package org.mitre.openid.connect.client;

import com.google.common.base.Strings;
import com.google.common.collect.Iterables;
import com.google.common.collect.Lists;
import com.google.gson.JsonElement;
import com.google.gson.JsonObject;
import com.google.gson.JsonParser;
import com.nimbusds.jose.Algorithm;
import com.nimbusds.jose.JWSAlgorithm;
import com.nimbusds.jose.JWSHeader;
import com.nimbusds.jose.util.Base64;
import com.nimbusds.jwt.JWT;
import com.nimbusds.jwt.JWTClaimsSet;
import com.nimbusds.jwt.JWTParser;
import com.nimbusds.jwt.PlainJWT;
import com.nimbusds.jwt.ReadOnlyJWTClaimsSet;
import com.nimbusds.jwt.SignedJWT;
import java.io.IOException;
import java.math.BigInteger;
import java.net.URI;
import java.security.SecureRandom;
import java.text.ParseException;
import java.util.Date;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.http.client.config.RequestConfig;
import org.apache.http.impl.client.HttpClientBuilder;
import org.mitre.jwt.signer.service.JWTSigningAndValidationService;
import org.mitre.jwt.signer.service.impl.JWKSetCacheService;
import org.mitre.jwt.signer.service.impl.SymmetricKeyJWTValidatorCacheService;
import org.mitre.oauth2.model.ClientDetailsEntity;
import org.mitre.oauth2.model.RegisteredClient;
import org.mitre.oauth2.model.RegisteredClientFields;
import org.mitre.openid.connect.client.model.IssuerServiceResponse;
import org.mitre.openid.connect.client.service.AuthRequestOptionsService;
import org.mitre.openid.connect.client.service.AuthRequestUrlBuilder;
import org.mitre.openid.connect.client.service.ClientConfigurationService;
import org.mitre.openid.connect.client.service.IssuerService;
import org.mitre.openid.connect.client.service.ServerConfigurationService;
import org.mitre.openid.connect.client.service.impl.StaticAuthRequestOptionsService;
import org.mitre.openid.connect.config.ServerConfiguration;
import org.mitre.openid.connect.model.PendingOIDCAuthenticationToken;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpMethod;
import org.springframework.http.client.ClientHttpRequest;
import org.springframework.http.client.HttpComponentsClientHttpRequestFactory;
import org.springframework.security.authentication.AuthenticationServiceException;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.oauth2.common.OAuth2AccessToken;
import org.springframework.security.oauth2.common.exceptions.OAuth2Exception;
import org.springframework.security.oauth2.common.util.OAuth2Utils;
import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter;
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
import org.springframework.util.LinkedMultiValueMap;
import org.springframework.web.client.RestClientException;
import org.springframework.web.client.RestTemplate;
import org.springframework.web.util.UriUtils;

/* loaded from: input_file:WEB-INF/lib/openid-connect-client-1.2.0.jar:org/mitre/openid/connect/client/OIDCAuthenticationFilter.class */
public class OIDCAuthenticationFilter extends AbstractAuthenticationProcessingFilter {
    protected static final String REDIRECT_URI_SESION_VARIABLE = "redirect_uri";
    protected static final String STATE_SESSION_VARIABLE = "state";
    protected static final String NONCE_SESSION_VARIABLE = "nonce";
    protected static final String ISSUER_SESSION_VARIABLE = "issuer";
    protected static final String TARGET_SESSION_VARIABLE = "target";
    protected static final int HTTP_SOCKET_TIMEOUT = 30000;
    protected static final String FILTER_PROCESSES_URL = "/openid_connect_login";
    private int timeSkewAllowance;

    @Autowired(required = false)
    private JWKSetCacheService validationServices;

    @Autowired(required = false)
    private SymmetricKeyJWTValidatorCacheService symmetricCacheService;

    @Autowired
    private JWTSigningAndValidationService authenticationSignerService;
    private IssuerService issuerService;
    private ServerConfigurationService servers;
    private ClientConfigurationService clients;
    private AuthRequestOptionsService authOptions;
    private AuthRequestUrlBuilder authRequestBuilder;
    private TargetLinkURIAuthenticationSuccessHandler targetSuccessHandler;
    private TargetLinkURIChecker deepLinkFilter;
    protected int httpSocketTimeout;

