package au.csiro.fhir.auth;

import com.auth0.jwt.JWT;
import com.nimbusds.jose.jwk.JWK;
import java.text.ParseException;
import java.time.Duration;
import java.time.Instant;
import java.time.temporal.TemporalAmount;
import java.util.List;
import java.util.Map;
import java.util.UUID;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
import org.apache.http.message.BasicNameValuePair;

/* loaded from: input_file:au/csiro/fhir/auth/AsymmetricClientAuthMethod.class */
public final class AsymmetricClientAuthMethod extends ClientAuthMethod {
    static final String PARAM_CLIENT_ASSERTION_TYPE = "client_assertion_type";
    static final String PARAM_CLIENT_ASSERTION = "client_assertion";
    static final String CLIENT_ASSERTION_TYPE_JWT_BEARER = "urn:ietf:params:oauth:client-assertion-type:jwt-bearer";
    public static int DEFAULT_JWT_EXPIRY_IN_SECONDS = 60;

    @Nonnull
    private final String tokenEndpoint;

    @Nonnull
    private final String clientId;

    @Nonnull
    private final JWK privateKey;

    @Nullable
    private final String scope;

    /* loaded from: input_file:au/csiro/fhir/auth/AsymmetricClientAuthMethod$AsymmetricClientAuthMethodBuilder.class */
    public static class AsymmetricClientAuthMethodBuilder {
        private String tokenEndpoint;
        private String clientId;
        private JWK privateKey;
        private boolean scope$set;
        private String scope$value;

        @Nonnull
        public AsymmetricClientAuthMethodBuilder privateKeyJWK(@Nonnull String str) {
            try {
                this.privateKey = JWK.parse(str);
                return this;
            } catch (ParseException e) {
                throw new IllegalArgumentException("Invalid JWK: " + e.getMessage(), e);
            }
        }

        AsymmetricClientAuthMethodBuilder() {
        }

        public AsymmetricClientAuthMethodBuilder tokenEndpoint(@Nonnull String str) {
            if (str == null) {
                throw new NullPointerException("tokenEndpoint is marked non-null but is null");
            }
            this.tokenEndpoint = str;
            return this;
        }

        public AsymmetricClientAuthMethodBuilder clientId(@Nonnull String str) {
            if (str == null) {
                throw new NullPointerException("clientId is marked non-null but is null");
            }
            this.clientId = str;
            return this;
        }

        public AsymmetricClientAuthMethodBuilder privateKey(@Nonnull JWK jwk) {
            if (jwk == null) {
                throw new NullPointerException("privateKey is marked non-null but is null");
            }
            this.privateKey = jwk;
            return this;
        }

        public AsymmetricClientAuthMethodBuilder scope(@Nullable String str) {
            this.scope$value = str;
            this.scope$set = true;
            return this;
        }

        public AsymmetricClientAuthMethod build() {
            String str = this.scope$value;
            if (!this.scope$set) {
                str = AsymmetricClientAuthMethod.$default$scope();
            }
            return new AsymmetricClientAuthMethod(this.tokenEndpoint, this.clientId, this.privateKey, str);
        }

        public String toString() {
            return "AsymmetricClientAuthMethod.AsymmetricClientAuthMethodBuilder(tokenEndpoint=" + this.tokenEndpoint + ", clientId=" + this.clientId + ", privateKey=" + this.privateKey + ", scope$value=" + this.scope$value + ")";
        }
    }

    @Override // au.csiro.fhir.auth.ClientAuthMethod
    @Nonnull
    protected List<BasicNameValuePair> getAuthParams(@Nonnull Instant instant) {
        return List.of(new BasicNameValuePair(PARAM_CLIENT_ASSERTION_TYPE, CLIENT_ASSERTION_TYPE_JWT_BEARER), new BasicNameValuePair(PARAM_CLIENT_ASSERTION, JWT.create().withHeader(Map.of("kid", this.privateKey.getKeyID())).withClaim("iss", this.clientId).withClaim("sub", this.clientId).withClaim("aud", this.tokenEndpoint).withClaim("exp", Long.valueOf(instant.plus((TemporalAmount) Duration.ofSeconds(DEFAULT_JWT_EXPIRY_IN_SECONDS)).getEpochSecond())).withClaim("jti", UUID.randomUUID().toString()).sign(JWTUtils.getAsymmSigningAlgorithm(this.privateKey))));
    }

