package no.ks.fiks.maskinporten;

import com.nimbusds.jose.JOSEException;
import com.nimbusds.jose.JWSAlgorithm;
import com.nimbusds.jose.JWSHeader;
import com.nimbusds.jose.JWSObject;
import com.nimbusds.jose.JWSSigner;
import com.nimbusds.jose.crypto.RSASSASigner;
import com.nimbusds.jose.util.Base64;
import com.nimbusds.jose.util.JSONObjectUtils;
import com.nimbusds.jwt.JWTClaimsSet;
import com.nimbusds.jwt.SignedJWT;
import java.io.BufferedReader;
import java.io.Closeable;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.nio.charset.Charset;
import java.nio.charset.StandardCharsets;
import java.security.PrivateKey;
import java.security.cert.X509Certificate;
import java.text.ParseException;
import java.util.Arrays;
import java.util.Collection;
import java.util.Date;
import java.util.Map;
import java.util.Objects;
import java.util.UUID;
import java.util.concurrent.TimeUnit;
import kotlin.Metadata;
import kotlin.Pair;
import kotlin.TuplesKt;
import kotlin.collections.CollectionsKt;
import kotlin.io.CloseableKt;
import kotlin.io.TextStreamsKt;
import kotlin.jvm.functions.Function0;
import kotlin.jvm.functions.Function1;
import kotlin.jvm.internal.DefaultConstructorMarker;
import kotlin.jvm.internal.Intrinsics;
import kotlin.sequences.SequencesKt;
import kotlin.text.StringsKt;
import mu.KLogger;
import net.jodah.expiringmap.ExpirationPolicy;
import net.jodah.expiringmap.ExpiringMap;
import net.jodah.expiringmap.ExpiringValue;
import no.ks.fiks.maskinporten.error.MaskinportenClientTokenRequestException;
import no.ks.fiks.maskinporten.error.MaskinportenTokenRequestException;
import org.apache.hc.client5.http.config.RequestConfig;
import org.apache.hc.client5.http.impl.classic.CloseableHttpClient;
import org.apache.hc.client5.http.impl.classic.HttpClientBuilder;
import org.apache.hc.core5.http.ClassicHttpRequest;
import org.apache.hc.core5.http.ClassicHttpResponse;
import org.apache.hc.core5.http.ContentType;
import org.apache.hc.core5.http.io.HttpClientResponseHandler;
import org.apache.hc.core5.http.io.support.ClassicRequestBuilder;
import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;
import org.slf4j.MDC;

