package org.trellisldp.auth.oauth;

import io.jsonwebtoken.Claims;
import io.jsonwebtoken.JwsHeader;
import io.jsonwebtoken.JwtException;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SigningKeyResolverAdapter;
import io.jsonwebtoken.io.JacksonDeserializer;
import io.jsonwebtoken.security.SecurityException;
import java.io.IOException;
import java.io.InputStream;
import java.math.BigInteger;
import java.net.URL;
import java.security.Key;
import java.util.Base64;
import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import org.apache.commons.io.IOUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/trellisldp/auth/oauth/JwksAuthenticator.class */
public class JwksAuthenticator implements Authenticator {
    private static final Logger LOGGER = LoggerFactory.getLogger(JwksAuthenticator.class);
    private final Map<String, Key> keys;

    public JwksAuthenticator(String str) {
        this.keys = buildKeys(str);
    }

    @Override // org.trellisldp.auth.oauth.Authenticator
    public Claims parse(String str) {
        return (Claims) Jwts.parser().setSigningKeyResolver(new SigningKeyResolverAdapter() { // from class: org.trellisldp.auth.oauth.JwksAuthenticator.1
            public Key resolveSigningKey(JwsHeader jwsHeader, Claims claims) {
                String keyId = jwsHeader.getKeyId();
                if (Objects.isNull(keyId)) {
                    throw new JwtException("Missing Key ID (kid) header field");
                }
                if (JwksAuthenticator.this.keys.containsKey(keyId)) {
                    return (Key) JwksAuthenticator.this.keys.get(keyId);
                }
                throw new SecurityException("Could not locate key: " + keyId);
            }
        }).parseClaimsJws(str).getBody();
    }

    private static Map<String, Key> buildKeys(String str) {
        HashMap hashMap = new HashMap();
        JacksonDeserializer jacksonDeserializer = new JacksonDeserializer();
        HashMap hashMap2 = new HashMap();
        try {
            InputStream inputStream = new URL(str).openConnection().getInputStream();
            Throwable th = null;
            try {
                try {
                    Map map = (Map) jacksonDeserializer.deserialize(IOUtils.toByteArray(inputStream));
                    hashMap2.getClass();
                    map.forEach((v1, v2) -> {
                        r1.put(v1, v2);
                    });
                    if (inputStream != null) {
                        if (0 != 0) {
                            try {
                                inputStream.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            inputStream.close();
                        }
                    }
                } finally {
                }
            } finally {
            }
        } catch (IOException e) {
            LOGGER.error("Error fetching/parsing jwk document", e);
        }
        for (Map map2 : (List) hashMap2.getOrDefault("keys", Collections.emptyList())) {
            OAuthUtils.buildRSAPublicKey("RSA", new BigInteger(1, Base64.getUrlDecoder().decode((String) map2.get("n"))), new BigInteger(1, Base64.getUrlDecoder().decode((String) map2.get("e")))).ifPresent(key -> {
            });
        }
        return hashMap;
    }
}
