implements MVCRenderCommand {
    private static final Log _log = LogFactoryUtil.getLog(ViewAuthorizationRequestMVCRenderCommand.class);

    @Reference
    private ApplicationDescriptorLocator _applicationDescriptorLocator;

    @Reference
    private DLURLHelper _dlURLHelper;

    @Reference
    private OAuth2ApplicationScopeAliasesLocalService _oAuth2ApplicationScopeAliasesLocalService;

    @Reference
    private OAuth2ApplicationService _oAuth2ApplicationService;

    @Reference
    private OAuth2ScopeGrantLocalService _oAuth2ScopeGrantLocalService;

    @Reference
    private Portal _portal;

    @Reference
    private ScopeDescriptorLocator _scopeDescriptorLocator;

    @Reference
    private ScopeLocator _scopeLocator;

    public String render(RenderRequest renderRequest, RenderResponse renderResponse) throws PortletException {
        ThemeDisplay themeDisplay = (ThemeDisplay) renderRequest.getAttribute("LIFERAY_SHARED_THEME_DISPLAY");
        Map<String, String> oAuth2Parameters = getOAuth2Parameters(this._portal.getOriginalServletRequest(this._portal.getHttpServletRequest(renderRequest)));
        if (StringUtil.equals(oAuth2Parameters.get("error"), "invalid_client")) {
            SessionErrors.add(renderRequest, "clientIdInvalid");
            return "/authorize/error.jsp";
        }
        if (Validator.isBlank(oAuth2Parameters.get("redirect_uri"))) {
            SessionErrors.add(renderRequest, "redirectURIMissing");
            return "/authorize/error.jsp";
        }
        try {
            OAuth2Application oAuth2Application = this._oAuth2ApplicationService.getOAuth2Application(themeDisplay.getCompanyId(), oAuth2Parameters.get("client_id"));
            OAuth2AuthorizePortletDisplayContext oAuth2AuthorizePortletDisplayContext = new OAuth2AuthorizePortletDisplayContext(themeDisplay, this._dlURLHelper);
            oAuth2AuthorizePortletDisplayContext.setOAuth2Application(oAuth2Application);
            oAuth2AuthorizePortletDisplayContext.setOAuth2Parameters(oAuth2Parameters);
            AssignableScopes assignableScopes = new AssignableScopes(this._applicationDescriptorLocator, themeDisplay.getLocale(), this._scopeDescriptorLocator);
            if (oAuth2Application.getOAuth2ApplicationScopeAliasesId() > 0) {
                populateAssignableScopes(assignableScopes, this._oAuth2ApplicationScopeAliasesLocalService.getOAuth2ApplicationScopeAliases(oAuth2Application.getOAuth2ApplicationScopeAliasesId()), StringUtil.split(oAuth2Parameters.get("scope"), " "));
            }
            oAuth2AuthorizePortletDisplayContext.setAssignableScopes(assignableScopes);
            renderRequest.setAttribute(OAuth2ProviderWebKeys.OAUTH2_AUTHORIZE_PORTLET_DISPLAY_CONTEXT, oAuth2AuthorizePortletDisplayContext);
            return "/authorize/authorize.jsp";
        } catch (NoSuchOAuth2ApplicationException e) {
            if (_log.isDebugEnabled()) {
                _log.debug(e, e);
            }
            SessionErrors.add(renderRequest, "clientIdInvalid");
            return "/authorize/error.jsp";
        } catch (PortalException e2) {
            throw new PortletException(e2);
        } catch (PrincipalException e3) {
            if (_log.isDebugEnabled()) {
                _log.debug(e3, e3);
            }
            SessionErrors.add(renderRequest, e3.getClass());
            return "/authorize/error.jsp";
        }
    }

    protected Map<String, String> getOAuth2Parameters(HttpServletRequest httpServletRequest) {
        HashMap hashMap = new HashMap();
        Enumeration parameterNames = httpServletRequest.getParameterNames();
        while (parameterNames.hasMoreElements()) {
            String str = (String) parameterNames.nextElement();
            if (str.startsWith("oauth2_")) {
                hashMap.put(str.substring("oauth2_".length()), ParamUtil.getString(httpServletRequest, str));
            }
        }
        return hashMap;
    }

    protected void populateAssignableScopes(AssignableScopes assignableScopes, OAuth2ApplicationScopeAliases oAuth2ApplicationScopeAliases, String[] strArr) {
        HashSet hashSet = new HashSet(Arrays.asList(strArr));
        Stream map = this._oAuth2ScopeGrantLocalService.getOAuth2ScopeGrants(oAuth2ApplicationScopeAliases.getOAuth2ApplicationScopeAliasesId(), -1, -1, (OrderByComparator) null).stream().filter(oAuth2ScopeGrant -> {
            return !Collections.disjoint(oAuth2ScopeGrant.getScopeAliasesList(), hashSet);
        }).map(oAuth2ScopeGrant2 -> {
            return this._scopeLocator.getLiferayOAuth2Scope(oAuth2ScopeGrant2.getCompanyId(), oAuth2ScopeGrant2.getApplicationName(), oAuth2ScopeGrant2.getScope());
        });
        assignableScopes.getClass();
        map.forEach(assignableScopes::addLiferayOAuth2Scope);
    }
}
