package de.adorsys.sts.token.tokenexchange;

import com.nimbusds.jwt.JWTClaimsSet;
import de.adorsys.sts.resourceserver.model.ResourceServer;
import de.adorsys.sts.resourceserver.service.EncryptionService;
import de.adorsys.sts.resourceserver.service.ResourceServerService;
import de.adorsys.sts.secret.EncryptedSecret;
import de.adorsys.sts.secret.Secret;
import de.adorsys.sts.secret.SecretRepository;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;

/* loaded from: input_file:BOOT-INF/lib/sts-token-1.1.22.jar:de/adorsys/sts/token/tokenexchange/TokenExchangeSecretClaimsService.class */
public class TokenExchangeSecretClaimsService implements TokenExchangeClaimsService {
    private static final int BITS_PER_BYTES = 8;
    private final Integer secretLengthInBits;
    private final SecretRepository secretRepository;
    private final EncryptionService encryptionService;
    private final ResourceServerService resourceServerService;

    public TokenExchangeSecretClaimsService(Integer num, SecretRepository secretRepository, EncryptionService encryptionService, ResourceServerService resourceServerService) {
        this.secretLengthInBits = num;
        this.secretRepository = secretRepository;
        this.encryptionService = encryptionService;
        this.resourceServerService = resourceServerService;
    }

    @Override // de.adorsys.sts.token.tokenexchange.TokenExchangeClaimsService
    public void extendClaims(JWTClaimsSet.Builder builder, String[] strArr, String[] strArr2, String str) {
        builder.claim("secret", buildEncryptedSecretClaimsForAudiencesXorResources(strArr, strArr2, str));
    }

    private Map<String, String> buildEncryptedSecretClaimsForAudiencesXorResources(String[] strArr, String[] strArr2, String str) {
        HashMap hashMap = new HashMap();
        Map<String, ResourceServer> resourceServersByAudiencesXorResources = getResourceServersByAudiencesXorResources(strArr, strArr2);
        Secret secretForSubject = getSecretForSubject(str);
        Iterator<Map.Entry<String, ResourceServer>> it = resourceServersByAudiencesXorResources.entrySet().iterator();
        while (it.hasNext()) {
            String key = it.next().getKey();
            hashMap.put(key, encryptSecretForAudience(key, secretForSubject).getValue());
        }
        return hashMap;
    }

    /* JADX WARN: Multi-variable type inference failed */
    private Map<String, ResourceServer> getResourceServersByAudiencesXorResources(String[] strArr, String[] strArr2) {
        return strArr.length > 0 ? this.resourceServerService.getForAudiences(strArr) : strArr2.length > 0 ? this.resourceServerService.getForResources(strArr2) : new HashMap();
    }

    private EncryptedSecret encryptSecretForAudience(String str, Secret secret) {
        return new EncryptedSecret(this.encryptionService.encryptFor(str, secret.getValue()));
    }

    private Secret getSecretForSubject(String str) {
        return this.secretRepository.tryToGet(str).orElseGet(() -> {
            return generateSecretFor(str);
        });
    }

    private Secret generateSecretFor(String str) {
        Secret generateRandom = Secret.generateRandom(this.secretLengthInBits.intValue() / 8);
        this.secretRepository.save(str, generateRandom);
        return generateRandom;
    }
}
