package edu.internet2.middleware.grouper.authentication;

import com.nimbusds.openid.connect.sdk.claims.PersonClaims;
import com.nimbusds.openid.connect.sdk.op.OIDCProviderMetadata;
import edu.internet2.middleware.grouper.cfg.GrouperConfig;
import edu.internet2.middleware.grouper.util.GrouperHttpClient;
import edu.internet2.middleware.grouper.util.GrouperHttpMethod;
import edu.internet2.middleware.grouper.util.GrouperProxyType;
import edu.internet2.middleware.grouper.util.GrouperUtil;
import edu.internet2.middleware.grouperClient.util.ExpirableCache;
import edu.internet2.middleware.morphString.Morph;
import java.net.URI;
import org.apache.commons.logging.Log;

/* loaded from: input_file:WEB-INF/lib/grouper-4.4.0.jar:edu/internet2/middleware/grouper/authentication/GrouperOidcConfig.class */
public class GrouperOidcConfig {
    private String responseType;
    private URI userInfoUri;
    private String clientConfigId;
    private String clientId;
    private String clientSecret;
    private String configurationMetadataUri;
    private String proxyUrl;
    private GrouperProxyType proxyType;
    private URI authorizationEndpointUri;
    private OIDCProviderMetadata oidcProviderMetadata;
    private boolean ws;
    private static ExpirableCache<String, GrouperOidcConfig> grouperOidcConfigCache = new ExpirableCache<>(1);
    private static final Log LOG = GrouperUtil.getLog(GrouperOidcConfig.class);
    private URI tokenEndpointUri = null;
    private boolean enabled = false;
    private String redirectUri = null;
    private String scope = null;
    private String subjectIdClaimName = null;
    private String subjectIdType = null;
    private String subjectSourceId = null;

    public static GrouperOidcConfig retrieveFromConfigOrCache(String str) {
        GrouperOidcConfig grouperOidcConfig = grouperOidcConfigCache.get(str);
        if (grouperOidcConfig == null) {
            grouperOidcConfig = retrieveFromConfig(str);
            grouperOidcConfigCache.put(str, grouperOidcConfig);
        }
        return grouperOidcConfig;
    }

    public String getResponseType() {
        return this.responseType;
    }

    public void setResponseType(String str) {
        this.responseType = str;
    }

    public String getClientConfigId() {
        return this.clientConfigId;
    }

    public void setClientConfigId(String str) {
        this.clientConfigId = str;
    }

    public String getClientId() {
        return this.clientId;
    }

    public void setClientId(String str) {
        this.clientId = str;
    }

    public String getClientSecret() {
        return this.clientSecret;
    }

    public void setClientSecret(String str) {
        this.clientSecret = str;
    }

    public String getConfigurationMetadataUri() {
        return this.configurationMetadataUri;
    }

    public void setConfigurationMetadataUri(String str) {
        this.configurationMetadataUri = str;
    }

    public boolean isEnabled() {
        return this.enabled;
    }

    public void setEnabled(boolean z) {
        this.enabled = z;
    }

    public String getRedirectUri() {
        return this.redirectUri;
    }

    public void setRedirectUri(String str) {
        this.redirectUri = str;
    }

    public String getProxyUrl() {
        return this.proxyUrl;
    }

    public void setProxyUrl(String str) {
        this.proxyUrl = str;
    }

    public GrouperProxyType getProxyType() {
        return this.proxyType;
    }

    public void setProxyType(GrouperProxyType grouperProxyType) {
        this.proxyType = grouperProxyType;
    }

    public String getScope() {
        return this.scope;
    }

    public void setScope(String str) {
        this.scope = str;
    }

    public URI getTokenEndpointUri() {
        return this.tokenEndpointUri;
    }

    public void setTokenEndpointUri(URI uri) {
        this.tokenEndpointUri = uri;
    }

    public URI getUserInfoUri() {
        return this.userInfoUri;
    }

    public void setUserInfoUri(URI uri) {
        this.userInfoUri = uri;
    }

    public URI getAuthorizationEndpointUri() {
        return this.authorizationEndpointUri;
    }

    public void setAuthorizationEndpointUri(URI uri) {
        this.authorizationEndpointUri = uri;
    }