    /* loaded from: input_file:WEB-INF/lib/openid-connect-client-1.2.0.jar:org/mitre/openid/connect/client/OIDCAuthenticationFilter$TargetLinkURIAuthenticationSuccessHandler.class */
    protected class TargetLinkURIAuthenticationSuccessHandler implements AuthenticationSuccessHandler {
        private AuthenticationSuccessHandler passthrough;

        protected TargetLinkURIAuthenticationSuccessHandler() {
        }

        @Override // org.springframework.security.web.authentication.AuthenticationSuccessHandler
        public void onAuthenticationSuccess(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Authentication authentication) throws IOException, ServletException {
            HttpSession session = httpServletRequest.getSession();
            String storedSessionString = OIDCAuthenticationFilter.getStoredSessionString(session, "target");
            if (Strings.isNullOrEmpty(storedSessionString)) {
                this.passthrough.onAuthenticationSuccess(httpServletRequest, httpServletResponse, authentication);
            } else {
                session.removeAttribute("target");
                httpServletResponse.sendRedirect(OIDCAuthenticationFilter.this.deepLinkFilter.filter(storedSessionString));
            }
        }
    }

    public OIDCAuthenticationFilter() {
        super(FILTER_PROCESSES_URL);
        this.timeSkewAllowance = 300;
        this.authOptions = new StaticAuthRequestOptionsService();
        this.targetSuccessHandler = new TargetLinkURIAuthenticationSuccessHandler();
        this.httpSocketTimeout = 30000;
        this.targetSuccessHandler.passthrough = super.getSuccessHandler();
        super.setAuthenticationSuccessHandler(this.targetSuccessHandler);
    }

    @Override // org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter, org.springframework.web.filter.GenericFilterBean, org.springframework.beans.factory.InitializingBean
    public void afterPropertiesSet() {
        super.afterPropertiesSet();
        if (this.validationServices == null) {
            this.validationServices = new JWKSetCacheService();
        }
        if (this.symmetricCacheService == null) {
            this.symmetricCacheService = new SymmetricKeyJWTValidatorCacheService();
        }
    }

    @Override // org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
    public Authentication attemptAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws AuthenticationException, IOException, ServletException {
        if (!Strings.isNullOrEmpty(httpServletRequest.getParameter("error"))) {
            handleError(httpServletRequest, httpServletResponse);
            return null;
        }
        if (!Strings.isNullOrEmpty(httpServletRequest.getParameter("code"))) {
            return handleAuthorizationCodeResponse(httpServletRequest, httpServletResponse);
        }
        handleAuthorizationRequest(httpServletRequest, httpServletResponse);
        return null;
    }

    protected void handleAuthorizationRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        HttpSession session = httpServletRequest.getSession();
        IssuerServiceResponse issuer = this.issuerService.getIssuer(httpServletRequest);
        if (issuer == null) {
            this.logger.error("Null issuer response returned from service.");
            throw new AuthenticationServiceException("No issuer found.");
        }
        if (issuer.shouldRedirect()) {
            httpServletResponse.sendRedirect(issuer.getRedirectUrl());
            return;
        }
        String issuer2 = issuer.getIssuer();
        if (!Strings.isNullOrEmpty(issuer.getTargetLinkUri())) {
            session.setAttribute("target", issuer.getTargetLinkUri());
        }
        if (Strings.isNullOrEmpty(issuer2)) {
            this.logger.error("No issuer found: " + issuer2);
            throw new AuthenticationServiceException("No issuer found: " + issuer2);
        }
        ServerConfiguration serverConfiguration = this.servers.getServerConfiguration(issuer2);
        if (serverConfiguration == null) {
            this.logger.error("No server configuration found for issuer: " + issuer2);
            throw new AuthenticationServiceException("No server configuration found for issuer: " + issuer2);
        }
        session.setAttribute("issuer", serverConfiguration.getIssuer());
        RegisteredClient clientConfiguration = this.clients.getClientConfiguration(serverConfiguration);
        if (clientConfiguration == null) {
            this.logger.error("No client configuration found for issuer: " + issuer2);
            throw new AuthenticationServiceException("No client configuration found for issuer: " + issuer2);
        }
        String stringBuffer = (clientConfiguration.getRegisteredRedirectUri() == null || clientConfiguration.getRegisteredRedirectUri().size() != 1) ? httpServletRequest.getRequestURL().toString() : (String) Iterables.getOnlyElement(clientConfiguration.getRegisteredRedirectUri());
        session.setAttribute("redirect_uri", stringBuffer);
        String buildAuthRequestUrl = this.authRequestBuilder.buildAuthRequestUrl(serverConfiguration, clientConfiguration, stringBuffer, createNonce(session), createState(session), this.authOptions.getOptions(serverConfiguration, clientConfiguration, httpServletRequest), issuer.getLoginHint());
        this.logger.debug("Auth Request:  " + buildAuthRequestUrl);
        httpServletResponse.sendRedirect(buildAuthRequestUrl);
    }

