package io.openliberty.security.jakartasec.identitystore;

import com.ibm.websphere.ras.Tr;
import com.ibm.websphere.ras.TraceComponent;
import com.ibm.websphere.ras.annotation.TraceObjectField;
import com.ibm.websphere.ras.annotation.TraceOptions;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.ras.instrument.annotation.InjectedFFDC;
import io.openliberty.security.jakartasec.TraceConstants;
import io.openliberty.security.oidcclientcore.storage.CookieBasedStorage;
import io.openliberty.security.oidcclientcore.storage.OidcStorageUtils;
import io.openliberty.security.oidcclientcore.storage.SessionBasedStorage;
import io.openliberty.security.oidcclientcore.storage.Storage;
import jakarta.json.Json;
import jakarta.json.JsonObject;
import jakarta.json.JsonObjectBuilder;
import jakarta.security.enterprise.identitystore.openid.AccessToken;
import jakarta.security.enterprise.identitystore.openid.IdentityToken;
import jakarta.security.enterprise.identitystore.openid.OpenIdClaims;
import jakarta.security.enterprise.identitystore.openid.OpenIdContext;
import jakarta.security.enterprise.identitystore.openid.RefreshToken;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.ObjectInputStream;
import java.io.ObjectOutputStream;
import java.io.StringReader;
import java.util.Optional;

@InjectedFFDC
@TraceObjectField(fieldName = "tc", fieldDesc = "Lcom/ibm/websphere/ras/TraceComponent;")
@TraceOptions
/* loaded from: input_file:io/openliberty/security/jakartasec/identitystore/OpenIdContextImpl.class */
public class OpenIdContextImpl implements OpenIdContext {
    private static final long serialVersionUID = 1;
    private static final TraceComponent tc = Tr.register(OpenIdContextImpl.class, TraceConstants.TRACE_GROUP, TraceConstants.MESSAGE_BUNDLE);
    private String subjectIdentifier;
    private String tokenType;
    private AccessToken accessToken;
    private IdentityToken identityToken;
    private OpenIdClaims userinfoClaims;
    private transient JsonObject userinfoClaimsAsJson;
    private transient JsonObject providerMetadata;
    private String state;
    private boolean useSession;
    private String clientId;
    private RefreshToken refreshToken;
    private Long expiresIn;

    public OpenIdContextImpl() {
        this(null, null, null, null, null, null, null, false, null);
    }

    public OpenIdContextImpl(String str, String str2, AccessToken accessToken, IdentityToken identityToken, OpenIdClaims openIdClaims, JsonObject jsonObject, String str3, boolean z, String str4) {
        this.userinfoClaimsAsJson = null;
        this.subjectIdentifier = str;
        this.tokenType = str2;
        this.accessToken = accessToken;
        this.identityToken = identityToken;
        this.userinfoClaims = openIdClaims;
        this.providerMetadata = jsonObject;
        this.state = str3;
        this.useSession = z;
        this.clientId = str4;
    }

    public String getSubject() {
        return this.subjectIdentifier;
    }

    public void setSubject(String str) {
        this.subjectIdentifier = str;
    }

    public String getTokenType() {
        return this.tokenType;
    }

    public void setTokenType(String str) {
        this.tokenType = str;
    }

    public AccessToken getAccessToken() {
        return this.accessToken;
    }

    public void setAccessToken(AccessToken accessToken) {
        this.accessToken = accessToken;
    }

    public IdentityToken getIdentityToken() {
        return this.identityToken;
    }

    public void setIdentityToken(IdentityToken identityToken) {
        this.identityToken = identityToken;
    }

    public Optional<RefreshToken> getRefreshToken() {
        return this.refreshToken != null ? Optional.of(this.refreshToken) : Optional.empty();
    }

    public void setRefreshToken(RefreshToken refreshToken) {
        this.refreshToken = refreshToken;
    }

    public Optional<Long> getExpiresIn() {
        return this.expiresIn != null ? Optional.of(this.expiresIn) : Optional.empty();
    }

    public void setExpiresIn(Long l) {
        this.expiresIn = l;
    }

    public JsonObject getClaimsJson() {
        if (this.userinfoClaimsAsJson == null) {
            this.userinfoClaimsAsJson = createClaimsJson();
        }
        return this.userinfoClaimsAsJson;
    }

