package org.wildfly.swarm.microprofile.jwtauth.deployment.auth;

import io.undertow.security.api.AuthenticationMechanism;
import io.undertow.security.api.AuthenticationMechanismFactory;
import io.undertow.server.handlers.form.FormParserFactory;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
import java.lang.annotation.Annotation;
import java.net.URL;
import java.security.interfaces.RSAPublicKey;
import java.util.Map;
import java.util.Optional;
import javax.annotation.PostConstruct;
import javax.enterprise.context.ApplicationScoped;
import javax.enterprise.inject.spi.CDI;
import org.jboss.logging.Logger;
import org.wildfly.swarm.microprofile.jwtauth.deployment.principal.JWTAuthContextInfo;

@ApplicationScoped
/* loaded from: input_file:org/wildfly/swarm/microprofile/jwtauth/deployment/auth/JWTAuthMechanismFactory.class */
public class JWTAuthMechanismFactory implements AuthenticationMechanismFactory {
    private static Logger log = Logger.getLogger(JWTAuthMechanismFactory.class);

    @PostConstruct
    public void init() {
        log.debugf("init", new Object[0]);
    }

    public AuthenticationMechanism create(String str, FormParserFactory formParserFactory, Map<String, String> map) {
        JWTAuthContextInfo jWTAuthContextInfo;
        URL resource;
        URL resource2;
        URL resource3;
        ClassLoader contextClassLoader = Thread.currentThread().getContextClassLoader();
        Optional empty = Optional.empty();
        try {
            empty = Optional.of((JWTAuthContextInfo) CDI.current().select(JWTAuthContextInfo.class, new Annotation[0]).get());
        } catch (Exception e) {
            log.debugf(e, "Unable to select JWTAuthContextInfo provider", new Object[0]);
        }
        if (empty.isPresent()) {
            jWTAuthContextInfo = (JWTAuthContextInfo) empty.get();
        } else {
            jWTAuthContextInfo = new JWTAuthContextInfo();
            String str2 = map.get("issuedBy");
            if (str2 == null) {
                URL resource4 = contextClassLoader.getResource("/META-INF/MP-JWT-ISSUER");
                if (resource4 == null) {
                    throw new IllegalStateException("No issuedBy parameter was found");
                }
                String readURLContent = readURLContent(resource4);
                if (readURLContent == null) {
                    throw new IllegalStateException("No issuedBy parameter was found");
                }
                str2 = readURLContent.trim();
            }
            jWTAuthContextInfo.setIssuedBy(str2);
            String str3 = map.get("signerPubKey");
            if (str3 == null && (resource3 = contextClassLoader.getResource("/META-INF/MP-JWT-SIGNER")) != null) {
                str3 = readURLContent(resource3);
            }
            if (str3 == null) {
                String str4 = map.get("jwksUri");
                if (str4 == null && (resource2 = contextClassLoader.getResource("/META-INF/MP-JWT-JWKS")) != null) {
                    str4 = readURLContent(resource2);
                }
                if (str4 == null) {
                    throw new IllegalStateException("Neither a static key nor a JWKS URI was set.");
                }
                jWTAuthContextInfo.setJwksUri(str4.trim());
                String str5 = map.get("jwksRefreshInterval");
                if (str5 == null && (resource = contextClassLoader.getResource("/META-INF/MP-JWT-JWKS-REFRESH")) != null) {
                    str5 = readURLContent(resource);
                }
                if (str5 == null) {
                    throw new IllegalStateException("JWKS Refresh Interval should be set when JWKS URI is used.");
                }
                jWTAuthContextInfo.setJwksRefreshInterval(Integer.valueOf(str5.trim()));
            } else {
                try {
                    jWTAuthContextInfo.setSignerKey((RSAPublicKey) KeyUtils.decodePublicKey(str3.replace(' ', '+')));
                } catch (Exception e2) {
                    throw new IllegalStateException(e2);
                }
            }
        }
        return new JWTAuthMechanism(jWTAuthContextInfo);
    }

    private String readURLContent(URL url) {
        StringBuilder sb = new StringBuilder();
        try {
            BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(url.openStream()));
            for (String readLine = bufferedReader.readLine(); readLine != null; readLine = bufferedReader.readLine()) {
                sb.append(readLine);
                sb.append('\n');
            }
            bufferedReader.close();
        } catch (IOException e) {
            log.warnf("Failed to read content from: %s, error=%s", url, e.getMessage());
        }
        return sb.toString();
    }
}
