package org.pac4j.oidc.config;

import com.nimbusds.jose.JOSEException;
import com.nimbusds.jose.JWSAlgorithm;
import com.nimbusds.jose.JWSHeader;
import com.nimbusds.jose.crypto.ECDSASigner;
import com.nimbusds.jwt.JWTClaimsSet;
import com.nimbusds.jwt.SignedJWT;
import com.nimbusds.oauth2.sdk.auth.ClientAuthenticationMethod;
import com.nimbusds.oauth2.sdk.id.Issuer;
import com.nimbusds.openid.connect.sdk.SubjectType;
import com.nimbusds.openid.connect.sdk.op.OIDCProviderMetadata;
import edu.umd.cs.findbugs.annotations.SuppressFBWarnings;
import java.net.URI;
import java.security.interfaces.ECPrivateKey;
import java.time.Duration;
import java.time.Instant;
import java.util.Collections;
import java.util.Date;
import java.util.Optional;
import java.util.concurrent.TimeUnit;
import lombok.Generated;
import org.pac4j.core.store.GuavaStore;
import org.pac4j.core.store.Store;
import org.pac4j.core.util.CommonHelper;
import org.pac4j.oidc.exceptions.OidcException;
import org.pac4j.oidc.metadata.StaticOidcOpMetadataResolver;

/* loaded from: input_file:org/pac4j/oidc/config/AppleOidcConfiguration.class */
public class AppleOidcConfiguration extends OidcConfiguration {
    private static final Duration MAX_TIMEOUT = Duration.ofSeconds(15777000);
    private ECPrivateKey privateKey;
    private String privateKeyID;
    private String teamID;
    private Store<String, String> store;
    private Duration timeout;

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.pac4j.oidc.config.OidcConfiguration
    public void internalInit(boolean z) {
        CommonHelper.assertNotBlank("privateKeyID", this.privateKeyID);
        CommonHelper.assertNotNull("privateKey", this.privateKey);
        CommonHelper.assertNotBlank("teamID", this.teamID);
        if (this.timeout.compareTo(MAX_TIMEOUT) > 0) {
            throw new IllegalArgumentException(String.format("timeout must not be greater then %d seconds", Long.valueOf(MAX_TIMEOUT.toSeconds())));
        }
        if (this.store == null) {
            this.store = new GuavaStore(1000, (int) this.timeout.toSeconds(), TimeUnit.SECONDS);
        }
        OIDCProviderMetadata oIDCProviderMetadata = new OIDCProviderMetadata(new Issuer("https://appleid.apple.com"), Collections.singletonList(SubjectType.PAIRWISE), URI.create("https://appleid.apple.com/auth/keys"));
        oIDCProviderMetadata.setAuthorizationEndpointURI(URI.create("https://appleid.apple.com/auth/authorize"));
        oIDCProviderMetadata.setTokenEndpointURI(URI.create("https://appleid.apple.com/auth/token"));
        oIDCProviderMetadata.setIDTokenJWSAlgs(Collections.singletonList(JWSAlgorithm.RS256));
        this.opMetadataResolver = new StaticOidcOpMetadataResolver(this, oIDCProviderMetadata);
        setClientAuthenticationMethod(ClientAuthenticationMethod.CLIENT_SECRET_POST);
        super.internalInit(z);
    }

    @Override // org.pac4j.oidc.config.OidcConfiguration
    public String getSecret() {
        if (this.store != null) {
            Optional optional = this.store.get(getClientId());
            if (optional.isPresent()) {
                return (String) optional.get();
            }
        }
        SignedJWT signedJWT = new SignedJWT(new JWSHeader.Builder(JWSAlgorithm.ES256).keyID(this.privateKeyID).build(), new JWTClaimsSet.Builder().issuer(getTeamID()).audience("https://appleid.apple.com").subject(getClientId()).issueTime(Date.from(Instant.now())).expirationTime(Date.from(Instant.now().plusSeconds(this.timeout.toSeconds()))).build());
        try {
            signedJWT.sign(new ECDSASigner(this.privateKey));
            String serialize = signedJWT.serialize();
            if (this.store != null) {
                this.store.set(getClientId(), serialize);
            }
            return serialize;
        } catch (JOSEException e) {
            throw new OidcException((Throwable) e);
        }
    }