/* compiled from: Maskinportenklient.kt */
@Metadata(mv = {1, 6, 0}, k = 1, xi = 48, d1 = {"��\u0082\u0001\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n��\n\u0002\u0010\u000e\n��\n\u0002\u0010\u0019\n��\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n\u0002\b\u0004\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n��\n\u0002\u0010\u0012\n\u0002\b\u0005\n\u0002\u0010\u0011\n��\n\u0002\u0010\u001e\n\u0002\b\u0007\n\u0002\u0010\t\n��\n\u0002\u0010$\n\u0002\u0010��\n\u0002\b\b\u0018�� :2\u00020\u0001:\u0001:B+\b\u0016\u0012\u0006\u0010\u0002\u001a\u00020\u0003\u0012\b\u0010\u0004\u001a\u0004\u0018\u00010\u0005\u0012\b\u0010\u0006\u001a\u0004\u0018\u00010\u0007\u0012\u0006\u0010\b\u001a\u00020\t¢\u0006\u0002\u0010\nB\u001d\u0012\u0006\u0010\u000b\u001a\u00020\f\u0012\u0006\u0010\r\u001a\u00020\u000e\u0012\u0006\u0010\b\u001a\u00020\t¢\u0006\u0002\u0010\u000fJ\u0012\u0010\u0017\u001a\u0004\u0018\u00010\u00052\u0006\u0010\u0018\u001a\u00020\u0014H\u0002J \u0010\u0019\u001a\u0004\u0018\u00010\u00052\u0014\u0010\u001a\u001a\u0010\u0012\u0004\u0012\u00020\u001c\u0012\u0006\u0012\u0004\u0018\u00010\u00050\u001bH\u0002J\u0010\u0010\u001d\u001a\u00020\u001e2\u0006\u0010\u001f\u001a\u00020 H\u0002J\u001a\u0010!\u001a\u00020\u00052\u0006\u0010\u0018\u001a\u00020\u00142\b\u0010\"\u001a\u0004\u0018\u00010\u0005H\u0002J\u0012\u0010#\u001a\u0004\u0018\u00010\u00052\u0006\u0010\u0018\u001a\u00020\u0014H\u0002J!\u0010$\u001a\u00020\u00052\u0012\u0010%\u001a\n\u0012\u0006\b\u0001\u0012\u00020\u00050&\"\u00020\u0005H\u0016¢\u0006\u0002\u0010'J\u0016\u0010$\u001a\u00020\u00052\f\u0010%\u001a\b\u0012\u0004\u0012\u00020\u00050(H\u0016J\u0010\u0010$\u001a\u00020\u00052\u0006\u0010)\u001a\u00020\u0014H\u0016J)\u0010*\u001a\u00020\u00052\u0006\u0010+\u001a\u00020\u00052\u0012\u0010%\u001a\n\u0012\u0006\b\u0001\u0012\u00020\u00050&\"\u00020\u0005H\u0016¢\u0006\u0002\u0010,J\u001e\u0010*\u001a\u00020\u00052\u0006\u0010+\u001a\u00020\u00052\f\u0010%\u001a\b\u0012\u0004\u0012\u00020\u00050(H\u0016J)\u0010-\u001a\u00020\u00052\u0006\u0010.\u001a\u00020\u00052\u0012\u0010%\u001a\n\u0012\u0006\b\u0001\u0012\u00020\u00050&\"\u00020\u0005H\u0016¢\u0006\u0002\u0010,J\u001e\u0010-\u001a\u00020\u00052\u0006\u0010.\u001a\u00020\u00052\f\u0010%\u001a\b\u0012\u0004\u0012\u00020\u00050(H\u0016J\u001c\u0010/\u001a\u0002002\u0012\u00101\u001a\u000e\u0012\u0004\u0012\u00020\u0005\u0012\u0004\u0012\u00020302H\u0002J\u001c\u00104\u001a\u0002002\u0012\u00105\u001a\u000e\u0012\u0004\u0012\u00020\u0005\u0012\u0004\u0012\u00020302H\u0002J\u0010\u00106\u001a\u00020\u00052\u0006\u0010\u0018\u001a\u00020\u0014H\u0002J\u001c\u00107\u001a\u000e\u0012\u0004\u0012\u00020\u0005\u0012\u0004\u0012\u000203022\u0006\u00108\u001a\u00020\u0005H\u0002J(\u00109\u001a\u000e\u0012\u0004\u0012\u00020\u0005\u0012\u0004\u0012\u000203022\u0012\u00105\u001a\u000e\u0012\u0004\u0012\u00020\u0005\u0012\u0004\u0012\u00020302H\u0002R\u000e\u0010\u0010\u001a\u00020\u0011X\u0082\u0004¢\u0006\u0002\n��R\u001a\u0010\u0012\u001a\u000e\u0012\u0004\u0012\u00020\u0014\u0012\u0004\u0012\u00020\u00050\u0013X\u0082\u0004¢\u0006\u0002\n��R\u000e\u0010\b\u001a\u00020\tX\u0082\u0004¢\u0006\u0002\n��R\u000e\u0010\u0015\u001a\u00020\u0016X\u0082\u0004¢\u0006\u0002\n��¨\u0006;"}, d2 = {"Lno/ks/fiks/maskinporten/Maskinportenklient;", "Lno/ks/fiks/maskinporten/MaskinportenklientOperations;", "keyStore", "Ljava/security/KeyStore;", "privateKeyAlias", "", "privateKeyPassword", "", "properties", "Lno/ks/fiks/maskinporten/MaskinportenklientProperties;", "(Ljava/security/KeyStore;Ljava/lang/String;[CLno/ks/fiks/maskinporten/MaskinportenklientProperties;)V", "privateKey", "Ljava/security/PrivateKey;", "certificate", "Ljava/security/cert/X509Certificate;", "(Ljava/security/PrivateKey;Ljava/security/cert/X509Certificate;Lno/ks/fiks/maskinporten/MaskinportenklientProperties;)V", "jwsHeader", "Lcom/nimbusds/jose/JWSHeader;", "map", "Lnet/jodah/expiringmap/ExpiringMap;", "Lno/ks/fiks/maskinporten/AccessTokenRequest;", "signer", "Lcom/nimbusds/jose/JWSSigner;", "acquireAccessToken", "accessTokenRequest", "actuallyExecuteRequest", "httpRequestResponse", "Lkotlin/Function1;", "Lorg/apache/hc/client5/http/impl/classic/CloseableHttpClient;", "createHttpRequest", "Lorg/apache/hc/core5/http/ClassicHttpRequest;", "entityBuffer", "", "createJwtRequestForAccessToken", Maskinportenklient.MDC_JTIID, "doAcquireAccessToken", "getAccessToken", "scopes", "", "([Ljava/lang/String;)Ljava/lang/String;", "", "request", "getAccessTokenWithAudience", "audience", "(Ljava/lang/String;[Ljava/lang/String;)Ljava/lang/String;", "getDelegatedAccessToken", "consumerOrg", "getExp", "", "accessToken", "", "", "getExpiresIn", "json", "getTokenForRequest", "parse", "value", "parseAccessToken", "Companion", "maskinporten-client"})
/* loaded from: input_file:no/ks/fiks/maskinporten/Maskinportenklient.class */
public final class Maskinportenklient implements MaskinportenklientOperations {

    @NotNull
    public static final Companion Companion = new Companion(null);

    @NotNull
    private final MaskinportenklientProperties properties;

    @NotNull
    private final JWSHeader jwsHeader;

    @NotNull
    private final JWSSigner signer;

    @NotNull
    private final ExpiringMap<AccessTokenRequest, String> map;

    @NotNull
    public static final String GRANT_TYPE = "urn:ietf:params:oauth:grant-type:jwt-bearer";

    @NotNull
    public static final String CLAIM_SCOPE = "scope";

    @NotNull
    public static final String CLAIM_CONSUMER_ORG = "consumer_org";

    @NotNull
    public static final String CLAIM_RESOURCE = "resource";

