package net.shibboleth.idp.plugin.authn.mock;

import com.nimbusds.jose.JOSEException;
import com.nimbusds.jose.JWSAlgorithm;
import com.nimbusds.jwt.JWT;
import com.nimbusds.jwt.JWTClaimsSet;
import java.text.ParseException;
import java.time.Instant;
import java.time.temporal.ChronoUnit;
import java.time.temporal.TemporalUnit;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
import net.shibboleth.idp.plugin.authn.duo.DuoClientException;
import net.shibboleth.idp.plugin.authn.duo.DuoOIDCClient;
import net.shibboleth.idp.plugin.authn.duo.DuoOIDCClientCapabilities;
import net.shibboleth.idp.plugin.authn.duo.DuoOIDCIntegration;
import net.shibboleth.idp.plugin.authn.duo.model.DuoHealthCheck;
import net.shibboleth.oidc.security.JWSAssemblyUtils;
import net.shibboleth.shared.annotation.constraint.NonnullAfterInit;
import net.shibboleth.shared.codec.EncodingException;

/* loaded from: input_file:net/shibboleth/idp/plugin/authn/mock/MockDuoOIDCClient_OK_OLD_AUTH_TIME.class */
public class MockDuoOIDCClient_OK_OLD_AUTH_TIME implements DuoOIDCClient {

    @Nonnull
    private static final String STATUS = "OK";

    @Nonnull
    private static final String SUB = "jdoe";

    @NonnullAfterInit
    private final DuoOIDCIntegration integration;

    public MockDuoOIDCClient_OK_OLD_AUTH_TIME(@Nonnull DuoOIDCIntegration duoOIDCIntegration) throws DuoClientException {
        this.integration = duoOIDCIntegration;
    }

    @Nonnull
    public DuoHealthCheck healthCheck() throws DuoClientException {
        return DuoHealthCheck.builder().withStatus(STATUS).withTimestamp(Long.toString(System.currentTimeMillis())).build();
    }

    @Nonnull
    public String createAuthUrl(@Nonnull String str, @Nonnull String str2, @Nullable String str3, @Nullable String str4) throws DuoClientException {
        return String.format("https://%s%s?scope=openid&response_type=code&redirect_uri=%s&client_id=%s&request=%s", this.integration.getAPIHost(), "/oauth/v1/authorize", this.integration.getRedirectURI(), this.integration.getClientId(), "JWT");
    }

    @Nonnull
    public JWT exchangeAuthorizationCodeFor2FAResult(@Nonnull String str, @Nonnull String str2, @Nullable String str3) throws DuoClientException {
        try {
            return JWSAssemblyUtils.assembleMacJws(JWSAlgorithm.HS512, JWTClaimsSet.parse("{\n    \"iss\": \"https://" + this.integration.getAPIHost() + "/oauth/v1/token\",\n    \"sub\": \"jdoe\",\n    \"preferred_username\": \"jdoe\",\n    \"aud\": \"" + this.integration.getClientId() + "\",\n    \"exp\": " + new String(Math.toIntExact(Instant.now().plus(10L, (TemporalUnit) ChronoUnit.MINUTES).getEpochSecond()) + ",\n    \"iat\": " + Long.toString(Instant.now().getEpochSecond())) + ",\n    \"auth_time\": " + Math.toIntExact(Instant.now().minus(10L, (TemporalUnit) ChronoUnit.MINUTES).getEpochSecond()) + ",\n    \"auth_result\": {\n        \"status_msg\": \"Login Successful\",\n        \"status\": \"allow\",\n        \"result\": \"allow\"\n    },\n    \"auth_context\": {\n        \"result\": \"success\",\n        \"timestamp\": 1599749128,\n        \"auth_device\": {\n            \"ip\": \"1.1.1.1\",\n            \"name\": \"+44 9999999\",\n            \"location\": {\n                \"state\": \"State\",\n                \"city\": \"City\",\n                \"country\": \"Country\"\n            }\n        },\n        \"txid\": \"1684599c-bb16-4250-af85-904291bfe7cc\",\n        \"event_type\": \"authentication\",\n        \"reason\": \"user_approved\",\n        \"access_device\": {\n            \"hostname\": null,\n            \"ip\": \"1.1.1.1\",\n            \"location\": {\n                \"state\": \"State\",\n                \"city\": \"City\",\n                \"country\": \"Country\"\n            }\n        },\n        \"application\": {\n            \"key\": \"DIU6GEFWG5LIUTVV2M3N\",\n            \"name\": \"Shibboleth Integration Testing\"\n        },\n        \"factor\": \"duo_push\",\n        \"user\": {\n            \"key\": \"DUGL8U46QGJSOUJWG59W\",\n            \"name\": \"jdoe\"\n        }\n    }\n}"), JWSAssemblyUtils.getSecretBytes(this.integration.getSecretKey()));
        } catch (ParseException | JOSEException | EncodingException e) {
            throw new DuoClientException(e);
        }
    }

    @Nonnull
    public String getClientId() {
        return "MockDuoClient_OLD_AUTH_TIME";
    }

    public boolean isSupportsNonce() {
        return false;
    }

    @Nonnull
    public DuoOIDCClientCapabilities getCapabilities() {
        return new DuoOIDCClientCapabilities() { // from class: net.shibboleth.idp.plugin.authn.mock.MockDuoOIDCClient_OK_OLD_AUTH_TIME.1
            public boolean isSupportsNonce() {
                return false;
            }
        };
    }
}
