package org.keycloak.broker.oidc;

import java.util.Arrays;
import org.keycloak.common.enums.SslRequired;
import org.keycloak.common.util.UriUtils;
import org.keycloak.models.IdentityProviderModel;
import org.keycloak.models.RealmModel;
import org.keycloak.protocol.oidc.OIDCLoginProtocol;
import org.keycloak.protocol.saml.SamlProtocol;

/* loaded from: input_file:org/keycloak/broker/oidc/OAuth2IdentityProviderConfig.class */
public class OAuth2IdentityProviderConfig extends IdentityProviderModel {
    public static final String PKCE_ENABLED = "pkceEnabled";
    public static final String PKCE_METHOD = "pkceMethod";
    public static final String JWT_X509_HEADERS_ENABLED = "jwtX509HeadersEnabled";

    public OAuth2IdentityProviderConfig(IdentityProviderModel identityProviderModel) {
        super(identityProviderModel);
    }

    public OAuth2IdentityProviderConfig() {
    }

    public String getAuthorizationUrl() {
        return (String) getConfig().get("authorizationUrl");
    }

    public void setAuthorizationUrl(String str) {
        getConfig().put("authorizationUrl", str);
    }

    public String getTokenUrl() {
        return (String) getConfig().get("tokenUrl");
    }

    public void setTokenUrl(String str) {
        getConfig().put("tokenUrl", str);
    }

    public String getUserInfoUrl() {
        return (String) getConfig().get("userInfoUrl");
    }

    public void setUserInfoUrl(String str) {
        getConfig().put("userInfoUrl", str);
    }

    public String getClientId() {
        return (String) getConfig().get("clientId");
    }

    public void setClientId(String str) {
        getConfig().put("clientId", str);
    }

    public String getClientAuthMethod() {
        return (String) getConfig().getOrDefault("clientAuthMethod", OIDCLoginProtocol.CLIENT_SECRET_POST);
    }

    public void setClientAuthMethod(String str) {
        getConfig().put("clientAuthMethod", str);
    }

    public String getClientSecret() {
        return (String) getConfig().get("clientSecret");
    }

    public void setClientSecret(String str) {
        getConfig().put("clientSecret", str);
    }

    public String getDefaultScope() {
        return (String) getConfig().get("defaultScope");
    }

    public void setDefaultScope(String str) {
        getConfig().put("defaultScope", str);
    }

    public boolean isJWTAuthentication() {
        return getClientAuthMethod().equals(OIDCLoginProtocol.CLIENT_SECRET_JWT) || getClientAuthMethod().equals(OIDCLoginProtocol.PRIVATE_KEY_JWT);
    }

    public boolean isBasicAuthentication() {
        return getClientAuthMethod().equals(OIDCLoginProtocol.CLIENT_SECRET_BASIC);
    }

    public boolean isUiLocales() {
        return Boolean.valueOf((String) getConfig().get("uiLocales")).booleanValue();
    }

    public void setUiLocales(boolean z) {
        getConfig().put("uiLocales", String.valueOf(z));
    }

    public String getPrompt() {
        return (String) getConfig().get(OIDCLoginProtocol.PROMPT_PARAM);
    }

    public String getForwardParameters() {
        return (String) getConfig().get("forwardParameters");
    }

    public void setForwardParameters(String str) {
        getConfig().put("forwardParameters", str);
    }

    public boolean isPkceEnabled() {
        return Boolean.parseBoolean((String) getConfig().getOrDefault(PKCE_ENABLED, SamlProtocol.ATTRIBUTE_FALSE_VALUE));
    }

    public void setPkceEnabled(boolean z) {
        getConfig().put(PKCE_ENABLED, String.valueOf(z));
    }

    public String getPkceMethod() {
        return (String) getConfig().get(PKCE_METHOD);
    }

    public String setPkceMethod(String str) {
        return (String) getConfig().put(PKCE_METHOD, str);
    }

    public String getClientAssertionSigningAlg() {
        return (String) getConfig().get("clientAssertionSigningAlg");
    }

    public void setClientAssertionSigningAlg(String str) {
        getConfig().put("clientAssertionSigningAlg", str);
    }

    public String getClientAssertionAudience() {
        return (String) getConfig().get("clientAssertionAudience");
    }

    public void setClientAssertionAudience(String str) {
        getConfig().put("clientAssertionAudience", str);
    }

    public boolean isJwtX509HeadersEnabled() {
        return getClientAuthMethod().equals(OIDCLoginProtocol.PRIVATE_KEY_JWT) && Boolean.parseBoolean((String) getConfig().getOrDefault(JWT_X509_HEADERS_ENABLED, SamlProtocol.ATTRIBUTE_FALSE_VALUE));
    }

    public void setJwtX509HeadersEnabled(boolean z) {
        getConfig().put(JWT_X509_HEADERS_ENABLED, String.valueOf(z));
    }

    public void validate(RealmModel realmModel) {
        SslRequired sslRequired = realmModel.getSslRequired();
        UriUtils.checkUrl(sslRequired, getAuthorizationUrl(), "authorization_url");
        UriUtils.checkUrl(sslRequired, getTokenUrl(), "token_url");
        UriUtils.checkUrl(sslRequired, getUserInfoUrl(), "userinfo_url");
        if (isPkceEnabled()) {
            String pkceMethod = getPkceMethod();
            if (!Arrays.asList(OIDCLoginProtocol.PKCE_METHOD_PLAIN, OIDCLoginProtocol.PKCE_METHOD_S256).contains(pkceMethod)) {
                throw new IllegalArgumentException("PKCE Method not supported: " + pkceMethod);
            }
        }
    }
}
