package com.top_logic.security.auth.pac4j.config;

import com.nimbusds.jose.JWSAlgorithm;
import com.nimbusds.jose.util.ResourceRetriever;
import com.nimbusds.oauth2.sdk.ParseException;
import com.nimbusds.openid.connect.sdk.op.OIDCProviderMetadata;
import com.top_logic.basic.CalledByReflection;
import com.top_logic.basic.config.AbstractConfigurationValueProvider;
import com.top_logic.basic.config.AbstractConfiguredInstance;
import com.top_logic.basic.config.ConfigurationException;
import com.top_logic.basic.config.InstantiationContext;
import com.top_logic.basic.config.annotation.Encrypted;
import com.top_logic.basic.config.annotation.Format;
import com.top_logic.basic.config.annotation.InstanceFormat;
import com.top_logic.basic.config.annotation.Mandatory;
import com.top_logic.basic.config.annotation.MapBinding;
import com.top_logic.basic.config.annotation.Name;
import com.top_logic.basic.config.annotation.Nullable;
import com.top_logic.basic.config.annotation.defaults.BooleanDefault;
import com.top_logic.basic.config.annotation.defaults.IntDefault;
import com.top_logic.basic.config.annotation.defaults.StringDefault;
import com.top_logic.security.auth.pac4j.config.ClientConfigurator;
import com.top_logic.security.auth.pac4j.config.DefaultOidcClientConfigurator.Config;
import jakarta.servlet.ServletContext;
import java.util.Map;
import org.pac4j.core.client.Client;
import org.pac4j.core.util.generator.ValueGenerator;
import org.pac4j.oidc.client.OidcClient;
import org.pac4j.oidc.config.OidcConfiguration;
import org.pac4j.oidc.metadata.StaticOidcOpMetadataResolver;

/* loaded from: input_file:com/top_logic/security/auth/pac4j/config/DefaultOidcClientConfigurator.class */
public class DefaultOidcClientConfigurator<C extends Config<?>> extends AbstractConfiguredInstance<C> implements ClientConfigurator {

    /* loaded from: input_file:com/top_logic/security/auth/pac4j/config/DefaultOidcClientConfigurator$Config.class */
    public interface Config<I extends DefaultOidcClientConfigurator<?>> extends ClientConfigurator.Config<I>, HasCallbackUrl {

        /* loaded from: input_file:com/top_logic/security/auth/pac4j/config/DefaultOidcClientConfigurator$Config$ProviderFormat.class */
        public static class ProviderFormat extends AbstractConfigurationValueProvider<OIDCProviderMetadata> {
            public ProviderFormat() {
                super(OIDCProviderMetadata.class);
            }

            /* JADX INFO: Access modifiers changed from: protected */
            /* renamed from: getValueNonEmpty, reason: merged with bridge method [inline-methods] */
            public OIDCProviderMetadata m0getValueNonEmpty(String str, CharSequence charSequence) throws ConfigurationException {
                try {
                    return OIDCProviderMetadata.parse(charSequence.toString());
                } catch (ParseException e) {
                    throw new ConfigurationException(I18NConstants.INVALID_FORMAT__DETAILS.fill(e.getMessage()), str, charSequence, e);
                }
            }

            /* JADX INFO: Access modifiers changed from: protected */
            public String getSpecificationNonNull(OIDCProviderMetadata oIDCProviderMetadata) {
                return oIDCProviderMetadata.toJSONObject().toJSONString();
            }
        }

        @Nullable
        @Name("client-authentication-method")
        String getClientAuthenticationMethod();

        @Name("client-id")
        @Mandatory
        String getClientId();

        @Name("connect-timeout")
        @IntDefault(500)
        int getConnectTimeout();

        @Nullable
        @Name("discovery-uri")
        String getDiscoveryURI();

        @Nullable
        @Name("logout-url")
        String getLogoutUrl();

        @Name("max-age")
        Integer getMaxAge();

        @Name("max-clock-skew")
        @IntDefault(30)
        int getMaxClockSkew();

        @Nullable
        @Name("preferred-jws-algorithm")
        @StringDefault("RS256")
        String getPreferredJwsAlgorithm();

        @InstanceFormat
        @Name("resource-retriever")
        ResourceRetriever getResourceRetriever();

