package com.nimbusds.openid.connect.provider.spi.impl.grants.handlers.local.jwt.selfissued;

import com.nimbusds.jwt.JWTClaimsSet;
import com.nimbusds.oauth2.sdk.GeneralException;
import com.nimbusds.oauth2.sdk.GrantType;
import com.nimbusds.oauth2.sdk.Scope;
import com.nimbusds.oauth2.sdk.id.ClientID;
import com.nimbusds.oauth2.sdk.id.Subject;
import com.nimbusds.openid.connect.provider.spi.grants.AccessTokenSpec;
import com.nimbusds.openid.connect.provider.spi.grants.ClaimsSpec;
import com.nimbusds.openid.connect.provider.spi.grants.GrantHandlerContext;
import com.nimbusds.openid.connect.provider.spi.grants.IDTokenSpec;
import com.nimbusds.openid.connect.provider.spi.grants.SelfIssuedAssertionAuthorization;
import com.nimbusds.openid.connect.provider.spi.grants.SelfIssuedJWTGrantHandler;
import com.nimbusds.openid.connect.provider.spi.grants.TokenRequestParameters;
import com.nimbusds.openid.connect.provider.spi.impl.common.ClientMetadataFilter;
import com.nimbusds.openid.connect.provider.spi.impl.common.ScopeUtils;
import com.nimbusds.openid.connect.provider.spi.impl.grants.handlers.BaseGrantHandler;
import com.nimbusds.openid.connect.sdk.rp.OIDCClientMetadata;
import java.util.Properties;
import net.jcip.annotations.ThreadSafe;

@ThreadSafe
/* loaded from: input_file:com/nimbusds/openid/connect/provider/spi/impl/grants/handlers/local/jwt/selfissued/SimpleSelfIssuedJWTGrantHandler.class */
public class SimpleSelfIssuedJWTGrantHandler extends BaseGrantHandler implements SelfIssuedJWTGrantHandler {
    public static final String CONFIG_FILE_PATH = "/WEB-INF/selfIssuedJWTBearerHandler.properties";
    static final /* synthetic */ boolean $assertionsDisabled;

    public SimpleSelfIssuedJWTGrantHandler() {
        super(CONFIG_FILE_PATH);
    }

    @Override // com.nimbusds.openid.connect.provider.spi.impl.grants.handlers.BaseGrantHandler
    public Configuration loadConfiguration(Properties properties) {
        return new Configuration(properties);
    }

    @Override // com.nimbusds.openid.connect.provider.spi.impl.grants.handlers.BaseGrantHandler
    public Configuration getConfiguration() {
        return (Configuration) this.config;
    }

    public GrantType getGrantType() {
        return GrantType.JWT_BEARER;
    }

    public SelfIssuedAssertionAuthorization processSelfIssuedGrant(JWTClaimsSet jWTClaimsSet, TokenRequestParameters tokenRequestParameters, ClientID clientID, OIDCClientMetadata oIDCClientMetadata, GrantHandlerContext grantHandlerContext) throws GeneralException {
        ensureEnabled();
        logTokenRequest(tokenRequestParameters, clientID);
        Scope resolveAuthorizedScope = ScopeUtils.resolveAuthorizedScope(tokenRequestParameters.getScope(), oIDCClientMetadata.getScope());
        if ($assertionsDisabled || getConfiguration().accessToken != null) {
            return new SelfIssuedAssertionAuthorization(new Subject(jWTClaimsSet.getSubject()), resolveAuthorizedScope, new AccessTokenSpec(getConfiguration().accessToken.lifetime, getConfiguration().accessToken.audienceList, getConfiguration().accessToken.encoding, getConfiguration().accessToken.encrypt), IDTokenSpec.NONE, new ClaimsSpec(grantHandlerContext.resolveClaimNames(resolveAuthorizedScope)), new ClientMetadataFilter(getConfiguration().accessToken.includeClientMetadataFields).filter(oIDCClientMetadata));
        }
        throw new AssertionError();
    }

    static {
        $assertionsDisabled = !SimpleSelfIssuedJWTGrantHandler.class.desiredAssertionStatus();
    }
}
