package io.jans.as.client.model.authorize;

import com.fasterxml.jackson.core.JsonProcessingException;
import io.jans.as.client.AuthorizationRequest;
import io.jans.as.client.util.ClientUtil;
import io.jans.as.model.authorize.AuthorizeRequestParam;
import io.jans.as.model.ciba.BackchannelAuthenticationRequestParam;
import io.jans.as.model.common.Display;
import io.jans.as.model.common.Prompt;
import io.jans.as.model.common.ResponseMode;
import io.jans.as.model.common.ResponseType;
import io.jans.as.model.crypto.AbstractCryptoProvider;
import io.jans.as.model.crypto.encryption.BlockEncryptionAlgorithm;
import io.jans.as.model.crypto.encryption.KeyEncryptionAlgorithm;
import io.jans.as.model.crypto.signature.SignatureAlgorithm;
import io.jans.as.model.exception.InvalidJwtException;
import io.jans.as.model.jwe.Jwe;
import io.jans.as.model.jwe.JweEncrypterImpl;
import io.jans.as.model.jwt.Jwt;
import io.jans.as.model.jwt.JwtClaims;
import io.jans.as.model.jwt.JwtHeader;
import io.jans.as.model.jwt.JwtType;
import io.jans.as.model.util.StringUtils;
import java.io.UnsupportedEncodingException;
import java.net.URLEncoder;
import java.nio.charset.StandardCharsets;
import java.util.Collection;
import java.util.Iterator;
import java.util.List;
import org.apache.log4j.Logger;
import org.json.JSONArray;
import org.json.JSONException;
import org.json.JSONObject;

/* loaded from: input_file:io/jans/as/client/model/authorize/JwtAuthorizationRequest.class */
public class JwtAuthorizationRequest {
    private static final Logger LOG = Logger.getLogger((Class<?>) JwtAuthorizationRequest.class);
    private JwtType type;
    private SignatureAlgorithm signatureAlgorithm;
    private KeyEncryptionAlgorithm keyEncryptionAlgorithm;
    private BlockEncryptionAlgorithm blockEncryptionAlgorithm;
    private String keyId;
    private List<ResponseType> responseTypes;
    private ResponseMode responseMode;
    private String clientId;
    private List<String> scopes;
    private String redirectUri;
    private String state;
    private String nonce;
    private Display display;
    private List<Prompt> prompts;
    private Integer maxAge;
    private List<String> uiLocales;
    private List<String> claimsLocales;
    private String idTokenHint;
    private String loginHint;
    private List<String> acrValues;
    private String registration;
    private boolean requestUniqueId;
    private String aud;
    private Integer exp;
    private String iss;
    private Integer iat;
    private Integer nbf;
    private String jti;
    private String clientNotificationToken;
    private String loginHintToken;
    private String bindingMessage;
    private String userCode;
    private Integer requestedExpiry;
    private UserInfoMember userInfoMember;
    private IdTokenMember idTokenMember;
    private Jwt nestedPayload;
    private final String sharedKey;
    private final AbstractCryptoProvider cryptoProvider;

    public JwtAuthorizationRequest(AuthorizationRequest authorizationRequest, SignatureAlgorithm signatureAlgorithm, AbstractCryptoProvider abstractCryptoProvider) {
        this(authorizationRequest, signatureAlgorithm, abstractCryptoProvider, null, null, null);
    }

    public JwtAuthorizationRequest(AuthorizationRequest authorizationRequest, SignatureAlgorithm signatureAlgorithm, String str, AbstractCryptoProvider abstractCryptoProvider) {
        this(authorizationRequest, signatureAlgorithm, abstractCryptoProvider, null, null, str);
    }

    public JwtAuthorizationRequest(AuthorizationRequest authorizationRequest, KeyEncryptionAlgorithm keyEncryptionAlgorithm, BlockEncryptionAlgorithm blockEncryptionAlgorithm, AbstractCryptoProvider abstractCryptoProvider) {
        this(authorizationRequest, null, abstractCryptoProvider, keyEncryptionAlgorithm, blockEncryptionAlgorithm, null);
    }

    public JwtAuthorizationRequest(AuthorizationRequest authorizationRequest, KeyEncryptionAlgorithm keyEncryptionAlgorithm, BlockEncryptionAlgorithm blockEncryptionAlgorithm, String str) {
        this(authorizationRequest, null, null, keyEncryptionAlgorithm, blockEncryptionAlgorithm, str);
    }

