package no.nav.security.mock.oauth2.token;

import com.nimbusds.jose.JWSAlgorithm;
import com.nimbusds.jose.jwk.ECKey;
import com.nimbusds.jose.jwk.JWK;
import com.nimbusds.jose.jwk.JWKSet;
import com.nimbusds.jose.jwk.KeyType;
import com.nimbusds.jose.jwk.RSAKey;
import java.net.URL;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.LinkedBlockingDeque;
import kotlin.Metadata;
import kotlin.collections.CollectionsKt;
import kotlin.io.TextStreamsKt;
import kotlin.jvm.JvmOverloads;
import kotlin.jvm.functions.Function1;
import kotlin.jvm.internal.DefaultConstructorMarker;
import kotlin.jvm.internal.Intrinsics;
import kotlin.jvm.internal.SourceDebugExtension;
import kotlin.text.Charsets;
import no.nav.security.mock.oauth2.OAuth2Exception;
import org.jetbrains.annotations.NotNull;

/* compiled from: KeyProvider.kt */
@Metadata(mv = {1, 9, 0}, k = 1, xi = 48, d1 = {"��:\n\u0002\u0018\u0002\n\u0002\u0010��\n��\n\u0002\u0010 \n\u0002\u0018\u0002\n��\n\u0002\u0010\u000e\n\u0002\b\u0002\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n��\n\u0002\u0010\u0002\n\u0002\b\u0006\b\u0016\u0018�� \u00152\u00020\u0001:\u0001\u0015B!\b\u0007\u0012\u000e\b\u0002\u0010\u0002\u001a\b\u0012\u0004\u0012\u00020\u00040\u0003\u0012\b\b\u0002\u0010\u0005\u001a\u00020\u0006¢\u0006\u0002\u0010\u0007J\u0006\u0010\u0005\u001a\u00020\u000eJ\u000e\u0010\u000f\u001a\u00020\u00102\u0006\u0010\u0005\u001a\u00020\u0006J\u0010\u0010\u0011\u001a\u00020\u00042\u0006\u0010\u0012\u001a\u00020\u0006H\u0002J\u0006\u0010\u0013\u001a\u00020\u0006J\u000e\u0010\u0014\u001a\u00020\u00042\u0006\u0010\u0012\u001a\u00020\u0006R\u000e\u0010\u0005\u001a\u00020\u0006X\u0082\u0004¢\u0006\u0002\n��R\u000e\u0010\b\u001a\u00020\tX\u0082\u000e¢\u0006\u0002\n��R\u0014\u0010\u0002\u001a\b\u0012\u0004\u0012\u00020\u00040\u0003X\u0082\u0004¢\u0006\u0002\n��R\u0014\u0010\n\u001a\b\u0012\u0004\u0012\u00020\u00040\u000bX\u0082\u0004¢\u0006\u0002\n��R\u001a\u0010\f\u001a\u000e\u0012\u0004\u0012\u00020\u0006\u0012\u0004\u0012\u00020\u00040\rX\u0082\u0004¢\u0006\u0002\n��¨\u0006\u0016"}, d2 = {"Lno/nav/security/mock/oauth2/token/KeyProvider;", "", "initialKeys", "", "Lcom/nimbusds/jose/jwk/JWK;", "algorithm", "", "(Ljava/util/List;Ljava/lang/String;)V", "generator", "Lno/nav/security/mock/oauth2/token/KeyGenerator;", "keyDeque", "Ljava/util/concurrent/LinkedBlockingDeque;", "signingKeys", "Ljava/util/concurrent/ConcurrentHashMap;", "Lcom/nimbusds/jose/JWSAlgorithm;", "generate", "", "keyFromDequeOrNew", "keyId", "keyType", "signingKey", "Companion", "mock-oauth2-server"})
@SourceDebugExtension({"SMAP\nKeyProvider.kt\nKotlin\n*S Kotlin\n*F\n+ 1 KeyProvider.kt\nno/nav/security/mock/oauth2/token/KeyProvider\n+ 2 _Collections.kt\nkotlin/collections/CollectionsKt___CollectionsKt\n*L\n1#1,67:1\n1855#2,2:68\n*S KotlinDebug\n*F\n+ 1 KeyProvider.kt\nno/nav/security/mock/oauth2/token/KeyProvider\n*L\n25#1:68,2\n*E\n"})
/* loaded from: input_file:no/nav/security/mock/oauth2/token/KeyProvider.class */
public class KeyProvider {

    @NotNull
    public static final Companion Companion = new Companion(null);

