package com.nimbusds.openid.connect.provider.spi.tokens.response.customizer;

import com.nimbusds.common.config.ConfigurationException;
import com.nimbusds.common.config.LoggableConfiguration;
import com.nimbusds.oauth2.sdk.AccessTokenResponse;
import com.nimbusds.oauth2.sdk.ParseException;
import com.nimbusds.oauth2.sdk.TokenErrorResponse;
import com.nimbusds.oauth2.sdk.TokenResponse;
import com.nimbusds.oauth2.sdk.util.MapUtils;
import com.nimbusds.openid.connect.provider.spi.tokens.response.CustomTokenResponseComposer;
import com.nimbusds.openid.connect.provider.spi.tokens.response.TokenResponseContext;
import com.thetransactioncompany.util.PropertyParseException;
import com.thetransactioncompany.util.PropertyRetriever;
import java.util.Collections;
import java.util.List;
import net.minidev.json.JSONObject;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;

/* loaded from: input_file:com/nimbusds/openid/connect/provider/spi/tokens/response/customizer/TokenResponseCustomizer.class */
public class TokenResponseCustomizer implements CustomTokenResponseComposer, LoggableConfiguration {
    protected static final Logger mainLog = LogManager.getLogger("MAIN");
    protected static final Logger tokenEndpointLog = LogManager.getLogger("TOKEN");
    public final boolean enable;
    public final List<String> paramNames;

    public TokenResponseCustomizer() {
        PropertyRetriever propertyRetriever = new PropertyRetriever(System.getProperties());
        try {
            this.enable = propertyRetriever.getOptBoolean("op.token.response.customizer.enable", false);
            if (this.enable) {
                this.paramNames = propertyRetriever.getOptStringList("op.token.response.customizer.includeAuthzDataParams", Collections.emptyList());
            } else {
                this.paramNames = Collections.emptyList();
            }
            log();
        } catch (PropertyParseException e) {
            throw new ConfigurationException(e.getMessage());
        }
    }

    public void log() {
        mainLog.info("[TRC0000] Token response customizer enabled: {}", Boolean.valueOf(this.enable));
        if (this.enable) {
            mainLog.info("[TRC0001] Token response customizer: Included authorization data parameters: {}", this.paramNames);
        }
    }

    protected JSONObject collectCustomParams(JSONObject jSONObject) {
        JSONObject jSONObject2 = new JSONObject();
        if (MapUtils.isEmpty(jSONObject)) {
            return jSONObject2;
        }
        for (String str : this.paramNames) {
            if (jSONObject.get(str) != null) {
                jSONObject2.put(str, jSONObject.get(str));
            }
        }
        return jSONObject2;
    }

    public TokenResponse compose(TokenResponse tokenResponse, TokenResponseContext tokenResponseContext) {
        if (this.enable && !(tokenResponse instanceof TokenErrorResponse)) {
            AccessTokenResponse successResponse = tokenResponse.toSuccessResponse();
            JSONObject authorizationData = tokenResponseContext.getAuthorizationData();
            if (MapUtils.isEmpty(authorizationData)) {
                return tokenResponse;
            }
            try {
                JSONObject jSONObject = successResponse.toJSONObject();
                JSONObject collectCustomParams = collectCustomParams(authorizationData);
                tokenEndpointLog.debug("[TRC0002] Token response customizer: Included params: {}", collectCustomParams.keySet());
                jSONObject.putAll(collectCustomParams);
                return AccessTokenResponse.parse(jSONObject);
            } catch (ParseException e) {
                throw new RuntimeException("Internal error: " + e.getMessage(), e);
            }
        }
        return tokenResponse;
    }
}
