package com.predic8.membrane.core.interceptor.oauth2;

import com.fasterxml.jackson.core.JsonGenerator;
import com.predic8.membrane.core.Router;
import com.predic8.membrane.core.interceptor.oauth2.parameter.ClaimsParameter;
import com.predic8.membrane.core.resolver.ResolverMap;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.util.HashSet;
import java.util.Iterator;
import org.apache.commons.lang3.StringUtils;
import org.jose4j.jws.AlgorithmIdentifiers;

/* loaded from: input_file:lib/service-proxy-core-4.9.0.jar:com/predic8/membrane/core/interceptor/oauth2/WellknownFile.class */
public class WellknownFile {
    private static final String ISSUER = "issuer";
    private static final String AUTHORIZATION_ENDPOINT = "authorization_endpoint";
    private static final String TOKEN_ENDPOINT = "token_endpoint";
    private static final String USERINFO_ENDPOINT = "userinfo_endpoint";
    private static final String REVOCATION_ENDPOINT = "revocation_endpoint";
    private static final String JWKS_URI = "jwks_uri";
    private static final String RESPONSE_TYPES_SUPPORTED = "response_types_supported";
    private static final String SUBJECT_TYPES_SUPPORTED = "subject_types_supported";
    private static final String ID_TOKEN_SIGNING_ALG_VALUES_SUPPORTED = "id_token_signing_alg_values_supported";
    private static final String SCOPES_SUPPORTED = "scopes_supported";
    private static final String TOKEN_ENDPOINT_AUTH_METHODS_SUPPORTED = "token_endpoint_auth_methods_supported";
    private static final String CLAIMS_SUPPORTED = "claims_supported";
    private String wellknown;
    private OAuth2AuthorizationServerInterceptor oasi;
    private ResolverMap resolver;
    private ReusableJsonGenerator reusableJsonGen = new ReusableJsonGenerator();
    private JsonGenerator jsonGen;
    private String authorizationEndpoint;
    private String issuer;
    private String tokenEndpoint;
    private String userinfoEndpoint;
    private String revocationEndpoint;
    private String jwksUri;
    private String supportedResponseTypes;
    private String supportedSubjectType;
    private String supportedIdTokenSigningAlgValues;
    private String supportedScopes;
    private String supportedTokenEndpointAuthMethods;
    private String supportedClaims;

    public void init(Router router, OAuth2AuthorizationServerInterceptor oAuth2AuthorizationServerInterceptor) throws IOException {
        this.resolver = router.getResolverMap();
        this.oasi = oAuth2AuthorizationServerInterceptor;
        getValuesFromOasi();
        writeWellknown();
    }

    public void init(Router router) throws IOException {
        init(router, null);
    }

    private String getOauth2Issuer() {
        return this.oasi.getIssuer();
    }

    private String baseOauth2Url() {
        ResolverMap resolverMap = this.resolver;
        return ResolverMap.combine(getOauth2Issuer() + "/", "oauth2/");
    }

    private void getValuesFromOasi() throws UnsupportedEncodingException {
        if (this.oasi == null) {
            return;
        }
        setIssuer(getOauth2Issuer());
        setAuthorizationEndpoint(baseOauth2Url() + "auth");
        setTokenEndpoint(baseOauth2Url() + "token");
        setUserinfoEndpoint(baseOauth2Url() + ClaimsParameter.USERINFO);
        setRevocationEndpoint(baseOauth2Url() + "revoke");
        setJwksUri(baseOauth2Url() + "certs");
        setSupportedResponseTypes(this.oasi.getSupportedAuthorizationGrants());
        setSupportedSubjectType("public");
        setSupportedIdTokenSigningAlgValues(AlgorithmIdentifiers.RSA_USING_SHA256);
        setSupportedScopes(getSupportedOasiScopes());
        setSupportedTokenEndpointAuthMethods("client_secret_post");
        setSupportedClaims(getSupportedOasiClaims());
    }

    private String getSupportedOasiClaims() {
        return this.oasi.getClaimList().getSupportedClaimsAsString();
    }

    private String getSupportedOasiScopes() {
        return this.oasi.getClaimList().getSupportedScopes();
    }

    private void writeWellknown() throws IOException {
        this.jsonGen = this.reusableJsonGen.resetAndGet();
        this.jsonGen.writeStartObject();
        writeIssuer();
        writeAuthorizationEndpoint();
        writeTokenEndpoint();
        writeUserinfoEndpoint();
        writeRevocationEndpoint();
        writeJwksUri();
        writeSupportedResponseTypes();
        writeSupportedSubjectTypes();
        writeSupportedIdTokenSigningAlgValues();
        writeSupportedScopes();
        writeSupportedTokenEndpointAuthMethods();
        writeSupportedClaims();
        this.jsonGen.writeEndObject();
        setWellknown(this.reusableJsonGen.getJson());
    }

    private void writeSupportedClaims() throws IOException {
        stringEnumToJson(CLAIMS_SUPPORTED, getSupportedClaims().split(StringUtils.SPACE));
    }

