package org.xdi.oxauth.model.common;

import java.security.SignatureException;
import java.util.Date;
import java.util.GregorianCalendar;
import java.util.Iterator;
import java.util.Map;
import org.xdi.oxauth.model.exception.InvalidJweException;
import org.xdi.oxauth.model.exception.InvalidJwtException;
import org.xdi.oxauth.model.jwe.Jwe;
import org.xdi.oxauth.model.jwt.Jwt;
import org.xdi.oxauth.model.registration.Client;
import org.xdi.oxauth.model.token.IdTokenFactory;
import org.xdi.util.security.StringEncrypter;

/* loaded from: input_file:org/xdi/oxauth/model/common/AuthorizationGrantInMemory.class */
public class AuthorizationGrantInMemory extends AbstractAuthorizationGrant {
    private TokenIssuerObserver tokenIssuerObserver;
    private AuthorizationGrant parentRef;

    public AuthorizationGrantInMemory(User user, AuthorizationGrantType authorizationGrantType, Client client, Date date) {
        super(user, authorizationGrantType, client, date);
    }

    @Override // org.xdi.oxauth.model.common.AbstractAuthorizationGrant, org.xdi.oxauth.model.common.IAuthorizationGrant
    public AccessToken createAccessToken() {
        AccessToken createAccessToken = super.createAccessToken();
        this.accessTokens.put(createAccessToken.getCode(), createAccessToken);
        if (this.tokenIssuerObserver != null) {
            this.tokenIssuerObserver.indexByAccessToken(createAccessToken, getParentRef());
        }
        return createAccessToken;
    }

    @Override // org.xdi.oxauth.model.common.AbstractAuthorizationGrant, org.xdi.oxauth.model.common.IAuthorizationGrant
    public AccessToken createLongLivedAccessToken() {
        if (getLongLivedAccessToken() == null) {
            setLongLivedAccessToken(super.createLongLivedAccessToken());
        } else {
            GregorianCalendar gregorianCalendar = new GregorianCalendar();
            GregorianCalendar gregorianCalendar2 = new GregorianCalendar();
            gregorianCalendar2.setTime(getLongLivedAccessToken().getCreationDate());
            gregorianCalendar2.add(10, 24);
            if (gregorianCalendar2.before(gregorianCalendar)) {
                setLongLivedAccessToken(super.createLongLivedAccessToken());
            }
        }
        if (this.tokenIssuerObserver != null) {
            this.tokenIssuerObserver.indexByAccessToken(getLongLivedAccessToken(), getParentRef());
        }
        return getLongLivedAccessToken();
    }

    @Override // org.xdi.oxauth.model.common.AbstractAuthorizationGrant, org.xdi.oxauth.model.common.IAuthorizationGrant
    public RefreshToken createRefreshToken() {
        Iterator<RefreshToken> it = this.refreshTokens.values().iterator();
        while (it.hasNext()) {
            it.next().setRevoked(true);
        }
        RefreshToken createRefreshToken = super.createRefreshToken();
        this.refreshTokens.put(createRefreshToken.getCode(), createRefreshToken);
        if (this.tokenIssuerObserver != null) {
            this.tokenIssuerObserver.indexByRefreshToken(createRefreshToken, getParentRef());
        }
        return createRefreshToken;
    }

    @Override // org.xdi.oxauth.model.common.IAuthorizationGrant
    public IdToken createIdToken(String str, AuthorizationCode authorizationCode, AccessToken accessToken, Map<String, String> map, String str2, String str3) throws SignatureException, StringEncrypter.EncryptionException, InvalidJwtException, InvalidJweException {
        if (getIdToken() == null) {
            IdToken createIdToken = createIdToken(this, str, authorizationCode, accessToken, map);
            setIdToken(createIdToken);
            if (this.tokenIssuerObserver != null) {
                this.tokenIssuerObserver.indexByIdToken(createIdToken, getParentRef());
            }
        }
        return getIdToken();
    }

    public static IdToken createIdToken(IAuthorizationGrant iAuthorizationGrant, String str, AuthorizationCode authorizationCode, AccessToken accessToken, Map<String, String> map) throws InvalidJweException, SignatureException, StringEncrypter.EncryptionException, InvalidJwtException {
        Client client = iAuthorizationGrant.getClient();
        if (client == null || client.getIdTokenEncryptedResponseAlg() == null || client.getIdTokenEncryptedResponseEnc() == null) {
            Jwt generateSignedIdToken = IdTokenFactory.generateSignedIdToken(iAuthorizationGrant, str, authorizationCode, accessToken, map);
            return new IdToken(generateSignedIdToken.toString(), generateSignedIdToken.getClaims().getClaimAsDate("iat"), generateSignedIdToken.getClaims().getClaimAsDate("exp"));
        }
        Jwe generateEncryptedIdToken = IdTokenFactory.generateEncryptedIdToken(iAuthorizationGrant, str, authorizationCode, accessToken, map);
        return new IdToken(generateEncryptedIdToken.toString(), generateEncryptedIdToken.getClaims().getClaimAsDate("iat"), generateEncryptedIdToken.getClaims().getClaimAsDate("exp"));
    }

    @Override // org.xdi.oxauth.model.common.IAuthorizationGrant
    public boolean isValid() {
        checkExpiredTokens();
        Iterator<AccessToken> it = this.accessTokens.values().iterator();
        while (it.hasNext()) {
            if (it.next().isValid()) {
                return true;
            }
        }
        Iterator<RefreshToken> it2 = this.refreshTokens.values().iterator();
        while (it2.hasNext()) {
            if (it2.next().isValid()) {
                return true;
            }
        }
        IdToken idToken = getIdToken();
        if (idToken != null && idToken.isValid()) {
            return true;
        }
        AccessToken longLivedAccessToken = getLongLivedAccessToken();
        return longLivedAccessToken != null && longLivedAccessToken.isValid();
    }

    @Override // org.xdi.oxauth.model.common.IAuthorizationGrant
    public void revokeAllTokens() {
        Iterator<AccessToken> it = this.accessTokens.values().iterator();
        while (it.hasNext()) {
            it.next().setRevoked(true);
        }
        Iterator<RefreshToken> it2 = this.refreshTokens.values().iterator();
        while (it2.hasNext()) {
            it2.next().setRevoked(true);
        }
        if (getIdToken() != null) {
            getIdToken().setRevoked(true);
        }
        if (getLongLivedAccessToken() != null) {
            getLongLivedAccessToken().setRevoked(true);
        }
    }

    @Override // org.xdi.oxauth.model.common.IAuthorizationGrant
    public void checkExpiredTokens() {
        Iterator<AccessToken> it = this.accessTokens.values().iterator();
        while (it.hasNext()) {
            it.next().checkExpired();
        }
        Iterator<RefreshToken> it2 = this.refreshTokens.values().iterator();
        while (it2.hasNext()) {
            it2.next().checkExpired();
        }
        if (getIdToken() != null) {
            getIdToken().checkExpired();
        }
        if (getLongLivedAccessToken() != null) {
            getLongLivedAccessToken().checkExpired();
        }
    }

    @Override // org.xdi.oxauth.model.common.IAuthorizationGrant
    public void save() {
    }

    public void setTokenIssuerObserver(TokenIssuerObserver tokenIssuerObserver) {
        this.tokenIssuerObserver = tokenIssuerObserver;
    }

    public AuthorizationGrant getParentRef() {
        return this.parentRef;
    }

    public void setParentRef(AuthorizationGrant authorizationGrant) {
        this.parentRef = authorizationGrant;
    }
}
