package com.nimbusds.openid.connect.sdk.claims;

import com.nimbusds.jose.jwk.JWK;
import com.nimbusds.jwt.JWTClaimsSet;
import com.nimbusds.oauth2.sdk.ParseException;
import com.nimbusds.oauth2.sdk.ResponseType;
import com.nimbusds.oauth2.sdk.id.Audience;
import com.nimbusds.oauth2.sdk.id.Issuer;
import com.nimbusds.oauth2.sdk.id.Subject;
import com.nimbusds.oauth2.sdk.util.JSONObjectUtils;
import com.nimbusds.openid.connect.sdk.Nonce;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Date;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.Set;
import net.minidev.json.JSONArray;
import net.minidev.json.JSONObject;

/* loaded from: input_file:WEB-INF/lib/oauth2-oidc-sdk-11.25.jar:com/nimbusds/openid/connect/sdk/claims/IDTokenClaimsSet.class */
public class IDTokenClaimsSet extends CommonOIDCTokenClaimsSet {
    public static final String AUTH_TIME_CLAIM_NAME = "auth_time";
    public static final String NONCE_CLAIM_NAME = "nonce";
    public static final String AT_HASH_CLAIM_NAME = "at_hash";
    public static final String C_HASH_CLAIM_NAME = "c_hash";
    public static final String S_HASH_CLAIM_NAME = "s_hash";
    public static final String DS_HASH_CLAIM_NAME = "ds_hash";
    public static final String ACR_CLAIM_NAME = "acr";
    public static final String AMR_CLAIM_NAME = "amr";
    public static final String AZP_CLAIM_NAME = "azp";
    public static final String SUB_JWK_CLAIM_NAME = "sub_jwk";
    private static final Set<String> STD_CLAIM_NAMES;

    public static Set<String> getStandardClaimNames() {
        return STD_CLAIM_NAMES;
    }

    public IDTokenClaimsSet(Issuer issuer, Subject subject, List<Audience> list, Date date, Date date2) {
        setClaim("iss", issuer.getValue());
        setClaim("sub", subject.getValue());
        if (list.isEmpty()) {
            throw new IllegalArgumentException("The aud must not be empty");
        }
        JSONArray jSONArray = new JSONArray();
        Iterator<Audience> it = list.iterator();
        while (it.hasNext()) {
            jSONArray.add(it.next().getValue());
        }
        setClaim("aud", jSONArray);
        if (date.before(date2) || date.equals(date2)) {
            throw new IllegalArgumentException("The exp must be after iat");
        }
        setDateClaim("exp", (Date) Objects.requireNonNull(date));
        setDateClaim("iat", (Date) Objects.requireNonNull(date2));
    }

    private IDTokenClaimsSet(JSONObject jSONObject) throws ParseException {
        super(jSONObject);
        if (getStringClaim("iss") == null) {
            throw new ParseException("Missing or invalid iss claim");
        }
        if (getStringClaim("sub") == null) {
            throw new ParseException("Missing or invalid sub claim");
        }
        if ((getStringClaim("aud") == null && getStringListClaim("aud") == null) || (getStringListClaim("aud") != null && getStringListClaim("aud").isEmpty())) {
            throw new ParseException("Missing or invalid aud claim");
        }
        if (getDateClaim("exp") == null) {
            throw new ParseException("Missing or invalid exp claim");
        }
        if (getDateClaim("iat") == null) {
            throw new ParseException("Missing or invalid iat claim");
        }
    }

    public IDTokenClaimsSet(JWTClaimsSet jWTClaimsSet) throws ParseException {
        this(JSONObjectUtils.toJSONObject(jWTClaimsSet));
    }