    private JwtAuthorizationRequest(AuthorizationRequest authorizationRequest, SignatureAlgorithm signatureAlgorithm, AbstractCryptoProvider abstractCryptoProvider, KeyEncryptionAlgorithm keyEncryptionAlgorithm, BlockEncryptionAlgorithm blockEncryptionAlgorithm, String str) {
        setAuthorizationRequestParams(authorizationRequest);
        this.type = JwtType.JWT;
        this.signatureAlgorithm = signatureAlgorithm;
        this.cryptoProvider = abstractCryptoProvider;
        this.keyEncryptionAlgorithm = keyEncryptionAlgorithm;
        this.blockEncryptionAlgorithm = blockEncryptionAlgorithm;
        this.sharedKey = str;
        this.userInfoMember = new UserInfoMember();
        this.idTokenMember = new IdTokenMember();
    }

    private void setAuthorizationRequestParams(AuthorizationRequest authorizationRequest) {
        if (authorizationRequest != null) {
            this.responseTypes = authorizationRequest.getResponseTypes();
            this.responseMode = authorizationRequest.getResponseMode();
            this.clientId = authorizationRequest.getClientId();
            this.scopes = authorizationRequest.getScopes();
            this.redirectUri = authorizationRequest.getRedirectUri();
            this.state = authorizationRequest.getState();
            this.nonce = authorizationRequest.getNonce();
            this.display = authorizationRequest.getDisplay();
            this.prompts = authorizationRequest.getPrompts();
            this.maxAge = authorizationRequest.getMaxAge();
            this.uiLocales = authorizationRequest.getUiLocales();
            this.claimsLocales = authorizationRequest.getClaimsLocales();
            this.idTokenHint = authorizationRequest.getIdTokenHint();
            this.loginHint = authorizationRequest.getLoginHint();
            this.acrValues = authorizationRequest.getAcrValues();
            this.registration = authorizationRequest.getRegistration();
            this.requestUniqueId = authorizationRequest.isRequestSessionId();
        }
    }

    public JwtType getType() {
        return this.type;
    }

    public void setType(JwtType jwtType) {
        this.type = jwtType;
    }

    public SignatureAlgorithm getSignatureAlgorithm() {
        return this.signatureAlgorithm;
    }

    public void setAlgorithm(SignatureAlgorithm signatureAlgorithm) {
        this.signatureAlgorithm = signatureAlgorithm;
    }

    public KeyEncryptionAlgorithm getKeyEncryptionAlgorithm() {
        return this.keyEncryptionAlgorithm;
    }

    public void setKeyEncryptionAlgorithm(KeyEncryptionAlgorithm keyEncryptionAlgorithm) {
        this.keyEncryptionAlgorithm = keyEncryptionAlgorithm;
    }

    public BlockEncryptionAlgorithm getBlockEncryptionAlgorithm() {
        return this.blockEncryptionAlgorithm;
    }

    public void setBlockEncryptionAlgorithm(BlockEncryptionAlgorithm blockEncryptionAlgorithm) {
        this.blockEncryptionAlgorithm = blockEncryptionAlgorithm;
    }

    public String getKeyId() {
        return this.keyId;
    }

    public void setKeyId(String str) {
        this.keyId = str;
    }

    public boolean isRequestUniqueId() {
        return this.requestUniqueId;
    }

    public void setRequestUniqueId(boolean z) {
        this.requestUniqueId = z;
    }

    public List<ResponseType> getResponseTypes() {
        return this.responseTypes;
    }

    public void setResponseTypes(List<ResponseType> list) {
        this.responseTypes = list;
    }

    public ResponseMode getResponseMode() {
        return this.responseMode;
    }

    public void setResponseMode(ResponseMode responseMode) {
        this.responseMode = responseMode;
    }

