package io.cellery.security.cell.sts.server.jwks;

import com.nimbusds.jose.JWSAlgorithm;
import com.nimbusds.jose.jwk.KeyUse;
import com.nimbusds.jose.jwk.RSAKey;
import io.cellery.security.cell.sts.server.utils.CertificateUtils;
import java.security.NoSuchAlgorithmException;
import java.security.PublicKey;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.interfaces.RSAPublicKey;
import java.text.ParseException;
import java.util.Map;
import org.json.JSONArray;
import org.json.JSONObject;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:io/cellery/security/cell/sts/server/jwks/JWKSResponseBuilder.class */
public class JWKSResponseBuilder {
    private static final Logger log = LoggerFactory.getLogger((Class<?>) JWKSResponseBuilder.class);

    public static String buildResponse(PublicKey publicKey, Certificate certificate) throws CertificateException, NoSuchAlgorithmException, ParseException {
        JSONArray jSONArray = new JSONArray();
        JSONObject jSONObject = new JSONObject();
        if (publicKey instanceof RSAPublicKey) {
            RSAKey.Builder builder = new RSAKey.Builder((RSAPublicKey) publicKey);
            builder.keyID(CertificateUtils.getThumbPrint(certificate));
            builder.algorithm(JWSAlgorithm.RS256);
            builder.keyUse(KeyUse.parse("sig"));
            jSONArray.put((Map<?, ?>) builder.build().toJSONObject());
            jSONObject.put("keys", jSONArray);
            log.debug(jSONObject.toString());
        }
        return jSONObject.toString();
    }
}
