package pl.edu.icm.unity.oauth.as.token;

import com.fasterxml.jackson.core.JsonProcessingException;
import com.nimbusds.jwt.JWT;
import com.nimbusds.jwt.SignedJWT;
import com.nimbusds.oauth2.sdk.AccessTokenResponse;
import com.nimbusds.oauth2.sdk.token.AccessToken;
import com.nimbusds.oauth2.sdk.token.RefreshToken;
import com.nimbusds.oauth2.sdk.token.Tokens;
import com.nimbusds.openid.connect.sdk.OIDCTokenResponse;
import com.nimbusds.openid.connect.sdk.token.OIDCTokens;
import java.text.ParseException;
import java.util.Calendar;
import java.util.Date;
import java.util.Map;
import pl.edu.icm.unity.engine.api.token.TokensManagement;
import pl.edu.icm.unity.exceptions.EngineException;
import pl.edu.icm.unity.exceptions.InternalException;
import pl.edu.icm.unity.oauth.as.OAuthASProperties;
import pl.edu.icm.unity.oauth.as.OAuthProcessor;
import pl.edu.icm.unity.oauth.as.OAuthToken;
import pl.edu.icm.unity.types.basic.EntityParam;

/* loaded from: input_file:pl/edu/icm/unity/oauth/as/token/TokenUtils.class */
class TokenUtils {
    TokenUtils() {
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static RefreshToken addRefreshToken(OAuthASProperties oAuthASProperties, TokensManagement tokensManagement, Date date, OAuthToken oAuthToken, Long l) throws EngineException, JsonProcessingException {
        RefreshToken refreshToken = getRefreshToken(oAuthASProperties);
        if (refreshToken != null) {
            oAuthToken.setRefreshToken(refreshToken.getValue());
            tokensManagement.addToken(OAuthProcessor.INTERNAL_REFRESH_TOKEN, refreshToken.getValue(), new EntityParam(l), oAuthToken.getSerialized(), date, getRefreshTokenExpiration(oAuthASProperties, date));
        }
        return refreshToken;
    }

    private static Date getRefreshTokenExpiration(OAuthASProperties oAuthASProperties, Date date) {
        int refreshTokenValidity = oAuthASProperties.getRefreshTokenValidity();
        Calendar calendar = Calendar.getInstance();
        calendar.setTime(date);
        if (refreshTokenValidity == 0) {
            return null;
        }
        if (refreshTokenValidity > 0) {
            calendar.add(13, refreshTokenValidity);
        }
        return calendar.getTime();
    }

    private static RefreshToken getRefreshToken(OAuthASProperties oAuthASProperties) {
        RefreshToken refreshToken = null;
        if (oAuthASProperties.getRefreshTokenValidity() >= 0) {
            refreshToken = new RefreshToken();
        }
        return refreshToken;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static Date getAccessTokenExpiration(OAuthASProperties oAuthASProperties, Date date) {
        return new Date(date.getTime() + (oAuthASProperties.getAccessTokenValidity() * 1000));
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static AccessTokenResponse getAccessTokenResponse(OAuthToken oAuthToken, AccessToken accessToken, RefreshToken refreshToken, Map<String, Object> map) {
        JWT decodeIDToken = decodeIDToken(oAuthToken);
        return decodeIDToken == null ? new AccessTokenResponse(new Tokens(accessToken, refreshToken), map) : new OIDCTokenResponse(new OIDCTokens(decodeIDToken, accessToken, refreshToken), map);
    }

    private static JWT decodeIDToken(OAuthToken oAuthToken) {
        try {
            if (oAuthToken.getOpenidInfo() == null) {
                return null;
            }
            return SignedJWT.parse(oAuthToken.getOpenidInfo());
        } catch (ParseException e) {
            throw new InternalException("Can not parse the internal id token", e);
        }
    }
}