    public String getClientId() {
        return this.clientId;
    }

    public void setClientId(String str) {
        this.clientId = str;
    }

    public List<String> getScopes() {
        return this.scopes;
    }

    public void setScopes(List<String> list) {
        this.scopes = list;
    }

    public String getRedirectUri() {
        return this.redirectUri;
    }

    public void setRedirectUri(String str) {
        this.redirectUri = str;
    }

    public String getState() {
        return this.state;
    }

    public void setState(String str) {
        this.state = str;
    }

    public String getNonce() {
        return this.nonce;
    }

    public void setNonce(String str) {
        this.nonce = str;
    }

    public Display getDisplay() {
        return this.display;
    }

    public void setDisplay(Display display) {
        this.display = display;
    }

    public List<Prompt> getPrompts() {
        return this.prompts;
    }

    public void setPrompts(List<Prompt> list) {
        this.prompts = list;
    }

    public Integer getMaxAge() {
        return this.maxAge;
    }

    public void setMaxAge(Integer num) {
        this.maxAge = num;
    }

    public List<String> getUiLocales() {
        return this.uiLocales;
    }

    public void setUiLocales(List<String> list) {
        this.uiLocales = list;
    }

    public List<String> getClaimsLocales() {
        return this.claimsLocales;
    }

    public void setClaimsLocales(List<String> list) {
        this.claimsLocales = list;
    }

    public String getIdTokenHint() {
        return this.idTokenHint;
    }

    public void setIdTokenHint(String str) {
        this.idTokenHint = str;
    }

    public String getLoginHint() {
        return this.loginHint;
    }

    public void setLoginHint(String str) {
        this.loginHint = str;
    }

    public List<String> getAcrValues() {
        return this.acrValues;
    }

    public void setAcrValues(List<String> list) {
        this.acrValues = list;
    }

    public String getRegistration() {
        return this.registration;
    }

    public void setRegistration(String str) {
        this.registration = str;
    }

    public UserInfoMember getUserInfoMember() {
        return this.userInfoMember;
    }

    public void setUserInfoMember(UserInfoMember userInfoMember) {
        this.userInfoMember = userInfoMember;
    }

    public IdTokenMember getIdTokenMember() {
        return this.idTokenMember;
    }

    public void setIdTokenMember(IdTokenMember idTokenMember) {
        this.idTokenMember = idTokenMember;
    }

    public Jwt getNestedPayload() {
        return this.nestedPayload;
    }

    public void setNestedPayload(Jwt jwt) {
        this.nestedPayload = jwt;
    }

    public void addUserInfoClaim(Claim claim) {
        this.userInfoMember.getClaims().add(claim);
    }

    public void addIdTokenClaim(Claim claim) {
        this.idTokenMember.getClaims().add(claim);
    }

    public String getAud() {
        return this.aud;
    }

    public void setAud(String str) {
        this.aud = str;
    }

    public Integer getExp() {
        return this.exp;
    }

    public void setExp(Integer num) {
        this.exp = num;
    }

    public String getIss() {
        return this.iss;
    }

    public void setIss(String str) {
        this.iss = str;
    }

    public Integer getIat() {
        return this.iat;
    }

    public void setIat(Integer num) {
        this.iat = num;
    }

    public Integer getNbf() {
        return this.nbf;
    }

    public void setNbf(Integer num) {
        this.nbf = num;
    }

    public String getJti() {
        return this.jti;
    }

    public void setJti(String str) {
        this.jti = str;
    }

    public String getClientNotificationToken() {
        return this.clientNotificationToken;
    }

    public void setClientNotificationToken(String str) {
        this.clientNotificationToken = str;
    }

    public String getLoginHintToken() {
        return this.loginHintToken;
    }

    public void setLoginHintToken(String str) {
        this.loginHintToken = str;
    }

    public String getBindingMessage() {
        return this.bindingMessage;
    }

    public void setBindingMessage(String str) {
        this.bindingMessage = str;
    }

    public String getUserCode() {
        return this.userCode;
    }

    public void setUserCode(String str) {
        this.userCode = str;
    }

    public Integer getRequestedExpiry() {
        return this.requestedExpiry;
    }

    public void setRequestedExpiry(Integer num) {
        this.requestedExpiry = num;
    }

