package org.forgerock.openam.authentication.modules.oidc;

import com.sun.identity.shared.datastruct.CollectionHelper;
import com.sun.identity.shared.debug.Debug;
import java.util.Map;
import java.util.Set;
import org.forgerock.openam.utils.MappingUtils;
import org.forgerock.util.Reject;

/* loaded from: input_file:org/forgerock/openam/authentication/modules/oidc/OpenIdConnectConfig.class */
class OpenIdConnectConfig extends JwtHandlerConfig {
    private static Debug logger = Debug.getInstance("amAuth");
    static final String RESOURCE_BUNDLE_NAME = "amAuthOpenIdConnect";
    static final String HEADER_NAME_KEY = "openam-auth-openidconnect-header-name";
    static final String PRINCIPAL_MAPPER_CLASS_KEY = "openam-auth-openidconnect-principal-mapper-class";
    static final String ACCOUNT_PROVIDER_CLASS_KEY = "openam-auth-openidconnect-account-provider-class";
    static final String JWK_TO_LOCAL_ATTRIBUTE_MAPPINGS_KEY = "openam-auth-openidconnect-jwt-to-local-attribute-mappings";
    static final String AUDIENCE_NAME_KEY = "openam-auth-openidconnect-audience-name";
    static final String ACCEPTED_AUTHORIZED_PARTIES_KEY = "openam-auth-openidconnect-accepted-authorized-parties";
    static final String BUNDLE_KEY_VERIFICATION_FAILED = "verification_failed";
    static final String BUNDLE_KEY_JWS_SIGNING_EXCEPTION = "jws_signing_exception";
    static final String BUNDLE_KEY_ISSUER_MISMATCH = "issuer_mismatch";
    static final String BUNDLE_KEY_TOKEN_ISSUER_MISMATCH = "token_issuer_mismatch";
    static final String BUNDLE_KEY_JWT_PARSE_ERROR = "jwt_parse_error";
    static final String BUNDLE_KEY_MISSING_HEADER = "missing_header";
    static final String BUNDLE_KEY_JWK_NOT_LOADED = "jwk_not_loaded";
    static final String BUNDLE_KEY_PRINCIPAL_MAPPER_INSTANTIATION_ERROR = "principal_mapper_instantiation_error";
    static final String BUNDLE_KEY_PRINCIPAL_MAPPING_FAILURE = "principal_mapping_failure";
    static final String BUNDLE_KEY_NO_ATTRIBUTES_MAPPED = "no_attributes_mapped";
    static final String BUNDLE_KEY_ID_TOKEN_BAD_AUDIENCE = "id_token_bad_audience";
    static final String BUNDLE_KEY_INVALID_AUTHORIZED_PARTY = "invalid_authorized_party";
    static final String BUNDLE_KEY_AUTHORIZED_PARTY_NOT_IN_AUDIENCE = "authorized_party_not_in_audience";
    static final String BUNDLE_KEY_NO_AUDIENCE_CLAIM = "no_audience_claim";
    private final String headerName;
    private final String principalMapperClass;
    private final Map<String, String> jwkToLocalAttributeMappings;
    private final String audienceName;
    private final Set<String> acceptedAuthorizedParties;
    private final String accountProviderClass;

    /* JADX INFO: Access modifiers changed from: package-private */
    public OpenIdConnectConfig(Map map) {
        super(map);
        this.headerName = CollectionHelper.getMapAttr(map, HEADER_NAME_KEY);
        this.principalMapperClass = CollectionHelper.getMapAttr(map, PRINCIPAL_MAPPER_CLASS_KEY);
        this.accountProviderClass = CollectionHelper.getMapAttr(map, ACCOUNT_PROVIDER_CLASS_KEY);
        Set set = (Set) map.get(JWK_TO_LOCAL_ATTRIBUTE_MAPPINGS_KEY);
        this.audienceName = CollectionHelper.getMapAttr(map, AUDIENCE_NAME_KEY);
        this.acceptedAuthorizedParties = (Set) map.get(ACCEPTED_AUTHORIZED_PARTIES_KEY);
        Reject.ifNull(this.headerName, "openam-auth-openidconnect-header-name must be set in LoginModule options.");
        Reject.ifNull(this.configuredIssuer, "openam-auth-openidconnect-issuer-name must be set in LoginModule options.");
        Reject.ifNull(this.cryptoContextType, "openam-auth-openidconnect-crypto-context-type must be set in LoginModule options.");
        Reject.ifNull(this.cryptoContextValue, "openam-auth-openidconnect-crypto-context-value must be set in LoginModule options.");
        Reject.ifNull(this.principalMapperClass, "openam-auth-openidconnect-principal-mapper-class must be set in LoginModule options.");
        Reject.ifNull(set, "openam-auth-openidconnect-jwt-to-local-attribute-mappings must be set in LoginModule options.");
        Reject.ifTrue(set.isEmpty(), "openam-auth-openidconnect-jwt-to-local-attribute-mappings must contain some valid mappings.");
        this.jwkToLocalAttributeMappings = MappingUtils.parseMappings(set);
    }

    public String getHeaderName() {
        return this.headerName;
    }

    public String getPrincipalMapperClass() {
        return this.principalMapperClass;
    }

    public String getAccountProviderClass() {
        return this.accountProviderClass;
    }

    public Map<String, String> getJwkToLocalAttributeMappings() {
        return this.jwkToLocalAttributeMappings;
    }

    public String getAudienceName() {
        return this.audienceName;
    }

    public Set<String> getAcceptedAuthorizedParties() {
        return this.acceptedAuthorizedParties;
    }
}
