package fish.payara.security.openid.controller;

import com.sun.faces.context.UrlBuilder;
import fish.payara.security.annotations.ClaimsDefinition;
import fish.payara.security.annotations.LogoutDefinition;
import fish.payara.security.annotations.OpenIdAuthenticationDefinition;
import fish.payara.security.annotations.OpenIdProviderMetadata;
import fish.payara.security.annotations.ProxyDefinition;
import fish.payara.security.openid.OpenIdAuthenticationException;
import fish.payara.security.openid.OpenIdUtil;
import fish.payara.security.openid.api.OpenIdConstant;
import fish.payara.security.openid.domain.ClaimsConfiguration;
import fish.payara.security.openid.domain.LogoutConfiguration;
import fish.payara.security.openid.domain.OpenIdConfiguration;
import fish.payara.security.openid.domain.OpenIdTokenEncryptionMetadata;
import fish.payara.security.openid.domain.ProxyConfiguration;
import jakarta.enterprise.context.ApplicationScoped;
import jakarta.enterprise.context.RequestScoped;
import jakarta.enterprise.inject.Produces;
import jakarta.inject.Inject;
import jakarta.json.JsonObject;
import java.io.Serializable;
import java.io.UnsupportedEncodingException;
import java.net.MalformedURLException;
import java.net.URL;
import java.net.URLDecoder;
import java.net.URLEncoder;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import org.eclipse.microprofile.config.Config;
import org.eclipse.microprofile.config.ConfigProvider;

@ApplicationScoped
/* loaded from: input_file:fish/payara/security/openid/controller/ConfigurationController.class */
public class ConfigurationController implements Serializable {

    @Inject
    private ProviderMetadataContoller providerMetadataContoller;
    private static final String SPACE_SEPARATOR = " ";
    private volatile transient LastBuiltConfig lastBuiltConfig;

    /* loaded from: input_file:fish/payara/security/openid/controller/ConfigurationController$LastBuiltConfig.class */
    static class LastBuiltConfig {
        private final OpenIdAuthenticationDefinition definition;
        private final OpenIdConfiguration configuration;

        public LastBuiltConfig(OpenIdAuthenticationDefinition openIdAuthenticationDefinition, OpenIdConfiguration openIdConfiguration) {
            this.definition = openIdAuthenticationDefinition;
            this.configuration = openIdConfiguration;
        }

        OpenIdConfiguration cachedConfiguration(OpenIdAuthenticationDefinition openIdAuthenticationDefinition) {
            if (this.definition == null || !this.definition.equals(openIdAuthenticationDefinition)) {
                return null;
            }
            return this.configuration;
        }
    }

    @RequestScoped
    @Produces
    public OpenIdConfiguration produceConfiguration(OpenIdAuthenticationDefinition openIdAuthenticationDefinition) {
        if (this.lastBuiltConfig == null) {
            this.lastBuiltConfig = new LastBuiltConfig(null, null);
        }
        OpenIdConfiguration cachedConfiguration = this.lastBuiltConfig.cachedConfiguration(openIdAuthenticationDefinition);
        if (cachedConfiguration != null) {
            return cachedConfiguration;
        }
        OpenIdConfiguration buildConfig = buildConfig(openIdAuthenticationDefinition);
        this.lastBuiltConfig = new LastBuiltConfig(openIdAuthenticationDefinition, buildConfig);
        return buildConfig;
    }

