package com.nimbusds.openid.connect.sdk.federation.entities;

import com.nimbusds.jose.jwk.JWKSet;
import com.nimbusds.jwt.JWTClaimsSet;
import com.nimbusds.oauth2.sdk.ParseException;
import com.nimbusds.oauth2.sdk.id.Identifier;
import com.nimbusds.oauth2.sdk.id.Issuer;
import com.nimbusds.oauth2.sdk.id.Subject;
import com.nimbusds.oauth2.sdk.util.JSONObjectUtils;
import com.nimbusds.oauth2.sdk.util.MapUtils;
import com.nimbusds.openid.connect.sdk.federation.policy.MetadataPolicy;
import com.nimbusds.openid.connect.sdk.federation.policy.language.PolicyViolationException;
import com.nimbusds.openid.connect.sdk.federation.trust.constraints.TrustChainConstraints;
import com.nimbusds.openid.connect.sdk.federation.trust.marks.TrustMarkEntry;
import com.nimbusds.openid.connect.sdk.federation.trust.marks.TrustMarkIssuerMetadata;
import com.nimbusds.openid.connect.sdk.rp.OIDCClientInformation;
import java.util.Collections;
import java.util.Date;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import java.util.Map;
import java.util.Set;
import net.minidev.json.JSONArray;
import net.minidev.json.JSONObject;

/* loaded from: input_file:oxygen-ai-positron-enterprise-addon-5.0.0/lib/oauth2-oidc-sdk-11.18.jar:com/nimbusds/openid/connect/sdk/federation/entities/EntityStatementClaimsSet.class */
public class EntityStatementClaimsSet extends CommonFederationClaimsSet {
    public static final String JWKS_CLAIM_NAME = "jwks";
    public static final String AUTHORITY_HINTS_CLAIM_NAME = "authority_hints";
    public static final String METADATA_POLICY_CLAIM_NAME = "metadata_policy";
    public static final String TRUST_ANCHOR_ID_CLAIM_NAME = "trust_anchor_id";
    public static final String CONSTRAINTS_CLAIM_NAME = "constraints";
    public static final String TRUST_MARKS_ISSUERS_CLAIM_NAME = "trust_marks_issuers";
    public static final String CRITICAL_CLAIM_NAME = "crit";
    public static final String POLICY_LANGUAGE_CRITICAL_CLAIM_NAME = "policy_language_crit";
    private static final Set<String> STD_CLAIM_NAMES;

    public static Set<String> getStandardClaimNames() {
        return STD_CLAIM_NAMES;
    }

    public EntityStatementClaimsSet(Issuer issuer, Subject subject, Date date, Date date2, JWKSet jWKSet) {
        this(new EntityID(issuer.getValue()), new EntityID(subject.getValue()), date, date2, jWKSet);
    }

    public EntityStatementClaimsSet(EntityID entityID, EntityID entityID2, Date date, Date date2, JWKSet jWKSet) {
        setClaim("iss", entityID.getValue());
        setClaim("sub", entityID2.getValue());
        if (date == null) {
            throw new IllegalArgumentException("The iat (issued-at) claim must not be null");
        }
        setDateClaim("iat", date);
        if (date2 == null) {
            throw new IllegalArgumentException("The exp (expiration) claim must not be null");
        }
        setDateClaim("exp", date2);
        if (jWKSet != null) {
            setClaim(JWKS_CLAIM_NAME, new JSONObject((Map<String, ?>) jWKSet.toJSONObject(true)));
        }
    }

    public EntityStatementClaimsSet(JWTClaimsSet jWTClaimsSet) throws ParseException {
        super(JSONObjectUtils.toJSONObject(jWTClaimsSet));
        validateRequiredClaimsPresence();
    }

    @Override // com.nimbusds.openid.connect.sdk.federation.entities.CommonFederationClaimsSet
    public void validateRequiredClaimsPresence() throws ParseException {
        super.validateRequiredClaimsPresence();
        if (isSelfStatement() && getJWKSet() == null) {
            throw new ParseException("Missing jwks (JWK set) claim");
        }
        if (isSelfStatement() && !hasMetadata()) {
            throw new ParseException("Missing required metadata claim for self-statement");
        }
        List<String> criticalExtensionClaims = getCriticalExtensionClaims();
        if (criticalExtensionClaims != null) {
            for (String str : criticalExtensionClaims) {
                if (getClaim(str) == null) {
                    throw new ParseException("Missing critical " + str + " claim");
                }
            }
        }
    }

    public boolean isSelfStatement() {
        Issuer issuer = getIssuer();
        Subject subject = getSubject();
        return (issuer == null || subject == null || !issuer.getValue().equals(subject.getValue())) ? false : true;
    }

