package com.ibm.ws.security.oauth20.error.impl;

import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.oauth.core.api.OAuthResult;
import com.ibm.oauth.core.api.error.oauth20.OAuth20Exception;
import com.ibm.oauth.core.api.error.oauth20.OAuth20ExceptionUtil;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.security.oauth20.error.OAuthExceptionHandler;
import com.ibm.ws.security.oauth20.util.JSONUtil;
import java.io.IOException;
import java.util.HashMap;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/* loaded from: input_file:WebSphereOauth20SPWeb.war:WEB-INF/lib/oauth20.web.jar:com/ibm/ws/security/oauth20/error/impl/OAuth20TokenRequestExceptionHandler.class */
public class OAuth20TokenRequestExceptionHandler implements OAuthExceptionHandler {
    private static final TraceComponent tc = Tr.register(OAuth20TokenRequestExceptionHandler.class, "OAuth20Provider", "com.ibm.ws.security.oauth20.resources.ProviderMsgs");
    public static final String EXAMPLE_WWW_AUTHENTICATE_BASIC_VALUE = "Basic: realm=\"test\"";

    @Override // com.ibm.ws.security.oauth20.error.OAuthExceptionHandler
    public void handleResultException(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, OAuthResult oAuthResult) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "handleResultException", oAuthResult);
        }
        boolean z = false;
        if (oAuthResult.getStatus() != 0) {
            OAuth20Exception cause = oAuthResult.getCause();
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "com.ibm.ws.security.oauth20.web.OAuth20EndpointServlet.TokenRequest result is bad", new Object[]{cause});
            }
            if (cause != null) {
                FFDCFilter.processException(cause, "com.ibm.ws.security.oauth20.web.OAuth20EndpointServlet.TokenRequest", "76", this);
                if (cause instanceof OAuth20Exception) {
                    OAuth20Exception oAuth20Exception = cause;
                    String error = oAuth20Exception.getError();
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "processing exception with OAuthResult: " + error);
                    }
                    if ("invalid_client".equals(error)) {
                        httpServletResponse.setStatus(401);
                    } else if ("invalid_grant".equals(error) || "invalid_token".equals(error)) {
                        httpServletResponse.setStatus(401);
                    } else {
                        httpServletResponse.setStatus(400);
                    }
                    httpServletResponse.setHeader(OAuthExceptionHandler.CACHE_CONTROL, OAuthExceptionHandler.CACHE_CONTROL_VALUE);
                    httpServletResponse.setHeader(OAuthExceptionHandler.PRAGMA, OAuthExceptionHandler.PRAGMA_VALUE);
                    httpServletResponse.setHeader("Content-Type", OAuthExceptionHandler.CONTENT_TYPE_JSON);
                    String message = OAuth20ExceptionUtil.getMessage(oAuth20Exception, httpServletRequest.getLocale());
                    HashMap hashMap = new HashMap();
                    hashMap.put("error", error);
                    hashMap.put("error_description", message);
                    try {
                        httpServletResponse.getWriter().print(JSONUtil.getJSON(hashMap));
                        z = true;
                    } catch (IOException e) {
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "Internal error writing JSON response", new Object[]{e});
                        }
                    }
                }
                if (!z) {
                    try {
                        httpServletResponse.getWriter().print(OAuth20ExceptionUtil.getMessage(cause, httpServletRequest.getLocale()));
                    } catch (IOException e2) {
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "Internal error", new Object[]{e2});
                        }
                    }
                }
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "handleResultException", oAuthResult);
        }
    }
}
