package org.keycloak.protocol.oidc;

import java.util.ArrayList;
import java.util.List;
import java.util.Set;
import java.util.stream.Collectors;
import org.keycloak.authentication.authenticators.client.X509ClientAuthenticator;
import org.keycloak.models.ClientModel;
import org.keycloak.protocol.oidc.utils.WebOriginsUtils;
import org.keycloak.protocol.saml.SamlProtocol;
import org.keycloak.representations.idm.ClientRepresentation;
import org.keycloak.utils.StringUtil;

/* loaded from: input_file:org/keycloak/protocol/oidc/OIDCAdvancedConfigWrapper.class */
public class OIDCAdvancedConfigWrapper extends AbstractClientConfigWrapper {

    /* loaded from: input_file:org/keycloak/protocol/oidc/OIDCAdvancedConfigWrapper$TokenExchangeRefreshTokenEnabled.class */
    public enum TokenExchangeRefreshTokenEnabled {
        NO,
        SAME_SESSION
    }

    private OIDCAdvancedConfigWrapper(ClientModel clientModel, ClientRepresentation clientRepresentation) {
        super(clientModel, clientRepresentation);
    }

    public static OIDCAdvancedConfigWrapper fromClientModel(ClientModel clientModel) {
        return new OIDCAdvancedConfigWrapper(clientModel, null);
    }

    public static OIDCAdvancedConfigWrapper fromClientRepresentation(ClientRepresentation clientRepresentation) {
        return new OIDCAdvancedConfigWrapper(null, clientRepresentation);
    }

    public String getUserInfoSignedResponseAlg() {
        return getAttribute("user.info.response.signature.alg");
    }

    public void setUserInfoSignedResponseAlg(String str) {
        setAttribute("user.info.response.signature.alg", str);
    }

    public boolean isUserInfoSignatureRequired() {
        return getUserInfoSignedResponseAlg() != null;
    }

    public void setUserInfoEncryptedResponseAlg(String str) {
        setAttribute("user.info.encrypted.response.alg", str);
    }

    public String getUserInfoEncryptedResponseAlg() {
        return getAttribute("user.info.encrypted.response.alg");
    }

    public String getUserInfoEncryptedResponseEnc() {
        return getAttribute("user.info.encrypted.response.enc");
    }

    public void setUserInfoEncryptedResponseEnc(String str) {
        setAttribute("user.info.encrypted.response.enc", str);
    }

    public boolean isUserInfoEncryptionRequired() {
        return getUserInfoEncryptedResponseAlg() != null;
    }

    public String getRequestObjectSignatureAlg() {
        return getAttribute("request.object.signature.alg");
    }

    public void setRequestObjectSignatureAlg(String str) {
        setAttribute("request.object.signature.alg", str);
    }

    public void setRequestObjectEncryptionAlg(String str) {
        setAttribute("request.object.encryption.alg", str);
    }

    public String getRequestObjectEncryptionAlg() {
        return getAttribute("request.object.encryption.alg");
    }

    public String getRequestObjectEncryptionEnc() {
        return getAttribute("request.object.encryption.enc");
    }

    public void setRequestObjectEncryptionEnc(String str) {
        setAttribute("request.object.encryption.enc", str);
    }

    public String getRequestObjectRequired() {
        return getAttribute("request.object.required");
    }

    public void setRequestObjectRequired(String str) {
        setAttribute("request.object.required", str);
    }

    public List<String> getRequestUris() {
        return getAttributeMultivalued("request.uris");
    }

    public void setRequestUris(List<String> list) {
        setAttributeMultivalued("request.uris", list);
    }

    public boolean isUseJwksUrl() {
        return Boolean.parseBoolean(getAttribute("use.jwks.url"));
    }

    public void setUseJwksUrl(boolean z) {
        setAttribute("use.jwks.url", String.valueOf(z));
    }

