package net.trajano.openidconnect.provider.endpoints;

import java.net.URI;
import javax.annotation.PostConstruct;
import javax.ejb.EJB;
import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.GET;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import javax.ws.rs.core.CacheControl;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.UriBuilder;
import net.trajano.openidconnect.auth.ResponseMode;
import net.trajano.openidconnect.core.OpenIdProviderConfiguration;
import net.trajano.openidconnect.core.Scope;
import net.trajano.openidconnect.core.SubjectIdentifierType;
import net.trajano.openidconnect.core.TokenEndPointAuthMethod;
import net.trajano.openidconnect.crypto.JsonWebAlgorithm;
import net.trajano.openidconnect.provider.spi.KeyProvider;
import net.trajano.openidconnect.provider.spi.UserinfoProvider;
import net.trajano.openidconnect.token.GrantType;
import org.eclipse.persistence.internal.oxm.Constants;

@Path("openid-configuration")
/* loaded from: input_file:WEB-INF/lib/openid-connect-provider-1.0.1.jar:net/trajano/openidconnect/provider/endpoints/WellKnownOpenIdConfiguration.class */
public class WellKnownOpenIdConfiguration {
    public static final String CODE = "code";
    public static final String CODE_ID_TOKEN = "code id_token";
    public static final String CODE_ID_TOKEN_TOKEN = "code id_token token";
    public static final String CODE_TOKEN = "code token";
    public static final String ID_TOKEN = "id_token";
    public static final String ID_TOKEN_TOKEN = "id_token token";
    private String authorizationMapping;
    private String jwksMapping;
    private KeyProvider keyProvider;
    private String revocationMapping;
    private String tokenMapping;
    private String userinfoMapping;
    private String endSessionMapping;
    private UserinfoProvider userinfoProvider;

    @PostConstruct
    public void init() {
        String str;
        str = "V1";
        str = str.startsWith(Constants.XPATH_SEPARATOR) ? "V1" : Constants.XPATH_SEPARATOR + str;
        this.jwksMapping = str + "/jwks";
        this.authorizationMapping = str + "/auth";
        this.tokenMapping = str + "/token";
        this.userinfoMapping = str + "/profile";
        this.revocationMapping = str + "/revocation";
        this.endSessionMapping = str + "/end";
    }

    @GET
    @Produces({"application/json"})
    public Response op(@Context HttpServletRequest httpServletRequest) {
        OpenIdProviderConfiguration openIdProviderConfiguration = new OpenIdProviderConfiguration();
        UriBuilder fragment = UriBuilder.fromUri(URI.create(httpServletRequest.getRequestURL().toString())).scheme("https").replaceQuery((String) null).fragment((String) null);
        openIdProviderConfiguration.setIssuer(fragment.replacePath(httpServletRequest.getContextPath()).build(new Object[0]));
        openIdProviderConfiguration.setJwksUri(fragment.replacePath(httpServletRequest.getContextPath() + this.jwksMapping).build(new Object[0]));
        openIdProviderConfiguration.setAuthorizationEndpoint(fragment.replacePath(httpServletRequest.getContextPath() + this.authorizationMapping).build(new Object[0]));
        openIdProviderConfiguration.setRevocationEndpoint(fragment.replacePath(httpServletRequest.getContextPath() + this.revocationMapping).build(new Object[0]));
        openIdProviderConfiguration.setTokenEndpoint(fragment.replacePath(httpServletRequest.getContextPath() + this.tokenMapping).build(new Object[0]));
        openIdProviderConfiguration.setEndSessionEndpoint(fragment.replacePath(httpServletRequest.getContextPath() + this.endSessionMapping).build(new Object[0]));
        openIdProviderConfiguration.setUserinfoEndpoint(fragment.replacePath(httpServletRequest.getContextPath() + this.userinfoMapping).build(new Object[0]));
        Scope[] scopesSupported = this.userinfoProvider.scopesSupported();
        Scope[] scopeArr = new Scope[scopesSupported.length + 1];
        System.arraycopy(scopesSupported, 0, scopeArr, 1, scopesSupported.length);
        scopeArr[0] = Scope.openid;
        openIdProviderConfiguration.setScopesSupported(scopeArr);
        String[] claimsSupported = this.userinfoProvider.claimsSupported();
        String[] strArr = new String[claimsSupported.length + 3];
        strArr[0] = "sub";
        strArr[1] = "iss";
        strArr[2] = "auth_time";
        System.arraycopy(claimsSupported, 0, strArr, 3, claimsSupported.length);
        openIdProviderConfiguration.setClaimsSupported(strArr);
        openIdProviderConfiguration.setResponseTypesSupported("code", ID_TOKEN, ID_TOKEN_TOKEN, CODE_ID_TOKEN, CODE_TOKEN, CODE_ID_TOKEN_TOKEN);
        openIdProviderConfiguration.setRequestParameterSupported(true);
        openIdProviderConfiguration.setGrantTypesSupported(GrantType.authorization_code, GrantType.implicit);
        openIdProviderConfiguration.setRequestUriParameterSupported(false);
        openIdProviderConfiguration.setSubjectTypesSupported(SubjectIdentifierType.PUBLIC);
        openIdProviderConfiguration.setTokenEndpointAuthMethodsSupported(TokenEndPointAuthMethod.client_secret_basic, TokenEndPointAuthMethod.client_secret_post);
        openIdProviderConfiguration.setIdTokenSigningAlgValuesSupported(JsonWebAlgorithm.getSigAlgorithms());
        openIdProviderConfiguration.setRequestObjectEncryptionAlgValuesSupported(JsonWebAlgorithm.getKexAlgorithms());
        openIdProviderConfiguration.setRequestObjectEncryptionEncValuesSupported(JsonWebAlgorithm.getEncAlgorithms());
        openIdProviderConfiguration.setResponseModesSupported(ResponseMode.fragment, ResponseMode.query, ResponseMode.form_post);
        CacheControl cacheControl = new CacheControl();
        cacheControl.setPrivate(false);
        cacheControl.setMaxAge(86400);
        return Response.ok(openIdProviderConfiguration).cacheControl(cacheControl).tag(this.keyProvider.getSecretKeyId()).build();
    }

    @EJB
    public void setKeyProvider(KeyProvider keyProvider) {
        this.keyProvider = keyProvider;
    }

    @EJB
    public void setUserinfoProvider(UserinfoProvider userinfoProvider) {
        this.userinfoProvider = userinfoProvider;
    }
}