    protected Authentication handleAuthorizationCodeResponse(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        RestTemplate restTemplate;
        String parameter = httpServletRequest.getParameter("code");
        HttpSession session = httpServletRequest.getSession();
        String storedState = getStoredState(session);
        if (!Strings.isNullOrEmpty(storedState)) {
            String parameter2 = httpServletRequest.getParameter("state");
            if (!storedState.equals(parameter2)) {
                throw new AuthenticationServiceException("State parameter mismatch on return. Expected " + storedState + " got " + parameter2);
            }
        }
        ServerConfiguration serverConfiguration = this.servers.getServerConfiguration(getStoredSessionString(session, "issuer"));
        final RegisteredClient clientConfiguration = this.clients.getClientConfiguration(serverConfiguration);
        LinkedMultiValueMap linkedMultiValueMap = new LinkedMultiValueMap();
        linkedMultiValueMap.add(OAuth2Utils.GRANT_TYPE, "authorization_code");
        linkedMultiValueMap.add("code", parameter);
        linkedMultiValueMap.setAll(this.authOptions.getTokenOptions(serverConfiguration, clientConfiguration, httpServletRequest));
        String storedSessionString = getStoredSessionString(session, "redirect_uri");
        if (storedSessionString != null) {
            linkedMultiValueMap.add("redirect_uri", storedSessionString);
        }
        HttpComponentsClientHttpRequestFactory httpComponentsClientHttpRequestFactory = new HttpComponentsClientHttpRequestFactory(HttpClientBuilder.create().useSystemProperties().setDefaultRequestConfig(RequestConfig.custom().setSocketTimeout(this.httpSocketTimeout).build()).build());
        if (ClientDetailsEntity.AuthMethod.SECRET_BASIC.equals(clientConfiguration.getTokenEndpointAuthMethod())) {
            restTemplate = new RestTemplate(httpComponentsClientHttpRequestFactory) { // from class: org.mitre.openid.connect.client.OIDCAuthenticationFilter.1
                /* JADX INFO: Access modifiers changed from: protected */
                @Override // org.springframework.http.client.support.HttpAccessor
                public ClientHttpRequest createRequest(URI uri, HttpMethod httpMethod) throws IOException {
                    ClientHttpRequest createRequest = super.createRequest(uri, httpMethod);
                    createRequest.getHeaders().add("Authorization", String.format("Basic %s", Base64.encode(String.format("%s:%s", UriUtils.encodePathSegment(clientConfiguration.getClientId(), "UTF-8"), UriUtils.encodePathSegment(clientConfiguration.getClientSecret(), "UTF-8")))));
                    return createRequest;
                }
            };
        } else {
            restTemplate = new RestTemplate(httpComponentsClientHttpRequestFactory);
            if (ClientDetailsEntity.AuthMethod.SECRET_JWT.equals(clientConfiguration.getTokenEndpointAuthMethod()) || ClientDetailsEntity.AuthMethod.PRIVATE_KEY.equals(clientConfiguration.getTokenEndpointAuthMethod())) {
                JWTSigningAndValidationService jWTSigningAndValidationService = null;
                JWSAlgorithm tokenEndpointAuthSigningAlg = clientConfiguration.getTokenEndpointAuthSigningAlg();
                if (ClientDetailsEntity.AuthMethod.SECRET_JWT.equals(clientConfiguration.getTokenEndpointAuthMethod()) && (tokenEndpointAuthSigningAlg.equals(JWSAlgorithm.HS256) || tokenEndpointAuthSigningAlg.equals(JWSAlgorithm.HS384) || tokenEndpointAuthSigningAlg.equals(JWSAlgorithm.HS512))) {
                    jWTSigningAndValidationService = this.symmetricCacheService.getSymmetricValidtor(clientConfiguration.getClient());
                } else if (ClientDetailsEntity.AuthMethod.PRIVATE_KEY.equals(clientConfiguration.getTokenEndpointAuthMethod())) {
                    jWTSigningAndValidationService = this.authenticationSignerService;
                    if (tokenEndpointAuthSigningAlg == null) {
                        tokenEndpointAuthSigningAlg = this.authenticationSignerService.getDefaultSigningAlgorithm();
                    }
                }
                if (jWTSigningAndValidationService == null) {
                    throw new AuthenticationServiceException("Couldn't find required signer service for use with private key auth.");
                }
                JWTClaimsSet jWTClaimsSet = new JWTClaimsSet();
