package no.nav.security.token.support.core.validation;

import java.util.AbstractMap;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
import kotlin.Metadata;
import kotlin.collections.CollectionsKt;
import kotlin.jvm.internal.DefaultConstructorMarker;
import kotlin.jvm.internal.Intrinsics;
import kotlin.jvm.internal.SourceDebugExtension;
import no.nav.security.token.support.core.configuration.IssuerConfiguration;
import no.nav.security.token.support.core.configuration.MultiIssuerConfiguration;
import no.nav.security.token.support.core.context.TokenValidationContext;
import no.nav.security.token.support.core.exceptions.IssuerConfigurationException;
import no.nav.security.token.support.core.exceptions.JwtTokenValidatorException;
import no.nav.security.token.support.core.http.HttpRequest;
import no.nav.security.token.support.core.jwt.JwtToken;
import org.jetbrains.annotations.NotNull;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* compiled from: JwtTokenValidationHandler.kt */
@Metadata(mv = {1, 9, 0}, k = 1, xi = 48, d1 = {"��>\n\u0002\u0018\u0002\n\u0002\u0010��\n��\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n��\n\u0002\u0010\u000e\n��\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n��\n\u0002\u0010&\n\u0002\b\u0002\u0018�� \u00132\u00020\u0001:\u0001\u0013B\r\u0012\u0006\u0010\u0002\u001a\u00020\u0003¢\u0006\u0002\u0010\u0004J\u000e\u0010\u0005\u001a\u00020\u00062\u0006\u0010\u0007\u001a\u00020\bJ\u0010\u0010\t\u001a\u00020\n2\u0006\u0010\u000b\u001a\u00020\fH\u0002J\u0010\u0010\r\u001a\u00020\u000e2\u0006\u0010\u000f\u001a\u00020\u0010H\u0002J\u001e\u0010\u0011\u001a\u0010\u0012\u0004\u0012\u00020\f\u0012\u0004\u0012\u00020\u0010\u0018\u00010\u00122\u0006\u0010\u000f\u001a\u00020\u0010H\u0002R\u000e\u0010\u0002\u001a\u00020\u0003X\u0082\u0004¢\u0006\u0002\n��¨\u0006\u0014"}, d2 = {"Lno/nav/security/token/support/core/validation/JwtTokenValidationHandler;", "", "config", "Lno/nav/security/token/support/core/configuration/MultiIssuerConfiguration;", "(Lno/nav/security/token/support/core/configuration/MultiIssuerConfiguration;)V", "getValidatedTokens", "Lno/nav/security/token/support/core/context/TokenValidationContext;", "request", "Lno/nav/security/token/support/core/http/HttpRequest;", "issuerConfiguration", "Lno/nav/security/token/support/core/configuration/IssuerConfiguration;", "issuer", "", "tokenValidator", "Lno/nav/security/token/support/core/validation/JwtTokenValidator;", "jwtToken", "Lno/nav/security/token/support/core/jwt/JwtToken;", "validate", "", "Companion", "token-validation-core"})
@SourceDebugExtension({"SMAP\nJwtTokenValidationHandler.kt\nKotlin\n*S Kotlin\n*F\n+ 1 JwtTokenValidationHandler.kt\nno/nav/security/token/support/core/validation/JwtTokenValidationHandler\n+ 2 _Collections.kt\nkotlin/collections/CollectionsKt___CollectionsKt\n+ 3 fake.kt\nkotlin/jvm/internal/FakeKt\n*L\n1#1,53:1\n1603#2,9:54\n1855#2:63\n1856#2:65\n1612#2:66\n1238#2,4:67\n1549#2:71\n1620#2,3:72\n1#3:64\n1#3:75\n*S KotlinDebug\n*F\n+ 1 JwtTokenValidationHandler.kt\nno/nav/security/token/support/core/validation/JwtTokenValidationHandler\n*L\n20#1:54,9\n20#1:63\n20#1:65\n20#1:66\n21#1:67,4\n24#1:71\n24#1:72,3\n20#1:64\n*E\n"})
/* loaded from: input_file:no/nav/security/token/support/core/validation/JwtTokenValidationHandler.class */
public final class JwtTokenValidationHandler {

    @NotNull
    public static final Companion Companion = new Companion(null);

    @NotNull
    private final MultiIssuerConfiguration config;

    @NotNull
    private static final Logger LOG;

    /* compiled from: JwtTokenValidationHandler.kt */
    @Metadata(mv = {1, 9, 0}, k = 1, xi = 48, d1 = {"��\u0012\n\u0002\u0018\u0002\n\u0002\u0010��\n\u0002\b\u0002\n\u0002\u0018\u0002\n��\b\u0086\u0003\u0018��2\u00020\u0001B\u0007\b\u0002¢\u0006\u0002\u0010\u0002R\u000e\u0010\u0003\u001a\u00020\u0004X\u0082\u0004¢\u0006\u0002\n��¨\u0006\u0005"}, d2 = {"Lno/nav/security/token/support/core/validation/JwtTokenValidationHandler$Companion;", "", "()V", "LOG", "Lorg/slf4j/Logger;", "token-validation-core"})
    /* loaded from: input_file:no/nav/security/token/support/core/validation/JwtTokenValidationHandler$Companion.class */
    public static final class Companion {
        private Companion() {
        }

        public /* synthetic */ Companion(DefaultConstructorMarker defaultConstructorMarker) {
            this();
        }
    }

    public JwtTokenValidationHandler(@NotNull MultiIssuerConfiguration multiIssuerConfiguration) {
        Intrinsics.checkNotNullParameter(multiIssuerConfiguration, "config");
        this.config = multiIssuerConfiguration;
    }

