package org.pac4j.oidc.config;

import com.nimbusds.jose.JWSAlgorithm;
import com.nimbusds.jose.util.DefaultResourceRetriever;
import com.nimbusds.jose.util.ResourceRetriever;
import com.nimbusds.oauth2.sdk.ParseException;
import com.nimbusds.oauth2.sdk.auth.ClientAuthenticationMethod;
import com.nimbusds.openid.connect.sdk.op.OIDCProviderMetadata;
import java.io.IOException;
import java.net.URL;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import net.shibboleth.idp.profile.spring.resource.impl.SVNResourceParser;
import org.pac4j.core.exception.TechnicalException;
import org.pac4j.core.state.StateGenerator;
import org.pac4j.core.state.StaticOrRandomStateGenerator;
import org.pac4j.core.util.CommonHelper;
import org.pac4j.core.util.InitializableObject;
import org.pac4j.oidc.profile.OidcProfileDefinition;

/* loaded from: input_file:BOOT-INF/lib/pac4j-oidc-3.6.1.jar:org/pac4j/oidc/config/OidcConfiguration.class */
public class OidcConfiguration extends InitializableObject {
    public static final String SCOPE = "scope";
    public static final String RESPONSE_TYPE = "response_type";
    public static final String RESPONSE_MODE = "response_mode";
    public static final String REDIRECT_URI = "redirect_uri";
    public static final String CLIENT_ID = "client_id";
    public static final String STATE = "state";
    public static final String MAX_AGE = "max_age";
    public static final String NONCE = "nonce";
    public static final List<String> AUTHORIZATION_CODE_FLOWS = Collections.unmodifiableList(Arrays.asList("code"));
    public static final List<String> IMPLICIT_FLOWS = Collections.unmodifiableList(Arrays.asList(OidcProfileDefinition.ID_TOKEN, "id_token token"));
    public static final List<String> HYBRID_CODE_FLOWS = Collections.unmodifiableList(Arrays.asList("code id_token", "code token", "code id_token token"));
    public static final String STATE_SESSION_ATTRIBUTE = "oidcStateAttribute";
    public static final String NONCE_SESSION_ATTRIBUTE = "oidcNonceAttribute";
    public static final int DEFAULT_MAX_CLOCK_SKEW = 30;
    public static final int DEFAULT_TOKEN_EXPIRATION_ADVANCE = 0;
    private String clientId;
    private String secret;
    private String discoveryURI;
    private String scope;
    private ClientAuthenticationMethod clientAuthenticationMethod;
    private boolean useNonce;
    private JWSAlgorithm preferredJwsAlgorithm;
    private Integer maxAge;
    private ResourceRetriever resourceRetriever;
    private OIDCProviderMetadata providerMetadata;
    private String responseMode;
    private String logoutUrl;
    private boolean withState;
    private Map<String, String> customParams = new HashMap();
    private int maxClockSkew = 30;
    private String responseType = AUTHORIZATION_CODE_FLOWS.get(0);
    private int connectTimeout = 500;
    private int readTimeout = 5000;
    private StateGenerator stateGenerator = new StaticOrRandomStateGenerator();
    private boolean expireSessionWithToken = false;
    private int tokenExpirationAdvance = 0;

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.pac4j.core.util.InitializableObject
    public void internalInit() {
        CommonHelper.assertNotBlank("clientId", getClientId());
        if (!AUTHORIZATION_CODE_FLOWS.contains(this.responseType) && !IMPLICIT_FLOWS.contains(this.responseType) && !HYBRID_CODE_FLOWS.contains(this.responseType)) {
            throw new TechnicalException("Unsupported responseType: " + this.responseType);
        }
        if (!IMPLICIT_FLOWS.contains(this.responseType)) {
            CommonHelper.assertNotBlank("secret", getSecret());
        }
        if (getDiscoveryURI() == null && getProviderMetadata() == null) {
            throw new TechnicalException("You must define either the discovery URL or directly the provider metadata");
        }
        if (getResourceRetriever() == null) {
            setResourceRetriever(new DefaultResourceRetriever(getConnectTimeout(), getReadTimeout()));
        }
        if (getProviderMetadata() == null) {
            CommonHelper.assertNotBlank("discoveryURI", getDiscoveryURI());
            try {
                setProviderMetadata(OIDCProviderMetadata.parse(getResourceRetriever().retrieveResource(new URL(getDiscoveryURI())).getContent()));
            } catch (ParseException | IOException e) {
                throw new TechnicalException(e);
            }
        }
    }

    public OIDCProviderMetadata getProviderMetadata() {
        return this.providerMetadata;
    }

    public OIDCProviderMetadata findProviderMetadata() {
        init();
        return this.providerMetadata;
    }

    public void setProviderMetadata(OIDCProviderMetadata oIDCProviderMetadata) {
        this.providerMetadata = oIDCProviderMetadata;
    }

    public String getClientId() {
        return this.clientId;
    }

    public void setClientId(String str) {
        this.clientId = str;
    }

    public String getSecret() {
        return this.secret;
    }

    public void setSecret(String str) {
        this.secret = str;
    }

    public String getDiscoveryURI() {
        return this.discoveryURI;
    }

    public void defaultDiscoveryURI(String str) {
        if (this.discoveryURI == null) {
            this.discoveryURI = str;
        }
    }

