package leap.oauth2.webapp.token.id;

import java.util.Map;
import leap.core.annotation.Inject;
import leap.core.security.SimpleUserPrincipal;
import leap.core.security.token.TokenVerifyException;
import leap.core.security.token.jwt.JWT;
import leap.core.security.token.jwt.MacSigner;
import leap.oauth2.webapp.OAuth2Config;
import leap.oauth2.webapp.OAuth2Params;

/* loaded from: input_file:leap/oauth2/webapp/token/id/DefaultIdTokenVerifier.class */
public class DefaultIdTokenVerifier implements IdTokenVerifier {

    @Inject
    protected OAuth2Config config;

    @Override // leap.oauth2.webapp.token.id.IdTokenVerifier
    public IdToken verifyIdToken(OAuth2Params oAuth2Params, String str) throws TokenVerifyException {
        Map<String, Object> verify = new MacSigner(this.config.getClientSecret()).verify(str);
        SimpleIdToken simpleIdToken = new SimpleIdToken(str);
        simpleIdToken.setClientId((String) verify.remove(JWT.CLAIM_AUDIENCE));
        simpleIdToken.setUserId((String) verify.remove(JWT.CLAIM_SUBJECT));
        SimpleUserPrincipal simpleUserPrincipal = new SimpleUserPrincipal();
        simpleUserPrincipal.setId(simpleIdToken.getUserId());
        simpleUserPrincipal.setName((String) verify.remove("name"));
        simpleUserPrincipal.setLoginName((String) verify.remove("login_name"));
        simpleIdToken.setUserInfo(simpleUserPrincipal);
        return simpleIdToken;
    }
}
