package org.mitre.openid.connect.client.service.impl;

import com.google.common.base.Joiner;
import com.nimbusds.jose.JWSHeader;
import com.nimbusds.jwt.JWTClaimsSet;
import com.nimbusds.jwt.SignedJWT;
import java.net.URISyntaxException;
import java.util.Map;
import org.apache.http.client.utils.URIBuilder;
import org.mitre.jwt.signer.service.JwtSigningAndValidationService;
import org.mitre.oauth2.model.RegisteredClient;
import org.mitre.openid.connect.client.service.AuthRequestUrlBuilder;
import org.mitre.openid.connect.config.ServerConfiguration;
import org.springframework.security.authentication.AuthenticationServiceException;

/* loaded from: input_file:org/mitre/openid/connect/client/service/impl/SignedAuthRequestUrlBuilder.class */
public class SignedAuthRequestUrlBuilder implements AuthRequestUrlBuilder {
    private JwtSigningAndValidationService signingAndValidationService;

    @Override // org.mitre.openid.connect.client.service.AuthRequestUrlBuilder
    public String buildAuthRequestUrl(ServerConfiguration serverConfiguration, RegisteredClient registeredClient, String str, String str2, String str3, Map<String, String> map) {
        JWTClaimsSet jWTClaimsSet = new JWTClaimsSet();
        jWTClaimsSet.setClaim("response_type", "code");
        jWTClaimsSet.setClaim("client_id", registeredClient.getClientId());
        jWTClaimsSet.setClaim("scope", Joiner.on(" ").join(registeredClient.getScope()));
        jWTClaimsSet.setClaim("redirect_uri", str);
        jWTClaimsSet.setClaim("nonce", str2);
        jWTClaimsSet.setClaim("state", str3);
        for (Map.Entry<String, String> entry : map.entrySet()) {
            jWTClaimsSet.setClaim(entry.getKey(), entry.getValue());
        }
        SignedJWT signedJWT = new SignedJWT(new JWSHeader(this.signingAndValidationService.getDefaultSigningAlgorithm()), jWTClaimsSet);
        this.signingAndValidationService.signJwt(signedJWT);
        try {
            URIBuilder uRIBuilder = new URIBuilder(serverConfiguration.getAuthorizationEndpointUri());
            uRIBuilder.addParameter("request", signedJWT.serialize());
            return uRIBuilder.build().toString();
        } catch (URISyntaxException e) {
            throw new AuthenticationServiceException("Malformed Authorization Endpoint Uri", e);
        }
    }

    public JwtSigningAndValidationService getSigningAndValidationService() {
        return this.signingAndValidationService;
    }

    public void setSigningAndValidationService(JwtSigningAndValidationService jwtSigningAndValidationService) {
        this.signingAndValidationService = jwtSigningAndValidationService;
    }
}