    public String getScope() {
        return this.scope;
    }

    public void setScope(String str) {
        this.scope = str;
    }

    public Map<String, String> getCustomParams() {
        return this.customParams;
    }

    public String getCustomParam(String str) {
        return this.customParams.get(str);
    }

    public void setCustomParams(Map<String, String> map) {
        CommonHelper.assertNotNull("customParams", map);
        this.customParams = map;
    }

    public void addCustomParam(String str, String str2) {
        this.customParams.put(str, str2);
    }

    public ClientAuthenticationMethod getClientAuthenticationMethod() {
        return this.clientAuthenticationMethod;
    }

    public void setClientAuthenticationMethod(ClientAuthenticationMethod clientAuthenticationMethod) {
        this.clientAuthenticationMethod = clientAuthenticationMethod;
    }

    public void setClientAuthenticationMethodAsString(String str) {
        this.clientAuthenticationMethod = ClientAuthenticationMethod.parse(str);
    }

    public boolean isUseNonce() {
        return this.useNonce;
    }

    public void setUseNonce(boolean z) {
        this.useNonce = z;
    }

    public JWSAlgorithm getPreferredJwsAlgorithm() {
        return this.preferredJwsAlgorithm;
    }

    public void setPreferredJwsAlgorithm(JWSAlgorithm jWSAlgorithm) {
        this.preferredJwsAlgorithm = jWSAlgorithm;
    }

    public Integer getMaxAge() {
        return this.maxAge;
    }

    public void setMaxAge(Integer num) {
        this.maxAge = num;
    }

    public int getMaxClockSkew() {
        return this.maxClockSkew;
    }

    public void setMaxClockSkew(int i) {
        this.maxClockSkew = i;
    }

    public int getConnectTimeout() {
        return this.connectTimeout;
    }

    public void setConnectTimeout(int i) {
        this.connectTimeout = i;
    }

    public int getReadTimeout() {
        return this.readTimeout;
    }

    public void setReadTimeout(int i) {
        this.readTimeout = i;
    }

    public ResourceRetriever getResourceRetriever() {
        return this.resourceRetriever;
    }

    public ResourceRetriever findResourceRetriever() {
        init();
        return this.resourceRetriever;
    }

    public void setDiscoveryURI(String str) {
        this.discoveryURI = str;
    }

    public void setResourceRetriever(ResourceRetriever resourceRetriever) {
        this.resourceRetriever = resourceRetriever;
    }

    public String getResponseType() {
        return this.responseType;
    }

    public void setResponseType(String str) {
        this.responseType = str;
    }

    public String getResponseMode() {
        return this.responseMode;
    }

    public void setResponseMode(String str) {
        this.responseMode = str;
    }

    public String getLogoutUrl() {
        init();
        return (this.logoutUrl != null || getProviderMetadata().getEndSessionEndpointURI() == null) ? this.logoutUrl : getProviderMetadata().getEndSessionEndpointURI().toString();
    }

    public void setLogoutUrl(String str) {
        this.logoutUrl = str;
    }

    public boolean isWithState() {
        return this.withState;
    }

    public void setWithState(boolean z) {
        this.withState = z;
    }

    @Deprecated
    public String getStateData() {
        return ((StaticOrRandomStateGenerator) this.stateGenerator).getStateData();
    }

    @Deprecated
    public void setStateData(String str) {
        ((StaticOrRandomStateGenerator) this.stateGenerator).setStateData(str);
    }

    public boolean isExpireSessionWithToken() {
        return this.expireSessionWithToken;
    }

    public void setExpireSessionWithToken(boolean z) {
        this.expireSessionWithToken = z;
    }

    public int getTokenExpirationAdvance() {
        if (isExpireSessionWithToken()) {
            return this.tokenExpirationAdvance;
        }
        return -1;
    }

    public void setTokenExpirationAdvance(int i) {
        this.tokenExpirationAdvance = i;
    }

    public StateGenerator getStateGenerator() {
        return this.stateGenerator;
    }

    public void setStateGenerator(StateGenerator stateGenerator) {
        CommonHelper.assertNotNull("stateGenerator", stateGenerator);
        this.stateGenerator = stateGenerator;
    }

    public String toString() {
        return CommonHelper.toNiceString(getClass(), "clientId", this.clientId, "secret", "[protected]", "discoveryURI", this.discoveryURI, "scope", this.scope, "customParams", this.customParams, "clientAuthenticationMethod", this.clientAuthenticationMethod, "useNonce", Boolean.valueOf(this.useNonce), "preferredJwsAlgorithm", this.preferredJwsAlgorithm, "maxAge", this.maxAge, "maxClockSkew", Integer.valueOf(this.maxClockSkew), "connectTimeout", Integer.valueOf(this.connectTimeout), SVNResourceParser.READ_TIMEOUT_ATTRIB_NAME, Integer.valueOf(this.readTimeout), "resourceRetriever", this.resourceRetriever, "responseType", this.responseType, "responseMode", this.responseMode, "logoutUrl", this.logoutUrl, "withState", Boolean.valueOf(this.withState), "stateGenerator", this.stateGenerator);
    }
}
