package org.iplass.mtp.impl.auth.authenticate.oidc.jwks;

import java.io.IOException;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
import java.util.concurrent.TimeUnit;
import org.apache.http.HttpResponse;
import org.apache.http.client.HttpClient;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.util.EntityUtils;
import org.iplass.mtp.impl.auth.authenticate.oidc.OpenIdConnectService;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/iplass/mtp/impl/auth/authenticate/oidc/jwks/RemoteJwks.class */
public class RemoteJwks extends Jwks {
    private static Logger logger = LoggerFactory.getLogger(RemoteJwks.class);
    private String jwksEndpoint;
    private volatile JwksHolder jwks;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:org/iplass/mtp/impl/auth/authenticate/oidc/jwks/RemoteJwks$JwksHolder.class */
    public class JwksHolder {
        Map<String, Map<String, Object>> jwks;
        long ttl = -1;

        JwksHolder() {
        }
    }

    public RemoteJwks(String str, OpenIdConnectService openIdConnectService) {
        super(openIdConnectService);
        this.jwksEndpoint = str;
    }

    @Override // org.iplass.mtp.impl.auth.authenticate.oidc.jwks.Jwks
    public Map<String, Object> get(String str) {
        Map<String, Object> jwk = getJwk(str);
        if (jwk == null) {
            synchronized (this) {
                jwk = getJwk(str);
                if (jwk == null) {
                    refreshJwks();
                    jwk = getJwk(str);
                }
            }
        }
        return jwk;
    }

    private void refreshJwks() {
        HttpClient httpClient = this.service.getHttpClient();
        try {
            HttpGet httpGet = new HttpGet(this.jwksEndpoint);
            HttpResponse execute = httpClient.execute(httpGet);
            try {
                if (execute.getStatusLine().getStatusCode() != 200) {
                    throw new IllegalStateException("http response error:" + execute.getStatusLine().toString());
                }
                String entityUtils = EntityUtils.toString(execute.getEntity());
                httpGet.releaseConnection();
                JwksHolder jwksHolder = new JwksHolder();
                jwksHolder.jwks = toJwksMap(entityUtils);
                if (this.service.getJwksCacheLifetimeMinutes() >= 0) {
                    jwksHolder.ttl = System.currentTimeMillis() + TimeUnit.MINUTES.toMillis(this.service.getJwksCacheLifetimeMinutes());
                }
                this.jwks = jwksHolder;
            } catch (Throwable th) {
                httpGet.releaseConnection();
                throw th;
            }
        } catch (IOException | RuntimeException e) {
            logger.error("can not get jwks from endpoint:" + this.jwksEndpoint + " may be retry after a while...", e);
        }
    }

    private Map<String, Map<String, Object>> getJwksMap() {
        JwksHolder jwksHolder = this.jwks;
        if (jwksHolder == null) {
            return null;
        }
        if (jwksHolder.ttl == -1 || jwksHolder.ttl >= System.currentTimeMillis()) {
            return jwksHolder.jwks;
        }
        return null;
    }

    private Map<String, Object> getJwk(String str) {
        Map<String, Map<String, Object>> jwksMap = getJwksMap();
        if (jwksMap == null) {
            return null;
        }
        return jwksMap.get(str);
    }

    @Override // org.iplass.mtp.impl.auth.authenticate.oidc.jwks.Jwks
    public List<String> kidList() {
        ArrayList arrayList = new ArrayList();
        Map<String, Map<String, Object>> jwksMap = getJwksMap();
        if (jwksMap == null) {
            synchronized (this) {
                jwksMap = getJwksMap();
                if (jwksMap == null) {
                    refreshJwks();
                    jwksMap = getJwksMap();
                }
            }
        }
        jwksMap.forEach((str, map) -> {
            arrayList.add((String) map.get("kid"));
        });
        return arrayList;
    }
}
