package net.shibboleth.oidc.metadata.impl;

import com.nimbusds.oauth2.sdk.ParseException;
import com.nimbusds.oauth2.sdk.util.JSONObjectUtils;
import com.nimbusds.openid.connect.sdk.rp.OIDCClientInformation;
import java.io.IOException;
import java.time.Duration;
import java.time.Instant;
import java.time.temporal.TemporalAmount;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Iterator;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
import net.shibboleth.oidc.jwk.RemoteJwkSetCache;
import net.shibboleth.oidc.metadata.ClientInformationResolver;
import net.shibboleth.oidc.metadata.criterion.ClientIDCriterion;
import net.shibboleth.utilities.java.support.annotation.constraint.NonnullAfterInit;
import net.shibboleth.utilities.java.support.annotation.constraint.Positive;
import net.shibboleth.utilities.java.support.component.ComponentInitializationException;
import net.shibboleth.utilities.java.support.component.ComponentSupport;
import net.shibboleth.utilities.java.support.logic.Constraint;
import net.shibboleth.utilities.java.support.resolver.CriteriaSet;
import net.shibboleth.utilities.java.support.resolver.ResolverException;
import org.opensaml.storage.StorageRecord;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:net/shibboleth/oidc/metadata/impl/StorageServiceClientInformationResolver.class */
public class StorageServiceClientInformationResolver extends BaseStorageServiceClientInformationComponent implements ClientInformationResolver {

    @NonnullAfterInit
    private RemoteJwkSetCache remoteJwkSetCache;

    @Nonnull
    private final Logger log = LoggerFactory.getLogger(StorageServiceClientInformationResolver.class);

    @Positive
    private Duration keyFetchInterval = Duration.ofMinutes(30);

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // net.shibboleth.oidc.metadata.impl.BaseStorageServiceClientInformationComponent
    public void doInitialize() throws ComponentInitializationException {
        super.doInitialize();
        if (this.remoteJwkSetCache == null) {
            this.log.warn("The RemoteJwkSetCache is not defined, the remote keys are not fetched automatically");
        }
    }

    public void setRemoteJwkSetCache(@Nonnull RemoteJwkSetCache remoteJwkSetCache) {
        ComponentSupport.ifInitializedThrowUnmodifiabledComponentException(this);
        ComponentSupport.ifDestroyedThrowDestroyedComponentException(this);
        this.remoteJwkSetCache = (RemoteJwkSetCache) Constraint.isNotNull(remoteJwkSetCache, "The remote JWK set cache cannot be null");
    }

    public void setKeyFetchInterval(@Positive Duration duration) {
        ComponentSupport.ifInitializedThrowUnmodifiabledComponentException(this);
        ComponentSupport.ifDestroyedThrowDestroyedComponentException(this);
        Constraint.isFalse(duration == null || duration.isNegative(), "Remote key refresh must be greater than 0");
        this.keyFetchInterval = duration;
    }

    @Nullable
    public Iterable<OIDCClientInformation> resolve(@Nullable CriteriaSet criteriaSet) throws ResolverException {
        ComponentSupport.ifNotInitializedThrowUninitializedComponentException(this);
        ComponentSupport.ifDestroyedThrowDestroyedComponentException(this);
        ClientIDCriterion clientIDCriterion = (ClientIDCriterion) criteriaSet.get(ClientIDCriterion.class);
        if (clientIDCriterion == null || clientIDCriterion.getClientID() == null) {
            this.log.info("No client ID criteria found, returning empty set.");
            return Collections.emptyList();
        }
        String value = clientIDCriterion.getClientID().getValue();
        ArrayList arrayList = new ArrayList();
        try {
            StorageRecord read = getStorageService().read(BaseStorageServiceClientInformationComponent.CONTEXT_NAME, value);
            if (read == null) {
                this.log.debug("Could not find any records with clientId {}", value);
            } else {
                OIDCClientInformation parse = OIDCClientInformation.parse(JSONObjectUtils.parse(read.getValue()));
                this.log.debug("Found a record with clientId {}", value);
                if (parse.getOIDCMetadata().getJWKSetURI() != null && this.remoteJwkSetCache != null) {
                    parse.getOIDCMetadata().setJWKSet(this.remoteJwkSetCache.fetch(parse.getOIDCMetadata().getJWKSetURI(), Instant.now().plus((TemporalAmount) this.keyFetchInterval)));
                }
                arrayList.add(parse);
            }
        } catch (IOException | ParseException e) {
            this.log.error("Could not read the storage data", e);
        }
        return arrayList;
    }

    @Nullable
    public OIDCClientInformation resolveSingle(@Nullable CriteriaSet criteriaSet) throws ResolverException {
        Iterator<OIDCClientInformation> it;
        Iterable<OIDCClientInformation> resolve = resolve(criteriaSet);
        if (resolve != null && (it = resolve.iterator()) != null && it.hasNext()) {
            return it.next();
        }
        this.log.warn("Could not find any clients with the given criteria");
        return null;
    }
}