    private static String $default$scope() {
        return null;
    }

    AsymmetricClientAuthMethod(@Nonnull String str, @Nonnull String str2, @Nonnull JWK jwk, @Nullable String str3) {
        if (str == null) {
            throw new NullPointerException("tokenEndpoint is marked non-null but is null");
        }
        if (str2 == null) {
            throw new NullPointerException("clientId is marked non-null but is null");
        }
        if (jwk == null) {
            throw new NullPointerException("privateKey is marked non-null but is null");
        }
        this.tokenEndpoint = str;
        this.clientId = str2;
        this.privateKey = jwk;
        this.scope = str3;
    }

    public static AsymmetricClientAuthMethodBuilder builder() {
        return new AsymmetricClientAuthMethodBuilder();
    }

    @Override // au.csiro.fhir.auth.ClientAuthMethod
    @Nonnull
    public String getTokenEndpoint() {
        return this.tokenEndpoint;
    }

    @Override // au.csiro.fhir.auth.ClientAuthMethod
    @Nonnull
    public String getClientId() {
        return this.clientId;
    }

    @Nonnull
    public JWK getPrivateKey() {
        return this.privateKey;
    }

    @Override // au.csiro.fhir.auth.ClientAuthMethod
    @Nullable
    public String getScope() {
        return this.scope;
    }

    public String toString() {
        return "AsymmetricClientAuthMethod(tokenEndpoint=" + getTokenEndpoint() + ", clientId=" + getClientId() + ", privateKey=" + getPrivateKey() + ", scope=" + getScope() + ")";
    }

    public boolean equals(Object obj) {
        if (obj == this) {
            return true;
        }
        if (!(obj instanceof AsymmetricClientAuthMethod)) {
            return false;
        }
        AsymmetricClientAuthMethod asymmetricClientAuthMethod = (AsymmetricClientAuthMethod) obj;
        if (!asymmetricClientAuthMethod.canEqual(this)) {
            return false;
        }
        String tokenEndpoint = getTokenEndpoint();
        String tokenEndpoint2 = asymmetricClientAuthMethod.getTokenEndpoint();
        if (tokenEndpoint == null) {
            if (tokenEndpoint2 != null) {
                return false;
            }
        } else if (!tokenEndpoint.equals(tokenEndpoint2)) {
            return false;
        }
        String clientId = getClientId();
        String clientId2 = asymmetricClientAuthMethod.getClientId();
        if (clientId == null) {
            if (clientId2 != null) {
                return false;
            }
        } else if (!clientId.equals(clientId2)) {
            return false;
        }
        JWK privateKey = getPrivateKey();
        JWK privateKey2 = asymmetricClientAuthMethod.getPrivateKey();
        if (privateKey == null) {
            if (privateKey2 != null) {
                return false;
            }
        } else if (!privateKey.equals(privateKey2)) {
            return false;
        }
        String scope = getScope();
        String scope2 = asymmetricClientAuthMethod.getScope();
        return scope == null ? scope2 == null : scope.equals(scope2);
    }

    protected boolean canEqual(Object obj) {
        return obj instanceof AsymmetricClientAuthMethod;
    }

    public int hashCode() {
        String tokenEndpoint = getTokenEndpoint();
        int hashCode = (1 * 59) + (tokenEndpoint == null ? 43 : tokenEndpoint.hashCode());
        String clientId = getClientId();
        int hashCode2 = (hashCode * 59) + (clientId == null ? 43 : clientId.hashCode());
        JWK privateKey = getPrivateKey();
        int hashCode3 = (hashCode2 * 59) + (privateKey == null ? 43 : privateKey.hashCode());
        String scope = getScope();
        return (hashCode3 * 59) + (scope == null ? 43 : scope.hashCode());
    }
}
