package com.liferay.portal.security.sso.openid.connect.internal;

import com.liferay.petra.string.StringBundler;
import com.liferay.portal.configuration.metatype.bnd.util.ConfigurableUtil;
import com.liferay.portal.kernel.util.Validator;
import com.liferay.portal.security.sso.openid.connect.OpenIdConnectProvider;
import com.liferay.portal.security.sso.openid.connect.OpenIdConnectProviderRegistry;
import com.liferay.portal.security.sso.openid.connect.OpenIdConnectServiceException;
import com.liferay.portal.security.sso.openid.connect.internal.configuration.OpenIdConnectProviderConfiguration;
import com.nimbusds.openid.connect.sdk.op.OIDCProviderMetadata;
import com.nimbusds.openid.connect.sdk.rp.OIDCClientMetadata;
import java.net.URL;
import java.util.Collection;
import java.util.Collections;
import java.util.Dictionary;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
import org.osgi.service.cm.ConfigurationException;
import org.osgi.service.cm.ManagedServiceFactory;
import org.osgi.service.component.annotations.Component;

@Component(immediate = true, property = {"service.pid=com.liferay.portal.security.sso.openid.connect.internal.configuration.OpenIdConnectProviderConfiguration"}, service = {ManagedServiceFactory.class, OpenIdConnectProviderRegistry.class})
/* loaded from: input_file:com/liferay/portal/security/sso/openid/connect/internal/OpenIdConnectProviderRegistryImpl.class */
public class OpenIdConnectProviderRegistryImpl implements ManagedServiceFactory, OpenIdConnectProviderRegistry<OIDCClientMetadata, OIDCProviderMetadata> {
    private final Map<String, OpenIdConnectProvider<OIDCClientMetadata, OIDCProviderMetadata>> _openIdConnectProvidersPerFactory = new ConcurrentHashMap();
    private final Map<String, OpenIdConnectProvider<OIDCClientMetadata, OIDCProviderMetadata>> _openIdConnectProvidersPerName = new ConcurrentHashMap();

    public void deleted(String str) {
        removeOpenConnectIdProvider(str);
    }

    public OpenIdConnectProvider<OIDCClientMetadata, OIDCProviderMetadata> findOpenIdConnectProvider(String str) throws OpenIdConnectServiceException.ProviderException {
        OpenIdConnectProvider<OIDCClientMetadata, OIDCProviderMetadata> openIdConnectProvider = getOpenIdConnectProvider(str);
        if (openIdConnectProvider == null) {
            throw new OpenIdConnectServiceException.ProviderException("Unable to get OpenId Connect provider with name " + str);
        }
        return openIdConnectProvider;
    }

    public String getName() {
        return "OpenId Connect Provider Factory";
    }

    public OpenIdConnectProvider<OIDCClientMetadata, OIDCProviderMetadata> getOpenIdConnectProvider(String str) {
        return this._openIdConnectProvidersPerName.get(str);
    }

    public Collection<String> getOpenIdConnectProviderNames() {
        return this._openIdConnectProvidersPerName.isEmpty() ? Collections.emptySet() : Collections.unmodifiableCollection(this._openIdConnectProvidersPerName.keySet());
    }

    public void updated(String str, Dictionary<String, ?> dictionary) throws ConfigurationException {
        OpenIdConnectProviderConfiguration openIdConnectProviderConfiguration = (OpenIdConnectProviderConfiguration) ConfigurableUtil.createConfigurable(OpenIdConnectProviderConfiguration.class, dictionary);
        synchronized (this._openIdConnectProvidersPerFactory) {
            OpenIdConnectProvider<OIDCClientMetadata, OIDCProviderMetadata> createOpenIdConnectProvider = createOpenIdConnectProvider(openIdConnectProviderConfiguration);
            removeOpenConnectIdProvider(str);
            addOpenConnectIdConnectProvider(str, createOpenIdConnectProvider);
        }
    }

    protected void addOpenConnectIdConnectProvider(String str, OpenIdConnectProvider openIdConnectProvider) {
        synchronized (this._openIdConnectProvidersPerFactory) {
            this._openIdConnectProvidersPerFactory.put(str, openIdConnectProvider);
            this._openIdConnectProvidersPerName.put(openIdConnectProvider.getName(), openIdConnectProvider);
        }
    }

    protected OpenIdConnectProvider<OIDCClientMetadata, OIDCProviderMetadata> createOpenIdConnectProvider(OpenIdConnectProviderConfiguration openIdConnectProviderConfiguration) throws ConfigurationException {
        try {
            return new OpenIdConnectProviderImpl(openIdConnectProviderConfiguration.providerName(), openIdConnectProviderConfiguration.openIdConnectClientId(), openIdConnectProviderConfiguration.openIdConnectClientSecret(), openIdConnectProviderConfiguration.scopes(), Validator.isNotNull(openIdConnectProviderConfiguration.discoveryEndPoint()) ? new OpenIdConnectMetadataFactoryImpl(openIdConnectProviderConfiguration.providerName(), new URL(openIdConnectProviderConfiguration.discoveryEndPoint()), openIdConnectProviderConfiguration.discoveryEndPointCacheInMillis()) : new OpenIdConnectMetadataFactoryImpl(openIdConnectProviderConfiguration.providerName(), openIdConnectProviderConfiguration.idTokenSigningAlgValues(), openIdConnectProviderConfiguration.issuerURL(), openIdConnectProviderConfiguration.subjectTypes(), openIdConnectProviderConfiguration.jwksURI(), openIdConnectProviderConfiguration.authorizationEndPoint(), openIdConnectProviderConfiguration.tokenEndPoint(), openIdConnectProviderConfiguration.userInfoEndPoint()));
        } catch (Exception e) {
            throw new ConfigurationException((String) null, StringBundler.concat(new String[]{"Unable to instantiate provider metadata factory for ", openIdConnectProviderConfiguration.providerName(), ": ", e.getMessage()}), e);
        }
    }

    protected void removeOpenConnectIdProvider(String str) {
        synchronized (this._openIdConnectProvidersPerFactory) {
            OpenIdConnectProvider<OIDCClientMetadata, OIDCProviderMetadata> remove = this._openIdConnectProvidersPerFactory.remove(str);
            if (remove != null) {
                this._openIdConnectProvidersPerName.remove(remove.getName());
            }
        }
    }
}