    private JsonObject createClaimsJson() {
        JsonObjectBuilder createObjectBuilder = Json.createObjectBuilder();
        if (this.userinfoClaims == null) {
            return null;
        }
        try {
            if (this.userinfoClaims.getSubject() != null && !this.userinfoClaims.getSubject().isEmpty()) {
                createObjectBuilder.add("sub", this.userinfoClaims.getSubject());
            } else if (TraceComponent.isAnyTracingEnabled() && tc.isWarningEnabled()) {
                Tr.warning(tc, "JAKARTASEC_WARNING_MISSING_SUBJECT_CLAIMS", new Object[]{this.clientId});
            }
        } catch (IllegalArgumentException e) {
            FFDCFilter.processException(e, "io.openliberty.security.jakartasec.identitystore.OpenIdContextImpl", "168", this, new Object[0]);
            if (TraceComponent.isAnyTracingEnabled() && tc.isWarningEnabled()) {
                Tr.warning(tc, "JAKARTASEC_WARNING_MISSING_SUBJECT_CLAIMS", new Object[]{this.clientId});
            }
        }
        if (this.userinfoClaims.getAddress().isPresent()) {
            createObjectBuilder.add("address", (String) this.userinfoClaims.getAddress().get());
        }
        if (this.userinfoClaims.getBirthdate().isPresent()) {
            createObjectBuilder.add("birthdate", (String) this.userinfoClaims.getBirthdate().get());
        }
        if (this.userinfoClaims.getEmail().isPresent()) {
            createObjectBuilder.add("email", (String) this.userinfoClaims.getEmail().get());
        }
        if (this.userinfoClaims.getEmailVerified().isPresent()) {
            createObjectBuilder.add("email_verified", (String) this.userinfoClaims.getEmailVerified().get());
        }
        if (this.userinfoClaims.getFamilyName().isPresent()) {
            createObjectBuilder.add("family_name", (String) this.userinfoClaims.getFamilyName().get());
        }
        if (this.userinfoClaims.getGender().isPresent()) {
            createObjectBuilder.add("gender", (String) this.userinfoClaims.getGender().get());
        }
        if (this.userinfoClaims.getGivenName().isPresent()) {
            createObjectBuilder.add("given_name", (String) this.userinfoClaims.getGivenName().get());
        }
        if (this.userinfoClaims.getLocale().isPresent()) {
            createObjectBuilder.add("locale", (String) this.userinfoClaims.getLocale().get());
        }
        if (this.userinfoClaims.getMiddleName().isPresent()) {
            createObjectBuilder.add("middle_name", (String) this.userinfoClaims.getMiddleName().get());
        }
        if (this.userinfoClaims.getName().isPresent()) {
            createObjectBuilder.add("name", (String) this.userinfoClaims.getName().get());
        }
        if (this.userinfoClaims.getNickname().isPresent()) {
            createObjectBuilder.add("nickname", (String) this.userinfoClaims.getNickname().get());
        }
        if (this.userinfoClaims.getPhoneNumber().isPresent()) {
            createObjectBuilder.add("phone_number", (String) this.userinfoClaims.getPhoneNumber().get());
        }
        if (this.userinfoClaims.getPhoneNumberVerified().isPresent()) {
            createObjectBuilder.add("phone_number_verified", (String) this.userinfoClaims.getPhoneNumberVerified().get());
        }
        if (this.userinfoClaims.getPicture().isPresent()) {
            createObjectBuilder.add("picture", (String) this.userinfoClaims.getPicture().get());
        }
        if (this.userinfoClaims.getPreferredUsername().isPresent()) {
            createObjectBuilder.add("preferred_username", (String) this.userinfoClaims.getPreferredUsername().get());
        }
        if (this.userinfoClaims.getProfile().isPresent()) {
            createObjectBuilder.add("profile", (String) this.userinfoClaims.getProfile().get());
        }
        if (this.userinfoClaims.getUpdatedAt().isPresent()) {
            createObjectBuilder.add("updated_at", (String) this.userinfoClaims.getUpdatedAt().get());
        }
        if (this.userinfoClaims.getWebsite().isPresent()) {
            createObjectBuilder.add("website", (String) this.userinfoClaims.getWebsite().get());
        }
        if (this.userinfoClaims.getZoneinfo().isPresent()) {
            createObjectBuilder.add("zoneinfo", (String) this.userinfoClaims.getZoneinfo().get());
        }
        return createObjectBuilder.build();
    }

    public OpenIdClaims getClaims() {
        return this.userinfoClaims;
    }

    public void setClaims(OpenIdClaims openIdClaims) {
        this.userinfoClaims = openIdClaims;
    }

    public JsonObject getProviderMetadata() {
        if (this.providerMetadata == null) {
            return null;
        }
        return Json.createReader(new StringReader(this.providerMetadata.toString())).readObject();
    }

    public void setProviderMetadata(JsonObject jsonObject) {
        this.providerMetadata = jsonObject;
    }

    public String getState() {
        return this.state;
    }

    public void setState(String str) {
        this.state = str;
    }

    public boolean isUseSession() {
        return this.useSession;
    }

    public void setUseSession(boolean z) {
        this.useSession = z;
    }

    public String getClientId() {
        return this.clientId;
    }

    public void setClientId(String str) {
        this.clientId = str;
    }

    public <T> Optional<T> getStoredValue(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) {
        String str2 = null;
        Storage storage = getStorage(httpServletRequest, httpServletResponse);
        if ("oidc.original.request".equals(str)) {
            str2 = storage.get(OidcStorageUtils.getOriginalReqUrlStorageKey(this.state));
        }
        return str2 != null ? Optional.of(str2) : Optional.empty();
    }

    private Storage getStorage(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        return this.useSession ? new SessionBasedStorage(httpServletRequest) : new CookieBasedStorage(httpServletRequest, httpServletResponse);
    }

    private void readObject(ObjectInputStream objectInputStream) throws ClassNotFoundException, IOException {
        objectInputStream.defaultReadObject();
        if (objectInputStream.readBoolean()) {
            this.providerMetadata = Json.createReader(new StringReader((String) objectInputStream.readObject())).readObject();
        } else {
            this.providerMetadata = null;
        }
    }

    private void writeObject(ObjectOutputStream objectOutputStream) throws IOException {
        objectOutputStream.defaultWriteObject();
        if (this.providerMetadata == null) {
            objectOutputStream.writeBoolean(false);
        } else {
            objectOutputStream.writeBoolean(true);
            objectOutputStream.writeObject(this.providerMetadata.toString());
        }
    }
}
