package org.apache.tomee.security.cdi.openid;

import jakarta.annotation.PostConstruct;
import jakarta.enterprise.context.SessionScoped;
import jakarta.enterprise.inject.Instance;
import jakarta.inject.Inject;
import jakarta.json.JsonObject;
import jakarta.security.enterprise.authentication.mechanism.http.OpenIdAuthenticationMechanismDefinition;
import jakarta.security.enterprise.identitystore.openid.AccessToken;
import jakarta.security.enterprise.identitystore.openid.IdentityToken;
import jakarta.security.enterprise.identitystore.openid.OpenIdClaims;
import jakarta.security.enterprise.identitystore.openid.OpenIdContext;
import jakarta.security.enterprise.identitystore.openid.RefreshToken;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.util.Optional;
import org.apache.tomee.security.cdi.openid.storage.OpenIdStorageHandler;
import org.apache.tomee.security.http.openid.model.TomEEOpenIdClaims;

@SessionScoped
/* loaded from: input_file:lib/tomee-security-10.0.0-M2.jar:org/apache/tomee/security/cdi/openid/TomEEOpenIdContext.class */
public class TomEEOpenIdContext implements OpenIdContext {

    @Inject
    private Instance<OpenIdAuthenticationMechanismDefinition> definition;

    @Inject
    private OpenIdStorageHandler storageHandler;
    private JsonObject userInfoClaims;
    private String tokenType;
    private AccessToken accessToken;
    private IdentityToken identityToken;
    private Optional<RefreshToken> refreshToken;
    private Long expiresIn;

    @PostConstruct
    public void init() {
        if (this.definition.isUnsatisfied()) {
            throw new IllegalStateException("OpenIdContext is not available if no @OpenIdAuthenticationMechanismDefinition is defined");
        }
    }

    @Override // jakarta.security.enterprise.identitystore.openid.OpenIdContext
    public String getSubject() {
        return getIdentityToken().getJwtClaims().getSubject().orElseThrow(() -> {
            return new IllegalStateException("No subject received from openid provider in id_token");
        });
    }

    @Override // jakarta.security.enterprise.identitystore.openid.OpenIdContext
    public String getTokenType() {
        return this.tokenType;
    }

    @Override // jakarta.security.enterprise.identitystore.openid.OpenIdContext
    public AccessToken getAccessToken() {
        return this.accessToken;
    }

    @Override // jakarta.security.enterprise.identitystore.openid.OpenIdContext
    public IdentityToken getIdentityToken() {
        return this.identityToken;
    }

    @Override // jakarta.security.enterprise.identitystore.openid.OpenIdContext
    public Optional<RefreshToken> getRefreshToken() {
        return this.refreshToken;
    }

    @Override // jakarta.security.enterprise.identitystore.openid.OpenIdContext
    public Optional<Long> getExpiresIn() {
        return Optional.ofNullable(this.expiresIn);
    }

    @Override // jakarta.security.enterprise.identitystore.openid.OpenIdContext
    public JsonObject getClaimsJson() {
        return this.userInfoClaims;
    }

    @Override // jakarta.security.enterprise.identitystore.openid.OpenIdContext
    public OpenIdClaims getClaims() {
        return new TomEEOpenIdClaims(getClaimsJson());
    }

    @Override // jakarta.security.enterprise.identitystore.openid.OpenIdContext
    public JsonObject getProviderMetadata() {
        throw new UnsupportedOperationException();
    }

    @Override // jakarta.security.enterprise.identitystore.openid.OpenIdContext
    public <T> Optional<T> getStoredValue(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) {
        return Optional.ofNullable(this.storageHandler.get(httpServletRequest, httpServletResponse, str));
    }

    public void setUserInfoClaims(JsonObject jsonObject) {
        this.userInfoClaims = jsonObject;
    }

    public void setTokenType(String str) {
        this.tokenType = str;
    }

    public void setAccessToken(AccessToken accessToken) {
        this.accessToken = accessToken;
    }

    public void setIdentityToken(IdentityToken identityToken) {
        this.identityToken = identityToken;
    }

    public void setRefreshToken(Optional<RefreshToken> optional) {
        this.refreshToken = optional;
    }

    public void setExpiresIn(Long l) {
        this.expiresIn = l;
    }
}