    private void retrieveMetadata() {
        try {
            GrouperHttpClient executeRequest = new GrouperHttpClient().assignProxyUrl(this.proxyUrl).assignProxyType(this.proxyType).assignUrl(this.configurationMetadataUri).assignGrouperHttpMethod(GrouperHttpMethod.get).executeRequest();
            GrouperUtil.assertion(executeRequest.getResponseCode() == 200, "Invalid oidc well known url: " + this.configurationMetadataUri + ", response code: " + executeRequest.getResponseCode());
            this.oidcProviderMetadata = OIDCProviderMetadata.parse(executeRequest.getResponseBody());
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    private static GrouperOidcConfig retrieveFromConfig(String str) {
        GrouperOidcConfig grouperOidcConfig = new GrouperOidcConfig();
        grouperOidcConfig.proxyUrl = GrouperConfig.retrieveConfig().propertyValueString("grouper.oidcExternalSystem." + str + ".proxyUrl");
        grouperOidcConfig.proxyType = GrouperProxyType.valueOfIgnoreCase(GrouperConfig.retrieveConfig().propertyValueString("grouper.oidcExternalSystem." + str + ".proxyType"), false);
        if (GrouperConfig.retrieveConfig().propertyValueBooleanRequired("grouper.oidcExternalSystem." + str + ".useConfigurationMetadata")) {
            grouperOidcConfig.configurationMetadataUri = GrouperConfig.retrieveConfig().propertyValueStringRequired("grouper.oidcExternalSystem." + str + ".configurationMetadataUri");
            grouperOidcConfig.retrieveMetadata();
            grouperOidcConfig.userInfoUri = grouperOidcConfig.oidcProviderMetadata.getUserInfoEndpointURI();
            grouperOidcConfig.tokenEndpointUri = grouperOidcConfig.oidcProviderMetadata.getTokenEndpointURI();
            grouperOidcConfig.authorizationEndpointUri = grouperOidcConfig.oidcProviderMetadata.getAuthorizationEndpointURI();
        } else {
            grouperOidcConfig.userInfoUri = URI.create(GrouperConfig.retrieveConfig().propertyValueStringRequired("grouper.oidcExternalSystem." + str + ".userInfoUri"));
            grouperOidcConfig.tokenEndpointUri = URI.create(GrouperConfig.retrieveConfig().propertyValueStringRequired("grouper.oidcExternalSystem." + str + ".tokenEndpointUri"));
            grouperOidcConfig.authorizationEndpointUri = URI.create(GrouperConfig.retrieveConfig().propertyValueStringRequired("grouper.oidcExternalSystem." + str + ".authorizeUri"));
        }
        grouperOidcConfig.clientId = GrouperConfig.retrieveConfig().propertyValueStringRequired("grouper.oidcExternalSystem." + str + ".clientId");
        grouperOidcConfig.ws = GrouperConfig.retrieveConfig().propertyValueBoolean("grouper.oidcExternalSystem." + str + ".useForWs", false);
        grouperOidcConfig.clientSecret = GrouperConfig.retrieveConfig().propertyValueStringRequired("grouper.oidcExternalSystem." + str + ".clientSecret");
        grouperOidcConfig.clientSecret = Morph.decryptIfFile(grouperOidcConfig.clientSecret);
        grouperOidcConfig.enabled = GrouperConfig.retrieveConfig().propertyValueBoolean("grouper.oidcExternalSystem." + str + ".enabled", true);
        grouperOidcConfig.redirectUri = GrouperConfig.retrieveConfig().propertyValueString("grouper.oidcExternalSystem." + str + ".redirectUri");
        grouperOidcConfig.scope = GrouperConfig.retrieveConfig().propertyValueStringRequired("grouper.oidcExternalSystem." + str + ".scope");
        grouperOidcConfig.subjectSourceId = GrouperConfig.retrieveConfig().propertyValueString("grouper.oidcExternalSystem." + str + ".subjectSourceId");
        grouperOidcConfig.subjectIdType = GrouperConfig.retrieveConfig().propertyValueStringRequired("grouper.oidcExternalSystem." + str + ".subjectIdType");
        grouperOidcConfig.responseType = GrouperConfig.retrieveConfig().propertyValueStringRequired("grouper.oidcExternalSystem." + str + ".oidcResponseType");
        grouperOidcConfig.subjectIdClaimName = GrouperConfig.retrieveConfig().propertyValueString("grouper.oidcExternalSystem." + str + ".subjectIdClaimName", PersonClaims.PREFERRED_USERNAME_CLAIM_NAME);
        return grouperOidcConfig;
    }

    public String getSubjectIdClaimName() {
        return this.subjectIdClaimName;
    }

    public void setSubjectIdClaimName(String str) {
        this.subjectIdClaimName = str;
    }

    public String getSubjectIdType() {
        return this.subjectIdType;
    }

    public void setSubjectIdType(String str) {
        this.subjectIdType = str;
    }

    public String getSubjectSourceId() {
        return this.subjectSourceId;
    }

    public void setSubjectSourceId(String str) {
        this.subjectSourceId = str;
    }

    public boolean isWs() {
        return this.ws;
    }
}
