package no.nav.security.mock.oauth2.grant;

import com.nimbusds.jwt.JWT;
import com.nimbusds.jwt.SignedJWT;
import com.nimbusds.oauth2.sdk.AuthorizationCode;
import com.nimbusds.oauth2.sdk.Scope;
import com.nimbusds.oauth2.sdk.TokenRequest;
import com.nimbusds.oauth2.sdk.id.State;
import com.nimbusds.oauth2.sdk.token.AccessToken;
import com.nimbusds.openid.connect.sdk.AuthenticationRequest;
import com.nimbusds.openid.connect.sdk.AuthenticationSuccessResponse;
import com.nimbusds.openid.connect.sdk.Nonce;
import java.util.HashMap;
import java.util.Map;
import java.util.UUID;
import kotlin.Metadata;
import kotlin.jvm.internal.Intrinsics;
import mu.KLogger;
import no.nav.security.mock.callback.TokenCallback;
import no.nav.security.mock.extensions.NimbusExtensionsKt;
import no.nav.security.mock.oauth2.OAuth2TokenProvider;
import no.nav.security.mock.oauth2.OAuth2TokenResponse;
import okhttp3.HttpUrl;
import org.jetbrains.annotations.NotNull;

/* compiled from: AuthorizationCodeGrantHandler.kt */
@Metadata(mv = {1, 1, 16}, bv = {1, 0, 3}, k = 1, d1 = {"��@\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0010%\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n\u0002\b\u0004\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n��\u0018��2\u00020\u0001B\r\u0012\u0006\u0010\u0002\u001a\u00020\u0003¢\u0006\u0002\u0010\u0004J\u000e\u0010\t\u001a\u00020\n2\u0006\u0010\u000b\u001a\u00020\bJ\u0012\u0010\f\u001a\u0004\u0018\u00010\b2\u0006\u0010\r\u001a\u00020\u0007H\u0002J \u0010\u000e\u001a\u00020\u000f2\u0006\u0010\u0010\u001a\u00020\u00112\u0006\u0010\u0012\u001a\u00020\u00132\u0006\u0010\u0014\u001a\u00020\u0015H\u0016R\u001a\u0010\u0005\u001a\u000e\u0012\u0004\u0012\u00020\u0007\u0012\u0004\u0012\u00020\b0\u0006X\u0082\u0004¢\u0006\u0002\n��R\u000e\u0010\u0002\u001a\u00020\u0003X\u0082\u0004¢\u0006\u0002\n��¨\u0006\u0016"}, d2 = {"Lno/nav/security/mock/oauth2/grant/AuthorizationCodeHandler;", "Lno/nav/security/mock/oauth2/grant/GrantHandler;", "tokenProvider", "Lno/nav/security/mock/oauth2/OAuth2TokenProvider;", "(Lno/nav/security/mock/oauth2/OAuth2TokenProvider;)V", "codeToAuthRequestCache", "", "Lcom/nimbusds/oauth2/sdk/AuthorizationCode;", "Lcom/nimbusds/openid/connect/sdk/AuthenticationRequest;", "authorizationCodeResponse", "Lcom/nimbusds/openid/connect/sdk/AuthenticationSuccessResponse;", "authenticationRequest", "getAuthenticationRequest", "code", "tokenResponse", "Lno/nav/security/mock/oauth2/OAuth2TokenResponse;", "tokenRequest", "Lcom/nimbusds/oauth2/sdk/TokenRequest;", "issuerUrl", "Lokhttp3/HttpUrl;", "tokenCallback", "Lno/nav/security/mock/callback/TokenCallback;", "mock-oauth2-server"})
/* loaded from: input_file:no/nav/security/mock/oauth2/grant/AuthorizationCodeHandler.class */
public final class AuthorizationCodeHandler implements GrantHandler {
    private final Map<AuthorizationCode, AuthenticationRequest> codeToAuthRequestCache;
    private final OAuth2TokenProvider tokenProvider;

    @NotNull
    public final AuthenticationSuccessResponse authorizationCodeResponse(@NotNull AuthenticationRequest authenticationRequest) {
        KLogger kLogger;
        Intrinsics.checkParameterIsNotNull(authenticationRequest, "authenticationRequest");
        AuthorizationCode authorizationCode = new AuthorizationCode();
        kLogger = AuthorizationCodeGrantHandlerKt.log;
        kLogger.debug("issuing authorization code " + authorizationCode);
        this.codeToAuthRequestCache.put(authorizationCode, authenticationRequest);
        return new AuthenticationSuccessResponse(authenticationRequest.getRedirectionURI(), authorizationCode, (JWT) null, (AccessToken) null, authenticationRequest.getState(), (State) null, authenticationRequest.getResponseMode());
    }

    @Override // no.nav.security.mock.oauth2.grant.GrantHandler
    @NotNull
    public OAuth2TokenResponse tokenResponse(@NotNull TokenRequest tokenRequest, @NotNull HttpUrl httpUrl, @NotNull TokenCallback tokenCallback) {
        String str;
        Intrinsics.checkParameterIsNotNull(tokenRequest, "tokenRequest");
        Intrinsics.checkParameterIsNotNull(httpUrl, "issuerUrl");
        Intrinsics.checkParameterIsNotNull(tokenCallback, "tokenCallback");
        AuthenticationRequest authenticationRequest = getAuthenticationRequest(NimbusExtensionsKt.authorizationCode(tokenRequest));
        Scope scope = tokenRequest.getScope();
        String scope2 = scope != null ? scope.toString() : null;
        if (authenticationRequest != null) {
            Nonce nonce = authenticationRequest.getNonce();
            if (nonce != null) {
                str = nonce.getValue();
                String str2 = str;
                SignedJWT idToken = this.tokenProvider.idToken(tokenRequest, httpUrl, str2, tokenCallback);
                return new OAuth2TokenResponse("Bearer", idToken.serialize(), this.tokenProvider.accessToken(tokenRequest, httpUrl, str2, tokenCallback).serialize(), UUID.randomUUID().toString(), NimbusExtensionsKt.expiresIn(idToken), scope2);
            }
        }
        str = null;
        String str22 = str;
        SignedJWT idToken2 = this.tokenProvider.idToken(tokenRequest, httpUrl, str22, tokenCallback);
        return new OAuth2TokenResponse("Bearer", idToken2.serialize(), this.tokenProvider.accessToken(tokenRequest, httpUrl, str22, tokenCallback).serialize(), UUID.randomUUID().toString(), NimbusExtensionsKt.expiresIn(idToken2), scope2);
    }

    private final AuthenticationRequest getAuthenticationRequest(AuthorizationCode authorizationCode) {
        return this.codeToAuthRequestCache.get(authorizationCode);
    }

    public AuthorizationCodeHandler(@NotNull OAuth2TokenProvider oAuth2TokenProvider) {
        Intrinsics.checkParameterIsNotNull(oAuth2TokenProvider, "tokenProvider");
        this.tokenProvider = oAuth2TokenProvider;
        this.codeToAuthRequestCache = new HashMap();
    }
}