    public String getEncodedJwt(JSONObject jSONObject) throws Exception {
        String str;
        JweEncrypterImpl jweEncrypterImpl;
        if (this.keyEncryptionAlgorithm != null && this.blockEncryptionAlgorithm != null) {
            if (this.cryptoProvider == null || jSONObject == null) {
                jweEncrypterImpl = new JweEncrypterImpl(this.keyEncryptionAlgorithm, this.blockEncryptionAlgorithm, this.sharedKey.getBytes(StandardCharsets.UTF_8));
            } else {
                jweEncrypterImpl = new JweEncrypterImpl(this.keyEncryptionAlgorithm, this.blockEncryptionAlgorithm, this.cryptoProvider.getPublicKey(this.keyId, jSONObject, null));
            }
            String base64urlencode = StringUtils.base64urlencode(ClientUtil.toPrettyJson(headerToJSONObject()));
            Jwe jwe = new Jwe();
            jwe.setHeader(new JwtHeader(base64urlencode));
            if (this.nestedPayload == null) {
                jwe.setClaims(new JwtClaims(StringUtils.base64urlencode(ClientUtil.toPrettyJson(payloadToJSONObject()))));
            } else {
                jwe.setSignedJWTPayload(this.nestedPayload);
            }
            jweEncrypterImpl.encrypt(jwe);
            str = jwe.toString();
        } else {
            if (this.cryptoProvider == null) {
                throw new Exception("The Crypto Provider cannot be null.");
            }
            JSONObject headerToJSONObject = headerToJSONObject();
            JSONObject payloadToJSONObject = payloadToJSONObject();
            String prettyJson = ClientUtil.toPrettyJson(headerToJSONObject);
            String prettyJson2 = ClientUtil.toPrettyJson(payloadToJSONObject);
            String base64urlencode2 = StringUtils.base64urlencode(prettyJson);
            String base64urlencode3 = StringUtils.base64urlencode(prettyJson2);
            str = base64urlencode2 + "." + base64urlencode3 + "." + this.cryptoProvider.sign(base64urlencode2 + "." + base64urlencode3, this.keyId, this.sharedKey, this.signatureAlgorithm);
        }
        return str;
    }

    public String getEncodedJwt() throws Exception {
        return getEncodedJwt(null);
    }

    public String getDecodedJwt() {
        String str = null;
        try {
            str = ClientUtil.toPrettyJson(payloadToJSONObject());
        } catch (JsonProcessingException | JSONException e) {
            LOG.error(e.getMessage(), e);
        }
        return str;
    }

    protected JSONObject headerToJSONObject() throws InvalidJwtException {
        JwtHeader jwtHeader = new JwtHeader();
        jwtHeader.setType(this.type);
        if (this.keyEncryptionAlgorithm == null || this.blockEncryptionAlgorithm == null) {
            jwtHeader.setAlgorithm(this.signatureAlgorithm);
        } else {
            jwtHeader.setAlgorithm(this.keyEncryptionAlgorithm);
            jwtHeader.setEncryptionMethod(this.blockEncryptionAlgorithm);
        }
        jwtHeader.setKeyId(this.keyId);
        return jwtHeader.toJsonObject();
    }

