package org.apereo.cas.support.oauth.web.response.accesstoken;

import lombok.Generated;
import org.apache.commons.lang3.tuple.Pair;
import org.apereo.cas.authentication.Authentication;
import org.apereo.cas.authentication.DefaultAuthenticationBuilder;
import org.apereo.cas.support.oauth.web.response.accesstoken.ext.AccessTokenRequestDataHolder;
import org.apereo.cas.ticket.OAuthToken;
import org.apereo.cas.ticket.TicketGrantingTicket;
import org.apereo.cas.ticket.TicketState;
import org.apereo.cas.ticket.accesstoken.AccessToken;
import org.apereo.cas.ticket.accesstoken.AccessTokenFactory;
import org.apereo.cas.ticket.code.OAuthCode;
import org.apereo.cas.ticket.refreshtoken.RefreshToken;
import org.apereo.cas.ticket.refreshtoken.RefreshTokenFactory;
import org.apereo.cas.ticket.registry.TicketRegistry;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apereo/cas/support/oauth/web/response/accesstoken/OAuth20DefaultTokenGenerator.class */
public class OAuth20DefaultTokenGenerator implements OAuth20TokenGenerator {

    @Generated
    private static final Logger LOGGER = LoggerFactory.getLogger(OAuth20DefaultTokenGenerator.class);
    protected final AccessTokenFactory accessTokenFactory;
    protected final RefreshTokenFactory refreshTokenFactory;
    protected final TicketRegistry ticketRegistry;

    @Override // org.apereo.cas.support.oauth.web.response.accesstoken.OAuth20TokenGenerator
    public Pair<AccessToken, RefreshToken> generate(AccessTokenRequestDataHolder accessTokenRequestDataHolder) {
        LOGGER.debug("Creating refresh token for [{}]", accessTokenRequestDataHolder.getService());
        Authentication build = DefaultAuthenticationBuilder.newInstance(accessTokenRequestDataHolder.getAuthentication()).addAttribute("grant_type", accessTokenRequestDataHolder.getGrantType().toString()).build();
        LOGGER.debug("Creating access token for [{}]", accessTokenRequestDataHolder);
        AccessToken create = this.accessTokenFactory.create(accessTokenRequestDataHolder.getService(), build, accessTokenRequestDataHolder.getTicketGrantingTicket(), accessTokenRequestDataHolder.getScopes());
        LOGGER.debug("Created access token [{}]", create);
        addTicketToRegistry(create, accessTokenRequestDataHolder.getTicketGrantingTicket());
        LOGGER.debug("Added access token [{}] to registry", create);
        if (accessTokenRequestDataHolder.getToken() instanceof OAuthCode) {
            ((TicketState) TicketState.class.cast(accessTokenRequestDataHolder.getToken())).update();
            if (accessTokenRequestDataHolder.getToken().isExpired()) {
                this.ticketRegistry.deleteTicket(accessTokenRequestDataHolder.getToken().getId());
            } else {
                this.ticketRegistry.updateTicket(accessTokenRequestDataHolder.getToken());
            }
            this.ticketRegistry.updateTicket(accessTokenRequestDataHolder.getTicketGrantingTicket());
        }
        RefreshToken refreshToken = null;
        if (accessTokenRequestDataHolder.isGenerateRefreshToken()) {
            refreshToken = generateRefreshToken(accessTokenRequestDataHolder);
            LOGGER.debug("Refresh Token: [{}]", refreshToken);
        } else {
            LOGGER.debug("Service [{}] is not able/allowed to receive refresh tokens", accessTokenRequestDataHolder.getService());
        }
        return Pair.of(create, refreshToken);
    }

    protected void addTicketToRegistry(OAuthToken oAuthToken, TicketGrantingTicket ticketGrantingTicket) {
        LOGGER.debug("Adding OAuth ticket [{}] to registry", oAuthToken);
        this.ticketRegistry.addTicket(oAuthToken);
        if (ticketGrantingTicket != null) {
            LOGGER.debug("Updating ticket-granting ticket [{}]", ticketGrantingTicket);
            this.ticketRegistry.updateTicket(ticketGrantingTicket);
        }
    }

    private RefreshToken generateRefreshToken(AccessTokenRequestDataHolder accessTokenRequestDataHolder) {
        LOGGER.debug("Creating refresh token for [{}]", accessTokenRequestDataHolder.getService());
        RefreshToken create = this.refreshTokenFactory.create(accessTokenRequestDataHolder.getService(), accessTokenRequestDataHolder.getAuthentication(), accessTokenRequestDataHolder.getTicketGrantingTicket(), accessTokenRequestDataHolder.getScopes());
        LOGGER.debug("Adding refresh token [{}] to the registry", create);
        addTicketToRegistry(create, accessTokenRequestDataHolder.getTicketGrantingTicket());
        return create;
    }

    @Generated
    public OAuth20DefaultTokenGenerator(AccessTokenFactory accessTokenFactory, RefreshTokenFactory refreshTokenFactory, TicketRegistry ticketRegistry) {
        this.accessTokenFactory = accessTokenFactory;
        this.refreshTokenFactory = refreshTokenFactory;
        this.ticketRegistry = ticketRegistry;
    }
}
