package com.ibm.ws.security.openidconnect.server.plugins;

import com.ibm.oauth.core.api.error.OAuthConfigurationException;
import com.ibm.oauth.core.api.error.OidcServerException;
import com.ibm.oauth.core.api.oauth20.token.OAuth20Token;
import com.ibm.oauth.core.internal.oauth20.OAuth20ComponentInternal;
import com.ibm.oauth.core.internal.oauth20.OAuth20Constants;
import com.ibm.oauth.core.internal.oauth20.OAuth20Util;
import com.ibm.oauth.core.internal.oauth20.config.OAuth20ConfigProvider;
import com.ibm.oauth.core.internal.oauth20.token.OAuth20TokenFactory;
import com.ibm.oauth.core.internal.oauth20.tokentype.OAuth20TokenTypeHandler;
import com.ibm.websphere.ras.annotation.InjectedTrace;
import com.ibm.websphere.ras.annotation.ManualTrace;
import com.ibm.websphere.ras.annotation.TraceObjectField;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.ras.instrument.annotation.InjectedFFDC;
import com.ibm.ws.security.oauth20.plugins.BaseClient;
import com.ibm.ws.security.oauth20.plugins.OidcBaseClient;
import java.util.HashMap;
import java.util.Map;
import java.util.logging.Level;
import java.util.logging.Logger;

@InjectedFFDC
@TraceObjectField(fieldName = "log", fieldDesc = "Ljava/util/logging/Logger;")
/* loaded from: input_file:wlp/lib/com.ibm.ws.security.openidconnect.server_1.0.15.jar:com/ibm/ws/security/openidconnect/server/plugins/IDTokenFactory.class */
public class IDTokenFactory extends OAuth20TokenFactory {
    private static final String SHARED_KEY = "sharedKey";
    private static final String CLASS = IDTokenFactory.class.getName();
    private static Logger log = Logger.getLogger(CLASS);
    private OAuth20ComponentInternal component;
    static final long serialVersionUID = -7622225859278250645L;

    @InjectedTrace({"com.ibm.ws.ras.instrument.internal.bci.JSR47TracingMethodAdapter"})
    public IDTokenFactory(OAuth20ComponentInternal oAuth20ComponentInternal) {
        super(oAuth20ComponentInternal);
        if (log != null && log.isLoggable(Level.FINER)) {
            log.entering("com.ibm.ws.security.openidconnect.server.plugins.IDTokenFactory", "<init>", new Object[]{oAuth20ComponentInternal});
        }
        this.component = oAuth20ComponentInternal;
        if (log == null || !log.isLoggable(Level.FINER)) {
            return;
        }
        log.exiting("com.ibm.ws.security.openidconnect.server.plugins.IDTokenFactory", "<init>", this);
    }

    @ManualTrace
    @InjectedTrace({"com.ibm.ws.ras.instrument.internal.bci.JSR47TracingMethodAdapter"})
    public OAuth20Token createIDToken(Map<String, String[]> map) {
        int parseInt;
        log.entering(CLASS, "createIDToken");
        OAuth20Token oAuth20Token = null;
        boolean isLoggable = log.isLoggable(Level.FINEST);
        try {
            HashMap hashMap = new HashMap();
            hashMap.putAll(map);
            boolean z = false;
            for (String str : map.get("scope")) {
                if ("openid".equals(str)) {
                    z = true;
                }
            }
            if (!z) {
                OAuth20Token oAuth20Token2 = (OAuth20Token) null;
                log.exiting(CLASS, "createIDToken");
                return oAuth20Token2;
            }
            hashMap.put(OAuth20Constants.COMPONENTID, new String[]{this.component.getParentComponentInstance().getInstanceId()});
            OAuth20ConfigProvider oAuth20ConfigProvider = this.component.get20Configuration();
            int tokenLifetimeSeconds = oAuth20ConfigProvider.getTokenLifetimeSeconds();
            if (hashMap.containsKey(OAuth20Constants.LIFETIME) && (parseInt = Integer.parseInt(OAuth20Util.getValueFromMap(OAuth20Constants.LIFETIME, hashMap))) < tokenLifetimeSeconds) {
                tokenLifetimeSeconds = parseInt;
            }
            String num = Integer.toString(tokenLifetimeSeconds);
            if (isLoggable) {
                log.logp(Level.FINEST, CLASS, "createIDToken", "Creating id token with remaining lifetime: " + num + " seconds");
            }
            hashMap.put(OAuth20Constants.LIFETIME, new String[]{num});
            hashMap.put("LENGTH", new String[]{Integer.toString(oAuth20ConfigProvider.getAccessTokenLength())});
            try {
                OAuth20TokenTypeHandler iDTokenHandler = OIDCTokenTypeHandlerFactory.getIDTokenHandler(this.component);
                if (iDTokenHandler != null) {
                    OidcBaseClient oidcBaseClient = oAuth20ConfigProvider.getClientProvider().get(OAuth20Util.getValueFromMap("client_id", map));
                    if (oidcBaseClient instanceof BaseClient) {
                        hashMap.put("sharedKey", new String[]{oidcBaseClient.getClientSecret()});
                    }
                    oAuth20Token = iDTokenHandler.createToken(hashMap);
                    if (oAuth20Token != null && oAuth20Token.isPersistent()) {
                        super.persistToken(oAuth20Token);
                    }
                    hashMap.remove("sharedKey");
                }
            } catch (OAuthConfigurationException e) {
                FFDCFilter.processException(e, "com.ibm.ws.security.openidconnect.server.plugins.IDTokenFactory", "131", this, new Object[]{map});
                log.throwing(CLASS, "createIDToken", e);
            } catch (OidcServerException e2) {
                FFDCFilter.processException(e2, "com.ibm.ws.security.openidconnect.server.plugins.IDTokenFactory", "134", this, new Object[]{map});
                log.throwing(CLASS, "createIDToken", e2);
            }
            log.exiting(CLASS, "createIDToken");
            return oAuth20Token;
        } catch (Throwable th) {
            log.exiting(CLASS, "createIDToken");
            throw th;
        }
    }
}
