package org.wildfly.security.http.oidc;

import java.security.PublicKey;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
import org.apache.http.client.methods.HttpGet;
import org.wildfly.security.jose.jwk.JWK;
import org.wildfly.security.jose.jwk.JsonWebKeySet;
import org.wildfly.security.jose.jwk.JsonWebKeySetUtil;

/* loaded from: input_file:org/wildfly/security/http/oidc/JWKEncPublicKeyLocator.class */
class JWKEncPublicKeyLocator implements PublicKeyLocator {
    private List<PublicKey> currentKeys = new ArrayList();
    private volatile int lastRequestTime = 0;

    @Override // org.wildfly.security.http.oidc.PublicKeyLocator
    public PublicKey getPublicKey(String str, OidcClientConfiguration oidcClientConfiguration) {
        PublicKey lookupCachedKey;
        int minTimeBetweenJwksRequests = oidcClientConfiguration.getMinTimeBetweenJwksRequests();
        int publicKeyCacheTtl = oidcClientConfiguration.getPublicKeyCacheTtl();
        PublicKey lookupCachedKey2 = lookupCachedKey(publicKeyCacheTtl, getCurrentTime());
        if (lookupCachedKey2 != null) {
            return lookupCachedKey2;
        }
        synchronized (this) {
            int currentTime = getCurrentTime();
            if (currentTime > this.lastRequestTime + minTimeBetweenJwksRequests) {
                sendRequest(oidcClientConfiguration);
                this.lastRequestTime = currentTime;
            } else {
                ElytronMessages.log.debug("Won't send request to jwks url. Last request time was " + this.lastRequestTime);
            }
            lookupCachedKey = lookupCachedKey(publicKeyCacheTtl, currentTime);
        }
        return lookupCachedKey;
    }

    @Override // org.wildfly.security.http.oidc.PublicKeyLocator
    public void reset(OidcClientConfiguration oidcClientConfiguration) {
        synchronized (this) {
            sendRequest(oidcClientConfiguration);
            this.lastRequestTime = getCurrentTime();
        }
    }

    private PublicKey lookupCachedKey(int i, int i2) {
        if (this.lastRequestTime + i > i2) {
            return this.currentKeys.get(0);
        }
        return null;
    }

    private static int getCurrentTime() {
        return (int) (System.currentTimeMillis() / 1000);
    }

    private void sendRequest(OidcClientConfiguration oidcClientConfiguration) {
        if (ElytronMessages.log.isTraceEnabled()) {
            ElytronMessages.log.trace("Going to send request to retrieve new set of public keys to encrypt a JWT request for client " + oidcClientConfiguration.getResourceName());
        }
        HttpGet httpGet = new HttpGet(oidcClientConfiguration.getJwksUrl());
        httpGet.addHeader(Oidc.ACCEPT, Oidc.JSON_CONTENT_TYPE);
        try {
            Map keysForUse = JsonWebKeySetUtil.getKeysForUse((JsonWebKeySet) Oidc.sendJsonHttpRequest(oidcClientConfiguration, httpGet, JsonWebKeySet.class), JWK.Use.ENC);
            if (ElytronMessages.log.isDebugEnabled()) {
                ElytronMessages.log.debug("Public keys successfully retrieved for client " + oidcClientConfiguration.getResourceName() + ". New kids: " + keysForUse.keySet());
            }
            this.currentKeys.clear();
            this.currentKeys.addAll(keysForUse.values());
        } catch (OidcException e) {
            ElytronMessages.log.error("Error when sending request to retrieve public keys", e);
        }
    }
}
