package leap.oauth2.as.openid;

import java.util.LinkedHashMap;
import java.util.Map;
import leap.core.annotation.Inject;
import leap.core.security.token.jwt.JwtSigner;
import leap.core.security.token.jwt.MacSigner;
import leap.lang.New;
import leap.lang.Strings;
import leap.oauth2.OAuth2Params;
import leap.oauth2.as.OAuth2AuthzServerConfig;
import leap.oauth2.as.authc.AuthzAuthentication;
import leap.oauth2.as.client.AuthzClient;
import leap.oauth2.as.userinfo.AuthzUserInfo;
import leap.web.security.user.UserDetails;

/* loaded from: input_file:leap/oauth2/as/openid/JwtIdTokenGenerator.class */
public class JwtIdTokenGenerator implements IdTokenGenerator {

    @Inject
    protected OAuth2AuthzServerConfig config;

    @Override // leap.oauth2.as.openid.IdTokenGenerator
    public String generateIdToken(AuthzAuthentication authzAuthentication) {
        return generateIdToken(authzAuthentication, New.hashMap());
    }

    @Override // leap.oauth2.as.openid.IdTokenGenerator
    public String generateIdToken(AuthzAuthentication authzAuthentication, Map<String, Object> map) {
        return generateIdToken(authzAuthentication, map, this.config.getDefaultIdTokenExpires());
    }

    @Override // leap.oauth2.as.openid.IdTokenGenerator
    public String generateIdToken(AuthzAuthentication authzAuthentication, Map<String, Object> map, int i) {
        return getJwtSigner(authzAuthentication, i).sign(getJwtClaims(authzAuthentication, map, i));
    }

    protected JwtSigner getJwtSigner(AuthzAuthentication authzAuthentication, int i) {
        return new MacSigner(authzAuthentication.getClientDetails().getSecret(), i);
    }

    protected Map<String, Object> getJwtClaims(AuthzAuthentication authzAuthentication, Map<String, Object> map, int i) {
        OAuth2Params params = authzAuthentication.getParams();
        AuthzClient clientDetails = authzAuthentication.getClientDetails();
        UserDetails userDetails = authzAuthentication.getUserDetails();
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        linkedHashMap.put("aud", clientDetails.getId());
        linkedHashMap.put(AuthzUserInfo.SUBJECT, userDetails.getId().toString());
        linkedHashMap.put("exp", Long.valueOf((System.currentTimeMillis() / 1000) + i));
        linkedHashMap.put(AuthzUserInfo.NAME, userDetails.getName());
        linkedHashMap.put("login_name", userDetails.getLoginName());
        String nonce = params.getNonce();
        if (!Strings.isEmpty(nonce)) {
            linkedHashMap.put(OAuth2Params.NONCE, nonce);
        }
        if (map != null) {
            map.forEach((str, obj) -> {
                linkedHashMap.put(str, obj);
            });
        }
        return linkedHashMap;
    }
}
