package de.gematik.idp.authentication;

import de.gematik.idp.crypto.Nonce;
import de.gematik.idp.data.ScopeConfiguration;
import de.gematik.idp.data.UserConsent;
import de.gematik.idp.data.UserConsentConfiguration;
import de.gematik.idp.field.ClaimName;
import de.gematik.idp.token.JsonWebToken;
import java.time.ZonedDateTime;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import lombok.Generated;
import org.apache.commons.lang3.tuple.Pair;

/* loaded from: input_file:de/gematik/idp/authentication/AuthenticationChallengeBuilder.class */
public class AuthenticationChallengeBuilder {
    private static final long CHALLENGE_TOKEN_VALIDITY_IN_MINUTES = 3;
    private static final int NONCE_BYTE_AMOUNT = 32;
    private final IdpJwtProcessor serverSigner;
    private final String uriIdpServer;
    private final UserConsentConfiguration userConsentConfiguration;
    private final Map<String, ScopeConfiguration> scopesConfiguration;

    @Generated
    /* loaded from: input_file:de/gematik/idp/authentication/AuthenticationChallengeBuilder$AuthenticationChallengeBuilderBuilder.class */
    public static class AuthenticationChallengeBuilderBuilder {

        @Generated
        private IdpJwtProcessor serverSigner;

        @Generated
        private String uriIdpServer;

        @Generated
        private UserConsentConfiguration userConsentConfiguration;

        @Generated
        private Map<String, ScopeConfiguration> scopesConfiguration;

        @Generated
        AuthenticationChallengeBuilderBuilder() {
        }

        @Generated
        public AuthenticationChallengeBuilderBuilder serverSigner(IdpJwtProcessor idpJwtProcessor) {
            this.serverSigner = idpJwtProcessor;
            return this;
        }

        @Generated
        public AuthenticationChallengeBuilderBuilder uriIdpServer(String str) {
            this.uriIdpServer = str;
            return this;
        }

        @Generated
        public AuthenticationChallengeBuilderBuilder userConsentConfiguration(UserConsentConfiguration userConsentConfiguration) {
            this.userConsentConfiguration = userConsentConfiguration;
            return this;
        }

        @Generated
        public AuthenticationChallengeBuilderBuilder scopesConfiguration(Map<String, ScopeConfiguration> map) {
            this.scopesConfiguration = map;
            return this;
        }

        @Generated
        public AuthenticationChallengeBuilder build() {
            return new AuthenticationChallengeBuilder(this.serverSigner, this.uriIdpServer, this.userConsentConfiguration, this.scopesConfiguration);
        }

        @Generated
        public String toString() {
            return "AuthenticationChallengeBuilder.AuthenticationChallengeBuilderBuilder(serverSigner=" + this.serverSigner + ", uriIdpServer=" + this.uriIdpServer + ", userConsentConfiguration=" + this.userConsentConfiguration + ", scopesConfiguration=" + this.scopesConfiguration + ")";
        }
    }

    public AuthenticationChallenge buildAuthenticationChallenge(String str, String str2, String str3, String str4, String str5, String str6) {
        HashMap hashMap = new HashMap();
        hashMap.put(ClaimName.ISSUER.getJoseName(), this.uriIdpServer);
        ZonedDateTime now = ZonedDateTime.now();
        hashMap.put(ClaimName.EXPIRES_AT.getJoseName(), Long.valueOf(now.plusMinutes(CHALLENGE_TOKEN_VALIDITY_IN_MINUTES).toEpochSecond()));
        hashMap.put(ClaimName.ISSUED_AT.getJoseName(), Long.valueOf(now.toEpochSecond()));
        hashMap.put(ClaimName.RESPONSE_TYPE.getJoseName(), "code");
        hashMap.put(ClaimName.SCOPE.getJoseName(), str5);
        hashMap.put(ClaimName.CLIENT_ID.getJoseName(), str);
        hashMap.put(ClaimName.STATE.getJoseName(), str2);
        hashMap.put(ClaimName.REDIRECT_URI.getJoseName(), str3);
        hashMap.put(ClaimName.CODE_CHALLENGE_METHOD.getJoseName(), "S256");
        hashMap.put(ClaimName.CODE_CHALLENGE.getJoseName(), str4);
        hashMap.put(ClaimName.TOKEN_TYPE.getJoseName(), "challenge");
        if (str6 != null) {
            hashMap.put(ClaimName.NONCE.getJoseName(), str6);
        }
        hashMap.put(ClaimName.SERVER_NONCE.getJoseName(), Nonce.getNonceAsBase64UrlEncodedString(NONCE_BYTE_AMOUNT));
        hashMap.put(ClaimName.JWT_ID.getJoseName(), Nonce.getNonceAsHex(16));
        HashMap hashMap2 = new HashMap();
        hashMap2.put(ClaimName.TYPE.getJoseName(), "JWT");
        return AuthenticationChallenge.builder().challenge(buildJwt(hashMap, hashMap2)).userConsent(getUserConsent(str5)).build();
    }