    public boolean hasRequiredClaims(ResponseType responseType, boolean z) {
        if (ResponseType.CODE.equals(responseType)) {
            return true;
        }
        if (ResponseType.IDTOKEN.equals(responseType)) {
            return getNonce() != null;
        }
        if (ResponseType.IDTOKEN_TOKEN.equals(responseType)) {
            return (getNonce() == null || getAccessTokenHash() == null) ? false : true;
        }
        if (ResponseType.CODE_IDTOKEN.equals(responseType)) {
            if (getNonce() == null) {
                return false;
            }
            return (z && getCodeHash() == null) ? false : true;
        }
        if (ResponseType.CODE_TOKEN.equals(responseType)) {
            if (getNonce() == null) {
                return false;
            }
            return !z ? true : true;
        }
        if (!ResponseType.CODE_IDTOKEN_TOKEN.equals(responseType)) {
            throw new IllegalArgumentException("Unsupported response_type: " + responseType);
        }
        if (getNonce() == null) {
            return false;
        }
        if (z) {
            return (getAccessTokenHash() == null || getCodeHash() == null) ? false : true;
        }
        return true;
    }

    @Deprecated
    public boolean hasRequiredClaims(ResponseType responseType) {
        return hasRequiredClaims(responseType, true);
    }

    public Date getAuthenticationTime() {
        return getDateClaim(AUTH_TIME_CLAIM_NAME);
    }

    public void setAuthenticationTime(Date date) {
        setDateClaim(AUTH_TIME_CLAIM_NAME, date);
    }

    public Nonce getNonce() {
        String stringClaim = getStringClaim(NONCE_CLAIM_NAME);
        if (stringClaim != null) {
            return new Nonce(stringClaim);
        }
        return null;
    }

    public void setNonce(Nonce nonce) {
        setClaim(NONCE_CLAIM_NAME, nonce != null ? nonce.getValue() : null);
    }

    public AccessTokenHash getAccessTokenHash() {
        String stringClaim = getStringClaim(AT_HASH_CLAIM_NAME);
        if (stringClaim != null) {
            return new AccessTokenHash(stringClaim);
        }
        return null;
    }

    public void setAccessTokenHash(AccessTokenHash accessTokenHash) {
        setClaim(AT_HASH_CLAIM_NAME, accessTokenHash != null ? accessTokenHash.getValue() : null);
    }

    public CodeHash getCodeHash() {
        String stringClaim = getStringClaim(C_HASH_CLAIM_NAME);
        if (stringClaim != null) {
            return new CodeHash(stringClaim);
        }
        return null;
    }

    public void setCodeHash(CodeHash codeHash) {
        setClaim(C_HASH_CLAIM_NAME, codeHash != null ? codeHash.getValue() : null);
    }

    public StateHash getStateHash() {
        String stringClaim = getStringClaim(S_HASH_CLAIM_NAME);
        if (stringClaim != null) {
            return new StateHash(stringClaim);
        }
        return null;
    }

    public void setStateHash(StateHash stateHash) {
        setClaim(S_HASH_CLAIM_NAME, stateHash != null ? stateHash.getValue() : null);
    }

    public DeviceSecretHash getDeviceSecretHash() {
        String stringClaim = getStringClaim(DS_HASH_CLAIM_NAME);
        if (stringClaim != null) {
            return new DeviceSecretHash(stringClaim);
        }
        return null;
    }

    public void setDeviceSecretHash(DeviceSecretHash deviceSecretHash) {
        setClaim(DS_HASH_CLAIM_NAME, deviceSecretHash != null ? deviceSecretHash.getValue() : null);
    }

    public ACR getACR() {
        String stringClaim = getStringClaim(ACR_CLAIM_NAME);
        if (stringClaim != null) {
            return new ACR(stringClaim);
        }
        return null;
    }

    public void setACR(ACR acr) {
        setClaim(ACR_CLAIM_NAME, acr != null ? acr.getValue() : null);
    }