                jWTClaimsSet.setIssuer(clientConfiguration.getClientId());
                jWTClaimsSet.setSubject(clientConfiguration.getClientId());
                jWTClaimsSet.setAudience(Lists.newArrayList(serverConfiguration.getTokenEndpointUri()));
                jWTClaimsSet.setExpirationTime(new Date(System.currentTimeMillis() + 60000));
                Date date = new Date(System.currentTimeMillis());
                jWTClaimsSet.setIssueTime(date);
                jWTClaimsSet.setNotBeforeTime(date);
                SignedJWT signedJWT = new SignedJWT(new JWSHeader(tokenEndpointAuthSigningAlg), jWTClaimsSet);
                jWTSigningAndValidationService.signJwt(signedJWT, tokenEndpointAuthSigningAlg);
                linkedMultiValueMap.add("client_assertion_type", "urn:ietf:params:oauth:client-assertion-type:jwt-bearer");
                linkedMultiValueMap.add("client_assertion", signedJWT.serialize());
            } else {
                linkedMultiValueMap.add("client_id", clientConfiguration.getClientId());
                linkedMultiValueMap.add(RegisteredClientFields.CLIENT_SECRET, clientConfiguration.getClientSecret());
            }
        }
        this.logger.debug("tokenEndpointURI = " + serverConfiguration.getTokenEndpointUri());
        this.logger.debug("form = " + linkedMultiValueMap);
        try {
            String str = (String) restTemplate.postForObject(serverConfiguration.getTokenEndpointUri(), linkedMultiValueMap, String.class, new Object[0]);
            this.logger.debug("from TokenEndpoint jsonString = " + str);
            JsonElement parse = new JsonParser().parse(str);
            if (!parse.isJsonObject()) {
                throw new AuthenticationServiceException("Token Endpoint did not return a JSON object: " + parse);
            }
            JsonObject asJsonObject = parse.getAsJsonObject();
            if (asJsonObject.get("error") != null) {
                String asString = asJsonObject.get("error").getAsString();
                this.logger.error("Token Endpoint returned: " + asString);
                throw new AuthenticationServiceException("Unable to obtain Access Token.  Token Endpoint returned: " + asString);
            }
            String str2 = null;
            if (!asJsonObject.has(OAuth2AccessToken.ACCESS_TOKEN)) {
                throw new AuthenticationServiceException("Token Endpoint did not return an access_token: " + str);
            }
            String asString2 = asJsonObject.get(OAuth2AccessToken.ACCESS_TOKEN).getAsString();
            if (!asJsonObject.has("id_token")) {
                this.logger.error("Token Endpoint did not return an id_token");
                throw new AuthenticationServiceException("Token Endpoint did not return an id_token");
            }
            String asString3 = asJsonObject.get("id_token").getAsString();
            if (asJsonObject.has(OAuth2AccessToken.REFRESH_TOKEN)) {
                str2 = asJsonObject.get(OAuth2AccessToken.REFRESH_TOKEN).getAsString();
            }
            try {
                JWT parse2 = JWTParser.parse(asString3);
                ReadOnlyJWTClaimsSet jWTClaimsSet2 = parse2.getJWTClaimsSet();
                Algorithm algorithm = parse2.getHeader().getAlgorithm();
                JWSAlgorithm idTokenSignedResponseAlg = clientConfiguration.getIdTokenSignedResponseAlg();
                if (idTokenSignedResponseAlg != null && !idTokenSignedResponseAlg.equals(algorithm)) {
                    throw new AuthenticationServiceException("Token algorithm " + algorithm + " does not match expected algorithm " + idTokenSignedResponseAlg);
                }
                if (parse2 instanceof PlainJWT) {
                    if (idTokenSignedResponseAlg == null) {
                        throw new AuthenticationServiceException("Unsigned ID tokens can only be used if explicitly configured in client.");
                    }
                    if (algorithm != null && !algorithm.equals(Algorithm.NONE)) {
                        throw new AuthenticationServiceException("Unsigned token received, expected signature with " + algorithm);
                    }
                } else if (parse2 instanceof SignedJWT) {
                    SignedJWT signedJWT2 = (SignedJWT) parse2;