    @NotNull
    public static final String MDC_JTIID = "jtiId";

    /* compiled from: Maskinportenklient.kt */
    @Metadata(mv = {1, 6, 0}, k = 1, xi = 48, d1 = {"��\u0014\n\u0002\u0018\u0002\n\u0002\u0010��\n\u0002\b\u0002\n\u0002\u0010\u000e\n\u0002\b\u0005\b\u0086\u0003\u0018��2\u00020\u0001B\u0007\b\u0002¢\u0006\u0002\u0010\u0002R\u000e\u0010\u0003\u001a\u00020\u0004X\u0086T¢\u0006\u0002\n��R\u000e\u0010\u0005\u001a\u00020\u0004X\u0086T¢\u0006\u0002\n��R\u000e\u0010\u0006\u001a\u00020\u0004X\u0086T¢\u0006\u0002\n��R\u000e\u0010\u0007\u001a\u00020\u0004X\u0086T¢\u0006\u0002\n��R\u000e\u0010\b\u001a\u00020\u0004X\u0086T¢\u0006\u0002\n��¨\u0006\t"}, d2 = {"Lno/ks/fiks/maskinporten/Maskinportenklient$Companion;", "", "()V", "CLAIM_CONSUMER_ORG", "", "CLAIM_RESOURCE", "CLAIM_SCOPE", "GRANT_TYPE", "MDC_JTIID", "maskinporten-client"})
    /* loaded from: input_file:no/ks/fiks/maskinporten/Maskinportenklient$Companion.class */
    public static final class Companion {
        private Companion() {
        }

        public /* synthetic */ Companion(DefaultConstructorMarker defaultConstructorMarker) {
            this();
        }
    }

    public Maskinportenklient(@NotNull PrivateKey privateKey, @NotNull X509Certificate x509Certificate, @NotNull MaskinportenklientProperties maskinportenklientProperties) {
        Intrinsics.checkNotNullParameter(privateKey, "privateKey");
        Intrinsics.checkNotNullParameter(x509Certificate, "certificate");
        Intrinsics.checkNotNullParameter(maskinportenklientProperties, "properties");
        this.properties = maskinportenklientProperties;
        JWSHeader build = new JWSHeader.Builder(JWSAlgorithm.RS256).x509CertChain(CollectionsKt.listOf(Base64.encode(x509Certificate.getEncoded()))).build();
        Intrinsics.checkNotNullExpressionValue(build, "Builder(JWSAlgorithm.RS2…d)))\n            .build()");
        this.jwsHeader = build;
        this.signer = new RSASSASigner(privateKey);
        ExpiringMap<AccessTokenRequest, String> build2 = ExpiringMap.builder().variableExpiration().expiringEntryLoader((v1) -> {
            return m1_init_$lambda0(r2, v1);
        }).build();
        Intrinsics.checkNotNullExpressionValue(build2, "builder()\n            .v…ng>)\n            .build()");
        this.map = build2;
    }

    /* JADX WARN: Illegal instructions before constructor call */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public Maskinportenklient(@org.jetbrains.annotations.NotNull java.security.KeyStore r7, @org.jetbrains.annotations.Nullable java.lang.String r8, @org.jetbrains.annotations.Nullable char[] r9, @org.jetbrains.annotations.NotNull no.ks.fiks.maskinporten.MaskinportenklientProperties r10) {
        /*
            r6 = this;
            r0 = r7
            java.lang.String r1 = "keyStore"
            kotlin.jvm.internal.Intrinsics.checkNotNullParameter(r0, r1)
            r0 = r10
            java.lang.String r1 = "properties"
            kotlin.jvm.internal.Intrinsics.checkNotNullParameter(r0, r1)
            r0 = r6
            r1 = r7
            r2 = r8
            r3 = r9
            java.security.Key r1 = r1.getKey(r2, r3)
            r2 = r1
            if (r2 != 0) goto L23
        L19:
            java.lang.NullPointerException r1 = new java.lang.NullPointerException
            r2 = r1
            java.lang.String r3 = "null cannot be cast to non-null type java.security.PrivateKey"
            r2.<init>(r3)
            throw r1
        L23:
            java.security.PrivateKey r1 = (java.security.PrivateKey) r1
            r2 = r7
            r3 = r8
            java.security.cert.Certificate r2 = r2.getCertificate(r3)
            r3 = r2
            if (r3 != 0) goto L3a
        L30:
            java.lang.NullPointerException r2 = new java.lang.NullPointerException
            r3 = r2
            java.lang.String r4 = "null cannot be cast to non-null type java.security.cert.X509Certificate"
            r3.<init>(r4)
            throw r2
        L3a:
            java.security.cert.X509Certificate r2 = (java.security.cert.X509Certificate) r2
            r3 = r10
            r0.<init>(r1, r2, r3)
            return
        */
        throw new UnsupportedOperationException("Method not decompiled: no.ks.fiks.maskinporten.Maskinportenklient.<init>(java.security.KeyStore, java.lang.String, char[], no.ks.fiks.maskinporten.MaskinportenklientProperties):void");
    }

    private final long getExpiresIn(Map<String, ? extends Object> map) {
        return Long.parseLong(String.valueOf(Objects.requireNonNull(map.get("expires_in"), "JSON response fra Maskinporten mangler felt 'expires_in'")));
    }

    private final long getExp(Map<String, ? extends Object> map) {
        return Long.parseLong(String.valueOf(Objects.requireNonNull(map.get("exp"), "Access token fra Maskinporten mangler felt 'exp'")));
    }

