package com.idsmanager.oidc;

import java.security.PrivateKey;
import java.util.HashMap;
import java.util.Map;
import java.util.UUID;
import org.jose4j.json.JsonUtil;
import org.jose4j.jwk.JsonWebKey;
import org.jose4j.jwk.RsaJsonWebKey;
import org.jose4j.jws.JsonWebSignature;
import org.jose4j.jwt.JwtClaims;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: classes.dex */
public class IdTokenGenerator extends AbstractIdTokenGenerator {
    public static final String DEFAULT_ALGORITHM = "RS256";
    private static final Logger LOG = LoggerFactory.getLogger(IdTokenGenerator.class);
    protected String algorithm;
    protected JwtClaims claims;
    protected String keyId;
    protected Map<String, Object> map;
    protected PrivateKey privateKey;
    protected String privateKeyJson;

    public IdTokenGenerator(String str, Map<String, Object> map) {
        this.algorithm = "RS256";
        this.map = new HashMap();
        this.privateKeyJson = str;
        this.map = map;
    }

    public IdTokenGenerator(String str, JwtClaims jwtClaims) {
        this.algorithm = "RS256";
        this.map = new HashMap();
        this.privateKeyJson = str;
        this.claims = jwtClaims;
    }

    public IdTokenGenerator(PrivateKey privateKey, Map<String, Object> map) {
        this.algorithm = "RS256";
        this.map = new HashMap();
        this.privateKey = privateKey;
        this.map = map;
    }

    public IdTokenGenerator(PrivateKey privateKey, JwtClaims jwtClaims) {
        this.algorithm = "RS256";
        this.map = new HashMap();
        this.privateKey = privateKey;
        this.claims = jwtClaims;
    }

    public IdTokenGenerator algorithm(String str) {
        this.algorithm = str;
        return this;
    }

    @Override // com.idsmanager.oidc.AbstractIdTokenGenerator
    protected String algorithm() {
        return this.algorithm;
    }

    public String generate() {
        return getIdToken(getJsonWebSignature(getRealKeyId(), getJwtClaims()));
    }

    protected JwtClaims getJwtClaims() {
        if (this.claims != null) {
            return this.claims;
        }
        JwtClaims jwtClaims = new JwtClaims();
        setIdTokenExpirationTime(jwtClaims);
        setAudience(jwtClaims);
        setSubject(jwtClaims);
        jwtClaims.setGeneratedJwtId();
        jwtClaims.setIssuedAtToNow();
        jwtClaims.setNotBeforeMinutesInThePast(1.0f);
        setMoreClaims(jwtClaims);
        setClaimsMap(jwtClaims);
        return jwtClaims;
    }

    protected String getRealKeyId() {
        if (this.keyId != null && this.keyId.length() > 0) {
            return this.keyId;
        }
        if (this.privateKeyJson != null) {
            return JsonWebKey.Factory.newJwk(this.privateKeyJson).getKeyId();
        }
        this.keyId = UUID.randomUUID().toString();
        LOG.debug("Use random keyId: {}", this.keyId);
        return this.keyId;
    }

    public IdTokenGenerator keyId(String str) {
        this.keyId = str;
        return this;
    }

    @Override // com.idsmanager.oidc.AbstractIdTokenGenerator
    protected void setClaimsMap(JwtClaims jwtClaims) {
        if (this.map != null) {
            for (String str : this.map.keySet()) {
                jwtClaims.setClaim(str, this.map.get(str));
            }
        }
    }

    @Override // com.idsmanager.oidc.AbstractIdTokenGenerator
    protected void setJsonWebSignaturePrivateKey(JsonWebSignature jsonWebSignature) {
        if (this.privateKey != null) {
            jsonWebSignature.setKey(this.privateKey);
        } else {
            jsonWebSignature.setKey(new RsaJsonWebKey(JsonUtil.parseJson(this.privateKeyJson)).getPrivateKey());
        }
    }
}