                    JWTSigningAndValidationService symmetricValidtor = (algorithm.equals(JWSAlgorithm.HS256) || algorithm.equals(JWSAlgorithm.HS384) || algorithm.equals(JWSAlgorithm.HS512)) ? this.symmetricCacheService.getSymmetricValidtor(clientConfiguration.getClient()) : this.validationServices.getValidator(serverConfiguration.getJwksUri());
                    if (symmetricValidtor == null) {
                        this.logger.error("No validation service found. Skipping signature validation");
                        throw new AuthenticationServiceException("Unable to find an appropriate signature validator for ID Token.");
                    }
                    if (!symmetricValidtor.validateSignature(signedJWT2)) {
                        throw new AuthenticationServiceException("Signature validation failed");
                    }
                }
                if (jWTClaimsSet2.getIssuer() == null) {
                    throw new AuthenticationServiceException("Id Token Issuer is null");
                }
                if (!jWTClaimsSet2.getIssuer().equals(serverConfiguration.getIssuer())) {
                    throw new AuthenticationServiceException("Issuers do not match, expected " + serverConfiguration.getIssuer() + " got " + jWTClaimsSet2.getIssuer());
                }
                if (jWTClaimsSet2.getExpirationTime() == null) {
                    throw new AuthenticationServiceException("Id Token does not have required expiration claim");
                }
                if (new Date(System.currentTimeMillis() - (this.timeSkewAllowance * 1000)).after(jWTClaimsSet2.getExpirationTime())) {
                    throw new AuthenticationServiceException("Id Token is expired: " + jWTClaimsSet2.getExpirationTime());
                }
                if (jWTClaimsSet2.getNotBeforeTime() != null && new Date(System.currentTimeMillis() + (this.timeSkewAllowance * 1000)).before(jWTClaimsSet2.getNotBeforeTime())) {
                    throw new AuthenticationServiceException("Id Token not valid untill: " + jWTClaimsSet2.getNotBeforeTime());
                }
                if (jWTClaimsSet2.getIssueTime() == null) {
                    throw new AuthenticationServiceException("Id Token does not have required issued-at claim");
                }
                if (new Date(System.currentTimeMillis() + (this.timeSkewAllowance * 1000)).before(jWTClaimsSet2.getIssueTime())) {
                    throw new AuthenticationServiceException("Id Token was issued in the future: " + jWTClaimsSet2.getIssueTime());
                }
                if (jWTClaimsSet2.getAudience() == null) {
                    throw new AuthenticationServiceException("Id token audience is null");
                }
                if (!jWTClaimsSet2.getAudience().contains(clientConfiguration.getClientId())) {
                    throw new AuthenticationServiceException("Audience does not match, expected " + clientConfiguration.getClientId() + " got " + jWTClaimsSet2.getAudience());
                }
                String stringClaim = jWTClaimsSet2.getStringClaim(NONCE_SESSION_VARIABLE);
                if (Strings.isNullOrEmpty(stringClaim)) {
                    this.logger.error("ID token did not contain a nonce claim.");
                    throw new AuthenticationServiceException("ID token did not contain a nonce claim.");
                }
                String storedNonce = getStoredNonce(session);
                if (stringClaim.equals(storedNonce)) {
                    return getAuthenticationManager().authenticate(new PendingOIDCAuthenticationToken(jWTClaimsSet2.getSubject(), jWTClaimsSet2.getIssuer(), serverConfiguration, parse2, asString2, str2));
                }
                this.logger.error("Possible replay attack detected! The comparison of the nonce in the returned ID Token to the session nonce failed. Expected " + storedNonce + " got " + stringClaim + ".");
                throw new AuthenticationServiceException("Possible replay attack detected! The comparison of the nonce in the returned ID Token to the session nonce failed. Expected " + storedNonce + " got " + stringClaim + ".");
            } catch (ParseException e) {
                throw new AuthenticationServiceException("Couldn't parse idToken: ", e);
            }
        } catch (RestClientException e2) {
            this.logger.error("Token Endpoint error response:  " + e2.getMessage());
            throw new AuthenticationServiceException("Unable to obtain Access Token: " + e2.getMessage());
        }
    }

