package org.pageseeder.oauth.servlet;

import java.io.IOException;
import java.io.PrintWriter;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.pageseeder.oauth.OAuthException;
import org.pageseeder.oauth.OAuthParameter;
import org.pageseeder.oauth.OAuthProblem;
import org.pageseeder.oauth.OAuthRequest;
import org.pageseeder.oauth.server.OAuthAccessToken;
import org.pageseeder.oauth.server.OAuthClient;
import org.pageseeder.oauth.server.OAuthConfig;
import org.pageseeder.oauth.server.OAuthTemporaryToken;
import org.pageseeder.oauth.server.OAuthTokens;
import org.pageseeder.oauth.signature.OAuthSignatures;
import org.pageseeder.oauth.util.Strings;

/* loaded from: input_file:org/pageseeder/oauth/servlet/OAuthTokenServlet.class */
public final class OAuthTokenServlet extends HttpServlet {
    private static final long serialVersionUID = -4059518100034539760L;

    protected void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        httpServletResponse.setHeader("Allow", "POST");
        httpServletResponse.sendError(405, "Only POST can be used to request OAuth token credentials");
    }

    protected void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        try {
            doProvideTokenCredentials(httpServletRequest, httpServletResponse);
        } catch (OAuthException e) {
            OAuthErrorHandler.handle(httpServletResponse, e);
        }
    }

    private static final void doProvideTokenCredentials(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws OAuthException, IOException {
        OAuthConfig oAuthConfig = OAuthConfig.getInstance();
        OAuthRequest parse = OAuthRequest.parse(httpServletRequest);
        parse.checkRequired(OAuthParameter.TOKEN_CREDENTIALS_REQUIRED);
        OAuthClient byKey = oAuthConfig.manager().getByKey(parse.getOAuthParameter(OAuthParameter.oauth_consumer_key));
        if (byKey == null) {
            throw new OAuthException(OAuthProblem.consumer_key_unknown);
        }
        String oAuthParameter = parse.getOAuthParameter(OAuthParameter.oauth_signature_method);
        String oAuthParameter2 = parse.getOAuthParameter(OAuthParameter.oauth_signature);
        OAuthTemporaryToken temporary = OAuthTokens.getTemporary(parse.getOAuthParameter(OAuthParameter.oauth_token));
        if (temporary == null) {
            throw new OAuthException(OAuthProblem.token_rejected);
        }
        if (temporary.hasExpired()) {
            throw new OAuthException(OAuthProblem.token_expired);
        }
        if (temporary.isUsed()) {
            throw new OAuthException(OAuthProblem.token_used);
        }
        temporary.marksAsUsed();
        if (!Strings.equals(oAuthParameter2, OAuthSignatures.newSigner(oAuthParameter).getSignature(parse.toSignatureBaseString(), byKey.getCredentials().secret(), temporary.credentials().secret()))) {
            throw new OAuthException(OAuthProblem.signature_invalid);
        }
        OAuthAccessToken newToken = oAuthConfig.factory().newToken(byKey);
        oAuthConfig.listener().token(temporary, newToken, httpServletRequest);
        httpServletResponse.setContentType("application/x-www-form-urlencoded");
        PrintWriter writer = httpServletResponse.getWriter();
        writer.print("oauth_token=" + newToken.credentials().identifier() + "&oauth_token_secret=" + newToken.credentials().secret());
        writer.flush();
    }
}
