package com.pingidentity.did.sdk.client;

import com.pingidentity.did.sdk.claim.ClaimConstants;
import com.pingidentity.did.sdk.claim.ClaimGenerator;
import com.pingidentity.did.sdk.claim.ClaimVerifier;
import com.pingidentity.did.sdk.client.message.ClaimMessage;
import com.pingidentity.did.sdk.client.service.model.ApplicationInstance;
import com.pingidentity.did.sdk.client.service.model.Challenge;
import com.pingidentity.did.sdk.client.service.model.Mail;
import com.pingidentity.did.sdk.exception.ClaimGenerationException;
import com.pingidentity.did.sdk.jose.JwksKeyUtil;
import com.pingidentity.did.sdk.share.MessageValue;
import com.pingidentity.did.sdk.types.Claim;
import com.pingidentity.did.sdk.types.ClaimRegistration;
import com.pingidentity.did.sdk.types.PingData;
import com.pingidentity.did.sdk.types.SaltedData;
import com.pingidentity.did.sdk.types.VerifiableCredential;
import com.pingidentity.did.sdk.util.JwtClaimObjectWrapper;
import com.pingidentity.did.sdk.w3c.did.DID;
import com.pingidentity.did.sdk.w3c.did.DidSupport;
import com.pingidentity.did.sdk.w3c.did.ion.IonDidConstants;
import com.pingidentity.did.sdk.w3c.verifiableCredential.VerifiableCredentialGenerator;
import java.time.Instant;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.UUID;
import java.util.function.Consumer;
import java.util.function.Function;
import java.util.stream.Collectors;
import org.jose4j.jwk.JsonWebKeySet;
import org.jose4j.jwk.PublicJsonWebKey;

/* loaded from: classes4.dex */
public final class ClaimBuilder {
    private final ApplicationInstance applicationInstance;
    private String cardImage;
    private Challenge challenge;
    private final List<ClaimFormat> claimFormats;
    private final ClaimGenerator claimGenerator;
    private final ClaimVerifier claimVerifier;
    private Map<String, ?> data;
    private String didMethod;
    private final DidSupport didSupport;
    private final DistributedIdClient distributedIdClient;
    private Instant expiresAt;
    private final IdRegistrationClient idRegistrationClient;
    private DID issuerDid;
    private final JwksKeyUtil jwksKeyUtil;
    private Consumer<Mail> mailCallback;
    private String message;
    private PingData pingData;
    private Claim referenceClaim;
    private DID subjectDid;
    private UUID subjectId;
    private List<String> verifiableCredentialContext;
    private final VerifiableCredentialGenerator verifiableCredentialGenerator;
    private List<String> verifiableCredentialType;
    private final Map<String, Object> otherFormats = new HashMap();
    private ValueToStringAdapter valueToStringAdapter = ValueToStringAdapter.DEFAULT;

    @FunctionalInterface
    /* loaded from: classes4.dex */
    public interface ValueToStringAdapter {
        public static final ValueToStringAdapter DEFAULT = new ValueToStringAdapter() { // from class: com.pingidentity.did.sdk.client.d
            @Override // com.pingidentity.did.sdk.client.ClaimBuilder.ValueToStringAdapter
            public final String toString(Object obj) {
                return JwtClaimObjectWrapper.toJsonString(obj);
            }
        };

