package org.apereo.cas.support.oauth.validator.token;

import javax.servlet.http.HttpServletRequest;
import lombok.Generated;
import org.apereo.cas.audit.AuditableExecution;
import org.apereo.cas.support.oauth.OAuth20GrantTypes;
import org.apereo.cas.ticket.Ticket;
import org.apereo.cas.ticket.refreshtoken.RefreshToken;
import org.apereo.cas.ticket.registry.TicketRegistry;
import org.apereo.cas.util.HttpRequestUtils;
import org.pac4j.core.context.J2EContext;
import org.pac4j.core.profile.ProfileManager;
import org.pac4j.core.profile.UserProfile;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apereo/cas/support/oauth/validator/token/OAuth20RefreshTokenGrantTypeTokenRequestValidator.class */
public class OAuth20RefreshTokenGrantTypeTokenRequestValidator extends BaseOAuth20TokenRequestValidator {

    @Generated
    private static final Logger LOGGER = LoggerFactory.getLogger(OAuth20RefreshTokenGrantTypeTokenRequestValidator.class);
    private final TicketRegistry ticketRegistry;

    public OAuth20RefreshTokenGrantTypeTokenRequestValidator(AuditableExecution auditableExecution, TicketRegistry ticketRegistry) {
        super(auditableExecution);
        this.ticketRegistry = ticketRegistry;
    }

    @Override // org.apereo.cas.support.oauth.validator.token.BaseOAuth20TokenRequestValidator
    protected OAuth20GrantTypes getGrantType() {
        return OAuth20GrantTypes.REFRESH_TOKEN;
    }

    @Override // org.apereo.cas.support.oauth.validator.token.BaseOAuth20TokenRequestValidator
    protected boolean validateInternal(J2EContext j2EContext, String str, ProfileManager profileManager, UserProfile userProfile) {
        HttpServletRequest request = j2EContext.getRequest();
        if (!HttpRequestUtils.doesParameterExist(request, "refresh_token") || !HttpRequestUtils.doesParameterExist(request, "client_id") || !HttpRequestUtils.doesParameterExist(request, "client_secret")) {
            return false;
        }
        String parameter = request.getParameter("refresh_token");
        Ticket ticket = this.ticketRegistry.getTicket(parameter);
        if (ticket == null) {
            LOGGER.warn("Provided refresh token [{}] cannot be found in the registry", parameter);
            return false;
        }
        if (!RefreshToken.class.isAssignableFrom(ticket.getClass())) {
            LOGGER.warn("Provided refresh token [{}] is found in the registry but its type is not classified as a refresh token", parameter);
            return false;
        }
        if (!ticket.isExpired()) {
            return true;
        }
        LOGGER.warn("Provided refresh token [{}] has expired and is no longer valid.", parameter);
        return false;
    }
}
