package org.springframework.security.oauth2.consumer;

import java.io.IOException;
import java.net.URI;
import java.net.URLEncoder;
import java.util.Map;
import org.apache.batik.util.XMLConstants;
import org.springframework.http.HttpMethod;
import org.springframework.http.client.ClientHttpRequest;
import org.springframework.http.client.ClientHttpRequestFactory;
import org.springframework.security.oauth2.common.OAuth2AccessToken;
import org.springframework.security.oauth2.consumer.OAuth2ProtectedResourceDetails;

/* loaded from: input_file:WEB-INF/lib/spring-security-oauth-1.0.0.M2.jar:org/springframework/security/oauth2/consumer/OAuth2ClientHttpRequestFactory.class */
public class OAuth2ClientHttpRequestFactory implements ClientHttpRequestFactory {
    private final ClientHttpRequestFactory delegate;
    private final OAuth2ProtectedResourceDetails resource;

    public OAuth2ClientHttpRequestFactory(ClientHttpRequestFactory clientHttpRequestFactory, OAuth2ProtectedResourceDetails oAuth2ProtectedResourceDetails) {
        this.delegate = clientHttpRequestFactory;
        this.resource = oAuth2ProtectedResourceDetails;
        if (clientHttpRequestFactory == null) {
            throw new IllegalArgumentException("A delegate must be supplied for an OAuth2ClientHttpRequestFactory.");
        }
        if (oAuth2ProtectedResourceDetails == null) {
            throw new IllegalArgumentException("A resource must be supplied for an OAuth2ClientHttpRequestFactory.");
        }
    }

    @Override // org.springframework.http.client.ClientHttpRequestFactory
    public ClientHttpRequest createRequest(URI uri, HttpMethod httpMethod) throws IOException {
        OAuth2SecurityContext context = OAuth2SecurityContextHolder.getContext();
        if (context == null) {
            throw new IllegalStateException("No OAuth 2 security context has been established. Unable to access resource '" + this.resource.getId() + "'.");
        }
        Map<String, OAuth2AccessToken> accessTokens = context.getAccessTokens();
        OAuth2AccessToken oAuth2AccessToken = accessTokens == null ? null : accessTokens.get(this.resource.getId());
        if (oAuth2AccessToken == null) {
            throw new OAuth2AccessTokenRequiredException("No OAuth 2 security context has been established. Unable to access resource '" + this.resource.getId() + "'.", this.resource);
        }
        OAuth2ProtectedResourceDetails.BearerTokenMethod bearerTokenMethod = this.resource.getBearerTokenMethod();
        if (OAuth2ProtectedResourceDetails.BearerTokenMethod.query.equals(bearerTokenMethod)) {
            uri = appendQueryParameter(uri, oAuth2AccessToken);
        }
        ClientHttpRequest createRequest = this.delegate.createRequest(uri, httpMethod);
        if (OAuth2ProtectedResourceDetails.BearerTokenMethod.header.equals(bearerTokenMethod)) {
            createRequest.getHeaders().add("Authorization", String.format("OAuth %s", oAuth2AccessToken.getValue()));
        }
        return createRequest;
    }

    protected URI appendQueryParameter(URI uri, OAuth2AccessToken oAuth2AccessToken) {
        try {
            String query = uri.getQuery();
            if (query == null) {
                query = (this.resource.getBearerTokenName() == null ? "oauth_token" : this.resource.getBearerTokenName()) + XMLConstants.XML_EQUAL_SIGN + URLEncoder.encode(oAuth2AccessToken.getValue(), "UTF-8");
            }
            return new URI(uri.getScheme(), uri.getUserInfo(), uri.getHost(), uri.getPort(), uri.getPath(), query, uri.getFragment());
        } catch (RuntimeException e) {
            throw e;
        } catch (Exception e2) {
            throw new RuntimeException(e2);
        }
    }
}