    protected JSONObject payloadToJSONObject() throws JSONException {
        JSONObject jSONObject = new JSONObject();
        try {
            if (this.responseTypes != null && !this.responseTypes.isEmpty()) {
                if (this.responseTypes.size() == 1) {
                    jSONObject.put(AuthorizeRequestParam.RESPONSE_TYPE, this.responseTypes.get(0));
                } else {
                    JSONArray jSONArray = new JSONArray();
                    Iterator<ResponseType> it = this.responseTypes.iterator();
                    while (it.hasNext()) {
                        jSONArray.put(it.next());
                    }
                    jSONObject.put(AuthorizeRequestParam.RESPONSE_TYPE, jSONArray);
                }
            }
            if (this.responseMode != null) {
                jSONObject.put(AuthorizeRequestParam.RESPONSE_MODE, this.responseMode);
            }
            if (org.apache.commons.lang.StringUtils.isNotBlank(this.clientId)) {
                jSONObject.put("client_id", this.clientId);
            }
            if (this.scopes != null && !this.scopes.isEmpty()) {
                if (this.scopes.size() == 1) {
                    jSONObject.put("scope", this.scopes.get(0));
                } else {
                    JSONArray jSONArray2 = new JSONArray();
                    Iterator<String> it2 = this.scopes.iterator();
                    while (it2.hasNext()) {
                        jSONArray2.put(it2.next());
                    }
                    jSONObject.put("scope", jSONArray2);
                }
            }
            if (org.apache.commons.lang.StringUtils.isNotBlank(this.redirectUri)) {
                jSONObject.put("redirect_uri", URLEncoder.encode(this.redirectUri, "UTF-8"));
            }
            if (org.apache.commons.lang.StringUtils.isNotBlank(this.state)) {
                jSONObject.put("state", this.state);
            }
            if (org.apache.commons.lang.StringUtils.isNotBlank(this.nonce)) {
                jSONObject.put("nonce", this.nonce);
            }
            if (this.display != null) {
                jSONObject.put(AuthorizeRequestParam.DISPLAY, this.display);
            }
            if (this.prompts != null && !this.prompts.isEmpty()) {
                JSONArray jSONArray3 = new JSONArray();
                Iterator<Prompt> it3 = this.prompts.iterator();
                while (it3.hasNext()) {
                    jSONArray3.put(it3.next());
                }
                jSONObject.put("prompt", jSONArray3);
            }
            if (this.maxAge != null) {
                jSONObject.put(AuthorizeRequestParam.MAX_AGE, this.maxAge);
            }
            if (this.uiLocales != null && !this.uiLocales.isEmpty()) {
                jSONObject.put(AuthorizeRequestParam.UI_LOCALES, new JSONArray((Collection<?>) this.uiLocales));
            }
            if (this.claimsLocales != null && !this.claimsLocales.isEmpty()) {
                jSONObject.put(AuthorizeRequestParam.CLAIMS_LOCALES, new JSONArray((Collection<?>) this.claimsLocales));
            }
            if (org.apache.commons.lang.StringUtils.isNotBlank(this.idTokenHint)) {
                jSONObject.put("id_token_hint", this.idTokenHint);
            }
            if (org.apache.commons.lang.StringUtils.isNotBlank(this.loginHint)) {
                jSONObject.put("login_hint", this.loginHint);
            }
            if (this.acrValues != null && !this.acrValues.isEmpty()) {
                new JSONArray((Collection<?>) this.acrValues);
                jSONObject.put("acr_values", (Collection<?>) this.acrValues);
            }
            if (org.apache.commons.lang.StringUtils.isNotBlank(this.registration)) {
                jSONObject.put(AuthorizeRequestParam.REGISTRATION, this.registration);
            }
            if (this.userInfoMember != null || this.idTokenMember != null) {
                JSONObject jSONObject2 = new JSONObject();
                if (this.userInfoMember != null) {
                    jSONObject2.put("userinfo", this.userInfoMember.toJSONObject());
                }
                if (this.idTokenMember != null) {
                    jSONObject2.put("id_token", this.idTokenMember.toJSONObject());
                }
                if ((jSONObject2.has("userinfo") && !jSONObject2.getJSONObject("userinfo").isEmpty()) || (jSONObject2.has("id_token") && !jSONObject2.getJSONObject("id_token").isEmpty())) {
                    jSONObject.put("claims", jSONObject2);
                }
            }
            if (org.apache.commons.lang.StringUtils.isNotBlank(this.aud)) {
                jSONObject.put("aud", this.aud);
            }
            if (this.exp != null && this.exp.intValue() > 0) {
                jSONObject.put("exp", this.exp);
            }
            if (org.apache.commons.lang.StringUtils.isNotBlank(this.iss)) {
                jSONObject.put("iss", this.iss);
            }
            if (this.iat != null && this.iat.intValue() > 0) {
                jSONObject.put("iat", this.iat);
            }
            if (this.nbf != null && this.nbf.intValue() > 0) {
                jSONObject.put("nbf", this.nbf);
            }
            if (org.apache.commons.lang.StringUtils.isNotBlank(this.jti)) {
                jSONObject.put("jti", this.jti);
            }
            if (org.apache.commons.lang.StringUtils.isNotBlank(this.clientNotificationToken)) {
                jSONObject.put(BackchannelAuthenticationRequestParam.CLIENT_NOTIFICATION_TOKEN, this.clientNotificationToken);
            }
            if (org.apache.commons.lang.StringUtils.isNotBlank(this.loginHintToken)) {
                jSONObject.put(BackchannelAuthenticationRequestParam.LOGIN_HINT_TOKEN, this.loginHintToken);
            }
            if (org.apache.commons.lang.StringUtils.isNotBlank(this.bindingMessage)) {
                jSONObject.put(BackchannelAuthenticationRequestParam.BINDING_MESSAGE, this.bindingMessage);
            }
            if (org.apache.commons.lang.StringUtils.isNotBlank(this.userCode)) {
                jSONObject.put("user_code", this.userCode);
            }
            if (this.requestedExpiry != null && this.requestedExpiry.intValue() > 0) {
                jSONObject.put("requested_expirity", this.requestedExpiry);
            }
        } catch (UnsupportedEncodingException e) {
            e.printStackTrace();
        }
        return jSONObject;
    }
}