    @NotNull
    private final List<JWK> initialKeys;

    @NotNull
    private final String algorithm;

    @NotNull
    private final ConcurrentHashMap<String, JWK> signingKeys;

    @NotNull
    private KeyGenerator generator;

    @NotNull
    private final LinkedBlockingDeque<JWK> keyDeque;

    @NotNull
    public static final String INITIAL_KEYS_FILE = "/mock-oauth2-server-keys.json";

    /* compiled from: KeyProvider.kt */
    @Metadata(mv = {1, 9, 0}, k = 1, xi = 48, d1 = {"��\u001e\n\u0002\u0018\u0002\n\u0002\u0010��\n\u0002\b\u0002\n\u0002\u0010\u000e\n��\n\u0002\u0010 \n\u0002\u0018\u0002\n\u0002\b\u0002\b\u0086\u0003\u0018��2\u00020\u0001B\u0007\b\u0002¢\u0006\u0002\u0010\u0002J\u0014\u0010\u0005\u001a\b\u0012\u0004\u0012\u00020\u00070\u00062\u0006\u0010\b\u001a\u00020\u0004R\u000e\u0010\u0003\u001a\u00020\u0004X\u0086T¢\u0006\u0002\n��¨\u0006\t"}, d2 = {"Lno/nav/security/mock/oauth2/token/KeyProvider$Companion;", "", "()V", "INITIAL_KEYS_FILE", "", "keysFromFile", "", "Lcom/nimbusds/jose/jwk/JWK;", "filename", "mock-oauth2-server"})
    @SourceDebugExtension({"SMAP\nKeyProvider.kt\nKotlin\n*S Kotlin\n*F\n+ 1 KeyProvider.kt\nno/nav/security/mock/oauth2/token/KeyProvider$Companion\n+ 2 _Collections.kt\nkotlin/collections/CollectionsKt___CollectionsKt\n*L\n1#1,67:1\n1549#2:68\n1620#2,3:69\n*S KotlinDebug\n*F\n+ 1 KeyProvider.kt\nno/nav/security/mock/oauth2/token/KeyProvider$Companion\n*L\n61#1:68\n61#1:69,3\n*E\n"})
    /* loaded from: input_file:no/nav/security/mock/oauth2/token/KeyProvider$Companion.class */
    public static final class Companion {
        private Companion() {
        }

        @NotNull
        public final List<JWK> keysFromFile(@NotNull String str) {
            Intrinsics.checkNotNullParameter(str, "filename");
            URL resource = KeyProvider.class.getResource(str);
            if (resource == null) {
                return CollectionsKt.emptyList();
            }
            List keys = JWKSet.parse(new String(TextStreamsKt.readBytes(resource), Charsets.UTF_8)).getKeys();
            Intrinsics.checkNotNullExpressionValue(keys, "getKeys(...)");
            List<JWK> list = keys;
            ArrayList arrayList = new ArrayList(CollectionsKt.collectionSizeOrDefault(list, 10));
            for (JWK jwk : list) {
                Intrinsics.checkNotNull(jwk, "null cannot be cast to non-null type com.nimbusds.jose.jwk.JWK");
                arrayList.add(jwk);
            }
            return arrayList;
        }

        public /* synthetic */ Companion(DefaultConstructorMarker defaultConstructorMarker) {
            this();
        }
    }

    @JvmOverloads
    public KeyProvider(@NotNull List<? extends JWK> list, @NotNull String str) {
        Intrinsics.checkNotNullParameter(list, "initialKeys");
        Intrinsics.checkNotNullParameter(str, "algorithm");
        this.initialKeys = list;
        this.algorithm = str;
        this.signingKeys = new ConcurrentHashMap<>();
        JWSAlgorithm parse = JWSAlgorithm.parse(this.algorithm);
        Intrinsics.checkNotNullExpressionValue(parse, "parse(...)");
        this.generator = new KeyGenerator(parse, null, 2, null);
        LinkedBlockingDeque<JWK> linkedBlockingDeque = new LinkedBlockingDeque<>();
        Iterator<T> it = this.initialKeys.iterator();
        while (it.hasNext()) {
            linkedBlockingDeque.put((JWK) it.next());
        }
        this.keyDeque = linkedBlockingDeque;
    }