    public OpenIdConfiguration buildConfig(OpenIdAuthenticationDefinition openIdAuthenticationDefinition) {
        Config config = ConfigProvider.getConfig();
        String str = (String) OpenIdUtil.getConfiguredValue(String.class, openIdAuthenticationDefinition.providerURI(), config, OpenIdAuthenticationDefinition.OPENID_MP_PROVIDER_URI);
        OpenIdProviderMetadata providerMetadata = openIdAuthenticationDefinition.providerMetadata();
        JsonObject document = this.providerMetadataContoller.getDocument(str);
        String readConfiguredValueFromMetadataOrProvider = OpenIdUtil.readConfiguredValueFromMetadataOrProvider(providerMetadata.issuer(), document, "issuer", config, OpenIdProviderMetadata.OPENID_MP_ISSUER);
        if (readConfiguredValueFromMetadataOrProvider == null || readConfiguredValueFromMetadataOrProvider.isEmpty()) {
            throw new OpenIdAuthenticationException("issuer URL is not available, specify it either in @OpenIdProviderMetadata or by providerURI and autoconfiguration");
        }
        String readConfiguredValueFromMetadataOrProvider2 = OpenIdUtil.readConfiguredValueFromMetadataOrProvider(providerMetadata.authorizationEndpoint(), document, "authorization_endpoint", config, OpenIdProviderMetadata.OPENID_MP_AUTHORIZATION_ENDPOINT);
        String readConfiguredValueFromMetadataOrProvider3 = OpenIdUtil.readConfiguredValueFromMetadataOrProvider(providerMetadata.tokenEndpoint(), document, "token_endpoint", config, OpenIdProviderMetadata.OPENID_MP_TOKEN_ENDPOINT);
        String readConfiguredValueFromMetadataOrProvider4 = OpenIdUtil.readConfiguredValueFromMetadataOrProvider(providerMetadata.userinfoEndpoint(), document, "userinfo_endpoint", config, OpenIdProviderMetadata.OPENID_MP_USERINFO_ENDPOINT);
        String readConfiguredValueFromMetadataOrProvider5 = OpenIdUtil.readConfiguredValueFromMetadataOrProvider(providerMetadata.endSessionEndpoint(), document, "end_session_endpoint", config, OpenIdProviderMetadata.OPENID_MP_END_SESSION_ENDPOINT);
        String readConfiguredValueFromMetadataOrProvider6 = OpenIdUtil.readConfiguredValueFromMetadataOrProvider(providerMetadata.jwksURI(), document, "jwks_uri", config, OpenIdProviderMetadata.OPENID_MP_JWKS_URI);
        try {
            URL url = new URL(readConfiguredValueFromMetadataOrProvider6);
            Set<String> readConfiguredValueFromMetadataOrProvider7 = OpenIdUtil.readConfiguredValueFromMetadataOrProvider(providerMetadata.scopesSupported(), document, "scopes_supported", config, OpenIdProviderMetadata.OPENID_MP_SCOPES_SUPPORTED);
            Set<String> readConfiguredValueFromMetadataOrProvider8 = OpenIdUtil.readConfiguredValueFromMetadataOrProvider(providerMetadata.responseTypesSupported(), document, "response_types_supported", config, OpenIdProviderMetadata.OPENID_MP_RESPONSE_TYPES_SUPPORTED);
            Set<String> readConfiguredValueFromMetadataOrProvider9 = OpenIdUtil.readConfiguredValueFromMetadataOrProvider(providerMetadata.subjectTypesSupported(), document, "subject_types_supported", config, OpenIdProviderMetadata.OPENID_MP_SUBJECT_TYPES_SUPPORTED);
            Set<String> readConfiguredValueFromMetadataOrProvider10 = OpenIdUtil.readConfiguredValueFromMetadataOrProvider(providerMetadata.idTokenSigningAlgValuesSupported(), document, "id_token_signing_alg_values_supported", config, OpenIdProviderMetadata.OPENID_MP_ID_TOKEN_SIGNING_ALG_VALUES_SUPPORTED);
            Set<String> readConfiguredValueFromMetadataOrProvider11 = OpenIdUtil.readConfiguredValueFromMetadataOrProvider(providerMetadata.idTokenEncryptionAlgValuesSupported(), document, OpenIdConstant.ID_TOKEN_ENCRYPTION_ALG_VALUES_SUPPORTED, config, OpenIdProviderMetadata.OPENID_MP_ID_TOKEN_ENCRYPTION_ALG_VALUES_SUPPORTED);
            Set<String> readConfiguredValueFromMetadataOrProvider12 = OpenIdUtil.readConfiguredValueFromMetadataOrProvider(providerMetadata.idTokenEncryptionEncValuesSupported(), document, OpenIdConstant.ID_TOKEN_ENCRYPTION_ENC_VALUES_SUPPORTED, config, OpenIdProviderMetadata.OPENID_MP_ID_TOKEN_ENCRYPTION_ENC_VALUES_SUPPORTED);
            Set<String> readConfiguredValueFromMetadataOrProvider13 = OpenIdUtil.readConfiguredValueFromMetadataOrProvider(providerMetadata.claimsSupported(), document, "claims_supported", config, OpenIdProviderMetadata.OPENID_MP_CLAIMS_SUPPORTED);