    private UserConsent getUserConsent(String str) {
        Stream of = Stream.of((Object[]) str.split(" "));
        Map<String, ScopeConfiguration> map = this.scopesConfiguration;
        Objects.requireNonNull(map);
        List list = of.filter((v1) -> {
            return r1.containsKey(v1);
        }).toList();
        Map<String, String> map2 = (Map) list.stream().map(str2 -> {
            return Pair.of(str2, this.scopesConfiguration.get(str2).getDescription());
        }).collect(Collectors.toMap((v0) -> {
            return v0.getKey();
        }, (v0) -> {
            return v0.getValue();
        }));
        return UserConsent.builder().requestedScopes(map2).requestedClaims((Map) list.stream().filter(str3 -> {
            return this.scopesConfiguration.get(str3).getClaimsToBeIncluded() != null;
        }).map(str4 -> {
            return this.scopesConfiguration.get(str4).getClaimsToBeIncluded();
        }).flatMap((v0) -> {
            return v0.stream();
        }).distinct().map(claimName -> {
            return Pair.of(claimName.getJoseName(), this.userConsentConfiguration.getDescriptionTexts().getClaims().get(claimName));
        }).collect(Collectors.toMap((v0) -> {
            return v0.getKey();
        }, (v0) -> {
            return v0.getValue();
        }))).build();
    }

    private JsonWebToken buildJwt(Map<String, Object> map, Map<String, Object> map2) {
        return this.serverSigner.buildJwt(new JwtBuilder().addAllBodyClaims(map).addAllHeaderClaims(map2));
    }

    @Generated
    public static AuthenticationChallengeBuilderBuilder builder() {
        return new AuthenticationChallengeBuilderBuilder();
    }

    @Generated
    public IdpJwtProcessor getServerSigner() {
        return this.serverSigner;
    }

    @Generated
    public String getUriIdpServer() {
        return this.uriIdpServer;
    }

    @Generated
    public UserConsentConfiguration getUserConsentConfiguration() {
        return this.userConsentConfiguration;
    }

    @Generated
    public Map<String, ScopeConfiguration> getScopesConfiguration() {
        return this.scopesConfiguration;
    }

    @Generated
    public boolean equals(Object obj) {
        if (obj == this) {
            return true;
        }
        if (!(obj instanceof AuthenticationChallengeBuilder)) {
            return false;
        }
        AuthenticationChallengeBuilder authenticationChallengeBuilder = (AuthenticationChallengeBuilder) obj;
        if (!authenticationChallengeBuilder.canEqual(this)) {
            return false;
        }
        IdpJwtProcessor serverSigner = getServerSigner();
        IdpJwtProcessor serverSigner2 = authenticationChallengeBuilder.getServerSigner();
        if (serverSigner == null) {
            if (serverSigner2 != null) {
                return false;
            }
        } else if (!serverSigner.equals(serverSigner2)) {
            return false;
        }
        String uriIdpServer = getUriIdpServer();
        String uriIdpServer2 = authenticationChallengeBuilder.getUriIdpServer();
        if (uriIdpServer == null) {
            if (uriIdpServer2 != null) {
                return false;
            }
        } else if (!uriIdpServer.equals(uriIdpServer2)) {
            return false;
        }
        UserConsentConfiguration userConsentConfiguration = getUserConsentConfiguration();
        UserConsentConfiguration userConsentConfiguration2 = authenticationChallengeBuilder.getUserConsentConfiguration();
        if (userConsentConfiguration == null) {
            if (userConsentConfiguration2 != null) {
                return false;
            }
        } else if (!userConsentConfiguration.equals(userConsentConfiguration2)) {
            return false;
        }
        Map<String, ScopeConfiguration> scopesConfiguration = getScopesConfiguration();
        Map<String, ScopeConfiguration> scopesConfiguration2 = authenticationChallengeBuilder.getScopesConfiguration();
        return scopesConfiguration == null ? scopesConfiguration2 == null : scopesConfiguration.equals(scopesConfiguration2);
    }

    @Generated
    protected boolean canEqual(Object obj) {
        return obj instanceof AuthenticationChallengeBuilder;
    }

    @Generated
    public int hashCode() {
        IdpJwtProcessor serverSigner = getServerSigner();
        int hashCode = (1 * 59) + (serverSigner == null ? 43 : serverSigner.hashCode());
        String uriIdpServer = getUriIdpServer();
        int hashCode2 = (hashCode * 59) + (uriIdpServer == null ? 43 : uriIdpServer.hashCode());
        UserConsentConfiguration userConsentConfiguration = getUserConsentConfiguration();
        int hashCode3 = (hashCode2 * 59) + (userConsentConfiguration == null ? 43 : userConsentConfiguration.hashCode());
        Map<String, ScopeConfiguration> scopesConfiguration = getScopesConfiguration();
        return (hashCode3 * 59) + (scopesConfiguration == null ? 43 : scopesConfiguration.hashCode());
    }

    @Generated
    public String toString() {
        return "AuthenticationChallengeBuilder(serverSigner=" + getServerSigner() + ", uriIdpServer=" + getUriIdpServer() + ", userConsentConfiguration=" + getUserConsentConfiguration() + ", scopesConfiguration=" + getScopesConfiguration() + ")";
    }

    @Generated
    public AuthenticationChallengeBuilder(IdpJwtProcessor idpJwtProcessor, String str, UserConsentConfiguration userConsentConfiguration, Map<String, ScopeConfiguration> map) {
        this.serverSigner = idpJwtProcessor;
        this.uriIdpServer = str;
        this.userConsentConfiguration = userConsentConfiguration;
        this.scopesConfiguration = map;
    }
}
