package net.shibboleth.oidc.security.jose.impl;

import com.nimbusds.openid.connect.sdk.rp.OIDCClientInformation;
import java.util.Collections;
import java.util.List;
import java.util.function.Function;
import java.util.function.Predicate;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
import net.shibboleth.oidc.security.jose.criterion.ClientInformationCriterion;
import net.shibboleth.utilities.java.support.annotation.ParameterName;
import net.shibboleth.utilities.java.support.logic.Constraint;
import net.shibboleth.utilities.java.support.resolver.CriteriaSet;
import org.opensaml.xmlsec.algorithm.AlgorithmRegistry;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:net/shibboleth/oidc/security/jose/impl/ClientInformationDataEncryptionAlgorithmsLookupStrategy.class */
public class ClientInformationDataEncryptionAlgorithmsLookupStrategy extends DefaultDataEncryptionAlgorithmsLookupStrategy {

    @Nonnull
    private final Logger log;

    @Nonnull
    private final Function<OIDCClientInformation, String> clientEncryptionMethodLookupStrategy;

    public ClientInformationDataEncryptionAlgorithmsLookupStrategy(@Nonnull @ParameterName(name = "clientEncryptionMethodLookupStrategy") Function<OIDCClientInformation, String> function, @Nullable @ParameterName(name = "AlgorithmRegistry") AlgorithmRegistry algorithmRegistry) {
        super(algorithmRegistry);
        this.log = LoggerFactory.getLogger(ClientInformationDataEncryptionAlgorithmsLookupStrategy.class);
        this.clientEncryptionMethodLookupStrategy = (Function) Constraint.isNotNull(function, "The client key transport lookup strategy can not be null");
    }

    public ClientInformationDataEncryptionAlgorithmsLookupStrategy(@Nonnull @ParameterName(name = "clientEncryptionMethodLookupStrategy") Function<OIDCClientInformation, String> function) {
        this(function, null);
    }

    /* JADX WARN: Can't rename method to resolve collision */
    @Override // net.shibboleth.oidc.security.jose.impl.DefaultDataEncryptionAlgorithmsLookupStrategy, java.util.function.BiFunction
    public List<String> apply(CriteriaSet criteriaSet, Predicate<String> predicate) {
        OIDCClientInformation oIDCClientInformation = null;
        if (criteriaSet.contains(ClientInformationCriterion.class)) {
            oIDCClientInformation = ((ClientInformationCriterion) criteriaSet.get(ClientInformationCriterion.class)).getOidcClientInformation();
        }
        if (oIDCClientInformation == null) {
            this.log.debug("No client metadata, falling back to default local behaviour");
            return super.apply(criteriaSet, predicate);
        }
        String apply = this.clientEncryptionMethodLookupStrategy.apply(oIDCClientInformation);
        this.log.trace("Resolved effective data encryption algorithms from client metadata: {}", apply);
        if (apply == null) {
            this.log.debug("Client metadata does not contain 'enc' algorithm value, returning empty list");
            return Collections.emptyList();
        }
        List<String> dataEncryptionAlgorithmsFromConfiguration = getDataEncryptionAlgorithmsFromConfiguration(criteriaSet, predicate);
        this.log.trace("Resolved supported data encryption algorithms from config: {}", dataEncryptionAlgorithmsFromConfiguration);
        if (dataEncryptionAlgorithmsFromConfiguration.contains(apply)) {
            this.log.debug("The algorithm configured in the metadata is supported");
            return List.of(apply);
        }
        this.log.warn("No supported data encryption method. Client metadata and configuration are not compatible");
        return Collections.emptyList();
    }
}
