package org.springframework.boot.autoconfigure.security.oauth2.server.servlet;

import com.nimbusds.jose.jwk.JWKSet;
import com.nimbusds.jose.jwk.RSAKey;
import com.nimbusds.jose.jwk.source.ImmutableJWKSet;
import com.nimbusds.jose.jwk.source.JWKSource;
import com.nimbusds.jose.proc.SecurityContext;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.util.UUID;
import org.springframework.boot.autoconfigure.AutoConfiguration;
import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.autoconfigure.condition.ConditionalOnWebApplication;
import org.springframework.boot.autoconfigure.security.servlet.UserDetailsServiceAutoConfiguration;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Role;
import org.springframework.security.oauth2.jwt.JwtDecoder;
import org.springframework.security.oauth2.server.authorization.OAuth2Authorization;

@AutoConfiguration(after = {UserDetailsServiceAutoConfiguration.class})
@ConditionalOnClass({OAuth2Authorization.class})
@ConditionalOnWebApplication(type = ConditionalOnWebApplication.Type.SERVLET)
/* loaded from: input_file:BOOT-INF/lib/spring-boot-autoconfigure-3.1.11.jar:org/springframework/boot/autoconfigure/security/oauth2/server/servlet/OAuth2AuthorizationServerJwtAutoConfiguration.class */
public class OAuth2AuthorizationServerJwtAutoConfiguration {
    @ConditionalOnMissingBean
    @ConditionalOnClass({JwtDecoder.class})
    @Bean
    JwtDecoder jwtDecoder(JWKSource<SecurityContext> jWKSource) {
        return org.springframework.security.oauth2.server.authorization.config.annotation.web.configuration.OAuth2AuthorizationServerConfiguration.jwtDecoder(jWKSource);
    }

    @ConditionalOnMissingBean
    @Bean
    @Role(2)
    JWKSource<SecurityContext> jwkSource() {
        return new ImmutableJWKSet(new JWKSet(getRsaKey()));
    }

    private static RSAKey getRsaKey() {
        KeyPair generateRsaKey = generateRsaKey();
        RSAPublicKey rSAPublicKey = (RSAPublicKey) generateRsaKey.getPublic();
        return new RSAKey.Builder(rSAPublicKey).privateKey((RSAPrivateKey) generateRsaKey.getPrivate()).keyID(UUID.randomUUID().toString()).build();
    }

    private static KeyPair generateRsaKey() {
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
            keyPairGenerator.initialize(2048);
            return keyPairGenerator.generateKeyPair();
        } catch (Exception e) {
            throw new IllegalStateException(e);
        }
    }
}