            String str2 = (String) OpenIdUtil.getConfiguredValue(String.class, openIdAuthenticationDefinition.clientId(), config, OpenIdAuthenticationDefinition.OPENID_MP_CLIENT_ID);
            char[] charArray = ((String) OpenIdUtil.getConfiguredValue(String.class, openIdAuthenticationDefinition.clientSecret(), config, OpenIdAuthenticationDefinition.OPENID_MP_CLIENT_SECRET)).toCharArray();
            String str3 = (String) OpenIdUtil.getConfiguredValue(String.class, openIdAuthenticationDefinition.redirectURI(), config, OpenIdAuthenticationDefinition.OPENID_MP_REDIRECT_URI);
            String str4 = (String) OpenIdUtil.getConfiguredValue(String.class, (String) Arrays.stream(openIdAuthenticationDefinition.scope()).collect(Collectors.joining(" ")), config, OpenIdAuthenticationDefinition.OPENID_MP_SCOPE);
            if (OpenIdUtil.isEmpty(str4)) {
                str4 = "openid";
            } else if (!str4.contains("openid")) {
                str4 = "openid " + str4;
            }
            String str5 = (String) Arrays.stream(((String) OpenIdUtil.getConfiguredValue(String.class, openIdAuthenticationDefinition.responseType(), config, OpenIdAuthenticationDefinition.OPENID_MP_RESPONSE_TYPE)).trim().split(" ")).map((v0) -> {
                return v0.toLowerCase();
            }).sorted().collect(Collectors.joining(" "));
            String str6 = (String) OpenIdUtil.getConfiguredValue(String.class, openIdAuthenticationDefinition.responseMode(), config, OpenIdAuthenticationDefinition.OPENID_MP_RESPONSE_MODE);
            String str7 = (String) OpenIdUtil.getConfiguredValue(String.class, openIdAuthenticationDefinition.display().toString().toLowerCase(), config, OpenIdAuthenticationDefinition.OPENID_MP_DISPLAY);
            String str8 = (String) OpenIdUtil.getConfiguredValue(String.class, (String) Arrays.stream(openIdAuthenticationDefinition.prompt()).map((v0) -> {
                return v0.toString();
            }).map((v0) -> {
                return v0.toLowerCase();
            }).collect(Collectors.joining(" ")), config, OpenIdAuthenticationDefinition.OPENID_MP_PROMPT);
            String createUrlQuery = createUrlQuery("extraParameters", openIdAuthenticationDefinition.extraParameters());
            boolean booleanValue = ((Boolean) OpenIdUtil.getConfiguredValue(Boolean.class, Boolean.valueOf(openIdAuthenticationDefinition.useNonce()), config, OpenIdAuthenticationDefinition.OPENID_MP_USE_NONCE)).booleanValue();
            boolean booleanValue2 = ((Boolean) OpenIdUtil.getConfiguredValue(Boolean.class, Boolean.valueOf(openIdAuthenticationDefinition.useSession()), config, OpenIdAuthenticationDefinition.OPENID_MP_USE_SESSION)).booleanValue();
            int intValue = ((Integer) OpenIdUtil.getConfiguredValue(Integer.class, Integer.valueOf(openIdAuthenticationDefinition.jwksConnectTimeout()), config, OpenIdAuthenticationDefinition.OPENID_MP_JWKS_CONNECT_TIMEOUT)).intValue();
            int intValue2 = ((Integer) OpenIdUtil.getConfiguredValue(Integer.class, Integer.valueOf(openIdAuthenticationDefinition.jwksReadTimeout()), config, OpenIdAuthenticationDefinition.OPENID_MP_JWKS_READ_TIMEOUT)).intValue();
            String str9 = (String) config.getOptionalValue(OpenIdAuthenticationDefinition.OPENID_MP_CLIENT_ENC_ALGORITHM, String.class).orElse(null);
            String str10 = (String) config.getOptionalValue(OpenIdAuthenticationDefinition.OPENID_MP_CLIENT_ENC_METHOD, String.class).orElse(null);
            String str11 = (String) config.getOptionalValue(OpenIdAuthenticationDefinition.OPENID_MP_CLIENT_ENC_JWKS, String.class).orElse(null);
            String str12 = (String) OpenIdUtil.getConfiguredValue(String.class, openIdAuthenticationDefinition.claimsDefinition().callerNameClaim(), config, ClaimsDefinition.OPENID_MP_CALLER_NAME_CLAIM);
            String str13 = (String) OpenIdUtil.getConfiguredValue(String.class, openIdAuthenticationDefinition.claimsDefinition().callerGroupsClaim(), config, ClaimsDefinition.OPENID_MP_CALLER_GROUP_CLAIM);
            String str14 = (String) OpenIdUtil.getConfiguredValue(String.class, openIdAuthenticationDefinition.proxyDefinition().hostName(), config, ProxyDefinition.OPENID_MP_PROXY_HOSTNAME);
            String str15 = (String) OpenIdUtil.getConfiguredValue(String.class, openIdAuthenticationDefinition.proxyDefinition().port(), config, ProxyDefinition.OPENID_MP_PROXY_PORT);
