package com.mdsol.mauth.apache;

import com.fasterxml.jackson.databind.ObjectMapper;
import com.github.benmanes.caffeine.cache.Caffeine;
import com.github.benmanes.caffeine.cache.Expiry;
import com.github.benmanes.caffeine.cache.LoadingCache;
import com.mdsol.mauth.AuthenticatorConfiguration;
import com.mdsol.mauth.Signer;
import com.mdsol.mauth.exception.HttpClientPublicKeyProviderException;
import com.mdsol.mauth.util.MAuthKeysHelper;
import com.mdsol.mauth.utils.ClientPublicKeyProvider;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.security.PublicKey;
import java.util.Arrays;
import java.util.Map;
import java.util.Optional;
import java.util.UUID;
import java.util.concurrent.TimeUnit;
import org.apache.http.HttpResponse;
import org.apache.http.client.ResponseHandler;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.util.EntityUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/mdsol/mauth/apache/HttpClientPublicKeyProvider.class */
public class HttpClientPublicKeyProvider implements ClientPublicKeyProvider {
    private static final Logger logger = LoggerFactory.getLogger(HttpClientPublicKeyProvider.class);
    private final AuthenticatorConfiguration configuration;
    private final Signer signer;
    private final CloseableHttpClient httpclient = HttpClients.createDefault();
    private final PublicKeyResponseHandler publicKeyResponseHandler = new PublicKeyResponseHandler();
    private final LoadingCache<UUID, PublicKeyData> publicKeyCache = setupCache();

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/mdsol/mauth/apache/HttpClientPublicKeyProvider$PublicKeyData.class */
    public static class PublicKeyData {
        private final PublicKey publicKey;
        private final Long maxAgeSeconds;

        public PublicKeyData(PublicKey publicKey, Long l) {
            this.publicKey = publicKey;
            this.maxAgeSeconds = l;
        }

        public PublicKey getPublicKey() {
            return this.publicKey;
        }

        public Long getMaxAgeSeconds() {
            return this.maxAgeSeconds;
        }
    }

    /* loaded from: input_file:com/mdsol/mauth/apache/HttpClientPublicKeyProvider$PublicKeyResponseHandler.class */
    private class PublicKeyResponseHandler implements ResponseHandler<PublicKeyData> {
        private static final String MAX_AGE = "max-age";
        private static final String PUBLIC_KEY_STR = "public_key_str";

        private PublicKeyResponseHandler() {
        }

        /* JADX WARN: Can't rename method to resolve collision */
        @Override // org.apache.http.client.ResponseHandler
        public PublicKeyData handleResponse(HttpResponse httpResponse) throws IOException {
            if (httpResponse.getStatusLine().getStatusCode() != 200) {
                throw new HttpClientPublicKeyProviderException("Invalid response code returned by server: " + httpResponse.getStatusLine().getStatusCode());
            }
            return new PublicKeyData(MAuthKeysHelper.getPublicKeyFromString(new ObjectMapper().readTree(EntityUtils.toString(httpResponse.getEntity(), StandardCharsets.UTF_8)).findValue(PUBLIC_KEY_STR).asText()), getMaxAge(httpResponse).orElse(Long.valueOf(HttpClientPublicKeyProvider.this.configuration.getTimeToLive())));
        }

        public Optional<Long> getMaxAge(HttpResponse httpResponse) {
            return Optional.ofNullable(httpResponse.getHeaders("Cache-Control")).flatMap(headerArr -> {
                return Arrays.stream(headerArr).flatMap(header -> {
                    return Arrays.stream(header.getElements()).filter(headerElement -> {
                        return headerElement.getName().equalsIgnoreCase(MAX_AGE);
                    }).map(headerElement2 -> {
                        return Long.valueOf(Long.parseLong(headerElement2.getValue()));
                    });
                }).findFirst();
            });
        }
    }

    public HttpClientPublicKeyProvider(AuthenticatorConfiguration authenticatorConfiguration, Signer signer) {
        this.configuration = authenticatorConfiguration;
        this.signer = signer;
    }

    private LoadingCache<UUID, PublicKeyData> setupCache() {
        return Caffeine.newBuilder().expireAfter(new Expiry<UUID, PublicKeyData>() { // from class: com.mdsol.mauth.apache.HttpClientPublicKeyProvider.1
            public long expireAfterCreate(UUID uuid, PublicKeyData publicKeyData, long j) {
                return TimeUnit.SECONDS.toNanos(publicKeyData.getMaxAgeSeconds().longValue());
            }

            public long expireAfterUpdate(UUID uuid, PublicKeyData publicKeyData, long j, long j2) {
                return j2;
            }

            public long expireAfterRead(UUID uuid, PublicKeyData publicKeyData, long j, long j2) {
                return j2;
            }
        }).build(this::getPublicKeyFromMauth);
    }

    private PublicKeyData getPublicKeyFromMauth(UUID uuid) {
        String requestUrlPath = getRequestUrlPath(uuid);
        return (PublicKeyData) get(this.configuration.getBaseUrl() + requestUrlPath, this.signer.generateRequestHeaders("GET", requestUrlPath, new byte[0], ""), this.publicKeyResponseHandler);
    }

    public PublicKey getPublicKey(UUID uuid) {
        return ((PublicKeyData) this.publicKeyCache.get(uuid)).getPublicKey();
    }

    private String getRequestUrlPath(UUID uuid) {
        return this.configuration.getRequestUrlPath() + String.format(this.configuration.getSecurityTokensUrlPath(), uuid.toString());
    }

    private <T> T get(String str, Map<String, String> map, ResponseHandler<T> responseHandler) {
        try {
            HttpGet httpGet = new HttpGet(str);
            for (Map.Entry<String, String> entry : map.entrySet()) {
                httpGet.addHeader(entry.getKey(), entry.getValue());
            }
            return (T) this.httpclient.execute(httpGet, responseHandler);
        } catch (IOException e) {
            logger.error("Public key retrieval error", e);
            throw new HttpClientPublicKeyProviderException(e);
        }
    }
}
