package com.auth0;

import com.auth0.IdTokenVerifier;
import com.auth0.client.auth.AuthAPI;
import com.auth0.jwk.JwkProvider;
import com.auth0.net.Telemetry;
import com.google.common.annotations.VisibleForTesting;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.Validate;

/* loaded from: input_file:com/auth0/AuthenticationController.class */
public class AuthenticationController {
    private final RequestProcessor requestProcessor;

    /* loaded from: input_file:com/auth0/AuthenticationController$Builder.class */
    public static class Builder {
        private static final String RESPONSE_TYPE_CODE = "code";
        private final String domain;
        private final String clientId;
        private final String clientSecret;
        private String responseType;
        private JwkProvider jwkProvider;
        private Integer clockSkew;
        private Integer authenticationMaxAge;
        private boolean useLegacySameSiteCookie;

        Builder(String str, String str2, String str3) {
            Validate.notNull(str);
            Validate.notNull(str2);
            Validate.notNull(str3);
            this.domain = str;
            this.clientId = str2;
            this.clientSecret = str3;
            this.responseType = RESPONSE_TYPE_CODE;
            this.useLegacySameSiteCookie = true;
        }

        public Builder withResponseType(String str) {
            Validate.notNull(str);
            this.responseType = str.trim().toLowerCase();
            return this;
        }

        public Builder withJwkProvider(JwkProvider jwkProvider) {
            Validate.notNull(jwkProvider);
            this.jwkProvider = jwkProvider;
            return this;
        }

        public Builder withClockSkew(Integer num) {
            Validate.notNull(num);
            this.clockSkew = num;
            return this;
        }

        public Builder withAuthenticationMaxAge(Integer num) {
            Validate.notNull(num);
            this.authenticationMaxAge = num;
            return this;
        }

        public Builder withLegacySameSiteCookie(boolean z) {
            this.useLegacySameSiteCookie = z;
            return this;
        }

        public AuthenticationController build() throws UnsupportedOperationException {
            AuthAPI createAPIClient = createAPIClient(this.domain, this.clientId, this.clientSecret);
            setupTelemetry(createAPIClient);
            IdTokenVerifier.Options createIdTokenVerificationOptions = createIdTokenVerificationOptions(getIssuer(this.domain), this.clientId, this.jwkProvider != null ? new AsymmetricSignatureVerifier(this.jwkProvider) : this.responseType.contains(RESPONSE_TYPE_CODE) ? new AlgorithmNameVerifier() : new SymmetricSignatureVerifier(this.clientSecret));
            createIdTokenVerificationOptions.setClockSkew(this.clockSkew);
            createIdTokenVerificationOptions.setMaxAge(this.authenticationMaxAge);
            return new AuthenticationController(new RequestProcessor(createAPIClient, this.responseType, createIdTokenVerificationOptions, this.useLegacySameSiteCookie));
        }

        @VisibleForTesting
        IdTokenVerifier.Options createIdTokenVerificationOptions(String str, String str2, SignatureVerifier signatureVerifier) {
            return new IdTokenVerifier.Options(str, str2, signatureVerifier);
        }

        @VisibleForTesting
        AuthAPI createAPIClient(String str, String str2, String str3) {
            return new AuthAPI(str, str2, str3);
        }

        @VisibleForTesting
        void setupTelemetry(AuthAPI authAPI) {
            authAPI.setTelemetry(new Telemetry("auth0-java-mvc-common", obtainPackageVersion()));
        }

        @VisibleForTesting
        String obtainPackageVersion() {
            return getClass().getPackage().getImplementationVersion();
        }

        private String getIssuer(String str) {
            if (!str.startsWith("http://") && !str.startsWith("https://")) {
                str = "https://" + str;
            }
            if (!str.endsWith("/")) {
                str = str + "/";
            }
            return str;
        }
    }

    @VisibleForTesting
    AuthenticationController(RequestProcessor requestProcessor) {
        this.requestProcessor = requestProcessor;
    }

    @VisibleForTesting
    RequestProcessor getRequestProcessor() {
        return this.requestProcessor;
    }

    public static Builder newBuilder(String str, String str2, String str3) {
        return new Builder(str, str2, str3);
    }

    public void setLoggingEnabled(boolean z) {
        this.requestProcessor.getClient().setLoggingEnabled(z);
    }

    public void doNotSendTelemetry() {
        this.requestProcessor.getClient().doNotSendTelemetry();
    }

    public Tokens handle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IdentityVerificationException {
        Validate.notNull(httpServletRequest, "request must not be null", new Object[0]);
        Validate.notNull(httpServletResponse, "response must not be null", new Object[0]);
        return this.requestProcessor.process(httpServletRequest, httpServletResponse);
    }

    @Deprecated
    public Tokens handle(HttpServletRequest httpServletRequest) throws IdentityVerificationException {
        Validate.notNull(httpServletRequest, "request must not be null", new Object[0]);
        return this.requestProcessor.process(httpServletRequest, null);
    }

    @Deprecated
    public AuthorizeUrl buildAuthorizeUrl(HttpServletRequest httpServletRequest, String str) {
        Validate.notNull(httpServletRequest, "request must not be null", new Object[0]);
        Validate.notNull(str, "redirectUri must not be null", new Object[0]);
        return this.requestProcessor.buildAuthorizeUrl(httpServletRequest, null, str, StorageUtils.secureRandomString(), StorageUtils.secureRandomString());
    }

    public AuthorizeUrl buildAuthorizeUrl(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) {
        Validate.notNull(httpServletRequest, "request must not be null", new Object[0]);
        Validate.notNull(httpServletResponse, "response must not be null", new Object[0]);
        Validate.notNull(str, "redirectUri must not be null", new Object[0]);
        return this.requestProcessor.buildAuthorizeUrl(httpServletRequest, httpServletResponse, str, StorageUtils.secureRandomString(), StorageUtils.secureRandomString());
    }
}
