package org.jenkinsci.plugins.oic;

import com.nimbusds.jose.JWSAlgorithm;
import com.nimbusds.jwt.JWT;
import com.nimbusds.jwt.JWTClaimsSet;
import com.nimbusds.oauth2.sdk.ParseException;
import com.nimbusds.oauth2.sdk.auth.ClientAuthenticationMethod;
import com.nimbusds.oauth2.sdk.id.Issuer;
import com.nimbusds.openid.connect.sdk.Nonce;
import com.nimbusds.openid.connect.sdk.SubjectType;
import com.nimbusds.openid.connect.sdk.claims.IDTokenClaimsSet;
import com.nimbusds.openid.connect.sdk.op.OIDCProviderMetadata;
import java.net.URI;
import java.net.URISyntaxException;
import java.util.List;
import java.util.logging.Level;
import java.util.logging.Logger;
import org.pac4j.core.exception.TechnicalException;
import org.pac4j.oidc.config.OidcConfiguration;
import org.pac4j.oidc.profile.creator.TokenValidator;

/* loaded from: input_file:org/jenkinsci/plugins/oic/AnythingGoesTokenValidator.class */
public class AnythingGoesTokenValidator extends TokenValidator {
    public static final Logger LOGGER = Logger.getLogger(AnythingGoesTokenValidator.class.getName());

    public AnythingGoesTokenValidator() {
        super(createFakeOidcConfiguration(), createFakeProviderMetadata());
    }

    public IDTokenClaimsSet validate(JWT jwt, Nonce nonce) {
        try {
            return new IDTokenClaimsSet(jwt.getJWTClaimsSet());
        } catch (ParseException | java.text.ParseException e) {
            LOGGER.log(Level.WARNING, "Token validation is disabled, but the token is corrupt and claims will not be represted.", e);
            try {
                return new IDTokenClaimsSet(new JWTClaimsSet.Builder().build());
            } catch (ParseException e2) {
                throw new TechnicalException("could not create and empty IDTokenClaimsSet");
            }
        }
    }

    private static OidcConfiguration createFakeOidcConfiguration() {
        OidcConfiguration oidcConfiguration = new OidcConfiguration();
        oidcConfiguration.setClientId("ignored");
        oidcConfiguration.setSecret("ignored");
        oidcConfiguration.setPreferredJwsAlgorithm(JWSAlgorithm.HS256);
        oidcConfiguration.setClientAuthenticationMethod(ClientAuthenticationMethod.CLIENT_SECRET_BASIC);
        return oidcConfiguration;
    }

    private static OIDCProviderMetadata createFakeProviderMetadata() {
        try {
            OIDCProviderMetadata oIDCProviderMetadata = new OIDCProviderMetadata(new Issuer("http://ignored"), List.of(SubjectType.PUBLIC), new URI("http://ignored.and.invalid./"));
            oIDCProviderMetadata.setIDTokenJWSAlgs(List.of(JWSAlgorithm.HS256));
            return oIDCProviderMetadata;
        } catch (URISyntaxException e) {
            throw new IllegalStateException(e);
        }
    }
}
