package io.fusionauth.jwks;

import com.fasterxml.jackson.databind.JsonNode;
import io.fusionauth.jwks.domain.JSONWebKey;
import io.fusionauth.jwt.json.Mapper;
import java.io.BufferedInputStream;
import java.io.InputStream;
import java.net.HttpURLConnection;
import java.net.URL;
import java.util.List;
import java.util.function.Function;

/* loaded from: input_file:io/fusionauth/jwks/JSONWebKeySetHelper.class */
public class JSONWebKeySetHelper {

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:io/fusionauth/jwks/JSONWebKeySetHelper$Connection.class */
    public static class Connection {
        public int status;
        public HttpURLConnection connection;

        private Connection() {
        }
    }

    /* loaded from: input_file:io/fusionauth/jwks/JSONWebKeySetHelper$JSONWebKeySetException.class */
    public static class JSONWebKeySetException extends RuntimeException {
        public JSONWebKeySetException(String str) {
            super(str);
        }

        public JSONWebKeySetException(String str, Throwable th) {
            super(str, th);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:io/fusionauth/jwks/JSONWebKeySetHelper$JSONWebKeySetResponse.class */
    public static class JSONWebKeySetResponse {
        public List<JSONWebKey> keys;

        private JSONWebKeySetResponse() {
        }
    }

    public static List<JSONWebKey> retrieveKeysFromIssuer(String str) {
        return retrieveKeysFromWellKnownConfiguration(str + "/.well-known/openid-configuration");
    }

    private static <T> T get(String str, Function<InputStream, T> function) {
        try {
            HttpURLConnection httpURLConnection = (HttpURLConnection) new URL(str).openConnection();
            httpURLConnection.setDoOutput(true);
            httpURLConnection.setConnectTimeout(3000);
            httpURLConnection.setReadTimeout(2000);
            httpURLConnection.setRequestMethod("GET");
            httpURLConnection.addRequestProperty("User-Agent", "fusionauth-jwt (https://github.com/FusionAuth/fusionauth-jwt)");
            httpURLConnection.connect();
            Connection connection = new Connection();
            connection.connection = httpURLConnection;
            try {
                connection.status = httpURLConnection.getResponseCode();
                if (connection.status < 200 || connection.status > 299) {
                    throw new JSONWebKeySetException("Failed to make a request to [" + str + "], a status code of [" + connection.status + "] was returned.");
                }
                try {
                    BufferedInputStream bufferedInputStream = new BufferedInputStream(connection.connection.getInputStream());
                    Throwable th = null;
                    try {
                        T apply = function.apply(bufferedInputStream);
                        if (bufferedInputStream != null) {
                            if (0 != 0) {
                                try {
                                    bufferedInputStream.close();
                                } catch (Throwable th2) {
                                    th.addSuppressed(th2);
                                }
                            } else {
                                bufferedInputStream.close();
                            }
                        }
                        return apply;
                    } finally {
                    }
                } catch (Exception e) {
                    throw new JSONWebKeySetException("Failed to parse the response as JSON from [" + str + "].", e);
                }
            } catch (Exception e2) {
                throw new JSONWebKeySetException("Failed to make a request to [" + str + "].", e2);
            }
        } catch (Exception e3) {
            throw new JSONWebKeySetException("Failed to connect to [" + str + "].", e3);
        }
    }

    public static List<JSONWebKey> retrieveKeysFromWellKnownConfiguration(String str) {
        return (List) get(str, inputStream -> {
            JsonNode at = ((JsonNode) Mapper.deserialize(inputStream, JsonNode.class)).at("/jwks_uri");
            if (at.isMissingNode()) {
                throw new JSONWebKeySetException("The well-known endpoint [" + str + "] has not defined a JSON Web Key Set endpoint. Missing the [jwks_uri] property.");
            }
            return retrieveKeysFromJWKS(at.asText());
        });
    }

    public static List<JSONWebKey> retrieveKeysFromJWKS(String str) {
        return (List) get(str, inputStream -> {
            return ((JSONWebKeySetResponse) Mapper.deserialize(inputStream, JSONWebKeySetResponse.class)).keys;
        });
    }
}
