package be.atbash.ee.security.octopus.sso.client.logout;

import be.atbash.ee.security.octopus.sso.client.JWSAlgorithmFactory;
import be.atbash.ee.security.octopus.sso.client.config.OctopusSSOServerClientConfiguration;
import be.atbash.ee.security.octopus.util.TimeUtil;
import be.atbash.util.StringUtils;
import be.atbash.util.exception.AtbashUnexpectedException;
import com.nimbusds.jose.JOSEException;
import com.nimbusds.jose.JWSAlgorithm;
import com.nimbusds.jose.JWSHeader;
import com.nimbusds.jose.crypto.MACSigner;
import com.nimbusds.jwt.SignedJWT;
import com.nimbusds.oauth2.sdk.ParseException;
import com.nimbusds.oauth2.sdk.id.Issuer;
import com.nimbusds.oauth2.sdk.id.State;
import com.nimbusds.oauth2.sdk.id.Subject;
import com.nimbusds.openid.connect.sdk.LogoutRequest;
import com.nimbusds.openid.connect.sdk.claims.IDTokenClaimsSet;
import java.net.URI;
import java.util.ArrayList;
import java.util.Date;
import javax.annotation.PostConstruct;
import javax.enterprise.context.ApplicationScoped;
import javax.inject.Inject;

@ApplicationScoped
/* loaded from: input_file:be/atbash/ee/security/octopus/sso/client/logout/LogoutURLCreator.class */
public class LogoutURLCreator {

    @Inject
    private OctopusSSOServerClientConfiguration ssoServerClientConfiguration;

    @Inject
    private JWSAlgorithmFactory jwsAlgorithmFactory;

    @Inject
    private TimeUtil timeUtil;
    private JWSAlgorithm algorithm;
    private Issuer issuer;
    private static LogoutURLCreator INSTANCE;
    private static final Object LOCK = new Object();

    @PostConstruct
    public void init() {
        this.algorithm = this.jwsAlgorithmFactory.determineOptimalAlgorithm(this.ssoServerClientConfiguration.getSSOClientSecret());
        this.issuer = new Issuer(this.ssoServerClientConfiguration.getSSOClientId());
    }

    public String createLogoutURL(String str, String str2) {
        Date date = new Date();
        IDTokenClaimsSet iDTokenClaimsSet = new IDTokenClaimsSet(this.issuer, new Subject(str2), new ArrayList(), this.timeUtil.addSecondsToDate(2L, date), date);
        try {
            JWSHeader.Builder builder = new JWSHeader.Builder(this.algorithm);
            builder.customParam("clientId", this.ssoServerClientConfiguration.getSSOClientId());
            SignedJWT signedJWT = new SignedJWT(builder.build(), iDTokenClaimsSet.toJWTClaimsSet());
            signedJWT.sign(new MACSigner(this.ssoServerClientConfiguration.getSSOClientSecret()));
            URI uri = null;
            if (StringUtils.hasText(str)) {
                uri = URI.create(str);
            }
            return new LogoutRequest(URI.create(this.ssoServerClientConfiguration.getLogoutPage()), signedJWT, uri, (State) null).toURI().toASCIIString();
        } catch (ParseException | JOSEException e) {
            throw new AtbashUnexpectedException(e);
        }
    }

    public static LogoutURLCreator getInstance() {
        if (INSTANCE == null) {
            synchronized (LOCK) {
                if (INSTANCE == null) {
                    INSTANCE = new LogoutURLCreator();
                    INSTANCE.ssoServerClientConfiguration = OctopusSSOServerClientConfiguration.getInstance();
                    INSTANCE.jwsAlgorithmFactory = JWSAlgorithmFactory.getInstance();
                    INSTANCE.timeUtil = TimeUtil.getInstance();
                    INSTANCE.init();
                }
            }
        }
        return INSTANCE;
    }
}