    @Override // no.ks.fiks.maskinporten.MaskinportenklientOperations
    @NotNull
    public String getAccessToken(@NotNull Collection<String> collection) {
        Intrinsics.checkNotNullParameter(collection, "scopes");
        return getTokenForRequest(new AccessTokenRequest(CollectionsKt.toSet(collection), null, null, 6, null));
    }

    @Override // no.ks.fiks.maskinporten.MaskinportenklientOperations
    @NotNull
    public String getAccessToken(@NotNull String... strArr) {
        Collection<String> scopesToCollection;
        Intrinsics.checkNotNullParameter(strArr, "scopes");
        scopesToCollection = MaskinportenklientKt.scopesToCollection((String[]) Arrays.copyOf(strArr, strArr.length));
        return getAccessToken(scopesToCollection);
    }

    @Override // no.ks.fiks.maskinporten.MaskinportenklientOperations
    @NotNull
    public String getDelegatedAccessToken(@NotNull String str, @NotNull Collection<String> collection) {
        Intrinsics.checkNotNullParameter(str, "consumerOrg");
        Intrinsics.checkNotNullParameter(collection, "scopes");
        return getTokenForRequest(new AccessTokenRequest(CollectionsKt.toSet(collection), str, null, 4, null));
    }

    @Override // no.ks.fiks.maskinporten.MaskinportenklientOperations
    @NotNull
    public String getDelegatedAccessToken(@NotNull String str, @NotNull String... strArr) {
        Collection<String> scopesToCollection;
        Intrinsics.checkNotNullParameter(str, "consumerOrg");
        Intrinsics.checkNotNullParameter(strArr, "scopes");
        scopesToCollection = MaskinportenklientKt.scopesToCollection((String[]) Arrays.copyOf(strArr, strArr.length));
        return getDelegatedAccessToken(str, scopesToCollection);
    }

    @Override // no.ks.fiks.maskinporten.MaskinportenklientOperations
    @NotNull
    public String getAccessTokenWithAudience(@NotNull String str, @NotNull Collection<String> collection) {
        Intrinsics.checkNotNullParameter(str, "audience");
        Intrinsics.checkNotNullParameter(collection, "scopes");
        return getTokenForRequest(new AccessTokenRequest(CollectionsKt.toSet(collection), null, str, 2, null));
    }

    @Override // no.ks.fiks.maskinporten.MaskinportenklientOperations
    @NotNull
    public String getAccessTokenWithAudience(@NotNull String str, @NotNull String... strArr) {
        Collection<String> scopesToCollection;
        Intrinsics.checkNotNullParameter(str, "audience");
        Intrinsics.checkNotNullParameter(strArr, "scopes");
        scopesToCollection = MaskinportenklientKt.scopesToCollection((String[]) Arrays.copyOf(strArr, strArr.length));
        return getAccessTokenWithAudience(str, scopesToCollection);
    }

    @Override // no.ks.fiks.maskinporten.MaskinportenklientOperations
    @NotNull
    public String getAccessToken(@NotNull AccessTokenRequest accessTokenRequest) {
        Intrinsics.checkNotNullParameter(accessTokenRequest, "request");
        return getTokenForRequest(accessTokenRequest);
    }

    private final String getTokenForRequest(AccessTokenRequest accessTokenRequest) {
        if (!(!accessTokenRequest.getScopes().isEmpty())) {
            throw new IllegalArgumentException("Minst ett scope må oppgies".toString());
        }
        String str = (String) this.map.get(accessTokenRequest);
        if (str == null) {
            throw new IllegalStateException("En ukjent feil skjedde ved forsøk på å hente token fra Maskinporten");
        }
        return str;
    }

    private final String createJwtRequestForAccessToken(AccessTokenRequest accessTokenRequest, final String str) throws JOSEException {
        KLogger kLogger;
        long currentTimeMillis = System.currentTimeMillis();
        long convert = currentTimeMillis + TimeUnit.MILLISECONDS.convert(2L, TimeUnit.MINUTES);
        final String audience = this.properties.getAudience();
        final String issuer = this.properties.getIssuer();
        final String joinToString$default = CollectionsKt.joinToString$default(accessTokenRequest.getScopes(), " ", (CharSequence) null, (CharSequence) null, 0, (CharSequence) null, (Function1) null, 62, (Object) null);
        String consumerOrg = accessTokenRequest.getConsumerOrg();
        if (consumerOrg == null) {
            consumerOrg = this.properties.getConsumerOrg();
        }
        final String str2 = consumerOrg;
        kLogger = MaskinportenklientKt.log;
        kLogger.debug(new Function0<Object>() { // from class: no.ks.fiks.maskinporten.Maskinportenklient$createJwtRequestForAccessToken$1
            /* JADX INFO: Access modifiers changed from: package-private */
            /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
            {
                super(0);
            }

