package no.nav.common.auth.test_provider;

import java.util.Collections;
import java.util.HashMap;
import java.util.Map;
import java.util.Objects;
import no.nav.common.utils.AssertUtils;
import org.jose4j.jwk.JsonWebKeySet;
import org.jose4j.jwk.RsaJsonWebKey;
import org.jose4j.jwk.RsaJwkGenerator;
import org.jose4j.jws.JsonWebSignature;
import org.jose4j.jwt.JwtClaims;

/* loaded from: input_file:no/nav/common/auth/test_provider/JwtTestTokenIssuer.class */
public class JwtTestTokenIssuer {
    public final RsaJsonWebKey key;
    public final String issuer;
    public final String audience;

    /* loaded from: input_file:no/nav/common/auth/test_provider/JwtTestTokenIssuer$Claims.class */
    public static class Claims {
        private final Map<String, Object> map = new HashMap();

        public Claims(String str) {
            this.map.put("sub", AssertUtils.assertNotNull(str));
        }

        public Claims setClaim(String str, Object obj) {
            this.map.put(str, obj);
            return this;
        }
    }

    public JwtTestTokenIssuer(JwtTestTokenIssuerConfig jwtTestTokenIssuerConfig) {
        this.issuer = jwtTestTokenIssuerConfig.issuer;
        this.audience = jwtTestTokenIssuerConfig.audience;
        this.key = generateKey(jwtTestTokenIssuerConfig);
    }

    private static RsaJsonWebKey generateKey(JwtTestTokenIssuerConfig jwtTestTokenIssuerConfig) {
        RsaJsonWebKey generateJwk = RsaJwkGenerator.generateJwk(2048);
        generateJwk.setKeyId(jwtTestTokenIssuerConfig.id);
        generateJwk.setUse("sig");
        generateJwk.setAlgorithm(jwtTestTokenIssuerConfig.algorithm);
        return generateJwk;
    }

    public String getKeySetJson() {
        return new JsonWebKeySet(Collections.singletonList(this.key)).toJson();
    }

    public String issueTestToken(Claims claims) {
        JwtClaims jwtClaims = new JwtClaims();
        jwtClaims.setIssuer(this.issuer);
        jwtClaims.setAudience(this.audience);
        jwtClaims.setExpirationTimeMinutesInTheFuture(120.0f);
        jwtClaims.setGeneratedJwtId();
        jwtClaims.setIssuedAtToNow();
        jwtClaims.setNotBeforeMinutesInThePast(2.0f);
        Map<String, Object> map = claims.map;
        Objects.requireNonNull(jwtClaims);
        map.forEach(jwtClaims::setClaim);
        JsonWebSignature jsonWebSignature = new JsonWebSignature();
        jsonWebSignature.setPayload(jwtClaims.toJson());
        jsonWebSignature.setKey(this.key.getPrivateKey());
        jsonWebSignature.setKeyIdHeaderValue(this.key.getKeyId());
        jsonWebSignature.setAlgorithmHeaderValue("RS256");
        return jsonWebSignature.getCompactSerialization();
    }
}
