package com.atlassian.asap.core.keys.publickey;

import com.atlassian.analytics.event.logging.MerlinLogEventFormatter;
import com.atlassian.asap.core.keys.KeyProvider;
import com.atlassian.asap.core.keys.PemReader;
import com.google.common.base.Preconditions;
import java.io.File;
import java.net.URI;
import java.security.PublicKey;
import java.util.List;
import java.util.Objects;
import java.util.regex.Pattern;
import java.util.stream.Collectors;
import org.apache.commons.lang3.StringUtils;
import org.apache.http.client.HttpClient;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/atlassian-bundled-plugins/atlassian-connect-server-plugin-2.0.0-39bf8e4.jar:com/atlassian/asap/core/keys/publickey/PublicKeyProviderFactory.class */
public class PublicKeyProviderFactory {
    private static final Pattern CHAIN_SPLITTER_REGEX = Pattern.compile("\\s+,\\s+");
    private static final Pattern MIRRORS_SPLITTER_REGEX = Pattern.compile("\\s+\\|\\s+");
    private static final Logger logger = LoggerFactory.getLogger((Class<?>) HttpPublicKeyProvider.class);
    private final PemReader pemReader;
    private final HttpClient httpClient;

    public PublicKeyProviderFactory(HttpClient httpClient, PemReader pemReader) {
        this.pemReader = (PemReader) Objects.requireNonNull(pemReader);
        this.httpClient = (HttpClient) Objects.requireNonNull(httpClient);
    }

    public static PublicKeyProviderFactory createDefault() {
        return new PublicKeyProviderFactory(HttpPublicKeyProvider.defaultHttpClient(), new PemReader());
    }

    public KeyProvider<PublicKey> createPublicKeyProvider(String str) {
        Objects.requireNonNull(str);
        logger.info("Using {} as public key base url", str);
        return parseChainedPublicKeyProviders(str);
    }

    private KeyProvider<PublicKey> parseChainedPublicKeyProviders(String str) {
        List list = (List) CHAIN_SPLITTER_REGEX.splitAsStream(str).map((v0) -> {
            return v0.trim();
        }).filter((v0) -> {
            return StringUtils.isNotBlank(v0);
        }).map(this::parseMirroredPublicKeyProviders).collect(Collectors.toList());
        if (list.isEmpty()) {
            logger.warn("No key providers available, all requests will be rejected.");
        }
        return ChainedKeyProvider.createChainedKeyProvider(list);
    }

    private KeyProvider<PublicKey> parseMirroredPublicKeyProviders(String str) {
        return MirroredKeyProvider.createMirroredKeyProvider((List) MIRRORS_SPLITTER_REGEX.splitAsStream(str).map((v0) -> {
            return v0.trim();
        }).filter((v0) -> {
            return StringUtils.isNotBlank(v0);
        }).map(this::getPublicKeyKeyProvider).collect(Collectors.toList()));
    }

    private KeyProvider<PublicKey> getPublicKeyKeyProvider(String str) {
        URI create = URI.create(str);
        Preconditions.checkArgument(create.isAbsolute(), "URL must be absolute");
        Preconditions.checkArgument(!str.contains(","), "Comma must be encoded if present in URI");
        Preconditions.checkArgument(!str.contains(MerlinLogEventFormatter.DELIMITER), "Pipe must be encoded if present in URI");
        String scheme = create.getScheme();
        boolean z = -1;
        switch (scheme.hashCode()) {
            case 3143036:
                if (scheme.equals("file")) {
                    z = true;
                    break;
                }
                break;
            case 99617003:
                if (scheme.equals("https")) {
                    z = false;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                return new HttpPublicKeyProvider(create, this.httpClient, this.pemReader);
            case true:
                return new FilePublicKeyProvider(new File(create), this.pemReader);
            default:
                throw new IllegalArgumentException("Unsupported public key server base URL protocol, only https: and file: are supported: " + create);
        }
    }
}