            @Nullable
            public final Object invoke() {
                return "Signing JWTRequest with audience='" + ((Object) audience) + "',issuer='" + ((Object) issuer) + "',scopes='" + joinToString$default + "',consumerOrg='" + ((Object) str2) + "', jtiId='" + ((Object) str) + '\'';
            }
        });
        JWTClaimsSet.Builder expirationTime = new JWTClaimsSet.Builder().audience(audience).issuer(issuer).claim(CLAIM_SCOPE, joinToString$default).jwtID(str).issueTime(new Date(currentTimeMillis)).expirationTime(new Date(convert));
        if (str2 != null) {
            expirationTime.claim(CLAIM_CONSUMER_ORG, str2);
        }
        String audience2 = accessTokenRequest.getAudience();
        if (audience2 != null) {
            expirationTime.claim(CLAIM_RESOURCE, audience2);
        }
        SignedJWT signedJWT = new SignedJWT(this.jwsHeader, expirationTime.build());
        signedJWT.sign(this.signer);
        String serialize = signedJWT.serialize();
        Intrinsics.checkNotNullExpressionValue(serialize, "signedJWT.serialize()");
        return serialize;
    }

    private final String doAcquireAccessToken(AccessTokenRequest accessTokenRequest) {
        KLogger kLogger;
        KLogger kLogger2;
        try {
            return acquireAccessToken(accessTokenRequest);
        } catch (IOException e) {
            kLogger2 = MaskinportenklientKt.log;
            kLogger2.error(e, new Function0<Object>() { // from class: no.ks.fiks.maskinporten.Maskinportenklient$doAcquireAccessToken$2
                @Nullable
                public final Object invoke() {
                    return "Could not acquire access token due to an exception";
                }
            });
            throw new RuntimeException(e);
        } catch (JOSEException e2) {
            kLogger = MaskinportenklientKt.log;
            kLogger.error(e2, new Function0<Object>() { // from class: no.ks.fiks.maskinporten.Maskinportenklient$doAcquireAccessToken$1
                @Nullable
                public final Object invoke() {
                    return "Could not acquire access token due to an exception";
                }
            });
            throw new RuntimeException(e2);
        }
    }

    private final String acquireAccessToken(AccessTokenRequest accessTokenRequest) throws JOSEException, IOException {
        KLogger kLogger;
        KLogger kLogger2;
        String uuid = UUID.randomUUID().toString();
        Intrinsics.checkNotNullExpressionValue(uuid, "randomUUID().toString()");
        Pair pair = TuplesKt.to(MDC_JTIID, uuid);
        if (pair.getSecond() == null) {
            String replace$default = StringsKt.replace$default(StringsKt.replace$default("grant_type={grant_type}&assertion={assertion}", "{grant_type}", GRANT_TYPE, false, 4, (Object) null), "{assertion}", createJwtRequestForAccessToken(accessTokenRequest, uuid), false, 4, (Object) null);
            Charset charset = StandardCharsets.UTF_8;
            Intrinsics.checkNotNullExpressionValue(charset, "UTF_8");
            final byte[] bytes = replace$default.getBytes(charset);
            Intrinsics.checkNotNullExpressionValue(bytes, "this as java.lang.String).getBytes(charset)");
            final String tokenEndpoint = this.properties.getTokenEndpoint();
            kLogger2 = MaskinportenklientKt.log;
            kLogger2.debug(new Function0<Object>() { // from class: no.ks.fiks.maskinporten.Maskinportenklient$acquireAccessToken$1$1
                /* JADX INFO: Access modifiers changed from: package-private */
                /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
                {
                    super(0);
                }

                @Nullable
                public final Object invoke() {
                    return "Acquiring access token from \"" + tokenEndpoint + '\"';
                }
            });
            final long currentTimeMillis = System.currentTimeMillis();
            return actuallyExecuteRequest(new Function1<CloseableHttpClient, String>() { // from class: no.ks.fiks.maskinporten.Maskinportenklient$acquireAccessToken$1$2
                /* JADX INFO: Access modifiers changed from: package-private */
                /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
                {
                    super(1);
                }

                @Nullable
                public final String invoke(@NotNull CloseableHttpClient closeableHttpClient) {
                    ClassicHttpRequest createHttpRequest;
                    Intrinsics.checkNotNullParameter(closeableHttpClient, "httpClient");
                    createHttpRequest = Maskinportenklient.this.createHttpRequest(bytes);
                    final String str = tokenEndpoint;
                    final long j = currentTimeMillis;
                    return (String) closeableHttpClient.execute(createHttpRequest, new HttpClientResponseHandler<String>() { // from class: no.ks.fiks.maskinporten.Maskinportenklient$acquireAccessToken$1$2.1
                        @Nullable
                        /* renamed from: handleResponse, reason: merged with bridge method [inline-methods] */
                        public String m3handleResponse(@NotNull ClassicHttpResponse classicHttpResponse) {
                            KLogger kLogger3;
                            InputStream content;
                            KLogger kLogger4;
                            Intrinsics.checkNotNullParameter(classicHttpResponse, "classicHttpResponse");
                            final int code = classicHttpResponse.getCode();
                            kLogger3 = MaskinportenklientKt.log;
                            final long j2 = j;
                            kLogger3.debug(new Function0<Object>() { // from class: no.ks.fiks.maskinporten.Maskinportenklient$acquireAccessToken$1$2$1$handleResponse$1
                                /* JADX INFO: Access modifiers changed from: package-private */
                                /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
                                {
                                    super(0);
                                }