    public String getJwksUrl() {
        return getAttribute("jwks.url");
    }

    public void setJwksUrl(String str) {
        setAttribute("jwks.url", str);
    }

    public boolean isUseJwksString() {
        return Boolean.parseBoolean(getAttribute("use.jwks.string"));
    }

    public void setUseJwksString(boolean z) {
        setAttribute("use.jwks.string", String.valueOf(z));
    }

    public String getJwksString() {
        return getAttribute("jwks.string");
    }

    public void setJwksString(String str) {
        setAttribute("jwks.string", str);
    }

    public boolean isExcludeSessionStateFromAuthResponse() {
        return Boolean.parseBoolean(getAttribute("exclude.session.state.from.auth.response"));
    }

    public void setExcludeSessionStateFromAuthResponse(boolean z) {
        setAttribute("exclude.session.state.from.auth.response", String.valueOf(z));
    }

    public boolean isExcludeIssuerFromAuthResponse() {
        return Boolean.parseBoolean(getAttribute("exclude.issuer.from.auth.response"));
    }

    public void setExcludeIssuerFromAuthResponse(boolean z) {
        setAttribute("exclude.issuer.from.auth.response", String.valueOf(z));
    }

    public boolean isUseDPoP() {
        return Boolean.parseBoolean(getAttribute("dpop.bound.access.tokens"));
    }

    public void setUseDPoP(boolean z) {
        setAttribute("dpop.bound.access.tokens", String.valueOf(z));
    }

    public boolean isUseMtlsHokToken() {
        return Boolean.parseBoolean(getAttribute("tls.client.certificate.bound.access.tokens"));
    }

    public void setUseMtlsHoKToken(boolean z) {
        setAttribute("tls.client.certificate.bound.access.tokens", String.valueOf(z));
    }

    public boolean isUseRefreshToken() {
        return Boolean.parseBoolean(getAttribute("use.refresh.tokens", "true"));
    }

    public void setUseRefreshToken(boolean z) {
        setAttribute("use.refresh.tokens", String.valueOf(z));
    }

    public boolean isUseLowerCaseInTokenResponse() {
        return Boolean.parseBoolean(getAttribute("token.response.type.bearer.lower-case", SamlProtocol.ATTRIBUTE_FALSE_VALUE));
    }

    public void setUseLowerCaseInTokenResponse(boolean z) {
        setAttribute("token.response.type.bearer.lower-case", String.valueOf(z));
    }

    public boolean isUseRfc9068AccessTokenHeaderType() {
        return Boolean.parseBoolean(getAttribute("access.token.header.type.rfc9068", SamlProtocol.ATTRIBUTE_FALSE_VALUE));
    }

    public void setUseRfc9068AccessTokenHeaderType(boolean z) {
        setAttribute("access.token.header.type.rfc9068", String.valueOf(z));
    }

    public boolean isUseRefreshTokenForClientCredentialsGrant() {
        return Boolean.parseBoolean(getAttribute("client_credentials.use_refresh_token", SamlProtocol.ATTRIBUTE_FALSE_VALUE));
    }

    public void setUseRefreshTokenForClientCredentialsGrant(boolean z) {
        setAttribute("client_credentials.use_refresh_token", String.valueOf(z));
    }

    public boolean isStandardTokenExchangeEnabled() {
        return Boolean.parseBoolean(getAttribute("standard.token.exchange.enabled", SamlProtocol.ATTRIBUTE_FALSE_VALUE));
    }

    public void setStandardTokenExchangeEnabled(boolean z) {
        setAttribute("standard.token.exchange.enabled", String.valueOf(z));
    }

    public TokenExchangeRefreshTokenEnabled getStandardTokenExchangeRefreshEnabled() {
        String attribute = getAttribute("standard.token.exchange.enableRefreshRequestedTokenType");
        try {
            return attribute == null ? TokenExchangeRefreshTokenEnabled.NO : TokenExchangeRefreshTokenEnabled.valueOf(attribute);
        } catch (IllegalArgumentException e) {
            return TokenExchangeRefreshTokenEnabled.NO;
        }
    }

