package org.mitre.jwt.signer.service.impl;

import com.google.common.base.Strings;
import com.google.common.cache.CacheBuilder;
import com.google.common.cache.CacheLoader;
import com.google.common.cache.LoadingCache;
import com.google.common.collect.ImmutableMap;
import com.google.common.util.concurrent.UncheckedExecutionException;
import com.nimbusds.jose.jwk.JWK;
import com.nimbusds.jose.jwk.KeyUse;
import com.nimbusds.jose.jwk.OctetSequenceKey;
import com.nimbusds.jose.util.Base64URL;
import java.security.NoSuchAlgorithmException;
import java.security.spec.InvalidKeySpecException;
import java.util.Map;
import java.util.concurrent.ExecutionException;
import java.util.concurrent.TimeUnit;
import org.mitre.jwt.signer.service.JWTSigningAndValidationService;
import org.mitre.oauth2.model.ClientDetailsEntity;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Service;

@Service
/* loaded from: input_file:org/mitre/jwt/signer/service/impl/SymmetricKeyJWTValidatorCacheService.class */
public class SymmetricKeyJWTValidatorCacheService {
    private static final Logger logger = LoggerFactory.getLogger(SymmetricKeyJWTValidatorCacheService.class);
    private LoadingCache<String, JWTSigningAndValidationService> validators = CacheBuilder.newBuilder().expireAfterAccess(24, TimeUnit.HOURS).maximumSize(100).build(new SymmetricValidatorBuilder());

    /* loaded from: input_file:org/mitre/jwt/signer/service/impl/SymmetricKeyJWTValidatorCacheService$SymmetricValidatorBuilder.class */
    public class SymmetricValidatorBuilder extends CacheLoader<String, JWTSigningAndValidationService> {
        public SymmetricValidatorBuilder() {
        }

        public JWTSigningAndValidationService load(String str) throws Exception {
            try {
                return new DefaultJWTSigningAndValidationService((Map<String, JWK>) ImmutableMap.of("SYMMETRIC-KEY", new OctetSequenceKey.Builder(Base64URL.encode(str)).keyUse(KeyUse.SIGNATURE).keyID("SYMMETRIC-KEY").build()));
            } catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
                SymmetricKeyJWTValidatorCacheService.logger.error("Couldn't create symmetric validator for client", e);
                throw new IllegalArgumentException("Couldn't create symmetric validator for client");
            }
        }
    }

    public JWTSigningAndValidationService getSymmetricValidtor(ClientDetailsEntity clientDetailsEntity) {
        if (clientDetailsEntity == null) {
            logger.error("Couldn't create symmetric validator for null client");
            return null;
        }
        if (Strings.isNullOrEmpty(clientDetailsEntity.getClientSecret())) {
            logger.error("Couldn't create symmetric validator for client " + clientDetailsEntity.getClientId() + " without a client secret");
            return null;
        }
        try {
            return (JWTSigningAndValidationService) this.validators.get(clientDetailsEntity.getClientSecret());
        } catch (UncheckedExecutionException e) {
            logger.error("Problem loading client validator", e);
            return null;
        } catch (ExecutionException e2) {
            logger.error("Problem loading client validator", e2);
            return null;
        }
    }
}
