package software.xdev.bzst.dip.client.webclient;

import com.fasterxml.jackson.core.type.TypeReference;
import io.jsonwebtoken.JwtBuilder;
import io.jsonwebtoken.Jwts;
import java.security.PrivateKey;
import java.time.Duration;
import java.util.Date;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.UUID;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import software.xdev.bzst.dip.client.generated.api.MdEinreichenProviderApi;
import software.xdev.bzst.dip.client.model.configuration.BzstDipConfiguration;

/* loaded from: input_file:software/xdev/bzst/dip/client/webclient/BearerTokenRequester.class */
public class BearerTokenRequester {
    private static final Logger LOGGER = LoggerFactory.getLogger(BearerTokenRequester.class);
    private static final String BEARER_STRING = "Bearer ";
    public static final String MDS_POSTFIX = "/auth/realms/mds";
    private final MdEinreichenProviderApi client;
    private final BzstDipConfiguration configuration;

    public BearerTokenRequester(BzstDipConfiguration bzstDipConfiguration, MdEinreichenProviderApi mdEinreichenProviderApi) {
        this.configuration = bzstDipConfiguration;
        this.client = mdEinreichenProviderApi;
    }

    public String getAccessToken() {
        LOGGER.debug("Getting access token...");
        String createRequestToken = createRequestToken();
        HashMap hashMap = new HashMap();
        hashMap.put("grant_type", "client_credentials");
        hashMap.put("client_assertion_type", "urn:ietf:params:oauth:client-assertion-type:jwt-bearer");
        hashMap.put("client_assertion", createRequestToken);
        return ((AccessTokenHttpResponse) this.client.getApiClient().invokeAPI("/auth/realms/mds/protocol/openid-connect/token", "POST", List.of(), List.of(), "", null, Map.of(), Map.of(), hashMap, "", "application/x-www-form-urlencoded;charset=UTF8", new String[0], new TypeReference<AccessTokenHttpResponse>() { // from class: software.xdev.bzst.dip.client.webclient.BearerTokenRequester.1
        })).getAccessToken();
    }

    public String getAccessTokenWithBearerPrefix() {
        return "Bearer " + getAccessToken();
    }

    private String createRequestToken() {
        LOGGER.debug("Creating jwt token...");
        PrivateKey privateKey = this.configuration.getSigningProvider().getPrivateKey();
        String clientId = this.configuration.getClientId();
        LOGGER.debug("Using client id: {}", clientId);
        return ((JwtBuilder) Jwts.builder().issuer(clientId).subject(clientId).audience().add(this.configuration.getRealmEnvironmentBaseUrl() + "/auth/realms/mds").and()).issuedAt(new Date()).expiration(new Date(System.currentTimeMillis() + Duration.ofMinutes(5L).toMillis())).id(UUID.randomUUID().toString()).notBefore(new Date(System.currentTimeMillis() - Duration.ofMinutes(1L).toMillis())).signWith(privateKey, Jwts.SIG.RS256).compact();
    }
}