    public JWKSet getJWKSet() {
        JSONObject jSONObjectClaim = getJSONObjectClaim(JWKS_CLAIM_NAME);
        if (jSONObjectClaim == null) {
            return null;
        }
        try {
            return JWKSet.parse(jSONObjectClaim);
        } catch (java.text.ParseException e) {
            return null;
        }
    }

    public List<EntityID> getAuthorityHints() {
        List<String> stringListClaim = getStringListClaim(AUTHORITY_HINTS_CLAIM_NAME);
        if (stringListClaim == null) {
            return null;
        }
        LinkedList linkedList = new LinkedList();
        Iterator<String> it = stringListClaim.iterator();
        while (it.hasNext()) {
            linkedList.add(new EntityID(it.next()));
        }
        return linkedList;
    }

    public void setAuthorityHints(List<EntityID> list) {
        if (list != null) {
            setClaim(AUTHORITY_HINTS_CLAIM_NAME, Identifier.toStringList(list));
        } else {
            setClaim(AUTHORITY_HINTS_CLAIM_NAME, null);
        }
    }

    public boolean hasMetadata() {
        JSONObject jSONObjectClaim = getJSONObjectClaim(CommonFederationClaimsSet.METADATA_CLAIM_NAME);
        if (MapUtils.isEmpty(jSONObjectClaim)) {
            return false;
        }
        return (jSONObjectClaim.get(EntityType.OPENID_RELYING_PARTY.getValue()) == null && jSONObjectClaim.get(EntityType.OPENID_PROVIDER.getValue()) == null && jSONObjectClaim.get(EntityType.OAUTH_AUTHORIZATION_SERVER.getValue()) == null && jSONObjectClaim.get(EntityType.OAUTH_CLIENT.getValue()) == null && jSONObjectClaim.get(EntityType.OAUTH_RESOURCE.getValue()) == null && jSONObjectClaim.get(EntityType.FEDERATION_ENTITY.getValue()) == null && jSONObjectClaim.get(EntityType.TRUST_MARK_ISSUER.getValue()) == null) ? false : true;
    }

    public OIDCClientInformation getRPInformation() {
        JSONObject metadata = getMetadata(EntityType.OPENID_RELYING_PARTY);
        if (metadata == null) {
            return null;
        }
        try {
            return OIDCClientInformation.parse(metadata);
        } catch (ParseException e) {
            return null;
        }
    }

    public void setRPInformation(OIDCClientInformation oIDCClientInformation) {
        setMetadata(EntityType.OPENID_RELYING_PARTY, oIDCClientInformation != null ? oIDCClientInformation.toJSONObject() : null);
    }

    @Deprecated
    public void setTrustMarkIssuerMetadata(TrustMarkIssuerMetadata trustMarkIssuerMetadata) {
        setMetadata(EntityType.TRUST_MARK_ISSUER, trustMarkIssuerMetadata != null ? trustMarkIssuerMetadata.toJSONObject() : null);
    }

    public JSONObject getMetadataPolicyJSONObject() {
        return getJSONObjectClaim(METADATA_POLICY_CLAIM_NAME);
    }

    public void setMetadataPolicyJSONObject(JSONObject jSONObject) {
        setClaim(METADATA_POLICY_CLAIM_NAME, jSONObject);
    }

    public MetadataPolicy getMetadataPolicy(EntityType entityType) throws PolicyViolationException {
        JSONObject metadataPolicyJSONObject = getMetadataPolicyJSONObject();
        if (metadataPolicyJSONObject == null) {
            return null;
        }
        try {
            JSONObject jSONObject = JSONObjectUtils.getJSONObject(metadataPolicyJSONObject, entityType.getValue(), null);
            if (jSONObject == null) {
                return null;
            }
            return MetadataPolicy.parse(jSONObject);
        } catch (ParseException e) {
            return null;
        }
    }

    public void setMetadataPolicy(EntityType entityType, MetadataPolicy metadataPolicy) {
        JSONObject metadataPolicyJSONObject = getMetadataPolicyJSONObject();
        if (metadataPolicyJSONObject == null) {
            if (metadataPolicy == null) {
                return;
            } else {
                metadataPolicyJSONObject = new JSONObject();
            }
        }
        if (metadataPolicy != null) {
            metadataPolicyJSONObject.put(entityType.getValue(), metadataPolicy.toJSONObject());
        } else {
            metadataPolicyJSONObject.remove(entityType.getValue());
        }
        if (metadataPolicyJSONObject.isEmpty()) {
            metadataPolicyJSONObject = null;
        }
        setMetadataPolicyJSONObject(metadataPolicyJSONObject);
    }

    public EntityID getTrustAnchorID() {
        try {
            return EntityID.parse(getStringClaim(TRUST_ANCHOR_ID_CLAIM_NAME));
        } catch (ParseException e) {
            return null;
        }
    }

