package org.forgerock.openam.oauth2;

import com.google.common.collect.Sets;
import com.sun.identity.idm.AMIdentity;
import com.sun.identity.shared.debug.Debug;
import java.net.URI;
import java.security.Key;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Locale;
import java.util.Map;
import java.util.Set;
import org.forgerock.oauth2.core.OAuth2Jwt;
import org.forgerock.oauth2.core.OAuth2ProviderSettings;
import org.forgerock.oauth2.core.exceptions.ServerException;
import org.forgerock.openidconnect.Client;
import org.forgerock.openidconnect.OpenIdConnectClientRegistration;

/* loaded from: input_file:org/forgerock/openam/oauth2/AgentClientRegistration.class */
public class AgentClientRegistration implements OpenIdConnectClientRegistration {
    private static final Debug logger = Debug.getInstance("OAuth2Provider");
    private final AMIdentity identity;

    /* JADX INFO: Access modifiers changed from: package-private */
    public AgentClientRegistration(AMIdentity aMIdentity) {
        this.identity = aMIdentity;
    }

    public AMIdentity getIdentity() {
        return this.identity;
    }

    @Override // org.forgerock.oauth2.core.ClientRegistration
    public Set<URI> getRedirectUris() {
        HashSet hashSet = new HashSet();
        String cdssoRedirectUri = getCdssoRedirectUri();
        Iterator<URI> it = getAgentRootUrisForCDSSO().iterator();
        while (it.hasNext()) {
            hashSet.add(it.next().resolve(cdssoRedirectUri));
        }
        return hashSet;
    }

    private Set<URI> getAgentRootUrisForCDSSO() {
        return Utils.getAttributeValuesAsUris(this.identity, "sunIdentityServerDeviceKeyValue", logger);
    }

    private String getCdssoRedirectUri() {
        try {
            Set attribute = this.identity.getAttribute("com.sun.identity.agents.config.cdsso.redirect.uri");
            return attribute.isEmpty() ? "" : (String) attribute.iterator().next();
        } catch (Exception e) {
            throw Utils.createException("com.sun.identity.agents.config.cdsso.redirect.uri", e, logger);
        }
    }

    @Override // org.forgerock.oauth2.core.ClientRegistration
    public Set<URI> getPostLogoutRedirectUris() {
        return Utils.getAttributeValuesAsUris(this.identity, "com.sun.identity.agents.config.logout.entry.uri", logger);
    }

    @Override // org.forgerock.oauth2.core.ClientRegistration
    public Set<String> getAllowedResponseTypes() {
        return Sets.newHashSet(new String[]{"id_token"});
    }

    @Override // org.forgerock.oauth2.core.ClientRegistration
    public String getClientId() {
        return this.identity.getName();
    }

    @Override // org.forgerock.oauth2.core.ClientRegistration
    public String getClientSecret() {
        return Utils.getAttributeValueFromSet(this.identity, "userpassword", logger);
    }

    @Override // org.forgerock.oauth2.core.ClientRegistration
    public String getAccessTokenType() {
        return "Bearer";
    }

    @Override // org.forgerock.oauth2.core.ClientRegistration
    public Set<String> getDefaultScopes() {
        return Sets.newHashSet(new String[]{"openid"});
    }

    @Override // org.forgerock.oauth2.core.ClientRegistration
    public Set<String> getAllowedScopes() {
        return getDefaultScopes();
    }

    @Override // org.forgerock.oauth2.core.ClientRegistration
    public boolean isConfidential() {
        return true;
    }

    @Override // org.forgerock.oauth2.core.ClientRegistration
    public String getSubjectType() {
        return "Public";
    }

    @Override // org.forgerock.oauth2.core.ClientRegistration
    public boolean verifyJwtIdentity(OAuth2Jwt oAuth2Jwt) {
        return false;
    }

    @Override // org.forgerock.openidconnect.OpenIdConnectClientRegistration
    public String getIDTokenSignedResponseAlgorithm() {
        return "HS256";
    }

    @Override // org.forgerock.openidconnect.OpenIdConnectClientRegistration
    public String getTokenEndpointAuthMethod() {
        return Client.TokenEndpointAuthMethod.CLIENT_SECRET_BASIC.getType();
    }

    @Override // org.forgerock.openidconnect.OpenIdConnectClientRegistration
    public URI getSectorIdentifierUri() {
        return null;
    }

    @Override // org.forgerock.openidconnect.OpenIdConnectClientRegistration
    public String getSubValue(String str, OAuth2ProviderSettings oAuth2ProviderSettings) {
        return null;
    }

    @Override // org.forgerock.openidconnect.OpenIdConnectClientRegistration
    public long getAuthorizationCodeLifeTime(OAuth2ProviderSettings oAuth2ProviderSettings) throws ServerException {
        return oAuth2ProviderSettings.getAuthorizationCodeLifetime();
    }

    @Override // org.forgerock.openidconnect.OpenIdConnectClientRegistration
    public long getAccessTokenLifeTime(OAuth2ProviderSettings oAuth2ProviderSettings) throws ServerException {
        return oAuth2ProviderSettings.getAccessTokenLifetime();
    }

    @Override // org.forgerock.openidconnect.OpenIdConnectClientRegistration
    public long getRefreshTokenLifeTime(OAuth2ProviderSettings oAuth2ProviderSettings) throws ServerException {
        return oAuth2ProviderSettings.getRefreshTokenLifetime();
    }

    @Override // org.forgerock.openidconnect.OpenIdConnectClientRegistration
    public long getJwtTokenLifeTime(OAuth2ProviderSettings oAuth2ProviderSettings) throws ServerException {
        return oAuth2ProviderSettings.getOpenIdTokenLifetime();
    }

    @Override // org.forgerock.oauth2.core.ClientRegistration
    public boolean isConsentImplied() {
        return true;
    }

    @Override // org.forgerock.oauth2.core.ClientRegistration
    public String getDisplayName(Locale locale) {
        return null;
    }

    @Override // org.forgerock.oauth2.core.ClientRegistration
    public String getDisplayDescription(Locale locale) {
        return null;
    }

    @Override // org.forgerock.oauth2.core.ClientRegistration
    public Map<String, String> getScopeDescriptions(Locale locale) throws ServerException {
        return new HashMap();
    }

    @Override // org.forgerock.oauth2.core.ClientRegistration
    public Map<String, String> getClaimDescriptions(Locale locale) throws ServerException {
        return new HashMap();
    }

    @Override // org.forgerock.oauth2.core.ClientRegistration
    public String getClientSessionURI() {
        return null;
    }

    @Override // org.forgerock.openidconnect.OpenIdConnectClientRegistration
    public boolean isIDTokenEncryptionEnabled() {
        return false;
    }

    @Override // org.forgerock.openidconnect.OpenIdConnectClientRegistration
    public String getIDTokenEncryptionResponseAlgorithm() {
        return null;
    }

    @Override // org.forgerock.openidconnect.OpenIdConnectClientRegistration
    public String getIDTokenEncryptionResponseMethod() {
        return null;
    }

    @Override // org.forgerock.openidconnect.OpenIdConnectClientRegistration
    public Key getIDTokenEncryptionKey() {
        return null;
    }
}
