package io.cellery.security.cell.sts.server.core.validators;

import com.nimbusds.jose.jwk.source.RemoteJWKSet;
import com.nimbusds.jose.proc.SecurityContext;
import com.nimbusds.jose.util.DefaultResourceRetriever;
import io.cellery.security.cell.sts.server.core.exception.TokenValidationFailureException;
import java.net.MalformedURLException;
import java.net.URL;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

/* loaded from: input_file:io/cellery/security/cell/sts/server/core/validators/JWKSourceDataProvider.class */
public class JWKSourceDataProvider {
    private static final int DEFAULT_HTTP_CONNECTION_TIMEOUT = 1000;
    private static final int DEFAULT_HTTP_READ_TIMEOUT = 1000;
    private static final Log log = LogFactory.getLog(JWKSourceDataProvider.class);
    private static JWKSourceDataProvider jwkSourceDataProvider = new JWKSourceDataProvider();
    private Map<String, RemoteJWKSet<SecurityContext>> jwkSourceMap = new ConcurrentHashMap();

    private JWKSourceDataProvider() {
    }

    public static JWKSourceDataProvider getInstance() {
        return jwkSourceDataProvider;
    }

    public RemoteJWKSet<SecurityContext> getJWKSource(String str) throws MalformedURLException {
        RemoteJWKSet<SecurityContext> remoteJWKSet = this.jwkSourceMap.get(str);
        if (remoteJWKSet == null) {
            remoteJWKSet = retrieveJWKSFromJWKSEndpoint(str);
            this.jwkSourceMap.put(str, remoteJWKSet);
        }
        return remoteJWKSet;
    }

    public Map<String, RemoteJWKSet<SecurityContext>> getJwkSourceMap() {
        return this.jwkSourceMap;
    }

    public void refreshJWKSResource(String str) throws TokenValidationFailureException {
        try {
            this.jwkSourceMap.remove(str);
            this.jwkSourceMap.put(str, retrieveJWKSFromJWKSEndpoint(str));
        } catch (MalformedURLException e) {
            throw new TokenValidationFailureException("Provided URI is malformed. jwks_uri: " + str, e);
        }
    }

    private RemoteJWKSet<SecurityContext> retrieveJWKSFromJWKSEndpoint(String str) throws MalformedURLException {
        return new RemoteJWKSet<>(new URL(str), new DefaultResourceRetriever(1000, 1000, RemoteJWKSet.DEFAULT_HTTP_SIZE_LIMIT));
    }
}