            Boolean bool = (Boolean) OpenIdUtil.getConfiguredValue(Boolean.class, Boolean.valueOf(openIdAuthenticationDefinition.logout().notifyProvider()), config, LogoutDefinition.OPENID_MP_PROVIDER_NOTIFY_LOGOUT);
            String str16 = (String) OpenIdUtil.getConfiguredValue(String.class, openIdAuthenticationDefinition.logout().redirectURI(), config, LogoutDefinition.OPENID_MP_POST_LOGOUT_REDIRECT_URI);
            Boolean bool2 = (Boolean) OpenIdUtil.getConfiguredValue(Boolean.class, Boolean.valueOf(openIdAuthenticationDefinition.logout().accessTokenExpiry()), config, LogoutDefinition.OPENID_MP_LOGOUT_ON_ACCESS_TOKEN_EXPIRY);
            Boolean bool3 = (Boolean) OpenIdUtil.getConfiguredValue(Boolean.class, Boolean.valueOf(openIdAuthenticationDefinition.logout().identityTokenExpiry()), config, LogoutDefinition.OPENID_MP_LOGOUT_ON_IDENTITY_TOKEN_EXPIRY);
            boolean booleanValue3 = ((Boolean) OpenIdUtil.getConfiguredValue(Boolean.class, Boolean.valueOf(openIdAuthenticationDefinition.tokenAutoRefresh()), config, OpenIdAuthenticationDefinition.OPENID_MP_TOKEN_AUTO_REFRESH)).booleanValue();
            int intValue3 = ((Integer) OpenIdUtil.getConfiguredValue(Integer.class, Integer.valueOf(openIdAuthenticationDefinition.tokenMinValidity()), config, OpenIdAuthenticationDefinition.OPENID_MP_TOKEN_MIN_VALIDITY)).intValue();
            boolean booleanValue4 = ((Boolean) OpenIdUtil.getConfiguredValue(Boolean.class, Boolean.valueOf(openIdAuthenticationDefinition.userClaimsFromIDToken()), config, OpenIdAuthenticationDefinition.OPENID_MP_USER_CLAIMS_FROM_ID_TOKEN)).booleanValue();
            Map<String, List<String>> parseMultiMapFromUrlQuery = parseMultiMapFromUrlQuery((String) OpenIdUtil.getConfiguredValue(String.class, createUrlQuery, config, OpenIdAuthenticationDefinition.OPENID_MP_EXTRA_PARAMS_RAW));
            OpenIdConfiguration disableScopeValidation = new OpenIdConfiguration().setProviderMetadata(new fish.payara.security.openid.domain.OpenIdProviderMetadata(document, readConfiguredValueFromMetadataOrProvider, readConfiguredValueFromMetadataOrProvider7, readConfiguredValueFromMetadataOrProvider13, readConfiguredValueFromMetadataOrProvider8, readConfiguredValueFromMetadataOrProvider10, readConfiguredValueFromMetadataOrProvider11, readConfiguredValueFromMetadataOrProvider12, readConfiguredValueFromMetadataOrProvider9).setAuthorizationEndpoint(readConfiguredValueFromMetadataOrProvider2).setTokenEndpoint(readConfiguredValueFromMetadataOrProvider3).setUserinfoEndpoint(readConfiguredValueFromMetadataOrProvider4).setEndSessionEndpoint(readConfiguredValueFromMetadataOrProvider5).setJwksURL(url).setAccessTokenIssuerURI((String) OpenIdUtil.getConfiguredValue(String.class, providerMetadata.accessTokenIssuer(), config, OpenIdProviderMetadata.OPENID_MP_ACCESS_TOKEN_ISSUER))).setClaimsConfiguration(new ClaimsConfiguration().setCallerNameClaim(str12).setCallerGroupsClaim(str13)).setProxyConfiguration(new ProxyConfiguration().setHostName(str14).setPort(str15)).setLogoutConfiguration(new LogoutConfiguration().setNotifyProvider(bool.booleanValue()).setRedirectURI(str16).setAccessTokenExpiry(bool2.booleanValue()).setIdentityTokenExpiry(bool3.booleanValue())).setEncryptionMetadata(new OpenIdTokenEncryptionMetadata().setEncryptionAlgorithm(str9).setEncryptionMethod(str10).setPrivateKeySource(str11)).setClientId(str2).setClientSecret(charArray).setRedirectURI(str3).setScopes(str4).setResponseType(str5).setResponseMode(str6).setExtraParameters(parseMultiMapFromUrlQuery).setPrompt(str8).setDisplay(str7).setUseNonce(booleanValue).setUseSession(booleanValue2).setJwksConnectTimeout(intValue).setJwksReadTimeout(intValue2).setTokenAutoRefresh(booleanValue3).setTokenMinValidity(intValue3).setUserClaimsFromIDToken(booleanValue4).setDisableScopeValidation(((Boolean) OpenIdUtil.getConfiguredValue(Boolean.class, Boolean.valueOf(providerMetadata.disableScopeValidation()), config, OpenIdAuthenticationDefinition.OPENID_MP_DISABLE_SCOPE_VALIDATION)).booleanValue());
            validateConfiguration(disableScopeValidation);
            return disableScopeValidation;
        } catch (MalformedURLException e) {
            throw new OpenIdAuthenticationException("jwksURI is not a valid URL: " + readConfiguredValueFromMetadataOrProvider6, e);
        }
    }

