package org.opends.server.protocols.http.authz;

import java.net.URI;
import java.net.URISyntaxException;
import org.forgerock.http.HttpApplicationException;
import org.forgerock.http.handler.HttpClientHandler;
import org.forgerock.http.oauth2.AccessTokenResolver;
import org.forgerock.http.oauth2.resolver.OpenAmAccessTokenResolver;
import org.forgerock.opendj.config.server.ConfigException;
import org.forgerock.opendj.server.config.server.HTTPOauth2OpenamAuthorizationMechanismCfg;
import org.forgerock.util.time.TimeService;
import org.opends.messages.ConfigMessages;
import org.opends.server.core.ServerContext;

/* loaded from: input_file:org/opends/server/protocols/http/authz/HttpOAuth2OpenAmAuthorizationMechanism.class */
final class HttpOAuth2OpenAmAuthorizationMechanism extends HttpOAuth2AuthorizationMechanism<HTTPOauth2OpenamAuthorizationMechanismCfg> {
    HttpOAuth2OpenAmAuthorizationMechanism(HTTPOauth2OpenamAuthorizationMechanismCfg hTTPOauth2OpenamAuthorizationMechanismCfg, ServerContext serverContext) throws ConfigException {
        super(hTTPOauth2OpenamAuthorizationMechanismCfg, serverContext);
    }

    @Override // org.opends.server.protocols.http.authz.HttpOAuth2AuthorizationMechanism
    AccessTokenResolver newAccessTokenResolver() throws ConfigException {
        try {
            new URI(((HTTPOauth2OpenamAuthorizationMechanismCfg) this.config).getTokenInfoUrl());
            try {
                return new OpenAmAccessTokenResolver(new HttpClientHandler(toHttpOptions(((HTTPOauth2OpenamAuthorizationMechanismCfg) this.config).getTrustManagerProviderDN(), ((HTTPOauth2OpenamAuthorizationMechanismCfg) this.config).getKeyManagerProviderDN())), TimeService.SYSTEM, ((HTTPOauth2OpenamAuthorizationMechanismCfg) this.config).getTokenInfoUrl());
            } catch (HttpApplicationException e) {
                throw new ConfigException(ConfigMessages.ERR_CONFIG_OAUTH2_CONFIG_ERROR.get(((HTTPOauth2OpenamAuthorizationMechanismCfg) this.config).dn(), e.getMessage()), e);
            }
        } catch (URISyntaxException e2) {
            throw new ConfigException(ConfigMessages.ERR_CONFIG_OAUTH2_INVALID_URL.get(((HTTPOauth2OpenamAuthorizationMechanismCfg) this.config).dn(), ((HTTPOauth2OpenamAuthorizationMechanismCfg) this.config).getTokenInfoUrl(), e2.getMessage()), e2);
        }
    }
}
