package org.apereo.cas.ticket;

import java.util.Optional;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import lombok.Generated;
import org.apereo.cas.support.oauth.services.OAuthRegisteredService;
import org.apereo.cas.support.oauth.web.endpoints.OAuth20ConfigurationContext;
import org.apereo.cas.ticket.accesstoken.OAuth20AccessToken;
import org.jose4j.jwt.JwtClaims;
import org.pac4j.core.context.JEEContext;
import org.pac4j.core.profile.ProfileManager;
import org.pac4j.core.profile.UserProfile;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/lib/cas-server-support-oauth-core-api-6.3.7.4.jar:org/apereo/cas/ticket/BaseIdTokenGeneratorService.class */
public abstract class BaseIdTokenGeneratorService implements IdTokenGeneratorService {

    @Generated
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) BaseIdTokenGeneratorService.class);
    private final OAuth20ConfigurationContext configurationContext;

    protected UserProfile getAuthenticatedProfile(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        JEEContext jEEContext = new JEEContext(httpServletRequest, httpServletResponse, getConfigurationContext().getSessionStore());
        Optional optional = new ProfileManager(jEEContext, jEEContext.getSessionStore()).get(true);
        if (optional.isEmpty()) {
            throw new IllegalArgumentException("Unable to determine the user profile from the context");
        }
        return (UserProfile) optional.get();
    }

    protected String encodeAndFinalizeToken(JwtClaims jwtClaims, OAuthRegisteredService oAuthRegisteredService, OAuth20AccessToken oAuth20AccessToken) {
        LOGGER.debug("Received claims for the id token [{}] as [{}]", oAuth20AccessToken, jwtClaims);
        String encode = getConfigurationContext().getIdTokenSigningAndEncryptionService().encode(oAuthRegisteredService, jwtClaims);
        oAuth20AccessToken.setIdToken(encode);
        LOGGER.debug("Updating access token [{}] in ticket registry with ID token [{}]", oAuth20AccessToken.getId(), encode);
        getConfigurationContext().getTicketRegistry().updateTicket(oAuth20AccessToken);
        return encode;
    }

    @Generated
    protected BaseIdTokenGeneratorService(OAuth20ConfigurationContext oAuth20ConfigurationContext) {
        this.configurationContext = oAuth20ConfigurationContext;
    }

    @Generated
    public OAuth20ConfigurationContext getConfigurationContext() {
        return this.configurationContext;
    }
}