    private void validateConfiguration(OpenIdConfiguration openIdConfiguration) {
        ArrayList arrayList = new ArrayList();
        arrayList.addAll(validateProviderMetadata(openIdConfiguration));
        arrayList.addAll(validateClientConfiguration(openIdConfiguration));
        if (!arrayList.isEmpty()) {
            throw new OpenIdAuthenticationException(arrayList.toString());
        }
    }

    private List<String> validateProviderMetadata(OpenIdConfiguration openIdConfiguration) {
        ArrayList arrayList = new ArrayList();
        String issuerURI = openIdConfiguration.getProviderMetadata().getIssuerURI();
        if (OpenIdUtil.isEmpty(issuerURI)) {
            arrayList.add("issuer metadata is mandatory");
        }
        try {
            new URL(issuerURI);
        } catch (MalformedURLException e) {
            arrayList.add("issuer metadata is not a valid URL: " + e.getMessage());
        }
        if (OpenIdUtil.isEmpty(openIdConfiguration.getProviderMetadata().getAuthorizationEndpoint())) {
            arrayList.add("authorization_endpoint metadata is mandatory");
        }
        if (OpenIdUtil.isEmpty(openIdConfiguration.getProviderMetadata().getTokenEndpoint())) {
            arrayList.add("token_endpoint metadata is mandatory");
        }
        if (openIdConfiguration.getProviderMetadata().getJwksURL() == null) {
            arrayList.add("jwks_uri metadata is mandatory");
        }
        if (openIdConfiguration.getProviderMetadata().getResponseTypesSupported().isEmpty()) {
            arrayList.add("response_types_supported metadata is mandatory");
        }
        if (openIdConfiguration.getProviderMetadata().getIdTokenSigningAlgValuesSupported().isEmpty()) {
            arrayList.add("id_token_signing_alg_values_supported metadata is mandatory");
        }
        return arrayList;
    }