    @Override // org.pac4j.oidc.config.OidcConfiguration
    @SuppressFBWarnings(justification = "generated code")
    @Generated
    public String toString() {
        return "AppleOidcConfiguration(super=" + super.toString() + ", privateKeyID=" + this.privateKeyID + ", teamID=" + this.teamID + ", store=" + this.store + ", timeout=" + this.timeout + ")";
    }

    @SuppressFBWarnings(justification = "generated code")
    @Generated
    public ECPrivateKey getPrivateKey() {
        return this.privateKey;
    }

    @SuppressFBWarnings(justification = "generated code")
    @Generated
    public String getPrivateKeyID() {
        return this.privateKeyID;
    }

    @SuppressFBWarnings(justification = "generated code")
    @Generated
    public String getTeamID() {
        return this.teamID;
    }

    @SuppressFBWarnings(justification = "generated code")
    @Generated
    public Store<String, String> getStore() {
        return this.store;
    }

    @SuppressFBWarnings(justification = "generated code")
    @Generated
    public Duration getTimeout() {
        return this.timeout;
    }

    @SuppressFBWarnings(justification = "generated code")
    @Generated
    public AppleOidcConfiguration setPrivateKey(ECPrivateKey eCPrivateKey) {
        this.privateKey = eCPrivateKey;
        return this;
    }

    @SuppressFBWarnings(justification = "generated code")
    @Generated
    public AppleOidcConfiguration setPrivateKeyID(String str) {
        this.privateKeyID = str;
        return this;
    }

    @SuppressFBWarnings(justification = "generated code")
    @Generated
    public AppleOidcConfiguration setTeamID(String str) {
        this.teamID = str;
        return this;
    }

    @SuppressFBWarnings(justification = "generated code")
    @Generated
    public AppleOidcConfiguration setStore(Store<String, String> store) {
        this.store = store;
        return this;
    }

    @SuppressFBWarnings(justification = "generated code")
    @Generated
    public AppleOidcConfiguration setTimeout(Duration duration) {
        this.timeout = duration;
        return this;
    }

    @SuppressFBWarnings(justification = "generated code")
    @Generated
    public AppleOidcConfiguration withPrivateKey(ECPrivateKey eCPrivateKey) {
        return this.privateKey == eCPrivateKey ? this : new AppleOidcConfiguration(eCPrivateKey, this.privateKeyID, this.teamID, this.store, this.timeout);
    }

    @SuppressFBWarnings(justification = "generated code")
    @Generated
    public AppleOidcConfiguration withPrivateKeyID(String str) {
        return this.privateKeyID == str ? this : new AppleOidcConfiguration(this.privateKey, str, this.teamID, this.store, this.timeout);
    }

    @SuppressFBWarnings(justification = "generated code")
    @Generated
    public AppleOidcConfiguration withTeamID(String str) {
        return this.teamID == str ? this : new AppleOidcConfiguration(this.privateKey, this.privateKeyID, str, this.store, this.timeout);
    }

    @SuppressFBWarnings(justification = "generated code")
    @Generated
    public AppleOidcConfiguration withStore(Store<String, String> store) {
        return this.store == store ? this : new AppleOidcConfiguration(this.privateKey, this.privateKeyID, this.teamID, store, this.timeout);
    }

    @SuppressFBWarnings(justification = "generated code")
    @Generated
    public AppleOidcConfiguration withTimeout(Duration duration) {
        return this.timeout == duration ? this : new AppleOidcConfiguration(this.privateKey, this.privateKeyID, this.teamID, this.store, duration);
    }

    @SuppressFBWarnings(justification = "generated code")
    @Generated
    public AppleOidcConfiguration(ECPrivateKey eCPrivateKey, String str, String str2, Store<String, String> store, Duration duration) {
        this.timeout = MAX_TIMEOUT;
        this.privateKey = eCPrivateKey;
        this.privateKeyID = str;
        this.teamID = str2;
        this.store = store;
        this.timeout = duration;
    }

    @SuppressFBWarnings(justification = "generated code")
    @Generated
    public AppleOidcConfiguration() {
        this.timeout = MAX_TIMEOUT;
    }
}
