package org.forgerock.openam.authentication.modules.oidc;

import com.sun.identity.shared.datastruct.CollectionHelper;
import com.sun.identity.shared.debug.Debug;
import java.net.MalformedURLException;
import java.net.URL;
import java.util.Map;
import org.forgerock.util.Reject;

/* loaded from: input_file:org/forgerock/openam/authentication/modules/oidc/JwtHandlerConfig.class */
public class JwtHandlerConfig {
    private static Debug logger = Debug.getInstance("amAuth");
    static final String ISSUER_NAME_KEY = "openam-auth-openidconnect-issuer-name";
    static final String CRYPTO_CONTEXT_TYPE_KEY = "openam-auth-openidconnect-crypto-context-type";
    static final String CRYPTO_CONTEXT_VALUE_KEY = "openam-auth-openidconnect-crypto-context-value";
    static final String KEY_CLIENT_SECRET = "iplanet-am-auth-oauth-client-secret";
    static final String CRYPTO_CONTEXT_TYPE_CONFIG_URL = ".well-known/openid-configuration_url";
    static final String CRYPTO_CONTEXT_TYPE_JWK_URL = "jwk_url";
    static final String CRYPTO_CONTEXT_TYPE_CLIENT_SECRET = "client_secret";
    protected final String configuredIssuer;
    protected final String cryptoContextType;
    protected final String cryptoContextValue;
    protected final String clientSecret;
    private final URL cryptoContextUrlValue;

    public JwtHandlerConfig(Map map) {
        this.configuredIssuer = CollectionHelper.getMapAttr(map, ISSUER_NAME_KEY);
        this.cryptoContextType = CollectionHelper.getMapAttr(map, CRYPTO_CONTEXT_TYPE_KEY);
        this.cryptoContextValue = CollectionHelper.getMapAttr(map, CRYPTO_CONTEXT_VALUE_KEY);
        this.clientSecret = CollectionHelper.getMapAttr(map, KEY_CLIENT_SECRET);
        Reject.ifFalse(this.cryptoContextType == null || CRYPTO_CONTEXT_TYPE_CLIENT_SECRET.equals(this.cryptoContextType) || CRYPTO_CONTEXT_TYPE_JWK_URL.equals(this.cryptoContextType) || CRYPTO_CONTEXT_TYPE_CONFIG_URL.equals(this.cryptoContextType), "The value corresponding to key openam-auth-openidconnect-crypto-context-type does not correspond to an expected value. Its value:" + this.cryptoContextType);
        if (!CRYPTO_CONTEXT_TYPE_CONFIG_URL.equals(this.cryptoContextType) && !CRYPTO_CONTEXT_TYPE_JWK_URL.equals(this.cryptoContextType)) {
            this.cryptoContextUrlValue = null;
            return;
        }
        try {
            this.cryptoContextUrlValue = new URL(this.cryptoContextValue);
        } catch (MalformedURLException e) {
            String str = "The crypto context value string, " + this.cryptoContextValue + " is not in valid URL format: " + e;
            logger.error(str, e);
            throw new IllegalArgumentException(str);
        }
    }

    public String getConfiguredIssuer() {
        return this.configuredIssuer;
    }

    public String getCryptoContextType() {
        return this.cryptoContextType;
    }

    public String getCryptoContextValue() {
        return this.cryptoContextValue;
    }

    public URL getCryptoContextUrlValue() {
        return this.cryptoContextUrlValue;
    }

    public String getClientSecret() {
        return this.clientSecret;
    }
}