    public void setTrustAnchorID(EntityID entityID) {
        if (entityID != null) {
            setClaim(TRUST_ANCHOR_ID_CLAIM_NAME, entityID.getValue());
        } else {
            setClaim(TRUST_ANCHOR_ID_CLAIM_NAME, null);
        }
    }

    public TrustChainConstraints getConstraints() {
        JSONObject jSONObjectClaim = getJSONObjectClaim(CONSTRAINTS_CLAIM_NAME);
        if (jSONObjectClaim == null) {
            return null;
        }
        try {
            return TrustChainConstraints.parse(jSONObjectClaim);
        } catch (ParseException e) {
            return null;
        }
    }

    public void setConstraints(TrustChainConstraints trustChainConstraints) {
        if (trustChainConstraints != null) {
            setClaim(CONSTRAINTS_CLAIM_NAME, trustChainConstraints.toJSONObject());
        } else {
            setClaim(CONSTRAINTS_CLAIM_NAME, null);
        }
    }

    @Override // com.nimbusds.openid.connect.sdk.federation.entities.CommonFederationClaimsSet
    public void setTrustMarks(List<TrustMarkEntry> list) {
        if (list == null) {
            setClaim(CommonFederationClaimsSet.TRUST_MARKS_CLAIM_NAME, null);
            return;
        }
        JSONArray jSONArray = new JSONArray();
        Iterator<TrustMarkEntry> it = list.iterator();
        while (it.hasNext()) {
            jSONArray.add(it.next().toJSONObject());
        }
        setClaim(CommonFederationClaimsSet.TRUST_MARKS_CLAIM_NAME, jSONArray);
    }

    public Map<Identifier, List<Issuer>> getTrustMarksIssuers() {
        JSONObject jSONObjectClaim = getJSONObjectClaim(TRUST_MARKS_ISSUERS_CLAIM_NAME);
        if (jSONObjectClaim == null) {
            return null;
        }
        HashMap hashMap = new HashMap();
        for (String str : jSONObjectClaim.keySet()) {
            try {
                LinkedList linkedList = new LinkedList();
                Iterator<String> it = JSONObjectUtils.getStringList(jSONObjectClaim, str).iterator();
                while (it.hasNext()) {
                    linkedList.add(new Issuer(it.next()));
                }
                hashMap.put(new Identifier(str), linkedList);
            } catch (ParseException e) {
                return null;
            }
        }
        return hashMap;
    }

    public void setTrustMarksIssuers(Map<Identifier, List<Issuer>> map) {
        if (map == null) {
            setClaim(TRUST_MARKS_ISSUERS_CLAIM_NAME, null);
            return;
        }
        JSONObject jSONObject = new JSONObject();
        for (Map.Entry<Identifier, List<Issuer>> entry : map.entrySet()) {
            jSONObject.put(entry.getKey().getValue(), Issuer.toStringList(entry.getValue()));
            setClaim(TRUST_MARKS_ISSUERS_CLAIM_NAME, jSONObject);
        }
    }

    public List<String> getCriticalExtensionClaims() {
        return getStringListClaim("crit");
    }

    public void setCriticalExtensionClaims(List<String> list) {
        if (list != null && list.isEmpty()) {
            throw new IllegalArgumentException("The critical extension claim names must not be empty");
        }
        setClaim("crit", list);
    }

    public List<String> getCriticalPolicyExtensions() {
        return getStringListClaim(POLICY_LANGUAGE_CRITICAL_CLAIM_NAME);
    }

    public void setCriticalPolicyExtensions(List<String> list) {
        if (list != null && list.isEmpty()) {
            throw new IllegalArgumentException("The critical policy extension names must not be empty");
        }
        setClaim(POLICY_LANGUAGE_CRITICAL_CLAIM_NAME, list);
    }

    static {
        HashSet hashSet = new HashSet();
        hashSet.add("iss");
        hashSet.add("sub");
        hashSet.add("iat");
        hashSet.add("exp");
        hashSet.add(JWKS_CLAIM_NAME);
        hashSet.add("aud");
        hashSet.add(AUTHORITY_HINTS_CLAIM_NAME);
        hashSet.add(CommonFederationClaimsSet.METADATA_CLAIM_NAME);
        hashSet.add(METADATA_POLICY_CLAIM_NAME);
        hashSet.add(CONSTRAINTS_CLAIM_NAME);
        hashSet.add("crit");
        hashSet.add(POLICY_LANGUAGE_CRITICAL_CLAIM_NAME);
        hashSet.add(CommonFederationClaimsSet.TRUST_MARKS_CLAIM_NAME);
        hashSet.add(TRUST_MARKS_ISSUERS_CLAIM_NAME);
        hashSet.add(TRUST_ANCHOR_ID_CLAIM_NAME);
        STD_CLAIM_NAMES = Collections.unmodifiableSet(hashSet);
    }
}
