package com.microsoft.bot.connector.authentication;

import com.auth0.jwk.Jwk;
import com.auth0.jwk.JwkException;
import com.auth0.jwk.SigningKeyNotFoundException;
import com.auth0.jwk.UrlJwkProvider;
import com.fasterxml.jackson.core.type.TypeReference;
import com.fasterxml.jackson.databind.ObjectMapper;
import java.io.IOException;
import java.net.URL;
import java.security.interfaces.RSAPublicKey;
import java.time.Duration;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.stream.Collectors;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:com/microsoft/bot/connector/authentication/CachingOpenIdMetadata.class */
public class CachingOpenIdMetadata implements OpenIdMetadata {
    private static final Logger LOGGER = LoggerFactory.getLogger(CachingOpenIdMetadata.class);
    private static final int CACHE_DAYS = 5;
    private String url;
    private long lastUpdated;
    private Map<String, Jwk> keyCache = new HashMap();
    private final Object sync = new Object();
    private ObjectMapper mapper = new ObjectMapper().findAndRegisterModules();

    /* JADX INFO: Access modifiers changed from: package-private */
    public CachingOpenIdMetadata(String str) {
        this.url = str;
    }

    @Override // com.microsoft.bot.connector.authentication.OpenIdMetadata
    public OpenIdMetadataKey getKey(String str) {
        OpenIdMetadataKey findKey;
        synchronized (this.sync) {
            if (this.lastUpdated < System.currentTimeMillis() - Duration.ofDays(5L).toMillis()) {
                refreshCache();
            }
            findKey = findKey(str);
        }
        return findKey;
    }

    private void refreshCache() {
        this.keyCache.clear();
        try {
            URL url = new URL((String) ((HashMap) this.mapper.readValue(new URL(this.url), new TypeReference<HashMap<String, Object>>() { // from class: com.microsoft.bot.connector.authentication.CachingOpenIdMetadata.1
            })).get("jwks_uri"));
            this.lastUpdated = System.currentTimeMillis();
            this.keyCache = (Map) new UrlJwkProvider(url).getAll().stream().collect(Collectors.toMap((v0) -> {
                return v0.getId();
            }, jwk -> {
                return jwk;
            }));
        } catch (SigningKeyNotFoundException e) {
            LOGGER.error("refreshCache", e);
            this.lastUpdated = 0L;
        } catch (IOException e2) {
            LOGGER.error(String.format("Failed to load openID config: %s", e2.getMessage()));
            this.lastUpdated = 0L;
        }
    }

    private OpenIdMetadataKey findKey(String str) {
        if (!this.keyCache.containsKey(str)) {
            LOGGER.warn("findKey: keyId " + str + " doesn't exist.");
            return null;
        }
        try {
            Jwk jwk = this.keyCache.get(str);
            OpenIdMetadataKey openIdMetadataKey = new OpenIdMetadataKey();
            openIdMetadataKey.key = (RSAPublicKey) jwk.getPublicKey();
            openIdMetadataKey.endorsements = (List) jwk.getAdditionalAttributes().get("endorsements");
            openIdMetadataKey.certificateChain = jwk.getCertificateChain();
            return openIdMetadataKey;
        } catch (JwkException e) {
            LOGGER.warn(String.format("Failed to load keys: %s", e.getMessage()));
            return null;
        }
    }
}
