package org.apache.oltu.openidconnect.as.messages;

import java.security.Key;
import java.util.HashMap;
import java.util.Map;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.oltu.oauth2.jwt.JWT;
import org.apache.oltu.oauth2.jwt.JWTBuilder;
import org.apache.oltu.oauth2.jwt.JWTException;

/* loaded from: input_file:org/apache/oltu/openidconnect/as/messages/IDTokenBuilder.class */
public class IDTokenBuilder {
    private static Log log = LogFactory.getLog(IDTokenBuilder.class);
    private static boolean debug = log.isDebugEnabled();
    private Map<String, Object> claims = new HashMap();
    private Map<String, Object> header = new HashMap();
    private Key sigKey = null;
    private Key encKey = null;
    private String sigAlg = "none";
    private String encAlg = null;

    public IDTokenBuilder setIssuer(String str) {
        this.claims.put("iss", str);
        return this;
    }

    public IDTokenBuilder setSubject(String str) {
        this.claims.put("sub", str);
        return this;
    }

    public IDTokenBuilder setAudience(String str) {
        this.claims.put("aud", str);
        return this;
    }

    public IDTokenBuilder setExpiration(int i) {
        this.claims.put("exp", Integer.valueOf(i));
        return this;
    }

    public IDTokenBuilder setExpiration(long j) {
        this.claims.put("exp", Long.valueOf(j));
        return this;
    }

    public IDTokenBuilder setIssuedAt(int i) {
        this.claims.put("iat", Integer.valueOf(i));
        return this;
    }

    public IDTokenBuilder setIssuedAt(long j) {
        this.claims.put("iat", Long.valueOf(j));
        return this;
    }

    public IDTokenBuilder setNonce(String str) {
        this.claims.put("nonce", str);
        return this;
    }

    public IDTokenBuilder setAuthorizedParty(String str) {
        this.claims.put(IDToken.AZP, str);
        return this;
    }

    public IDTokenBuilder setAuthenticationContextClassReference(String str) {
        this.claims.put(IDToken.ACR, str);
        return this;
    }

    public IDTokenBuilder setAuthTime(String str) {
        this.claims.put(IDToken.AUTH_TIME, str);
        return this;
    }

    public IDTokenBuilder setAuthTime(long j) {
        this.claims.put(IDToken.AUTH_TIME, Long.valueOf(j));
        return this;
    }

    public IDTokenBuilder setAtHash(String str) {
        this.claims.put(IDToken.AT_HASH, str);
        return this;
    }

    public IDTokenBuilder setCHash(String str) {
        this.claims.put(IDToken.C_HASH, str);
        return this;
    }

    public IDTokenBuilder setClaim(String str, String str2) {
        if (str == null || str2 == null) {
            log.error("Key or Value cannot be null");
        }
        this.claims.put(str, str2);
        return this;
    }

    public IDTokenBuilder setHeaderParam(String str, String str2) {
        if (str == null || str2 == null) {
            log.error("Key or Value cannot be null");
        }
        this.header.put(str, str2);
        return this;
    }

    public IDTokenBuilder setSigKey(Key key, String str) {
        this.sigKey = key;
        this.sigAlg = str;
        return this;
    }

    public IDTokenBuilder setEncKey(Key key, String str) {
        this.encKey = key;
        this.encAlg = str;
        return this;
    }

    public String buildIDToken() throws IDTokenException {
        checkSpecCompliance();
        this.header.put(JWT.HeaderParam.ALGORITHM, this.sigAlg);
        try {
            return new JWTBuilder().setClaims(this.claims).setHeaderParams(this.header).signJWT(this.sigKey, this.sigAlg).encryptJWT(this.encKey, this.encAlg).buildJWT();
        } catch (JWTException e) {
            throw new IDTokenException("Error while building IDToken", e);
        }
    }

    private void checkSpecCompliance() throws IDTokenException {
        if (debug) {
            if (this.claims.get("iss") == null) {
                log.error("iss claim not set");
            }
            if (this.claims.get("sub") == null) {
                log.error("sub claim not set");
            }
            if (this.claims.get("aud") == null) {
                log.error("aud claim not set");
            }
            if (this.claims.get("exp") == null) {
                log.error("exp claim not set");
            }
            if (this.claims.get("iat") == null) {
                log.error("iat claim not set");
            }
        }
        if (this.claims.get("iss") == null || this.claims.get("sub") == null || this.claims.get("aud") == null || this.claims.get("exp") == null || this.claims.get("iat") == null) {
            throw new IDTokenException("One or more required claims missing");
        }
    }
}
