package com.fujieid.jap.ids.oidc;

import cn.hutool.core.bean.BeanUtil;
import cn.hutool.core.bean.copier.CopyOptions;
import cn.hutool.core.util.ObjectUtil;
import com.fujieid.jap.http.JapHttpRequest;
import com.fujieid.jap.ids.JapIds;
import com.fujieid.jap.ids.config.IdsConfig;
import com.fujieid.jap.ids.model.IdsConsts;
import com.fujieid.jap.ids.model.OidcDiscoveryDto;
import com.fujieid.jap.ids.model.enums.ClientSecretAuthMethod;
import com.fujieid.jap.ids.model.enums.GrantType;
import com.fujieid.jap.ids.model.enums.ResponseType;
import com.fujieid.jap.ids.provider.IdsScopeProvider;
import com.fujieid.jap.ids.util.EndpointUtil;
import com.fujieid.jap.ids.util.JwtUtil;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import java.util.stream.Collectors;
import org.jose4j.jwk.JsonWebKey;

/* loaded from: input_file:com/fujieid/jap/ids/oidc/OidcUtil.class */
public class OidcUtil {
    public static OidcDiscoveryDto getOidcDiscoveryInfo(JapHttpRequest japHttpRequest) {
        IdsConfig idsConfig = JapIds.getIdsConfig();
        List<String> scopeCodes = IdsScopeProvider.getScopeCodes();
        String issuer = EndpointUtil.getIssuer(japHttpRequest);
        HashMap hashMap = new HashMap(33);
        hashMap.put("issuer", issuer);
        hashMap.put("authorization_endpoint", EndpointUtil.getAuthorizeUrl(japHttpRequest));
        hashMap.put("token_endpoint", EndpointUtil.getTokenUrl(japHttpRequest));
        hashMap.put("userinfo_endpoint", EndpointUtil.getUserinfoUrl(japHttpRequest));
        hashMap.put("registration_endpoint", EndpointUtil.getRegistrationUrl(japHttpRequest));
        hashMap.put("end_session_endpoint", EndpointUtil.getEndSessionUrl(japHttpRequest));
        hashMap.put("check_session_iframe", EndpointUtil.getCheckSessionUrl(japHttpRequest));
        hashMap.put("jwks_uri", EndpointUtil.getJwksUrl(japHttpRequest));
        hashMap.put("grant_types_supported", GrantType.grantTypes());
        hashMap.put("response_modes_supported", Arrays.asList("fragment", "query"));
        hashMap.put("response_types_supported", ResponseType.responseTypes());
        hashMap.put("scopes_supported", scopeCodes);
        List<ClientSecretAuthMethod> clientSecretAuthMethods = idsConfig.getClientSecretAuthMethods();
        if (ObjectUtil.isEmpty(clientSecretAuthMethods)) {
            clientSecretAuthMethods = Collections.singletonList(ClientSecretAuthMethod.ALL);
        }
        if (clientSecretAuthMethods.contains(ClientSecretAuthMethod.ALL)) {
            hashMap.put("token_endpoint_auth_methods_supported", ClientSecretAuthMethod.getAllMethods());
        } else {
            hashMap.put("token_endpoint_auth_methods_supported", clientSecretAuthMethods.stream().map((v0) -> {
                return v0.getMethod();
            }).collect(Collectors.toList()));
        }
        hashMap.put("request_object_signing_alg_values_supported", Arrays.asList("none", "RS256", "ES256"));
        hashMap.put("userinfo_signing_alg_values_supported", Arrays.asList("RS256", "ES256"));
        hashMap.put("request_parameter_supported", true);
        hashMap.put("request_uri_parameter_supported", true);
        hashMap.put("require_request_uri_registration", false);
        hashMap.put("claims_parameter_supported", true);
        hashMap.put("id_token_signing_alg_values_supported", Arrays.asList("RS256", "ES256"));
        hashMap.put("subject_types_supported", Collections.singletonList("public"));
        hashMap.put("claims_supported", Arrays.asList("iss", "sub", "aud", "exp", "iat", IdsConsts.NONCE, IdsConsts.AUTH_TIME, IdsConsts.USERNAME));
        hashMap.put("code_challenge_methods_supported", Arrays.asList("PLAIN", "S256"));
        return (OidcDiscoveryDto) BeanUtil.mapToBean(hashMap, OidcDiscoveryDto.class, false, (CopyOptions) null);
    }

    public static String getJwksPublicKey(String str) {
        return JwtUtil.IdsVerificationKeyResolver.createJsonWebKeySet(JapIds.getContext().getIdentityService().getJwksJson(str)).toJson(JsonWebKey.OutputControlLevel.PUBLIC_ONLY);
    }
}
