package pl.touk.widerest.security.oauth2;

import java.util.Map;
import org.springframework.security.oauth2.common.exceptions.InvalidScopeException;
import org.springframework.security.oauth2.common.util.OAuth2Utils;
import org.springframework.security.oauth2.provider.AuthorizationRequest;
import org.springframework.security.oauth2.provider.ClientDetails;
import org.springframework.security.oauth2.provider.ClientDetailsService;
import org.springframework.security.oauth2.provider.TokenRequest;
import org.springframework.security.oauth2.provider.request.DefaultOAuth2RequestFactory;
import pl.touk.widerest.security.authentication.PrefixBasedAuthenticationManager;
import pl.touk.widerest.security.oauth2.jwt.WiderestUserAuthenticationConverter;

/* loaded from: input_file:pl/touk/widerest/security/oauth2/ScopedOAuth2RequestFactory.class */
public class ScopedOAuth2RequestFactory extends DefaultOAuth2RequestFactory {
    public ScopedOAuth2RequestFactory(ClientDetailsService clientDetailsService) {
        super(clientDetailsService);
    }

    public AuthorizationRequest createAuthorizationRequest(Map<String, String> map) {
        if (OAuth2Utils.parseParameterList(map.get("scope")).isEmpty()) {
            throw new InvalidScopeException("scope parameter is required");
        }
        return super.createAuthorizationRequest(map);
    }

    public TokenRequest createTokenRequest(Map<String, String> map, ClientDetails clientDetails) {
        if ("password".equals(map.get("grant_type")) && OAuth2Utils.parseParameterList(map.get("scope")).isEmpty()) {
            String str = (String) PrefixBasedAuthenticationManager.getAuthDataFromString(map.get("username")).getLeft();
            if (WiderestUserAuthenticationConverter.BACKOFFICE_SUB_PREFIX.equals(str)) {
                map.put("scope", Scope.STAFF.toString());
            } else if (WiderestUserAuthenticationConverter.SITE_SUB_PREFIX.equals(str)) {
                map.put("scope", Scope.CUSTOMER_REGISTERED.toString());
            }
        }
        return super.createTokenRequest(map, clientDetails);
    }
}
