package edu.uiuc.ncsa.myproxy.oa4mp.oauth2.servlet;

import edu.uiuc.ncsa.myproxy.oa4mp.oauth2.OA2SE;
import edu.uiuc.ncsa.myproxy.oa4mp.oauth2.cm.oidc_cm.OIDCCMConstants;
import edu.uiuc.ncsa.myproxy.oa4mp.server.servlet.DiscoveryServlet;
import edu.uiuc.ncsa.security.util.jwk.JSONWebKeyUtil;
import java.io.PrintWriter;
import java.util.Iterator;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import net.sf.json.JSONArray;
import net.sf.json.JSONObject;
import net.sf.json.util.JSONUtils;

/* loaded from: input_file:edu/uiuc/ncsa/myproxy/oa4mp/oauth2/servlet/OA2DiscoveryServlet.class */
public class OA2DiscoveryServlet extends DiscoveryServlet {
    public static final String TOKEN_ENDPOINT = "token_endpoint";
    public static final String USERINFO_ENDPOINT = "userinfo_endpoint";
    public static final String ISSUER = "issuer";

    protected void doIt(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Throwable {
        String requestURI = httpServletRequest.getRequestURI();
        if (requestURI.endsWith("/")) {
            requestURI = requestURI.substring(0, requestURI.length() - 1);
        }
        if (!requestURI.endsWith("/certs")) {
            super.doIt(httpServletRequest, httpServletResponse);
            return;
        }
        String valueToString = JSONUtils.valueToString(JSONWebKeyUtil.toJSON(JSONWebKeyUtil.makePublic(getServiceEnvironment().getJsonWebKeys())), 1, 0);
        httpServletResponse.setHeader("Content-Type", "application/json;charset=UTF-8");
        PrintWriter writer = httpServletResponse.getWriter();
        writer.write(valueToString);
        writer.flush();
        writer.close();
    }

    public static String getIssuer(HttpServletRequest httpServletRequest) {
        OA2SE serviceEnvironment = getServiceEnvironment();
        return serviceEnvironment.getIssuer() != null ? serviceEnvironment.getIssuer() : getRequestURI(httpServletRequest, false);
    }

    protected JSONObject setValues(HttpServletRequest httpServletRequest, JSONObject jSONObject) {
        OA2SE serviceEnvironment = getServiceEnvironment();
        String requestURI = getRequestURI(httpServletRequest);
        if (requestURI.endsWith("/")) {
            requestURI = requestURI.substring(0, requestURI.length() - 1);
        }
        JSONObject values = super.setValues(httpServletRequest, jSONObject);
        values.put(OIDCCMConstants.JWKS_URI, requestURI + "/certs");
        values.put("issuer", getIssuer(httpServletRequest));
        values.put(TOKEN_ENDPOINT, requestURI + "/token");
        values.put(USERINFO_ENDPOINT, requestURI + "/userinfo");
        values.put("token_endpoint_auth_methods_supported", (Object) null);
        JSONArray jSONArray = new JSONArray();
        jSONArray.add("client_secret_post");
        values.put("token_endpoint_auth_methods_supported", jSONArray);
        JSONArray jSONArray2 = new JSONArray();
        jSONArray2.add("public");
        values.put("subject_types_supported", jSONArray2);
        JSONArray jSONArray3 = new JSONArray();
        Iterator<String> it = serviceEnvironment.getScopes().iterator();
        while (it.hasNext()) {
            jSONArray3.add(it.next());
        }
        values.put("scopes_supported", jSONArray3);
        JSONArray jSONArray4 = new JSONArray();
        jSONArray4.add("code");
        jSONArray4.add("token");
        jSONArray4.add("id_token");
        values.put("response_types_supported", jSONArray4);
        JSONArray jSONArray5 = new JSONArray();
        if (serviceEnvironment.getClaimSource() != null) {
            jSONArray5.addAll(serviceEnvironment.getClaimSource().getClaims());
            values.put("claims_supported", jSONArray5);
        }
        JSONArray jSONArray6 = new JSONArray();
        jSONArray6.add("RS256");
        jSONArray6.add("RS384");
        jSONArray6.add("RS512");
        values.put("id_token_signing_alg_values_supported", jSONArray6);
        return values;
    }
}