        String toString(Object obj);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public ClaimBuilder(DistributedIdClient distributedIdClient, ClaimFormat[] claimFormatArr) {
        this.distributedIdClient = distributedIdClient;
        this.jwksKeyUtil = distributedIdClient.getJwksKeyUtil();
        this.applicationInstance = distributedIdClient.getApplicationInstance();
        this.claimGenerator = distributedIdClient.getClaimGenerator();
        this.claimVerifier = distributedIdClient.getClaimVerifier();
        this.idRegistrationClient = distributedIdClient.getIdRegistrationClient();
        this.didSupport = distributedIdClient.getDidSupport();
        this.verifiableCredentialGenerator = distributedIdClient.getVerifiableCredentialGenerator();
        Objects.requireNonNull(claimFormatArr, "ClaimFormats is required");
        if (claimFormatArr.length == 0) {
            throw new IllegalArgumentException("ClaimFormats cannot be empty");
        }
        this.claimFormats = Arrays.asList(claimFormatArr);
        this.didMethod = IonDidConstants.ION_METHOD;
    }

    private Claim createClaim(JsonWebKeySet jsonWebKeySet) {
        PublicJsonWebKey signingKey = this.jwksKeyUtil.getSigningKey(this.applicationInstance.getJwks());
        Claim create = this.claimGenerator.create(this.applicationInstance.getId(), this.subjectId, this.claimFormats.contains(ClaimFormat.NATIVE) ? (Map) this.data.entrySet().stream().collect(Collectors.toMap(new b(), new Function() { // from class: com.pingidentity.did.sdk.client.c
            @Override // java.util.function.Function
            public final Object apply(Object obj) {
                String lambda$createClaim$0;
                lambda$createClaim$0 = ClaimBuilder.this.lambda$createClaim$0((Map.Entry) obj);
                return lambda$createClaim$0;
            }
        })) : new HashMap<>(), signingKey);
        if (this.claimFormats.contains(ClaimFormat.W3C_VC)) {
            this.otherFormats.put(ClaimConstants.JWT_VC, createVerifiableCredential(jsonWebKeySet).getJwt());
        }
        String str = this.cardImage;
        if (str != null) {
            this.otherFormats.put("CardImage", str);
        }
        PingData pingData = this.pingData;
        if (pingData != null) {
            this.otherFormats.put("ping", pingData);
        }
        create.setOtherFormats(this.otherFormats);
        registerClaim(jsonWebKeySet, signingKey, create);
        return create;
    }

    private VerifiableCredential createVerifiableCredential(JsonWebKeySet jsonWebKeySet) {
        if (this.subjectDid == null) {
            this.subjectDid = this.didSupport.createDID(this.didMethod, this.subjectId, jsonWebKeySet);
        }
        if (this.issuerDid == null) {
            this.issuerDid = this.didSupport.createDID(this.didMethod, this.applicationInstance.getId(), this.applicationInstance.getJwks());
        }
        return this.verifiableCredentialGenerator.createVerifiableCredential(this.issuerDid, this.verifiableCredentialGenerator.createCredential(this.issuerDid, this.subjectDid, this.verifiableCredentialType, this.verifiableCredentialContext, new HashMap(this.data), this.pingData, this.expiresAt));
    }

    /* JADX INFO: Access modifiers changed from: private */
    public /* synthetic */ String lambda$createClaim$0(Map.Entry entry) {
        return valueToString(entry.getValue());
    }

    private void registerClaim(JsonWebKeySet jsonWebKeySet, PublicJsonWebKey publicJsonWebKey, Claim claim) {
        Claim claim2 = this.referenceClaim;
        if (claim2 != null) {
            UUID fromString = UUID.fromString(claim2.getIssuer().getData());
            UUID fromString2 = UUID.fromString(this.referenceClaim.getHolder().getData());
            if (!fromString2.equals(this.subjectId)) {
                throw new ClaimGenerationException(String.format("Reference claim belongs to %s rather than subject %s", fromString2, this.subjectId));
            }
            if (!fromString.equals(this.subjectId)) {
                jsonWebKeySet = this.distributedIdClient.getKeys(fromString);
            }
            this.claimVerifier.verify(this.referenceClaim, jsonWebKeySet);
            claim.setReferenceClaimId(SaltedData.createWithData(this.referenceClaim.getId().toString()));
        }
        Instant instant = this.expiresAt;
        if (instant != null) {
            claim.setIdExpiries(Collections.singletonList(this.claimGenerator.createExpirationSignature(claim, publicJsonWebKey, instant)));
        }
        ClaimRegistration createClaim = this.idRegistrationClient.createClaim(this.claimGenerator.createClaimRegistration(claim, publicJsonWebKey));
        claim.setId(createClaim.getTransactionId());
        claim.setPartitionId(createClaim.getPartitionId());
    }

