package io.helidon.security.providers.oidc.common;

import io.helidon.common.Errors;
import io.helidon.security.jwt.jwk.JwkKeys;
import java.net.URI;
import javax.json.JsonObject;
import javax.ws.rs.ClientErrorException;
import javax.ws.rs.client.Client;
import javax.ws.rs.client.Entity;
import javax.ws.rs.client.WebTarget;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.MultivaluedHashMap;

/* loaded from: input_file:io/helidon/security/providers/oidc/common/IdcsSupport.class */
class IdcsSupport {
    private IdcsSupport() {
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static JwkKeys signJwk(Client client, WebTarget webTarget, Errors.Collector collector, URI uri) {
        MultivaluedHashMap multivaluedHashMap = new MultivaluedHashMap();
        multivaluedHashMap.putSingle("grant_type", "client_credentials");
        multivaluedHashMap.putSingle("scope", "urn:opc:idm:__myscopes__");
        try {
            return JwkKeys.create((JsonObject) client.target(uri).request().header("Authorization", "Bearer " + ((JsonObject) webTarget.request().accept(new MediaType[]{MediaType.APPLICATION_JSON_TYPE}).post(Entity.form(multivaluedHashMap), JsonObject.class)).getString("access_token")).get(JsonObject.class));
        } catch (ClientErrorException e) {
            throw new SecurityException("Failed to read JWK from IDCS: " + e.getMessage() + ", entity: " + ((String) e.getResponse().readEntity(String.class)), e);
        }
    }
}