                                @Nullable
                                public final Object invoke() {
                                    return "Access token response received in " + (System.currentTimeMillis() - j2) + " ms with status " + code;
                                }
                            });
                            if (200 == code) {
                                InputStream content2 = classicHttpResponse.getEntity().getContent();
                                if (content2 == null) {
                                    return null;
                                }
                                content = content2;
                                Throwable th = null;
                                try {
                                    try {
                                        String readCompletelyAsString = readCompletelyAsString(content);
                                        CloseableKt.closeFinally(content, (Throwable) null);
                                        return readCompletelyAsString;
                                    } catch (Throwable th2) {
                                        th = th2;
                                        throw th2;
                                    }
                                } finally {
                                }
                            }
                            content = classicHttpResponse.getEntity().getContent();
                            Throwable th3 = null;
                            try {
                                try {
                                    InputStream inputStream = content;
                                    Intrinsics.checkNotNullExpressionValue(inputStream, "errorContentStream");
                                    final String readCompletelyAsString2 = readCompletelyAsString(inputStream);
                                    CloseableKt.closeFinally(content, (Throwable) null);
                                    kLogger4 = MaskinportenklientKt.log;
                                    kLogger4.warn(new Function0<Object>() { // from class: no.ks.fiks.maskinporten.Maskinportenklient$acquireAccessToken$1$2$1$handleResponse$3
                                        /* JADX INFO: Access modifiers changed from: package-private */
                                        /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
                                        {
                                            super(0);
                                        }

                                        @Nullable
                                        public final Object invoke() {
                                            return Intrinsics.stringPlus("Failed to get token: ", readCompletelyAsString2);
                                        }
                                    });
                                    String str2 = "Http response code: " + code + ", url: '" + str + "', message: '" + readCompletelyAsString2 + '\'';
                                    if (code < 400 || code >= 500) {
                                        throw new MaskinportenTokenRequestException(str2, code, readCompletelyAsString2);
                                    }
                                    throw new MaskinportenClientTokenRequestException(str2, code, readCompletelyAsString2);
                                } catch (Throwable th4) {
                                    th3 = th4;
                                    throw th4;
                                }
                            } finally {
                            }
                        }

                        private final String readCompletelyAsString(InputStream inputStream) throws IOException {
                            InputStreamReader inputStreamReader = new InputStreamReader(inputStream);
                            try {
                                BufferedReader bufferedReader = new BufferedReader(inputStreamReader);
                                Throwable th = null;
                                try {
                                    try {
                                        String joinToString$default = SequencesKt.joinToString$default(TextStreamsKt.lineSequence(bufferedReader), "\n", (CharSequence) null, (CharSequence) null, 0, (CharSequence) null, (Function1) null, 62, (Object) null);
                                        CloseableKt.closeFinally(bufferedReader, (Throwable) null);
                                        return joinToString$default;
                                    } finally {
                                    }
                                } catch (Throwable th2) {
                                    CloseableKt.closeFinally(bufferedReader, th);
                                    throw th2;
                                }
                            } finally {
                                CloseableKt.closeFinally(inputStreamReader, (Throwable) null);
                            }
                        }
                    });
                }
            });
        }
        String str = MDC.get((String) pair.getFirst());
        try {
            MDC.MDCCloseable mDCCloseable = (Closeable) MDC.putCloseable((String) pair.getFirst(), (String) pair.getSecond());
            try {
                MDC.MDCCloseable mDCCloseable2 = mDCCloseable;
                String replace$default2 = StringsKt.replace$default(StringsKt.replace$default("grant_type={grant_type}&assertion={assertion}", "{grant_type}", GRANT_TYPE, false, 4, (Object) null), "{assertion}", createJwtRequestForAccessToken(accessTokenRequest, uuid), false, 4, (Object) null);
                Charset charset2 = StandardCharsets.UTF_8;
                Intrinsics.checkNotNullExpressionValue(charset2, "UTF_8");
                final byte[] bytes2 = replace$default2.getBytes(charset2);
                Intrinsics.checkNotNullExpressionValue(bytes2, "this as java.lang.String).getBytes(charset)");
                final String tokenEndpoint2 = this.properties.getTokenEndpoint();
                kLogger = MaskinportenklientKt.log;
                kLogger.debug(new Function0<Object>() { // from class: no.ks.fiks.maskinporten.Maskinportenklient$acquireAccessToken$1$1
                    /* JADX INFO: Access modifiers changed from: package-private */
                    /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
                    {
                        super(0);
                    }

                    @Nullable
                    public final Object invoke() {
                        return "Acquiring access token from \"" + tokenEndpoint2 + '\"';
                    }
                });
                final long currentTimeMillis2 = System.currentTimeMillis();
                String actuallyExecuteRequest = actuallyExecuteRequest(new Function1<CloseableHttpClient, String>() { // from class: no.ks.fiks.maskinporten.Maskinportenklient$acquireAccessToken$1$2
                    /* JADX INFO: Access modifiers changed from: package-private */
                    /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
                    {
                        super(1);
                    }

