package org.springmad.security.oauth2;

import java.util.Map;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.cloud.client.discovery.DiscoveryClient;
import org.springframework.http.HttpEntity;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpMethod;
import org.springframework.security.jwt.crypto.sign.RsaVerifier;
import org.springframework.security.jwt.crypto.sign.SignatureVerifier;
import org.springframework.security.oauth2.common.exceptions.InvalidClientException;
import org.springframework.stereotype.Component;
import org.springframework.web.client.RestTemplate;
import org.springmad.security.config.OAuth2Properties;

@Component
/* loaded from: input_file:org/springmad/security/oauth2/UaaSignatureVerifierClient.class */
public class UaaSignatureVerifierClient implements OAuth2SignatureVerifierClient {
    private final Logger log = LoggerFactory.getLogger(UaaSignatureVerifierClient.class);
    private final RestTemplate restTemplate;
    protected final OAuth2Properties oAuth2Properties;

    public UaaSignatureVerifierClient(DiscoveryClient discoveryClient, @Qualifier("loadBalancedRestTemplate") RestTemplate restTemplate, OAuth2Properties oAuth2Properties) {
        this.restTemplate = restTemplate;
        this.oAuth2Properties = oAuth2Properties;
        discoveryClient.getServices();
    }

    @Override // org.springmad.security.oauth2.OAuth2SignatureVerifierClient
    public SignatureVerifier getSignatureVerifier() throws Exception {
        try {
            return new RsaVerifier((String) ((Map) this.restTemplate.exchange(getPublicKeyEndpoint(), HttpMethod.GET, new HttpEntity(new HttpHeaders()), Map.class, new Object[0]).getBody()).get("value"));
        } catch (IllegalStateException e) {
            this.log.warn("could not contact UAA to get public key");
            return null;
        }
    }

    private String getPublicKeyEndpoint() {
        String publicKeyEndpointUri = this.oAuth2Properties.getSignatureVerification().getPublicKeyEndpointUri();
        if (publicKeyEndpointUri == null) {
            throw new InvalidClientException("no token endpoint configured in application properties");
        }
        return publicKeyEndpointUri;
    }
}
