package io.jans.inbound.oauth2;

import com.nimbusds.oauth2.sdk.AuthorizationCode;
import com.nimbusds.oauth2.sdk.AuthorizationCodeGrant;
import com.nimbusds.oauth2.sdk.AuthorizationRequest;
import com.nimbusds.oauth2.sdk.AuthorizationResponse;
import com.nimbusds.oauth2.sdk.ErrorObject;
import com.nimbusds.oauth2.sdk.GeneralException;
import com.nimbusds.oauth2.sdk.ResponseType;
import com.nimbusds.oauth2.sdk.Scope;
import com.nimbusds.oauth2.sdk.TokenRequest;
import com.nimbusds.oauth2.sdk.TokenResponse;
import com.nimbusds.oauth2.sdk.auth.ClientSecretBasic;
import com.nimbusds.oauth2.sdk.auth.Secret;
import com.nimbusds.oauth2.sdk.http.HTTPRequest;
import com.nimbusds.oauth2.sdk.id.ClientID;
import com.nimbusds.oauth2.sdk.id.State;
import com.nimbusds.oauth2.sdk.token.RefreshToken;
import io.jans.util.Pair;
import jakarta.ws.rs.core.MultivaluedHashMap;
import jakarta.ws.rs.core.MultivaluedMap;
import java.io.IOException;
import java.net.URI;
import java.net.URISyntaxException;
import java.util.Collection;
import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Objects;

/* loaded from: input_file:io/jans/inbound/oauth2/CodeGrantUtil.class */
public class CodeGrantUtil {
    private OAuthParams p;

    public CodeGrantUtil() {
    }

    public CodeGrantUtil(OAuthParams oAuthParams) {
        this.p = oAuthParams;
    }

    public Pair<String, String> makeAuthzRequest() throws URISyntaxException {
        URI uri = new URI(this.p.getAuthzEndpoint());
        ClientID clientID = new ClientID(this.p.getClientId());
        URI uri2 = new URI(this.p.getRedirectUri());
        State state = new State();
        AuthorizationRequest.Builder endpointURI = new AuthorizationRequest.Builder(new ResponseType(new ResponseType.Value[]{ResponseType.Value.CODE}), clientID).scope(new Scope((String[]) this.p.getScopes().toArray(new String[0]))).state(state).redirectionURI(uri2).endpointURI(uri);
        if (this.p.getCustParamsAuthReq() != null) {
            Map<String, String> custParamsAuthReq = this.p.getCustParamsAuthReq();
            Objects.requireNonNull(endpointURI);
            custParamsAuthReq.forEach((str, str2) -> {
                endpointURI.customParameter(str, new String[]{str2});
            });
        }
        return new Pair<>(endpointURI.build().toURI().toString(), state.getValue());
    }

    public String parseCode(Map<String, Object> map, String str) throws URISyntaxException, GeneralException {
        AuthorizationResponse parse = AuthorizationResponse.parse(new URI(this.p.getRedirectUri()), toMultivaluedMap(map));
        if (!str.equals(parse.getState().getValue())) {
            throw new GeneralException("Unexpected or tampered response");
        }
        if (parse.indicatesSuccess()) {
            return parse.toSuccessResponse().getAuthorizationCode().getValue();
        }
        throw exFromError(parse.toErrorResponse().getErrorObject());
    }

    public Map<String, Object> getTokenResponse(String str) throws URISyntaxException, IOException, GeneralException {
        TokenRequest tokenRequest;
        AuthorizationCodeGrant authorizationCodeGrant = new AuthorizationCodeGrant(new AuthorizationCode(str), new URI(this.p.getRedirectUri()));
        ClientID clientID = new ClientID(this.p.getClientId());
        ClientSecretBasic clientSecretBasic = new ClientSecretBasic(clientID, new Secret(this.p.getClientSecret()));
        URI uri = new URI(this.p.getTokenEndpoint());
        HashMap hashMap = new HashMap();
        if (this.p.getCustParamsTokenReq() != null) {
            this.p.getCustParamsTokenReq().forEach((str2, str3) -> {
                hashMap.put(str2, Collections.singletonList(str3));
            });
        }
        if (this.p.isClientCredsInRequestBody()) {
            hashMap.put("client_id", Collections.singletonList(this.p.getClientId()));
            hashMap.put("client_secret", Collections.singletonList(this.p.getClientSecret()));
            tokenRequest = new TokenRequest(uri, clientID, authorizationCodeGrant, (Scope) null, (List) null, (RefreshToken) null, hashMap);
        } else {
            tokenRequest = new TokenRequest(uri, clientSecretBasic, authorizationCodeGrant, (Scope) null, (List) null, hashMap);
        }
        HTTPRequest hTTPRequest = tokenRequest.toHTTPRequest();
        hTTPRequest.setAccept("application/json");
        TokenResponse parse = TokenResponse.parse(hTTPRequest.send());
        if (parse.indicatesSuccess()) {
            return parse.toSuccessResponse().toJSONObject();
        }
        throw exFromError(parse.toErrorResponse().getErrorObject());
    }

    private MultivaluedMap<String, String> toMultivaluedMap(Map<String, Object> map) {
        MultivaluedHashMap multivaluedHashMap = new MultivaluedHashMap();
        for (String str : map.keySet()) {
            Object obj = map.get(str);
            if (obj != null) {
                if (String.class.isInstance(obj)) {
                    multivaluedHashMap.putSingle(str, obj.toString());
                } else if (Collection.class.isAssignableFrom(obj.getClass())) {
                    ((Collection) obj).forEach(obj2 -> {
                        multivaluedHashMap.add(str, obj2.toString());
                    });
                }
            }
        }
        return multivaluedHashMap;
    }

    private static GeneralException exFromError(ErrorObject errorObject) {
        HashMap hashMap = new HashMap();
        hashMap.put("HTTP status", errorObject.getHTTPStatusCode());
        String code = errorObject.getCode();
        if (code != null) {
            hashMap.put("error code", code);
        }
        String description = errorObject.getDescription();
        if (description != null) {
            hashMap.put("description", description);
        }
        String obj = hashMap.toString();
        return new GeneralException(obj.substring(1, obj.length() - 1));
    }
}