    public List<AMR> getAMR() {
        List<String> stringListClaim = getStringListClaim(AMR_CLAIM_NAME);
        if (stringListClaim == null || stringListClaim.isEmpty()) {
            return null;
        }
        ArrayList arrayList = new ArrayList(stringListClaim.size());
        Iterator<String> it = stringListClaim.iterator();
        while (it.hasNext()) {
            arrayList.add(new AMR(it.next()));
        }
        return arrayList;
    }

    public void setAMR(List<AMR> list) {
        if (list == null) {
            setClaim(AMR_CLAIM_NAME, null);
            return;
        }
        ArrayList arrayList = new ArrayList(list.size());
        Iterator<AMR> it = list.iterator();
        while (it.hasNext()) {
            arrayList.add(it.next().getValue());
        }
        setClaim(AMR_CLAIM_NAME, arrayList);
    }

    public AuthorizedParty getAuthorizedParty() {
        String stringClaim = getStringClaim(AZP_CLAIM_NAME);
        if (stringClaim != null) {
            return new AuthorizedParty(stringClaim);
        }
        return null;
    }

    public void setAuthorizedParty(AuthorizedParty authorizedParty) {
        setClaim(AZP_CLAIM_NAME, authorizedParty != null ? authorizedParty.getValue() : null);
    }

    public JWK getSubjectJWK() {
        JSONObject jSONObject = (JSONObject) getClaim(SUB_JWK_CLAIM_NAME, JSONObject.class);
        if (jSONObject == null) {
            return null;
        }
        try {
            return JWK.parse(jSONObject);
        } catch (java.text.ParseException e) {
            return null;
        }
    }

    public void setSubjectJWK(JWK jwk) {
        if (jwk == null) {
            setClaim(SUB_JWK_CLAIM_NAME, null);
        } else {
            if (jwk.isPrivate()) {
                throw new IllegalArgumentException("The subject's JSON Web Key (JWK) must be public");
            }
            setClaim(SUB_JWK_CLAIM_NAME, new JSONObject((Map<String, ?>) jwk.toJSONObject()));
        }
    }

    public static IDTokenClaimsSet parse(JSONObject jSONObject) throws ParseException {
        try {
            return new IDTokenClaimsSet(jSONObject);
        } catch (IllegalArgumentException e) {
            throw new ParseException(e.getMessage(), e);
        }
    }

    public static IDTokenClaimsSet parse(String str) throws ParseException {
        return parse(JSONObjectUtils.parse(str));
    }

    @Override // com.nimbusds.openid.connect.sdk.claims.CommonOIDCTokenClaimsSet
    public /* bridge */ /* synthetic */ void setSessionID(SessionID sessionID) {
        super.setSessionID(sessionID);
    }

    @Override // com.nimbusds.openid.connect.sdk.claims.CommonOIDCTokenClaimsSet
    public /* bridge */ /* synthetic */ SessionID getSessionID() {
        return super.getSessionID();
    }

    @Override // com.nimbusds.openid.connect.sdk.claims.CommonOIDCTokenClaimsSet
    public /* bridge */ /* synthetic */ Date getExpirationTime() {
        return super.getExpirationTime();
    }

    static {
        HashSet hashSet = new HashSet(CommonOIDCTokenClaimsSet.getStandardClaimNames());
        hashSet.add(AUTH_TIME_CLAIM_NAME);
        hashSet.add(NONCE_CLAIM_NAME);
        hashSet.add(AT_HASH_CLAIM_NAME);
        hashSet.add(C_HASH_CLAIM_NAME);
        hashSet.add(S_HASH_CLAIM_NAME);
        hashSet.add(DS_HASH_CLAIM_NAME);
        hashSet.add(ACR_CLAIM_NAME);
        hashSet.add(AMR_CLAIM_NAME);
        hashSet.add(AZP_CLAIM_NAME);
        hashSet.add(SUB_JWK_CLAIM_NAME);
        STD_CLAIM_NAMES = Collections.unmodifiableSet(hashSet);
    }
}
