package io.confluent.security.fixtures.OpenId;

import com.fasterxml.jackson.annotation.JsonCreator;
import com.fasterxml.jackson.annotation.JsonProperty;
import io.confluent.security.authentication.http.HttpClient;
import io.confluent.security.authentication.oauthbearer.SignatureAlgorithm;
import java.net.URI;
import java.util.ArrayList;
import java.util.Collection;
import javax.ws.rs.client.Entity;
import javax.ws.rs.client.Invocation;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;

/* loaded from: input_file:io/confluent/security/fixtures/OpenId/HydraAdminImpl.class */
public class HydraAdminImpl implements ProviderAdmin {
    private final HttpClient httpClient;
    private final URI clientsUri;
    private final URI jwksUri;

    /* loaded from: input_file:io/confluent/security/fixtures/OpenId/HydraAdminImpl$JsonWebKeyRegistration.class */
    private static class JsonWebKeyRegistration {
        private final SignatureAlgorithm alg;
        private final String kid;
        private final KeyUse use = KeyUse.SIG;

        /* loaded from: input_file:io/confluent/security/fixtures/OpenId/HydraAdminImpl$JsonWebKeyRegistration$KeyUse.class */
        public enum KeyUse {
            ENC,
            SIG
        }

        public JsonWebKeyRegistration(SignatureAlgorithm signatureAlgorithm, String str) {
            this.alg = signatureAlgorithm;
            this.kid = str;
        }

        @JsonProperty("alg")
        public SignatureAlgorithm alg() {
            return this.alg;
        }

        @JsonProperty("kid")
        public String kid() {
            return this.kid;
        }

        @JsonProperty("use")
        public KeyUse use() {
            return this.use;
        }
    }

    /* loaded from: input_file:io/confluent/security/fixtures/OpenId/HydraAdminImpl$ListClientsResponse.class */
    private static class ListClientsResponse {
        private final ArrayList<ClientRegistration> clients;

        @JsonCreator
        public ListClientsResponse(ArrayList<ClientRegistration> arrayList) {
            this.clients = arrayList;
        }

        public Collection<ClientRegistration> clients() {
            return this.clients;
        }
    }

    public HydraAdminImpl(HttpClient httpClient, URI uri) {
        this.httpClient = httpClient;
        this.clientsUri = uri.resolve("/clients");
        this.jwksUri = uri.resolve("/keys/hydra.jwt.access-token");
    }

    public static HydraAdminImpl newClient(HttpClient httpClient, URI uri) {
        return new HydraAdminImpl(httpClient, uri);
    }

    @Override // io.confluent.security.fixtures.OpenId.DynamicClientRegistrationApi
    public ClientRegistration registerClient(ClientRegistration clientRegistration) {
        return (ClientRegistration) handleResponse(clients().post(Entity.json(clientRegistration)), ClientRegistration.class);
    }

    @Override // io.confluent.security.fixtures.OpenId.DynamicClientRegistrationApi
    public ClientRegistration readClient(String str) {
        return (ClientRegistration) handleResponse(clients(str).get(), ClientRegistration.class);
    }

    @Override // io.confluent.security.fixtures.OpenId.ProviderAdmin
    public Collection<ClientRegistration> listClients() {
        return ((ListClientsResponse) handleResponse(clients().get(), ListClientsResponse.class)).clients();
    }

    @Override // io.confluent.security.fixtures.OpenId.ProviderAdmin
    public void deleteClient(String str) {
        handleResponse(clients(str).delete());
    }

    @Override // io.confluent.security.fixtures.OpenId.ProviderAdmin
    public void createJsonWebKey(SignatureAlgorithm signatureAlgorithm, String str) {
        handleResponse(jwks().post(Entity.json(new JsonWebKeyRegistration(signatureAlgorithm, str))), String.class);
    }

    public void deleteJsonWebKey(String str) {
        handleResponse(jwks().delete());
    }

    private Invocation.Builder clients() {
        return this.httpClient.target(this.clientsUri).request(new MediaType[]{MediaType.APPLICATION_JSON_TYPE});
    }

    private Invocation.Builder clients(ClientRegistration clientRegistration) {
        return clients(clientRegistration.clientId());
    }

    private Invocation.Builder clients(String str) {
        return this.httpClient.target(this.clientsUri.resolve("./clients/" + str)).request(new MediaType[]{MediaType.APPLICATION_JSON_TYPE});
    }

    private Invocation.Builder jwks() {
        return this.httpClient.target(this.jwksUri).request(new MediaType[]{MediaType.APPLICATION_JSON_TYPE});
    }

    private Invocation.Builder jwks(String str) {
        return this.httpClient.target(this.jwksUri.resolve("/keys/hydra.jwt.access-token/public:" + str)).request(new MediaType[]{MediaType.APPLICATION_JSON_TYPE});
    }

    private static <T> T handleResponse(Response response, Class<T> cls) {
        handleResponse(response);
        try {
            return (T) response.readEntity(cls);
        } catch (Throwable th) {
            throw new OpenIdAminException("Failed to process entity", th);
        }
    }

    private static void handleResponse(Response response) {
        if (!response.getStatusInfo().getFamily().equals(Response.Status.Family.SUCCESSFUL)) {
            throw new OpenIdAminException((String) response.readEntity(String.class));
        }
    }
}