    protected void handleError(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        throw new AuthenticationServiceException("Error from Authorization Endpoint: " + httpServletRequest.getParameter("error") + " " + httpServletRequest.getParameter(OAuth2Exception.DESCRIPTION) + " " + httpServletRequest.getParameter(OAuth2Exception.URI));
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static String getStoredSessionString(HttpSession httpSession, String str) {
        Object attribute = httpSession.getAttribute(str);
        if (attribute == null || !(attribute instanceof String)) {
            return null;
        }
        return attribute.toString();
    }

    protected static String createNonce(HttpSession httpSession) {
        String bigInteger = new BigInteger(50, new SecureRandom()).toString(16);
        httpSession.setAttribute(NONCE_SESSION_VARIABLE, bigInteger);
        return bigInteger;
    }

    protected static String getStoredNonce(HttpSession httpSession) {
        return getStoredSessionString(httpSession, NONCE_SESSION_VARIABLE);
    }

    protected static String createState(HttpSession httpSession) {
        String bigInteger = new BigInteger(50, new SecureRandom()).toString(16);
        httpSession.setAttribute("state", bigInteger);
        return bigInteger;
    }

    protected static String getStoredState(HttpSession httpSession) {
        return getStoredSessionString(httpSession, "state");
    }

    @Override // org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter
    public void setAuthenticationSuccessHandler(AuthenticationSuccessHandler authenticationSuccessHandler) {
        this.targetSuccessHandler.passthrough = authenticationSuccessHandler;
        super.setAuthenticationSuccessHandler(this.targetSuccessHandler);
    }

    public int getTimeSkewAllowance() {
        return this.timeSkewAllowance;
    }

    public void setTimeSkewAllowance(int i) {
        this.timeSkewAllowance = i;
    }

    public JWKSetCacheService getValidationServices() {
        return this.validationServices;
    }

    public void setValidationServices(JWKSetCacheService jWKSetCacheService) {
        this.validationServices = jWKSetCacheService;
    }

    public ServerConfigurationService getServerConfigurationService() {
        return this.servers;
    }

    public void setServerConfigurationService(ServerConfigurationService serverConfigurationService) {
        this.servers = serverConfigurationService;
    }

    public ClientConfigurationService getClientConfigurationService() {
        return this.clients;
    }

    public void setClientConfigurationService(ClientConfigurationService clientConfigurationService) {
        this.clients = clientConfigurationService;
    }

    public IssuerService getIssuerService() {
        return this.issuerService;
    }

    public void setIssuerService(IssuerService issuerService) {
        this.issuerService = issuerService;
    }

    public AuthRequestUrlBuilder getAuthRequestUrlBuilder() {
        return this.authRequestBuilder;
    }

    public void setAuthRequestUrlBuilder(AuthRequestUrlBuilder authRequestUrlBuilder) {
        this.authRequestBuilder = authRequestUrlBuilder;
    }

    public AuthRequestOptionsService getAuthRequestOptionsService() {
        return this.authOptions;
    }

    public void setAuthRequestOptionsService(AuthRequestOptionsService authRequestOptionsService) {
        this.authOptions = authRequestOptionsService;
    }

    public SymmetricKeyJWTValidatorCacheService getSymmetricCacheService() {
        return this.symmetricCacheService;
    }

    public void setSymmetricCacheService(SymmetricKeyJWTValidatorCacheService symmetricKeyJWTValidatorCacheService) {
        this.symmetricCacheService = symmetricKeyJWTValidatorCacheService;
    }

    public TargetLinkURIAuthenticationSuccessHandler getTargetLinkURIAuthenticationSuccessHandler() {
        return this.targetSuccessHandler;
    }

    public void setTargetLinkURIAuthenticationSuccessHandler(TargetLinkURIAuthenticationSuccessHandler targetLinkURIAuthenticationSuccessHandler) {
        this.targetSuccessHandler = targetLinkURIAuthenticationSuccessHandler;
    }

    public TargetLinkURIChecker targetLinkURIChecker() {
        return this.deepLinkFilter;
    }

    public void setTargetLinkURIChecker(TargetLinkURIChecker targetLinkURIChecker) {
        this.deepLinkFilter = targetLinkURIChecker;
    }
}