    private List<String> validateClientConfiguration(OpenIdConfiguration openIdConfiguration) {
        ArrayList arrayList = new ArrayList();
        if (OpenIdUtil.isEmpty(openIdConfiguration.getClientId())) {
            arrayList.add("client_id request parameter is mandatory");
        }
        if (OpenIdUtil.isEmpty(openIdConfiguration.getRedirectURI())) {
            arrayList.add("redirect_uri request parameter is mandatory");
        }
        if (openIdConfiguration.getJwksConnectTimeout() <= 0) {
            arrayList.add("jwksConnectTimeout value is not valid");
        }
        if (openIdConfiguration.getJwksReadTimeout() <= 0) {
            arrayList.add("jwksReadTimeout value is not valid");
        }
        if (OpenIdUtil.isEmpty(openIdConfiguration.getResponseType())) {
            arrayList.add("The response type must contain at least one value");
        } else if (!openIdConfiguration.getProviderMetadata().getResponseTypesSupported().contains(openIdConfiguration.getResponseType()) && !OpenIdConstant.AUTHORIZATION_CODE_FLOW_TYPES.contains(openIdConfiguration.getResponseType()) && !OpenIdConstant.IMPLICIT_FLOW_TYPES.contains(openIdConfiguration.getResponseType()) && !OpenIdConstant.HYBRID_FLOW_TYPES.contains(openIdConfiguration.getResponseType())) {
            arrayList.add("Unsupported OpenID Connect response type value : " + openIdConfiguration.getResponseType());
        }
        if (!openIdConfiguration.isDisableScopeValidation()) {
            Set<String> scopesSupported = openIdConfiguration.getProviderMetadata().getScopesSupported();
            if (!scopesSupported.isEmpty()) {
                for (String str : openIdConfiguration.getScopes().split(" ")) {
                    if (!scopesSupported.contains(str)) {
                        arrayList.add(String.format("%s scope is not supported by %s OpenId Connect provider", str, openIdConfiguration.getProviderMetadata().getIssuerURI()));
                    }
                }
            }
        }
        return arrayList;
    }