    public void setStandardTokenExchangeRefreshEnabled(TokenExchangeRefreshTokenEnabled tokenExchangeRefreshTokenEnabled) {
        setAttribute("standard.token.exchange.enableRefreshRequestedTokenType", (tokenExchangeRefreshTokenEnabled == null || tokenExchangeRefreshTokenEnabled == TokenExchangeRefreshTokenEnabled.NO) ? null : tokenExchangeRefreshTokenEnabled.name());
    }

    public String getTlsClientAuthSubjectDn() {
        return getAttribute(X509ClientAuthenticator.ATTR_SUBJECT_DN);
    }

    public void setTlsClientAuthSubjectDn(String str) {
        setAttribute(X509ClientAuthenticator.ATTR_SUBJECT_DN, str);
    }

    public boolean getAllowRegexPatternComparison() {
        String attribute = getAttribute(X509ClientAuthenticator.ATTR_ALLOW_REGEX_PATTERN_COMPARISON);
        return attribute == null || Boolean.parseBoolean(attribute);
    }

    public void setAllowRegexPatternComparison(boolean z) {
        setAttribute(X509ClientAuthenticator.ATTR_ALLOW_REGEX_PATTERN_COMPARISON, String.valueOf(z));
    }

    public String getPkceCodeChallengeMethod() {
        return getAttribute("pkce.code.challenge.method");
    }

    public void setPkceCodeChallengeMethod(String str) {
        setAttribute("pkce.code.challenge.method", str);
    }

    public String getIdTokenSignedResponseAlg() {
        return getAttribute("id.token.signed.response.alg");
    }

    public void setIdTokenSignedResponseAlg(String str) {
        setAttribute("id.token.signed.response.alg", str);
    }

    public String getIdTokenEncryptedResponseAlg() {
        return getAttribute("id.token.encrypted.response.alg");
    }

    public void setIdTokenEncryptedResponseAlg(String str) {
        setAttribute("id.token.encrypted.response.alg", str);
    }

    public String getIdTokenEncryptedResponseEnc() {
        return getAttribute("id.token.encrypted.response.enc");
    }

    public void setIdTokenEncryptedResponseEnc(String str) {
        setAttribute("id.token.encrypted.response.enc", str);
    }

    public String getAuthorizationSignedResponseAlg() {
        return getAttribute("authorization.signed.response.alg");
    }

    public void setAuthorizationSignedResponseAlg(String str) {
        setAttribute("authorization.signed.response.alg", str);
    }

    public String getAuthorizationEncryptedResponseAlg() {
        return getAttribute("authorization.encrypted.response.alg");
    }

    public void setAuthorizationEncryptedResponseAlg(String str) {
        setAttribute("authorization.encrypted.response.alg", str);
    }

    public String getAuthorizationEncryptedResponseEnc() {
        return getAttribute("authorization.encrypted.response.enc");
    }

    public void setAuthorizationEncryptedResponseEnc(String str) {
        setAttribute("authorization.encrypted.response.enc", str);
    }

    public String getTokenEndpointAuthSigningAlg() {
        return getAttribute("token.endpoint.auth.signing.alg");
    }

    public void setTokenEndpointAuthSigningAlg(String str) {
        setAttribute("token.endpoint.auth.signing.alg", str);
    }

    public int getTokenEndpointAuthSigningMaxExp() {
        try {
            int parseInt = Integer.parseInt(getAttribute("token.endpoint.auth.signing.max.exp"));
            if (parseInt > 0) {
                return parseInt;
            }
            return 60;
        } catch (NumberFormatException e) {
            return 60;
        }
    }