    private void writeSupportedTokenEndpointAuthMethods() throws IOException {
        stringEnumToJson(TOKEN_ENDPOINT_AUTH_METHODS_SUPPORTED, getSupportedTokenEndpointAuthMethods().split(StringUtils.SPACE));
    }

    private void writeSupportedScopes() throws IOException {
        stringEnumToJson(SCOPES_SUPPORTED, getSupportedScopes().split(StringUtils.SPACE));
    }

    private void writeSupportedIdTokenSigningAlgValues() throws IOException {
        stringEnumToJson(ID_TOKEN_SIGNING_ALG_VALUES_SUPPORTED, getSupportedIdTokenSigningAlgValues().split(StringUtils.SPACE));
    }

    private void writeSupportedSubjectTypes() throws IOException {
        stringEnumToJson(SUBJECT_TYPES_SUPPORTED, getSupportedSubjectType().split(StringUtils.SPACE));
    }

    private void stringEnumToJson(String str, String... strArr) throws IOException {
        this.jsonGen.writeArrayFieldStart(str);
        for (String str2 : strArr) {
            this.jsonGen.writeString(OAuth2Util.urldecode(str2));
        }
        this.jsonGen.writeEndArray();
    }

    private void writeSupportedResponseTypes() throws IOException {
        stringEnumToJson(RESPONSE_TYPES_SUPPORTED, getSupportedResponseTypes().split(StringUtils.SPACE));
    }

    private void writeJwksUri() throws IOException {
        writeSingleJsonField(JWKS_URI, getJwksUri());
    }

    private void writeSingleJsonField(String str, String str2) throws IOException {
        this.jsonGen.writeObjectField(str, str2);
    }

    private void writeRevocationEndpoint() throws IOException {
        writeSingleJsonField(REVOCATION_ENDPOINT, getRevocationEndpoint());
    }

    private void writeUserinfoEndpoint() throws IOException {
        writeSingleJsonField(USERINFO_ENDPOINT, getUserinfoEndpoint());
    }

    private void writeTokenEndpoint() throws IOException {
        writeSingleJsonField(TOKEN_ENDPOINT, getTokenEndpoint());
    }

    private void writeAuthorizationEndpoint() throws IOException {
        writeSingleJsonField(AUTHORIZATION_ENDPOINT, getAuthorizationEndpoint());
    }

    private void writeIssuer() throws IOException {
        writeSingleJsonField(ISSUER, getIssuer());
    }

    protected String getAuthorizationEndpoint() {
        return this.authorizationEndpoint;
    }

    protected void setAuthorizationEndpoint(String str) {
        this.authorizationEndpoint = str;
    }

    protected String getIssuer() {
        return this.issuer;
    }

    protected void setIssuer(String str) {
        this.issuer = str;
    }

    protected String getTokenEndpoint() {
        return this.tokenEndpoint;
    }

    protected void setTokenEndpoint(String str) {
        this.tokenEndpoint = str;
    }

    protected String getUserinfoEndpoint() {
        return this.userinfoEndpoint;
    }

    protected void setUserinfoEndpoint(String str) {
        this.userinfoEndpoint = str;
    }

    protected String getRevocationEndpoint() {
        return this.revocationEndpoint;
    }

    protected void setRevocationEndpoint(String str) {
        this.revocationEndpoint = str;
    }

    protected String getJwksUri() {
        return this.jwksUri;
    }

    protected void setJwksUri(String str) {
        this.jwksUri = str;
    }

    protected String getSupportedResponseTypes() {
        return this.supportedResponseTypes;
    }

    protected void setSupportedResponseTypes(HashSet<String> hashSet) throws UnsupportedEncodingException {
        StringBuilder sb = new StringBuilder();
        Iterator<String> it = hashSet.iterator();
        while (it.hasNext()) {
            sb.append(StringUtils.SPACE).append(OAuth2Util.urlencode(it.next()));
        }
        setSupportedResponseTypes(sb.toString().trim());
    }

    protected void setSupportedResponseTypes(String str) {
        this.supportedResponseTypes = str;
    }

    protected String getSupportedSubjectType() {
        return this.supportedSubjectType;
    }

    protected void setSupportedSubjectType(String str) {
        this.supportedSubjectType = str;
    }

    protected String getSupportedIdTokenSigningAlgValues() {
        return this.supportedIdTokenSigningAlgValues;
    }

    protected void setSupportedIdTokenSigningAlgValues(String str) {
        this.supportedIdTokenSigningAlgValues = str;
    }

    protected String getSupportedScopes() {
        return this.supportedScopes;
    }

    protected void setSupportedScopes(String str) {
        this.supportedScopes = str;
    }

    protected String getSupportedTokenEndpointAuthMethods() {
        return this.supportedTokenEndpointAuthMethods;
    }

    protected void setSupportedTokenEndpointAuthMethods(String str) {
        this.supportedTokenEndpointAuthMethods = str;
    }

    protected String getSupportedClaims() {
        return this.supportedClaims;
    }

    protected void setSupportedClaims(String str) {
        this.supportedClaims = str;
    }

    public String getWellknown() {
        return this.wellknown;
    }

    public void setWellknown(String str) {
        this.wellknown = str;
    }
}
