package org.restlet.ext.oauth;

import org.restlet.Context;
import org.restlet.Request;
import org.restlet.Response;
import org.restlet.data.ChallengeResponse;
import org.restlet.data.ChallengeScheme;
import org.restlet.data.Form;
import org.restlet.ext.oauth.internal.Client;
import org.restlet.ext.oauth.internal.ClientManager;
import org.restlet.security.SecretVerifier;
import org.restlet.security.User;
import org.restlet.security.Verifier;

/* loaded from: input_file:org/restlet/ext/oauth/ClientVerifier.class */
public class ClientVerifier implements Verifier {
    private Context context;
    private boolean acceptBodyMethod = false;

    public ClientVerifier(Context context) {
        this.context = context;
    }

    public int verify(Request request, Response response) {
        String identifier;
        char[] secret;
        ChallengeResponse challengeResponse = request.getChallengeResponse();
        if (challengeResponse == null) {
            if (!isAcceptBodyMethod()) {
                return 0;
            }
            Form form = new Form(request.getEntity());
            identifier = form.getFirstValue(OAuthResourceDefs.CLIENT_ID);
            if (identifier == null || identifier.isEmpty()) {
                return 0;
            }
            String firstValue = form.getFirstValue(OAuthResourceDefs.CLIENT_SECRET);
            secret = (firstValue == null || firstValue.isEmpty()) ? new char[0] : firstValue.toCharArray();
            request.setEntity(form.getWebRepresentation());
        } else {
            if (!challengeResponse.getScheme().equals(ChallengeScheme.HTTP_BASIC)) {
                return 3;
            }
            identifier = challengeResponse.getIdentifier();
            secret = challengeResponse.getSecret();
        }
        int verify = verify(identifier, secret);
        if (verify == 4) {
            request.getClientInfo().setUser(new User(identifier));
        } else {
            response.setEntity(OAuthServerResource.responseErrorRepresentation(new OAuthException(OAuthError.invalid_client, "Invalid client", null)));
        }
        return verify;
    }

    private int verify(String str, char[] cArr) {
        Client findById = ((ClientManager) this.context.getAttributes().get(ClientManager.class.getName())).findById(str);
        if (findById == null) {
            return 5;
        }
        return !SecretVerifier.compare(findById.getClientSecret(), cArr) ? -1 : 4;
    }

    public boolean isAcceptBodyMethod() {
        return this.acceptBodyMethod;
    }

    public void setAcceptBodyMethod(boolean z) {
        this.acceptBodyMethod = z;
    }
}