    public void setTokenEndpointAuthSigningMaxExp(int i) {
        if (i <= 0) {
            throw new IllegalArgumentException("Maximum expiration is a positive number in seconds");
        }
        setAttribute("token.endpoint.auth.signing.max.exp", String.valueOf(i));
    }

    public String getBackchannelLogoutUrl() {
        return getAttribute("backchannel.logout.url");
    }

    public void setBackchannelLogoutUrl(String str) {
        setAttribute("backchannel.logout.url", str);
    }

    public boolean isBackchannelLogoutSessionRequired() {
        return Boolean.parseBoolean(getAttribute("backchannel.logout.session.required"));
    }

    public void setBackchannelLogoutSessionRequired(boolean z) {
        setAttribute("backchannel.logout.session.required", String.valueOf(z));
    }

    public boolean getBackchannelLogoutRevokeOfflineTokens() {
        return Boolean.parseBoolean(getAttribute("backchannel.logout.revoke.offline.tokens"));
    }

    public void setBackchannelLogoutRevokeOfflineTokens(boolean z) {
        setAttribute("backchannel.logout.revoke.offline.tokens", String.valueOf(z));
    }

    public void setFrontChannelLogoutUrl(String str) {
        if (this.clientRep != null) {
            this.clientRep.setFrontchannelLogout(Boolean.valueOf(StringUtil.isNotBlank(str)));
        }
        if (this.clientModel != null) {
            this.clientModel.setFrontchannelLogout(StringUtil.isNotBlank(str));
        }
        setAttribute("frontchannel.logout.url", str);
    }

    public boolean isFrontChannelLogoutEnabled() {
        return this.clientModel != null && this.clientModel.isFrontchannelLogout() && StringUtil.isNotBlank(getFrontChannelLogoutUrl());
    }

    public String getFrontChannelLogoutUrl() {
        return getAttribute("frontchannel.logout.url");
    }

    public boolean isFrontChannelLogoutSessionRequired() {
        String attribute = getAttribute("frontchannel.logout.session.required");
        if (attribute == null) {
            return true;
        }
        return Boolean.parseBoolean(attribute);
    }

    public void setFrontChannelLogoutSessionRequired(boolean z) {
        setAttribute("frontchannel.logout.session.required", String.valueOf(z));
    }

    public void setLogoUri(String str) {
        setAttribute("logoUri", str);
    }

    public void setPolicyUri(String str) {
        setAttribute("policyUri", str);
    }

    public void setTosUri(String str) {
        setAttribute("tosUri", str);
    }

    public List<String> getPostLogoutRedirectUris() {
        List<String> attributeMultivalued = getAttributeMultivalued("post.logout.redirect.uris");
        if (attributeMultivalued == null || attributeMultivalued.isEmpty()) {
            if (this.clientModel != null) {
                return new ArrayList(this.clientModel.getRedirectUris());
            }
            if (this.clientRep != null) {
                return this.clientRep.getRedirectUris();
            }
            return null;
        }
        if (attributeMultivalued.get(0).equals("-")) {
            return new ArrayList();
        }
        if (!attributeMultivalued.contains(WebOriginsUtils.INCLUDE_REDIRECTS)) {
            return attributeMultivalued;
        }
        Set set = (Set) attributeMultivalued.stream().filter(str -> {
            return !WebOriginsUtils.INCLUDE_REDIRECTS.equals(str);
        }).collect(Collectors.toSet());
        if (this.clientModel != null) {
            set.addAll(this.clientModel.getRedirectUris());
        } else if (this.clientRep != null) {
            set.addAll(this.clientRep.getRedirectUris());
        }
        return new ArrayList(set);
    }

    public void setPostLogoutRedirectUris(List<String> list) {
        setAttributeMultivalued("post.logout.redirect.uris", list);
    }

    public String getMinimumAcrValue() {
        return getAttribute("minimum.acr.value");
    }

    public void setMinimumAcrValue(String str) {
        setAttribute("minimum.acr.value", str);
    }
}