                    @Nullable
                    public final String invoke(@NotNull CloseableHttpClient closeableHttpClient) {
                        ClassicHttpRequest createHttpRequest;
                        Intrinsics.checkNotNullParameter(closeableHttpClient, "httpClient");
                        createHttpRequest = Maskinportenklient.this.createHttpRequest(bytes2);
                        final String str2 = tokenEndpoint2;
                        final long j = currentTimeMillis2;
                        return (String) closeableHttpClient.execute(createHttpRequest, new HttpClientResponseHandler<String>() { // from class: no.ks.fiks.maskinporten.Maskinportenklient$acquireAccessToken$1$2.1
                            @Nullable
                            /* renamed from: handleResponse, reason: merged with bridge method [inline-methods] */
                            public String m3handleResponse(@NotNull ClassicHttpResponse classicHttpResponse) {
                                KLogger kLogger3;
                                InputStream content;
                                KLogger kLogger4;
                                Intrinsics.checkNotNullParameter(classicHttpResponse, "classicHttpResponse");
                                final int code = classicHttpResponse.getCode();
                                kLogger3 = MaskinportenklientKt.log;
                                final long j2 = j;
                                kLogger3.debug(new Function0<Object>() { // from class: no.ks.fiks.maskinporten.Maskinportenklient$acquireAccessToken$1$2$1$handleResponse$1
                                    /* JADX INFO: Access modifiers changed from: package-private */
                                    /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
                                    {
                                        super(0);
                                    }

                                    @Nullable
                                    public final Object invoke() {
                                        return "Access token response received in " + (System.currentTimeMillis() - j2) + " ms with status " + code;
                                    }
                                });
                                if (200 == code) {
                                    InputStream content2 = classicHttpResponse.getEntity().getContent();
                                    if (content2 == null) {
                                        return null;
                                    }
                                    content = content2;
                                    Throwable th = null;
                                    try {
                                        try {
                                            String readCompletelyAsString = readCompletelyAsString(content);
                                            CloseableKt.closeFinally(content, (Throwable) null);
                                            return readCompletelyAsString;
                                        } catch (Throwable th2) {
                                            th = th2;
                                            throw th2;
                                        }
                                    } finally {
                                    }
                                }
                                content = classicHttpResponse.getEntity().getContent();
                                Throwable th3 = null;
                                try {
                                    try {
                                        InputStream inputStream = content;
                                        Intrinsics.checkNotNullExpressionValue(inputStream, "errorContentStream");
                                        final String readCompletelyAsString2 = readCompletelyAsString(inputStream);
                                        CloseableKt.closeFinally(content, (Throwable) null);
                                        kLogger4 = MaskinportenklientKt.log;
                                        kLogger4.warn(new Function0<Object>() { // from class: no.ks.fiks.maskinporten.Maskinportenklient$acquireAccessToken$1$2$1$handleResponse$3
                                            /* JADX INFO: Access modifiers changed from: package-private */
                                            /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
                                            {
                                                super(0);
                                            }

                                            @Nullable
                                            public final Object invoke() {
                                                return Intrinsics.stringPlus("Failed to get token: ", readCompletelyAsString2);
                                            }
                                        });
                                        String str22 = "Http response code: " + code + ", url: '" + str2 + "', message: '" + readCompletelyAsString2 + '\'';
                                        if (code < 400 || code >= 500) {
                                            throw new MaskinportenTokenRequestException(str22, code, readCompletelyAsString2);
                                        }
                                        throw new MaskinportenClientTokenRequestException(str22, code, readCompletelyAsString2);
                                    } catch (Throwable th4) {
                                        th3 = th4;
                                        throw th4;
                                    }
                                } finally {
                                }
                            }

                            private final String readCompletelyAsString(InputStream inputStream) throws IOException {
                                InputStreamReader inputStreamReader = new InputStreamReader(inputStream);
                                try {
                                    BufferedReader bufferedReader = new BufferedReader(inputStreamReader);
                                    Throwable th = null;
                                    try {
                                        try {
                                            String joinToString$default = SequencesKt.joinToString$default(TextStreamsKt.lineSequence(bufferedReader), "\n", (CharSequence) null, (CharSequence) null, 0, (CharSequence) null, (Function1) null, 62, (Object) null);
                                            CloseableKt.closeFinally(bufferedReader, (Throwable) null);
                                            return joinToString$default;
                                        } finally {
                                        }
                                    } catch (Throwable th2) {
                                        CloseableKt.closeFinally(bufferedReader, th);
                                        throw th2;
                                    }
                                } finally {
                                    CloseableKt.closeFinally(inputStreamReader, (Throwable) null);
                                }
                            }
                        });
                    }
                });
                CloseableKt.closeFinally(mDCCloseable, (Throwable) null);
                if (str != null) {
                    MDC.put((String) pair.getFirst(), str);
                }
                return actuallyExecuteRequest;
            } catch (Throwable th) {
                CloseableKt.closeFinally(mDCCloseable, (Throwable) null);
                throw th;
            }
        } catch (Throwable th2) {
            if (str != null) {
                MDC.put((String) pair.getFirst(), str);
            }
            throw th2;
        }
    }