        @Nullable
        @Name("response-mode")
        String getResponseMode();

        @Name("response-type")
        @StringDefault("code")
        String getResponseType();

        @Nullable
        @Name("scope")
        String getScope();

        @Name("secret")
        @Mandatory
        @Encrypted
        String getSecret();

        @Nullable
        @InstanceFormat
        @Name("state-generator")
        ValueGenerator getStateGenerator();

        @Name("use-nonce")
        boolean getUseNonce();

        @Name("with-state")
        @BooleanDefault(true)
        boolean getWithState();

        @Name("read-timeout")
        @IntDefault(5000)
        int getReadTimeout();

        @Name("custom-params")
        @MapBinding
        Map<String, String> getCustomParams();

        @Name("provider-metadata")
        @Format(ProviderFormat.class)
        OIDCProviderMetadata getProviderMetadata();
    }

    @CalledByReflection
    public DefaultOidcClientConfigurator(InstantiationContext instantiationContext, C c) {
        super(instantiationContext, c);
    }

    @Override // com.top_logic.security.auth.pac4j.config.ClientConfigurator
    public final Client createClient(ServletContext servletContext) {
        OidcClient createRawClient = createRawClient();
        createRawClient.setName(((Config) getConfig()).getName());
        Config config = (Config) getConfig();
        createRawClient.setCallbackUrl(Pac4jConfigFactory.resolveCallbackUrl(servletContext, config));
        createRawClient.setUrlResolver(Pac4jConfigFactory.createUrlResolver(config));
        return createRawClient;
    }

    protected OidcClient createRawClient() {
        return createClientImpl(buildConfig());
    }

    protected OidcClient createClientImpl(OidcConfiguration oidcConfiguration) {
        return new OidcClient(oidcConfiguration);
    }

    protected final OidcConfiguration buildConfig() {
        OidcConfiguration createEmptyConfig = createEmptyConfig();
        fillConfig(createEmptyConfig);
        return createEmptyConfig;
    }

    protected OidcConfiguration createEmptyConfig() {
        return new OidcConfiguration();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void fillConfig(OidcConfiguration oidcConfiguration) {
        Config config = (Config) getConfig();
        String clientAuthenticationMethod = config.getClientAuthenticationMethod();
        if (clientAuthenticationMethod != null) {
            oidcConfiguration.setClientAuthenticationMethodAsString(clientAuthenticationMethod);
        }
        oidcConfiguration.setClientId(config.getClientId());
        oidcConfiguration.setConnectTimeout(config.getConnectTimeout());
        for (Map.Entry<String, String> entry : config.getCustomParams().entrySet()) {
            oidcConfiguration.addCustomParam(entry.getKey(), entry.getValue());
        }
        oidcConfiguration.setDiscoveryURI(config.getDiscoveryURI());
        oidcConfiguration.setLogoutUrl(config.getLogoutUrl());
        oidcConfiguration.setMaxAge(config.getMaxAge());
        oidcConfiguration.setMaxClockSkew(config.getMaxClockSkew());
        String preferredJwsAlgorithm = config.getPreferredJwsAlgorithm();
        if (preferredJwsAlgorithm != null) {
            oidcConfiguration.setPreferredJwsAlgorithm(JWSAlgorithm.parse(preferredJwsAlgorithm));
        }
        OIDCProviderMetadata providerMetadata = config.getProviderMetadata();
        if (providerMetadata != null) {
            oidcConfiguration.setOpMetadataResolver(new StaticOidcOpMetadataResolver(oidcConfiguration, providerMetadata));
        }
        oidcConfiguration.setReadTimeout(config.getReadTimeout());
        oidcConfiguration.setResourceRetriever(config.getResourceRetriever());
        oidcConfiguration.setResponseMode(config.getResponseMode());
        oidcConfiguration.setResponseType(config.getResponseType());
        oidcConfiguration.setScope(config.getScope());
        oidcConfiguration.setSecret(config.getSecret());
        ValueGenerator stateGenerator = config.getStateGenerator();
        if (stateGenerator != null) {
            oidcConfiguration.setStateGenerator(stateGenerator);
        }
        oidcConfiguration.setUseNonce(config.getUseNonce());
        oidcConfiguration.setWithState(config.getWithState());
    }
}
