package com.sun.jersey.oauth.server.api.resources;

import com.sun.jersey.api.Responses;
import com.sun.jersey.api.core.HttpContext;
import com.sun.jersey.api.representation.Form;
import com.sun.jersey.oauth.server.OAuthException;
import com.sun.jersey.oauth.server.OAuthServerRequest;
import com.sun.jersey.oauth.server.spi.OAuthConsumer;
import com.sun.jersey.oauth.server.spi.OAuthProvider;
import com.sun.jersey.oauth.server.spi.OAuthToken;
import com.sun.jersey.oauth.signature.OAuthParameters;
import com.sun.jersey.oauth.signature.OAuthSecrets;
import com.sun.jersey.oauth.signature.OAuthSignature;
import com.sun.jersey.oauth.signature.OAuthSignatureException;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.ws.rs.Consumes;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import javax.ws.rs.WebApplicationException;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Request;
import javax.ws.rs.core.Response;

@Path("/accessToken")
/* loaded from: input_file:WEB-INF/lib/oauth-server-1.13.jar:com/sun/jersey/oauth/server/api/resources/AccessTokenRequest.class */
public class AccessTokenRequest {

    @Context
    private OAuthProvider provider;

    @POST
    @Produces({MediaType.APPLICATION_FORM_URLENCODED})
    @Consumes({MediaType.APPLICATION_FORM_URLENCODED})
    public Response postAccessTokenRequest(@Context HttpContext httpContext, @Context Request request) {
        try {
            boolean z = false;
            OAuthServerRequest oAuthServerRequest = new OAuthServerRequest(httpContext.getRequest());
            OAuthParameters oAuthParameters = new OAuthParameters();
            oAuthParameters.readRequest(oAuthServerRequest);
            if (oAuthParameters.getToken() == null) {
                throw new WebApplicationException(new Throwable("oauth_token MUST be present."), Responses.CLIENT_ERROR);
            }
            String consumerKey = oAuthParameters.getConsumerKey();
            if (consumerKey == null) {
                throw new OAuthException(Response.Status.BAD_REQUEST, null);
            }
            OAuthToken requestToken = this.provider.getRequestToken(oAuthParameters.getToken());
            if (requestToken == null) {
                throw new OAuthException(Response.Status.BAD_REQUEST, null);
            }
            OAuthConsumer consumer = requestToken.getConsumer();
            if (consumer == null || !consumerKey.equals(consumer.getKey())) {
                throw new OAuthException(Response.Status.BAD_REQUEST, null);
            }
            try {
                z = OAuthSignature.verify(oAuthServerRequest, oAuthParameters, new OAuthSecrets().consumerSecret(consumer.getSecret()).tokenSecret(requestToken.getSecret()));
            } catch (OAuthSignatureException e) {
                Logger.getLogger(AccessTokenRequest.class.getName()).log(Level.SEVERE, (String) null, (Throwable) e);
            }
            if (!z) {
                throw new OAuthException(Response.Status.BAD_REQUEST, null);
            }
            OAuthToken newAccessToken = this.provider.newAccessToken(requestToken, oAuthParameters.getVerifier());
            if (newAccessToken == null) {
                throw new OAuthException(Response.Status.BAD_REQUEST, null);
            }
            Form form = new Form();
            form.putSingle(OAuthParameters.TOKEN, newAccessToken.getToken());
            form.putSingle(OAuthParameters.TOKEN_SECRET, newAccessToken.getSecret());
            form.putAll(newAccessToken.getAttributes());
            return Response.ok(form).build();
        } catch (OAuthException e2) {
            return e2.toResponse();
        }
    }
}