    @NotNull
    public final TokenValidationContext getValidatedTokens(@NotNull HttpRequest httpRequest) {
        Intrinsics.checkNotNullParameter(httpRequest, "request");
        List<JwtToken> retrieveUnvalidatedTokens = JwtTokenRetriever.retrieveUnvalidatedTokens(this.config, httpRequest);
        List<JwtToken> list = retrieveUnvalidatedTokens;
        ArrayList arrayList = new ArrayList();
        Iterator<T> it = list.iterator();
        while (it.hasNext()) {
            Map.Entry<String, JwtToken> validate = validate((JwtToken) it.next());
            if (validate != null) {
                arrayList.add(validate);
            }
        }
        ArrayList arrayList2 = arrayList;
        ConcurrentHashMap concurrentHashMap = new ConcurrentHashMap();
        for (Object obj : arrayList2) {
            concurrentHashMap.put((String) ((Map.Entry) obj).getKey(), (JwtToken) ((Map.Entry) obj).getValue());
        }
        ConcurrentHashMap concurrentHashMap2 = concurrentHashMap;
        LOG.debug("Found {} tokens on request, number of validated tokens is {}", Integer.valueOf(concurrentHashMap2.size()), Integer.valueOf(concurrentHashMap2.size()));
        if (concurrentHashMap2.isEmpty()) {
            if (!concurrentHashMap2.isEmpty()) {
                Logger logger = LOG;
                Integer valueOf = Integer.valueOf(concurrentHashMap2.size());
                List<JwtToken> list2 = retrieveUnvalidatedTokens;
                ArrayList arrayList3 = new ArrayList(CollectionsKt.collectionSizeOrDefault(list2, 10));
                Iterator<T> it2 = list2.iterator();
                while (it2.hasNext()) {
                    arrayList3.add(((JwtToken) it2.next()).getIssuer());
                }
                logger.debug("Found {} unvalidated token(s) with issuer(s) {} on request, is this a configuration error?", valueOf, arrayList3);
            }
        }
        return new TokenValidationContext(concurrentHashMap2);
    }

    private final Map.Entry<String, JwtToken> validate(JwtToken jwtToken) {
        AbstractMap.SimpleImmutableEntry simpleImmutableEntry;
        AbstractMap.SimpleImmutableEntry simpleImmutableEntry2;
        try {
            LOG.debug("Check if token with issuer={} is present in config", jwtToken.getIssuer());
            if (this.config.getIssuers().get(jwtToken.getIssuer()) != null) {
                String issuer = jwtToken.getIssuer();
                Intrinsics.checkNotNullExpressionValue(issuer, "<get-issuer>(...)");
                String name = issuerConfiguration(issuer).getName();
                LOG.debug("Found token from trusted issuer={} with shortName={} in request", jwtToken.getIssuer(), name);
                tokenValidator(jwtToken).assertValidToken(jwtToken.getEncodedToken());
                LOG.debug("Validated token from issuer[{}]", jwtToken.getIssuer());
                simpleImmutableEntry2 = new AbstractMap.SimpleImmutableEntry(name, jwtToken);
            } else {
                LOG.debug("Found token from unknown issuer[{}], skipping validation.", jwtToken.getIssuer());
                simpleImmutableEntry2 = null;
            }
            simpleImmutableEntry = simpleImmutableEntry2;
        } catch (JwtTokenValidatorException e) {
            LOG.info("Found invalid token for issuer [{}, expires at {}], message:{} ", new Object[]{jwtToken.getIssuer(), e.getExpiryDate(), e.getMessage()});
            simpleImmutableEntry = null;
        }
        return simpleImmutableEntry;
    }

    private final JwtTokenValidator tokenValidator(JwtToken jwtToken) {
        String issuer = jwtToken.getIssuer();
        Intrinsics.checkNotNullExpressionValue(issuer, "<get-issuer>(...)");
        return issuerConfiguration(issuer).getTokenValidator();
    }

    private final IssuerConfiguration issuerConfiguration(String str) {
        IssuerConfiguration issuerConfiguration = this.config.getIssuers().get(str);
        if (issuerConfiguration == null) {
            throw new IssuerConfigurationException("Could not find IssuerConfiguration for issuer " + str, null, 2, null);
        }
        return issuerConfiguration;
    }

    static {
        Logger logger = LoggerFactory.getLogger(JwtTokenValidationHandler.class);
        Intrinsics.checkNotNullExpressionValue(logger, "getLogger(...)");
        LOG = logger;
    }
}
