package net.shibboleth.oidc.jwk.support;

import com.nimbusds.jose.jwk.JWKSet;
import com.nimbusds.jose.util.JSONObjectUtils;
import java.io.IOException;
import java.net.URI;
import java.text.ParseException;
import java.util.Map;
import org.apache.http.HttpResponse;
import org.apache.http.client.HttpClient;
import org.apache.http.client.methods.HttpUriRequest;
import org.apache.http.client.methods.RequestBuilder;
import org.apache.http.client.protocol.HttpClientContext;
import org.apache.http.protocol.HttpContext;
import org.apache.http.util.EntityUtils;
import org.opensaml.security.httpclient.HttpClientSecurityParameters;
import org.opensaml.security.httpclient.HttpClientSecuritySupport;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:net/shibboleth/oidc/jwk/support/RemoteJwkUtils.class */
public final class RemoteJwkUtils {
    private RemoteJwkUtils() {
    }

    public static JWKSet fetchRemoteJwkSet(String str, URI uri, HttpClient httpClient, HttpClientSecurityParameters httpClientSecurityParameters) {
        Logger logger = LoggerFactory.getLogger(RemoteJwkUtils.class);
        try {
            HttpUriRequest build = RequestBuilder.get().setUri(uri).build();
            HttpClientContext create = HttpClientContext.create();
            HttpClientSecuritySupport.marshalSecurityParameters(create, httpClientSecurityParameters, true);
            HttpClientSecuritySupport.addDefaultTLSTrustEngineCriteria(create, build);
            HttpResponse execute = httpClient.execute(build, (HttpContext) create);
            HttpClientSecuritySupport.checkTLSCredentialEvaluated(create, build.getURI().getScheme());
            if (execute == null) {
                logger.error("{} Could not get the JWK contents from {}", str, uri);
                return null;
            }
            try {
                try {
                    String entityUtils = EntityUtils.toString(execute.getEntity(), "UTF-8");
                    EntityUtils.consumeQuietly(execute.getEntity());
                    logger.trace("{} Fetched the following response body: {}", str, entityUtils);
                    try {
                        Map parse = JSONObjectUtils.parse(entityUtils);
                        if (JSONObjectUtils.getJSONArray(parse, "keys") != null) {
                            return JWKSet.parse(parse);
                        }
                        logger.error("{} Could not find 'keys' array from the JSON from {}", str, uri);
                        return null;
                    } catch (ParseException e) {
                        logger.error("{} Could not parse the contents from {}", new Object[]{str, uri, e});
                        return null;
                    }
                } catch (IOException | org.apache.http.ParseException e2) {
                    logger.error("{} Could not parse the JWK contents from {}", str, uri);
                    EntityUtils.consumeQuietly(execute.getEntity());
                    return null;
                }
            } catch (Throwable th) {
                EntityUtils.consumeQuietly(execute.getEntity());
                throw th;
            }
        } catch (IOException e3) {
            logger.error("{} Could not get the JWK contents from {}", new Object[]{str, uri, e3});
            return null;
        }
    }
}