    private final String actuallyExecuteRequest(Function1<? super CloseableHttpClient, String> function1) {
        KLogger kLogger;
        String str;
        CloseableHttpClient providedHttpClient = this.properties.getProvidedHttpClient();
        if (providedHttpClient == null) {
            str = null;
        } else {
            kLogger = MaskinportenklientKt.log;
            kLogger.debug(new Function0<Object>() { // from class: no.ks.fiks.maskinporten.Maskinportenklient$actuallyExecuteRequest$1$1
                @Nullable
                public final Object invoke() {
                    return "Executing request using provided httpClient";
                }
            });
            str = (String) function1.invoke(providedHttpClient);
        }
        String str2 = str;
        if (str2 != null) {
            return str2;
        }
        CloseableHttpClient closeableHttpClient = (Closeable) HttpClientBuilder.create().disableAutomaticRetries().disableRedirectHandling().disableAuthCaching().setDefaultRequestConfig(RequestConfig.custom().setConnectionRequestTimeout(this.properties.getTimeoutMillis(), TimeUnit.MILLISECONDS).build()).build();
        Throwable th = null;
        try {
            try {
                CloseableHttpClient closeableHttpClient2 = closeableHttpClient;
                Intrinsics.checkNotNullExpressionValue(closeableHttpClient2, "it");
                String str3 = (String) function1.invoke(closeableHttpClient2);
                CloseableKt.closeFinally(closeableHttpClient, (Throwable) null);
                return str3;
            } catch (Throwable th2) {
                th = th2;
                throw th2;
            }
        } catch (Throwable th3) {
            CloseableKt.closeFinally(closeableHttpClient, th);
            throw th3;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public final ClassicHttpRequest createHttpRequest(byte[] bArr) {
        ClassicHttpRequest build = ClassicRequestBuilder.post(this.properties.getTokenEndpoint()).setCharset(StandardCharsets.UTF_8).addHeader("Charset", StandardCharsets.UTF_8.name()).addHeader("Content-Type", ContentType.APPLICATION_FORM_URLENCODED.getMimeType()).setEntity(bArr, ContentType.APPLICATION_FORM_URLENCODED).build();
        Intrinsics.checkNotNullExpressionValue(build, "post(properties.tokenEnd…DED)\n            .build()");
        return build;
    }

    private final Map<String, Object> parse(String str) {
        try {
            Map<String, Object> parse = JSONObjectUtils.parse(str);
            Intrinsics.checkNotNullExpressionValue(parse, "{\n            JSONObject…ls.parse(value)\n        }");
            return parse;
        } catch (ParseException e) {
            throw new RuntimeException(e);
        }
    }

    private final Map<String, Object> parseAccessToken(Map<String, ? extends Object> map) {
        try {
            Map<String, Object> jSONObject = JWSObject.parse(String.valueOf(Objects.requireNonNull(map.get("access_token"), "JSON response fra Maskinporten mangler felt 'access_token'"))).getPayload().toJSONObject();
            Intrinsics.checkNotNullExpressionValue(jSONObject, "{\n            val access….toJSONObject()\n        }");
            return jSONObject;
        } catch (ParseException e) {
            throw new RuntimeException(e);
        }
    }

    /* renamed from: _init_$lambda-0, reason: not valid java name */
    private static final ExpiringValue m1_init_$lambda0(Maskinportenklient maskinportenklient, AccessTokenRequest accessTokenRequest) {
        KLogger kLogger;
        Intrinsics.checkNotNullParameter(maskinportenklient, "this$0");
        Intrinsics.checkNotNullParameter(accessTokenRequest, "tokenRequest");
        String doAcquireAccessToken = maskinportenklient.doAcquireAccessToken(accessTokenRequest);
        if (doAcquireAccessToken == null) {
            throw new IllegalArgumentException(Intrinsics.stringPlus("Got empty response from provider for request ", accessTokenRequest));
        }
        final Map<String, Object> parse = maskinportenklient.parse(doAcquireAccessToken);
        Map<String, Object> parseAccessToken = maskinportenklient.parseAccessToken(parse);
        final long expiresIn = maskinportenklient.getExpiresIn(parse);
        final long numberOfSecondsLeftBeforeExpire = expiresIn - maskinportenklient.properties.getNumberOfSecondsLeftBeforeExpire();
        final long convert = TimeUnit.MILLISECONDS.convert(maskinportenklient.getExp(parseAccessToken), TimeUnit.SECONDS);
        kLogger = MaskinportenklientKt.log;
        kLogger.info(new Function0<Object>() { // from class: no.ks.fiks.maskinporten.Maskinportenklient$1$1
            /* JADX INFO: Access modifiers changed from: package-private */
            /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
            {
                super(0);
            }

            @Nullable
            public final Object invoke() {
                return "Adding access token to cache; access_token.scopes: '" + parse.get(Maskinportenklient.CLAIM_SCOPE) + "', access_token.exp: " + new Date(convert) + ", expires_in: " + expiresIn + " seconds. Expires from cache in " + numberOfSecondsLeftBeforeExpire + " seconds (" + new Date(System.currentTimeMillis() + (1000 * numberOfSecondsLeftBeforeExpire)) + ").";
            }
        });
        return new ExpiringValue(String.valueOf(parse.get("access_token")), ExpirationPolicy.CREATED, numberOfSecondsLeftBeforeExpire, TimeUnit.SECONDS);
    }
}
