package org.logevents.util.openid;

import java.io.IOException;
import java.net.URL;
import java.util.HashMap;
import java.util.Map;
import java.util.Optional;
import org.logevents.util.Configuration;
import org.logevents.util.JsonParser;
import org.logevents.util.NetUtils;

/* loaded from: input_file:org/logevents/util/openid/OpenIdConfiguration.class */
public class OpenIdConfiguration {
    private final String clientId;
    private final String clientSecret;
    private final String openIdIssuer;
    private Optional<String> redirectUri;
    private Optional<String> scopes;

    public OpenIdConfiguration(Configuration configuration) {
        this(configuration.getString("openIdIssuer"), configuration.getString("clientId"), configuration.getString("clientSecret"));
        this.redirectUri = configuration.optionalString("redirectUri");
        this.scopes = configuration.optionalString("scopes");
    }

    public OpenIdConfiguration(String str, String str2, String str3) {
        this.redirectUri = Optional.empty();
        this.scopes = Optional.empty();
        this.openIdIssuer = str;
        this.clientId = str2;
        this.clientSecret = str3;
    }

    private String getRedirectUri(String str) {
        return this.redirectUri.orElse(str);
    }

    public String getScopes() {
        return this.scopes.orElse("openid+email+profile");
    }

    public String getAuthorizationUrl(String str, String str2) throws IOException {
        return getAuthorizationEndpoint() + "?response_type=code&client_id=" + this.clientId + "&redirect_uri=" + getRedirectUri(str2 + "/oauth2callback") + "&scope=" + getScopes() + "&state=" + str;
    }

    private String getAuthorizationEndpoint() throws IOException {
        return (String) loadOpenIdConfiguration().get("authorization_endpoint");
    }

    public Map<String, Object> fetchIdToken(String str, String str2) throws IOException {
        return getIdToken(NetUtils.postFormForJson(getTokenUri(), createTokenRequestPayload(str, str2)));
    }

    public Map<String, String> createTokenRequestPayload(String str, String str2) {
        HashMap hashMap = new HashMap();
        hashMap.put("client_id", this.clientId);
        hashMap.put("client_secret", this.clientSecret);
        hashMap.put("redirect_uri", getRedirectUri(str2));
        hashMap.put("grant_type", "authorization_code");
        hashMap.put("code", str);
        return hashMap;
    }

    private Map<String, Object> getIdToken(Map<String, Object> map) throws IOException {
        return (Map) JsonParser.parseFromBase64encodedString(map.get("id_token").toString().split("\\.")[1]);
    }

    private URL getTokenUri() throws IOException {
        return new URL((String) loadOpenIdConfiguration().get("token_endpoint"));
    }

    private Map<String, Object> loadOpenIdConfiguration() throws IOException {
        return (Map) JsonParser.parse(new URL(this.openIdIssuer + "/.well-known/openid-configuration"));
    }
}