    public static String createUrlQuery(String str, String[] strArr) {
        StringBuilder sb = new StringBuilder();
        String str2 = "";
        for (String str3 : strArr) {
            String[] split = str3.split("=");
            if (split.length == 0 || split[0].length() == 0) {
                throw new OpenIdAuthenticationException(str + " contain parameter without key: '" + str3 + "', expected format: key=value");
            }
            String str4 = split[0];
            String str5 = split.length > 1 ? split[1] : null;
            try {
                sb.append(str2).append(URLEncoder.encode(str4, "UTF-8"));
                if (str5 != null) {
                    sb.append("=").append(URLEncoder.encode(str5, "UTF-8"));
                }
                str2 = UrlBuilder.PARAMETER_PAIR_SEPARATOR;
            } catch (UnsupportedEncodingException e) {
                throw new OpenIdAuthenticationException("UTF-8 is no more supported");
            }
        }
        return sb.toString();
    }

    public static Map<String, List<String>> parseMultiMapFromUrlQuery(String str) {
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        for (String str2 : str.split(UrlBuilder.PARAMETER_PAIR_SEPARATOR)) {
            String[] split = str2.split("=");
            if (split.length > 0 && split[0].length() > 0) {
                try {
                    ((List) linkedHashMap.computeIfAbsent(split[0], str3 -> {
                        return new ArrayList();
                    })).add(split.length > 1 ? URLDecoder.decode(split[1], "UTF-8") : null);
                } catch (UnsupportedEncodingException e) {
                    throw new OpenIdAuthenticationException("UTF-8 is no more supported");
                }
            }
        }
        return linkedHashMap;
    }

    /* JADX WARN: Multi-variable type inference failed */
    static CacheKey keyFromDefinition(OpenIdAuthenticationDefinition openIdAuthenticationDefinition) {
        return new CacheKey(Stream.of((Object[]) new String[]{new String[]{openIdAuthenticationDefinition.providerURI(), openIdAuthenticationDefinition.clientId(), openIdAuthenticationDefinition.clientSecret(), openIdAuthenticationDefinition.redirectURI(), openIdAuthenticationDefinition.responseType(), openIdAuthenticationDefinition.responseMode(), Arrays.toString(openIdAuthenticationDefinition.prompt()), String.valueOf(openIdAuthenticationDefinition.useNonce()), String.valueOf(openIdAuthenticationDefinition.useSession()), String.valueOf(openIdAuthenticationDefinition.tokenAutoRefresh()), String.valueOf(openIdAuthenticationDefinition.tokenMinValidity())}, openIdAuthenticationDefinition.scope(), openIdAuthenticationDefinition.extraParameters(), providerMetadataAttrs(openIdAuthenticationDefinition.providerMetadata()), claimsAttrs(openIdAuthenticationDefinition.claimsDefinition()), proxyAttrs(openIdAuthenticationDefinition.proxyDefinition()), logoutAttrs(openIdAuthenticationDefinition.logout())}).flatMap((v0) -> {
            return Stream.of(v0);
        }).toArray(i -> {
            return new String[i];
        }));
    }

    private static String[] logoutAttrs(LogoutDefinition logoutDefinition) {
        return logoutDefinition != null ? new String[]{String.valueOf(logoutDefinition.notifyProvider()), logoutDefinition.redirectURI(), String.valueOf(logoutDefinition.accessTokenExpiry()), String.valueOf(logoutDefinition.identityTokenExpiry())} : new String[4];
    }

    private static String[] claimsAttrs(ClaimsDefinition claimsDefinition) {
        return claimsDefinition != null ? new String[]{claimsDefinition.callerGroupsClaim(), claimsDefinition.callerNameClaim()} : new String[2];
    }

    private static String[] proxyAttrs(ProxyDefinition proxyDefinition) {
        return proxyDefinition != null ? new String[]{proxyDefinition.hostName(), proxyDefinition.port()} : new String[2];
    }

    private static String[] providerMetadataAttrs(OpenIdProviderMetadata openIdProviderMetadata) {
        return openIdProviderMetadata != null ? new String[]{openIdProviderMetadata.authorizationEndpoint(), openIdProviderMetadata.tokenEndpoint(), openIdProviderMetadata.userinfoEndpoint(), openIdProviderMetadata.endSessionEndpoint(), openIdProviderMetadata.jwksURI()} : new String[5];
    }
}
