package org.wso2.carbon.appmgt.gateway.token;

import java.util.Calendar;
import java.util.Iterator;
import java.util.LinkedHashMap;
import java.util.Map;
import java.util.TreeSet;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.appmgt.api.AppManagementException;
import org.wso2.carbon.appmgt.gateway.handlers.security.APISecurityConstants;
import org.wso2.carbon.appmgt.impl.service.ServiceReferenceHolder;
import org.wso2.carbon.appmgt.impl.token.ClaimsRetriever;
import org.wso2.carbon.context.CarbonContext;
import org.wso2.carbon.user.api.UserStoreException;
import org.wso2.carbon.utils.multitenancy.MultitenantUtils;

/* loaded from: input_file:org/wso2/carbon/appmgt/gateway/token/JWTGenerator.class */
public class JWTGenerator extends AbstractJWTGenerator {
    private static final Log log = LogFactory.getLog(JWTGenerator.class);

    @Override // org.wso2.carbon.appmgt.gateway.token.AbstractJWTGenerator
    public Map<String, Object> populateCustomClaims(Map<String, Object> map) throws AppManagementException {
        Map<String, Object> linkedHashMap = new LinkedHashMap<>();
        populateIssuerAndExpiry(linkedHashMap);
        ClaimsRetriever claimsRetriever = getClaimsRetriever();
        if (claimsRetriever == null) {
            return null;
        }
        String str = (String) map.get(APISecurityConstants.SUBJECT);
        String tenantDomain = CarbonContext.getThreadLocalCarbonContext().getTenantDomain();
        String str2 = str.contains("@") ? str : str + "@" + tenantDomain;
        try {
            if (-1234 == ServiceReferenceHolder.getInstance().getRealmService().getTenantManager().getTenantId(tenantDomain)) {
                str2 = MultitenantUtils.getTenantAwareUsername(str2);
            }
            linkedHashMap.put("sub", str);
            Map<? extends String, ? extends Object> claims = claimsRetriever.getClaims(str2);
            if (claims != null) {
                linkedHashMap.putAll(claims);
            }
            return linkedHashMap;
        } catch (UserStoreException e) {
            log.error("Error while getting tenant id to populate claims ", e);
            throw new AppManagementException("Error while getting tenant id to populate claims ", e);
        }
    }

    @Override // org.wso2.carbon.appmgt.gateway.token.AbstractJWTGenerator
    public Map<String, Object> populateStandardClaims(Map<String, Object> map) throws AppManagementException {
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        populateIssuerAndExpiry(linkedHashMap);
        populateSaml2Assertions(linkedHashMap, map);
        return linkedHashMap;
    }

    private void populateIssuerAndExpiry(Map<String, Object> map) {
        long timeInMillis = Calendar.getInstance().getTimeInMillis() + (60000 * getTTL());
        map.put("iss", "wso2.org/products/appm");
        map.put("exp", String.valueOf(timeInMillis));
    }

    private void populateSaml2Assertions(Map<String, Object> map, Map<String, Object> map2) {
        Iterator it = new TreeSet(map2.keySet()).iterator();
        while (it.hasNext()) {
            String str = (String) it.next();
            if (str.equalsIgnoreCase(APISecurityConstants.SUBJECT)) {
                map.put("sub", map2.get(str).toString());
            }
            map.put(str, map2.get(str));
        }
    }
}