    /* JADX WARN: Illegal instructions before constructor call */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public /* synthetic */ KeyProvider(java.util.List r5, java.lang.String r6, int r7, kotlin.jvm.internal.DefaultConstructorMarker r8) {
        /*
            r4 = this;
            r0 = r7
            r1 = 1
            r0 = r0 & r1
            if (r0 == 0) goto Lf
            no.nav.security.mock.oauth2.token.KeyProvider$Companion r0 = no.nav.security.mock.oauth2.token.KeyProvider.Companion
            java.lang.String r1 = "/mock-oauth2-server-keys.json"
            java.util.List r0 = r0.keysFromFile(r1)
            r5 = r0
        Lf:
            r0 = r7
            r1 = 2
            r0 = r0 & r1
            if (r0 == 0) goto L22
            com.nimbusds.jose.JWSAlgorithm r0 = com.nimbusds.jose.JWSAlgorithm.RS256
            java.lang.String r0 = r0.getName()
            r1 = r0
            java.lang.String r2 = "getName(...)"
            kotlin.jvm.internal.Intrinsics.checkNotNullExpressionValue(r1, r2)
            r6 = r0
        L22:
            r0 = r4
            r1 = r5
            r2 = r6
            r0.<init>(r1, r2)
            return
        */
        throw new UnsupportedOperationException("Method not decompiled: no.nav.security.mock.oauth2.token.KeyProvider.<init>(java.util.List, java.lang.String, int, kotlin.jvm.internal.DefaultConstructorMarker):void");
    }

    @NotNull
    public final JWK signingKey(@NotNull final String str) {
        Intrinsics.checkNotNullParameter(str, "keyId");
        ConcurrentHashMap<String, JWK> concurrentHashMap = this.signingKeys;
        Function1<String, JWK> function1 = new Function1<String, JWK>() { // from class: no.nav.security.mock.oauth2.token.KeyProvider$signingKey$1
            /* JADX INFO: Access modifiers changed from: package-private */
            /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
            {
                super(1);
            }

            @NotNull
            public final JWK invoke(@NotNull String str2) {
                JWK keyFromDequeOrNew;
                Intrinsics.checkNotNullParameter(str2, "it");
                keyFromDequeOrNew = KeyProvider.this.keyFromDequeOrNew(str);
                return keyFromDequeOrNew;
            }
        };
        JWK computeIfAbsent = concurrentHashMap.computeIfAbsent(str, (v1) -> {
            return signingKey$lambda$2(r2, v1);
        });
        Intrinsics.checkNotNullExpressionValue(computeIfAbsent, "computeIfAbsent(...)");
        return computeIfAbsent;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public final JWK keyFromDequeOrNew(String str) {
        RSAKey build;
        JWK poll = this.keyDeque.poll();
        if (poll != null) {
            String value = poll.getKeyType().getValue();
            if (Intrinsics.areEqual(value, KeyType.RSA.getValue())) {
                build = new RSAKey.Builder(poll.toRSAKey()).keyID(str).build();
            } else {
                if (!Intrinsics.areEqual(value, KeyType.EC.getValue())) {
                    throw new OAuth2Exception("Unsupported key type: " + poll.getKeyType().getValue());
                }
                build = new ECKey.Builder(poll.toECKey()).keyID(str).build();
            }
            JWK jwk = (JWK) build;
            if (jwk != null) {
                return jwk;
            }
        }
        return this.generator.generateKey(str);
    }

    @NotNull
    public final JWSAlgorithm algorithm() {
        JWSAlgorithm parse = JWSAlgorithm.parse(this.algorithm);
        Intrinsics.checkNotNullExpressionValue(parse, "parse(...)");
        return parse;
    }

    @NotNull
    public final String keyType() {
        String algorithm = this.generator.getKeyGenerator().getAlgorithm();
        Intrinsics.checkNotNullExpressionValue(algorithm, "getAlgorithm(...)");
        return algorithm;
    }

    public final void generate(@NotNull String str) {
        Intrinsics.checkNotNullParameter(str, "algorithm");
        JWSAlgorithm parse = JWSAlgorithm.parse(str);
        Intrinsics.checkNotNullExpressionValue(parse, "parse(...)");
        this.generator = new KeyGenerator(parse, null, 2, null);
    }

    /* JADX WARN: 'this' call moved to the top of the method (can break code semantics) */
    @JvmOverloads
    public KeyProvider(@NotNull List<? extends JWK> list) {
        this(list, null, 2, null);
        Intrinsics.checkNotNullParameter(list, "initialKeys");
    }

    @JvmOverloads
    public KeyProvider() {
        this(null, null, 3, null);
    }

    private static final JWK signingKey$lambda$2(Function1 function1, Object obj) {
        Intrinsics.checkNotNullParameter(function1, "$tmp0");
        return (JWK) function1.invoke(obj);
    }
}
