package org.keycloak.keys;

import java.util.Collections;
import java.util.List;
import javax.crypto.SecretKey;
import org.jboss.logging.Logger;
import org.keycloak.common.util.KeyUtils;
import org.keycloak.common.util.Time;
import org.keycloak.models.utils.KeycloakModelUtils;

/* loaded from: input_file:org/keycloak/keys/FailsafeHmacKeyProvider.class */
public class FailsafeHmacKeyProvider implements HmacKeyProvider {
    private static final Logger logger = Logger.getLogger(FailsafeHmacKeyProvider.class);
    private static String KID;
    private static SecretKey KEY;
    private static long EXPIRES;
    private SecretKey key;
    private String kid;

    public FailsafeHmacKeyProvider() {
        logger.errorv("No active keys found, using failsafe provider, please login to admin console to add keys. Clustering is not supported.", new Object[0]);
        synchronized (FailsafeHmacKeyProvider.class) {
            if (EXPIRES < Time.currentTime()) {
                KEY = KeyUtils.loadSecretKey(KeycloakModelUtils.generateSecret(32));
                KID = KeycloakModelUtils.generateId();
                EXPIRES = Time.currentTime() + 600;
                if (EXPIRES > 0) {
                    logger.warnv("Keys expired, re-generated kid={0}", KID);
                }
            }
            this.kid = KID;
            this.key = KEY;
        }
    }

    public String getKid() {
        return this.kid;
    }

    public SecretKey getSecretKey() {
        return this.key;
    }

    public SecretKey getSecretKey(String str) {
        if (str.equals(this.kid)) {
            return this.key;
        }
        return null;
    }

    public List<HmacKeyMetadata> getKeyMetadata() {
        return Collections.emptyList();
    }

    public void close() {
    }
}
