package edu.internet2.middleware.grouper.authentication;

import edu.internet2.middleware.grouper.cfg.GrouperConfig;
import edu.internet2.middleware.grouper.util.GrouperUtil;
import edu.internet2.middleware.grouperClient.util.ExpirableCache;
import edu.internet2.middleware.grouperClientExt.org.apache.commons.lang3.StringUtils;
import edu.internet2.middleware.subject.provider.SourceManager;
import java.util.ArrayList;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
import org.apache.commons.logging.Log;

/* loaded from: input_file:WEB-INF/lib/grouper-4.9.3.jar:edu/internet2/middleware/grouper/authentication/GrouperTrustedJwtConfig.class */
public class GrouperTrustedJwtConfig {
    private String subjectIdClaimName = null;
    private String subjectIdType = null;
    private Set<String> subjectSourceIds = new HashSet();
    private List<GrouperTrustedJwtConfigKey> grouperTrustedJwtConfigKeys = new ArrayList();
    private int expirationSeconds = -1;
    private static ExpirableCache<String, GrouperTrustedJwtConfig> grouperTrustedJwtConfigCache = new ExpirableCache<>(1);
    private static final Log LOG = GrouperUtil.getLog(GrouperTrustedJwtConfig.class);

    public static GrouperTrustedJwtConfig retrieveFromConfigOrCache(String str) {
        GrouperTrustedJwtConfig grouperTrustedJwtConfig = grouperTrustedJwtConfigCache.get(str);
        if (grouperTrustedJwtConfig == null) {
            grouperTrustedJwtConfig = retrieveFromConfig(str);
            if (grouperTrustedJwtConfig != null) {
                grouperTrustedJwtConfigCache.put(str, grouperTrustedJwtConfig);
            }
        }
        return grouperTrustedJwtConfig;
    }

    public static void clearCache() {
        grouperTrustedJwtConfigCache.clear();
    }

    private static GrouperTrustedJwtConfig retrieveFromConfig(String str) {
        if (!GrouperConfig.retrieveConfig().propertyValueBoolean("grouper.jwt.trusted." + str + ".enabled", true)) {
            return null;
        }
        GrouperTrustedJwtConfig grouperTrustedJwtConfig = new GrouperTrustedJwtConfig();
        for (int i = 0; i < 10; i++) {
            String propertyValueString = GrouperConfig.retrieveConfig().propertyValueString("grouper.jwt.trusted." + str + ".key." + i + ".publicKey");
            if (!StringUtils.isBlank(propertyValueString)) {
                GrouperTrustedJwtConfigKey grouperTrustedJwtConfigKey = new GrouperTrustedJwtConfigKey();
                grouperTrustedJwtConfigKey.setPublicKey(propertyValueString);
                grouperTrustedJwtConfigKey.setEncryptionType(GrouperConfig.retrieveConfig().propertyValueStringRequired("grouper.jwt.trusted." + str + ".key." + i + ".encryptionType"));
                String propertyValueString2 = GrouperConfig.retrieveConfig().propertyValueString("grouper.jwt.trusted." + str + ".key." + i + ".expiresOn");
                if (!StringUtils.isBlank(propertyValueString2)) {
                    grouperTrustedJwtConfigKey.setExpiresOn(GrouperUtil.stringToDate2(propertyValueString2));
                }
                if (!grouperTrustedJwtConfigKey.isExpired()) {
                    grouperTrustedJwtConfig.grouperTrustedJwtConfigKeys.add(grouperTrustedJwtConfigKey);
                }
            }
        }
        if (grouperTrustedJwtConfig.grouperTrustedJwtConfigKeys.size() == 0) {
            throw new RuntimeException("No valid public keys for trusted jwt configId: '" + str + "'");
        }
        grouperTrustedJwtConfig.expirationSeconds = GrouperConfig.retrieveConfig().propertyValueInt("grouper.jwt.trusted." + str + ".expirationSeconds", -1);
        if (grouperTrustedJwtConfig.expirationSeconds == 0) {
            throw new RuntimeException("expirationSeconds cannot be 0");
        }
        grouperTrustedJwtConfig.subjectSourceIds = GrouperUtil.nonNull((Set) GrouperUtil.splitTrimToSet(GrouperConfig.retrieveConfig().propertyValueString("grouper.jwt.trusted." + str + ".subjectSourceIds"), ","));
        for (String str2 : grouperTrustedJwtConfig.subjectSourceIds) {
            if (null == SourceManager.getInstance().getSource(str2)) {
                throw new RuntimeException("Cant find source: '" + str2 + "'");
            }
        }
        grouperTrustedJwtConfig.subjectIdType = GrouperConfig.retrieveConfig().propertyValueString("grouper.jwt.trusted." + str + ".subjectIdType");
        grouperTrustedJwtConfig.subjectIdClaimName = GrouperConfig.retrieveConfig().propertyValueString("grouper.jwt.trusted." + str + ".subjectIdClaimName");
        return grouperTrustedJwtConfig;
    }

    public String getSubjectIdClaimName() {
        return this.subjectIdClaimName;
    }

    public void setSubjectIdClaimName(String str) {
        this.subjectIdClaimName = str;
    }

    public String getSubjectIdType() {
        return this.subjectIdType;
    }

    public void setSubjectIdType(String str) {
        this.subjectIdType = str;
    }

    public Set<String> getSubjectSourceIds() {
        return this.subjectSourceIds;
    }

    public void setSubjectSourceIds(Set<String> set) {
        this.subjectSourceIds = set;
    }

    public List<GrouperTrustedJwtConfigKey> getGrouperTrustedJwtConfigKeys() {
        return this.grouperTrustedJwtConfigKeys;
    }

    public void setGrouperTrustedJwtConfigKeys(List<GrouperTrustedJwtConfigKey> list) {
        this.grouperTrustedJwtConfigKeys = list;
    }

    public int getExpirationSeconds() {
        return this.expirationSeconds;
    }

    public void setExpirationSeconds(int i) {
        this.expirationSeconds = i;
    }
}