    private void sendClaimMessage(JsonWebKeySet jsonWebKeySet, Claim claim) {
        ClaimMessage claimMessage = new ClaimMessage();
        claimMessage.setMessage(this.message);
        claimMessage.setChallenge(this.challenge);
        claimMessage.setClaim(claim);
        Mail sendMail = this.distributedIdClient.sendMail(this.subjectId, jsonWebKeySet, MessageValue.CLAIM, DistributedIdClient.CLAIM_MESSAGE_JSON_ADAPTER.toJson(claimMessage));
        Consumer<Mail> consumer = this.mailCallback;
        if (consumer != null) {
            consumer.accept(sendMail);
        }
    }

    private String valueToString(Object obj) {
        return (obj == null || (obj instanceof String)) ? (String) obj : this.valueToStringAdapter.toString(obj);
    }

    public ClaimBuilder addOtherFormat(String str, Object obj) {
        this.otherFormats.put(str, obj);
        return this;
    }

    public Claim build() {
        Objects.requireNonNull(this.subjectId, "subjectId required");
        Objects.requireNonNull(this.data, "data required");
        JsonWebKeySet keys = this.distributedIdClient.getKeys(this.subjectId);
        Claim createClaim = createClaim(keys);
        if (!this.subjectId.equals(this.applicationInstance.getId())) {
            sendClaimMessage(keys, createClaim);
        }
        return createClaim;
    }

    public ClaimBuilder setCardImage(String str) {
        this.cardImage = str;
        return this;
    }

    public ClaimBuilder setChallenge(Challenge challenge) {
        this.challenge = challenge;
        return this;
    }

    public ClaimBuilder setData(Map<String, ?> map) {
        Objects.requireNonNull(map);
        this.data = map;
        return this;
    }

    public ClaimBuilder setDidMethod(String str) {
        this.didMethod = str;
        return this;
    }

    public ClaimBuilder setExpiresAt(Instant instant) {
        this.expiresAt = instant;
        return this;
    }

    public ClaimBuilder setIssuerDid(DID did) {
        this.issuerDid = did;
        return this;
    }

    public ClaimBuilder setMailCallback(Consumer<Mail> consumer) {
        this.mailCallback = consumer;
        return this;
    }

    public ClaimBuilder setMessage(String str) {
        this.message = str;
        return this;
    }

    public ClaimBuilder setPingData(PingData pingData) {
        this.pingData = pingData;
        return this;
    }

    public ClaimBuilder setReferenceClaim(Claim claim) {
        this.referenceClaim = claim;
        return this;
    }

    public ClaimBuilder setSubjectDid(DID did) {
        this.subjectDid = did;
        return this;
    }

    public ClaimBuilder setSubjectId(UUID uuid) {
        Objects.requireNonNull(uuid);
        this.subjectId = uuid;
        return this;
    }

    public ClaimBuilder setValueToStringAdapter(ValueToStringAdapter valueToStringAdapter) {
        Objects.requireNonNull(valueToStringAdapter);
        this.valueToStringAdapter = valueToStringAdapter;
        return this;
    }

    public ClaimBuilder setVerifiableCredentialContext(String... strArr) {
        Objects.requireNonNull(strArr);
        this.verifiableCredentialContext = Arrays.asList(strArr);
        return this;
    }

    public ClaimBuilder setVerifiableCredentialType(String... strArr) {
        Objects.requireNonNull(strArr);
        this.verifiableCredentialType = Arrays.asList(strArr);
        return this;
    }
}
