package org.mitre.openid.connect.view;

import com.google.common.base.Strings;
import com.google.common.collect.Lists;
import com.google.gson.JsonObject;
import com.nimbusds.jose.Algorithm;
import com.nimbusds.jose.JWEHeader;
import com.nimbusds.jose.JWSAlgorithm;
import com.nimbusds.jose.JWSHeader;
import com.nimbusds.jwt.EncryptedJWT;
import com.nimbusds.jwt.JWTClaimsSet;
import com.nimbusds.jwt.SignedJWT;
import java.io.IOException;
import java.io.StringWriter;
import java.text.ParseException;
import java.util.Date;
import java.util.Map;
import java.util.UUID;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.mitre.jwt.encryption.service.JwtEncryptionAndDecryptionService;
import org.mitre.jwt.signer.service.JwtSigningAndValidationService;
import org.mitre.jwt.signer.service.impl.JWKSetCacheService;
import org.mitre.jwt.signer.service.impl.SymmetricCacheService;
import org.mitre.oauth2.model.ClientDetailsEntity;
import org.mitre.openid.connect.config.ConfigurationPropertiesBean;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;

@Component(UserInfoJwtView.VIEWNAME)
/* loaded from: input_file:org/mitre/openid/connect/view/UserInfoJwtView.class */
public class UserInfoJwtView extends UserInfoView {
    private static Logger logger = LoggerFactory.getLogger(UserInfoJwtView.class);
    public static final String VIEWNAME = "userInfoJwtView";

    @Autowired
    private JwtSigningAndValidationService jwtService;

    @Autowired
    private ConfigurationPropertiesBean config;

    @Autowired
    private JWKSetCacheService encrypters;

    @Autowired
    private SymmetricCacheService symmetricCacheService;

    @Override // org.mitre.openid.connect.view.UserInfoView
    protected void writeOut(JsonObject jsonObject, Map<String, Object> map, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        try {
            ClientDetailsEntity clientDetailsEntity = (ClientDetailsEntity) map.get("client");
            StringWriter stringWriter = new StringWriter();
            this.gson.toJson(jsonObject, stringWriter);
            httpServletResponse.setContentType("application/jwt");
            JWTClaimsSet parse = JWTClaimsSet.parse(stringWriter.toString());
            parse.setAudience(Lists.newArrayList(new String[]{clientDetailsEntity.getClientId()}));
            parse.setIssuer(this.config.getIssuer());
            parse.setIssueTime(new Date());
            parse.setJWTID(UUID.randomUUID().toString());
            if (clientDetailsEntity.getIdTokenEncryptedResponseAlg() == null || clientDetailsEntity.getIdTokenEncryptedResponseAlg().equals(Algorithm.NONE) || clientDetailsEntity.getIdTokenEncryptedResponseEnc() == null || clientDetailsEntity.getIdTokenEncryptedResponseEnc().equals(Algorithm.NONE) || Strings.isNullOrEmpty(clientDetailsEntity.getJwksUri())) {
                JWSAlgorithm defaultSigningAlgorithm = this.jwtService.getDefaultSigningAlgorithm();
                if (clientDetailsEntity.getUserInfoSignedResponseAlg() != null) {
                    defaultSigningAlgorithm = clientDetailsEntity.getUserInfoSignedResponseAlg();
                }
                SignedJWT signedJWT = new SignedJWT(new JWSHeader(defaultSigningAlgorithm), parse);
                if (defaultSigningAlgorithm.equals(JWSAlgorithm.HS256) || defaultSigningAlgorithm.equals(JWSAlgorithm.HS384) || defaultSigningAlgorithm.equals(JWSAlgorithm.HS512)) {
                    this.symmetricCacheService.getSymmetricValidtor(clientDetailsEntity).signJwt(signedJWT);
                } else {
                    this.jwtService.signJwt(signedJWT);
                }
                httpServletResponse.getWriter().write(signedJWT.serialize());
            } else {
                JwtEncryptionAndDecryptionService encrypter = this.encrypters.getEncrypter(clientDetailsEntity.getJwksUri());
                if (encrypter != null) {
                    EncryptedJWT encryptedJWT = new EncryptedJWT(new JWEHeader(clientDetailsEntity.getIdTokenEncryptedResponseAlg(), clientDetailsEntity.getIdTokenEncryptedResponseEnc()), parse);
                    encrypter.encryptJwt(encryptedJWT);
                    httpServletResponse.getWriter().write(encryptedJWT.serialize());
                } else {
                    logger.error("Couldn't find encrypter for client: " + clientDetailsEntity.getClientId());
                }
            }
        } catch (IOException e) {
            logger.error("IO Exception in UserInfoJwtView", e);
        } catch (ParseException e2) {
            e2.printStackTrace();
        }
    }
}
