package org.iplass.mtp.impl.auth.oauth.jwt;

import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateNotYetValidException;
import java.time.Instant;
import java.time.temporal.ChronoUnit;
import java.time.temporal.TemporalUnit;
import java.util.Date;

/* loaded from: input_file:org/iplass/mtp/impl/auth/oauth/jwt/JwtKeyRolloverType.class */
public enum JwtKeyRolloverType {
    OLDER { // from class: org.iplass.mtp.impl.auth.oauth.jwt.JwtKeyRolloverType.1
        @Override // org.iplass.mtp.impl.auth.oauth.jwt.JwtKeyRolloverType
        CertificateKeyPair select(SimpleJwtKeyStore simpleJwtKeyStore) {
            CertificateKeyPair certificateKeyPair = null;
            for (CertificateKeyPair certificateKeyPair2 : simpleJwtKeyStore.list()) {
                try {
                    certificateKeyPair2.getCertificate().checkValidity();
                    if (certificateKeyPair == null || certificateKeyPair.getCertificate().getNotAfter().getTime() > certificateKeyPair2.getCertificate().getNotAfter().getTime()) {
                        certificateKeyPair = certificateKeyPair2;
                    }
                } catch (CertificateExpiredException | CertificateNotYetValidException e) {
                }
            }
            return certificateKeyPair;
        }
    },
    BEFORE_N_DAYS { // from class: org.iplass.mtp.impl.auth.oauth.jwt.JwtKeyRolloverType.2
        @Override // org.iplass.mtp.impl.auth.oauth.jwt.JwtKeyRolloverType
        CertificateKeyPair select(SimpleJwtKeyStore simpleJwtKeyStore) {
            CertificateKeyPair certificateKeyPair = null;
            CertificateKeyPair certificateKeyPair2 = null;
            for (CertificateKeyPair certificateKeyPair3 : simpleJwtKeyStore.list()) {
                try {
                    certificateKeyPair3.getCertificate().checkValidity();
                    if (certificateKeyPair == null || certificateKeyPair.getCertificate().getNotAfter().getTime() > certificateKeyPair3.getCertificate().getNotAfter().getTime()) {
                        certificateKeyPair = certificateKeyPair3;
                    }
                    if (certificateKeyPair2 == null || certificateKeyPair2.getCertificate().getNotAfter().getTime() < certificateKeyPair3.getCertificate().getNotAfter().getTime()) {
                        certificateKeyPair2 = certificateKeyPair3;
                    }
                } catch (CertificateExpiredException | CertificateNotYetValidException e) {
                }
            }
            CertificateKeyPair certificateKeyPair4 = null;
            if (certificateKeyPair == certificateKeyPair2) {
                certificateKeyPair4 = certificateKeyPair;
            } else if (certificateKeyPair != null) {
                try {
                    certificateKeyPair.getCertificate().checkValidity(new Date(Instant.now().plus(simpleJwtKeyStore.getRollOverDaysBeforeExpire(), (TemporalUnit) ChronoUnit.DAYS).toEpochMilli()));
                    certificateKeyPair4 = certificateKeyPair;
                } catch (CertificateExpiredException | CertificateNotYetValidException e2) {
                    certificateKeyPair4 = certificateKeyPair2;
                }
            }
            return certificateKeyPair4;
        }
    },
    NEWER { // from class: org.iplass.mtp.impl.auth.oauth.jwt.JwtKeyRolloverType.3
        @Override // org.iplass.mtp.impl.auth.oauth.jwt.JwtKeyRolloverType
        CertificateKeyPair select(SimpleJwtKeyStore simpleJwtKeyStore) {
            CertificateKeyPair certificateKeyPair = null;
            for (CertificateKeyPair certificateKeyPair2 : simpleJwtKeyStore.list()) {
                try {
                    certificateKeyPair2.getCertificate().checkValidity();
                    if (certificateKeyPair == null || certificateKeyPair.getCertificate().getNotAfter().getTime() < certificateKeyPair2.getCertificate().getNotAfter().getTime()) {
                        certificateKeyPair = certificateKeyPair2;
                    }
                } catch (CertificateExpiredException | CertificateNotYetValidException e) {
                }
            }
            return certificateKeyPair;
        }
    };

    /* JADX INFO: Access modifiers changed from: package-private */
    public abstract CertificateKeyPair select(SimpleJwtKeyStore simpleJwtKeyStore);
}
