package io.jans.as.server.jwk.ws.rs;

import io.jans.as.common.model.common.ArchivedJwk;
import io.jans.as.model.authorize.AuthorizeErrorResponseType;
import io.jans.as.model.config.StaticConfiguration;
import io.jans.as.model.configuration.AppConfiguration;
import io.jans.as.model.error.ErrorResponseFactory;
import io.jans.as.model.jwk.JSONWebKey;
import io.jans.as.model.jwk.JSONWebKeySet;
import io.jans.orm.PersistenceEntryManager;
import jakarta.inject.Inject;
import jakarta.inject.Named;
import jakarta.ws.rs.WebApplicationException;
import jakarta.ws.rs.core.MediaType;
import jakarta.ws.rs.core.Response;
import java.util.Calendar;
import java.util.Date;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import org.apache.commons.lang3.StringUtils;
import org.json.JSONArray;
import org.json.JSONObject;
import org.slf4j.Logger;

@Named
/* loaded from: input_file:io/jans/as/server/jwk/ws/rs/ArchivedJwksService.class */
public class ArchivedJwksService {
    public static final int SECONDS_IN_ONE_YEAR = 31536000;

    @Inject
    private Logger log;

    @Inject
    private AppConfiguration appConfiguration;

    @Inject
    private PersistenceEntryManager persistenceEntryManager;

    @Inject
    private StaticConfiguration staticConfiguration;

    @Inject
    private ErrorResponseFactory errorResponseFactory;

    public String buildDn(String str) {
        return String.format("jansId=%s,%s", str, this.staticConfiguration.getBaseDn().getArchivedJwks());
    }

    public ArchivedJwk getArchivedJwkByDn(String str) {
        try {
            return (ArchivedJwk) this.persistenceEntryManager.find(ArchivedJwk.class, str);
        } catch (Exception e) {
            this.log.trace(e.getMessage(), e);
            return null;
        }
    }

    public Response requestArchivedKid(String str) {
        this.log.debug("Requesting archived kid {} ...", str);
        ArchivedJwk archivedJwk = getArchivedJwk(str);
        if (archivedJwk == null) {
            this.log.trace("Unable to find archived jwk by kid {}", str);
            throw new WebApplicationException(Response.status(Response.Status.BAD_REQUEST).type(MediaType.APPLICATION_JSON_TYPE).entity(this.errorResponseFactory.errorAsJson(AuthorizeErrorResponseType.INVALID_REQUEST, "")).build());
        }
        String prettyString = JSONWebKeySet.toPrettyString(archivedJwk.getData());
        if (this.log.isTraceEnabled()) {
            this.log.trace("Returned archived jwk, kid: {}, entity: {}", str, prettyString);
        }
        return Response.ok().type(MediaType.APPLICATION_JSON_TYPE).entity(prettyString).build();
    }

    public ArchivedJwk getArchivedJwk(String str) {
        if (!StringUtils.isNotBlank(str)) {
            return null;
        }
        ArchivedJwk archivedJwkByDn = getArchivedJwkByDn(buildDn(str));
        this.log.debug("Found {} entries for ArchivedJwk id = {}", Integer.valueOf(archivedJwkByDn != null ? 1 : 0), str);
        return archivedJwkByDn;
    }

    public void persist(ArchivedJwk archivedJwk) {
        this.persistenceEntryManager.persist(archivedJwk);
    }

    public void merge(ArchivedJwk archivedJwk) {
        this.persistenceEntryManager.merge(archivedJwk);
    }

    public void archiveJwk(JSONObject jSONObject) {
        if (jSONObject == null) {
            this.log.trace("JWK is null, skip archiving.");
            return;
        }
        try {
            String kid = JSONWebKey.fromJSONObject(jSONObject).getKid();
            if (getArchivedJwk(kid) != null) {
                this.log.debug("JWK {} already archived.", kid);
                return;
            }
            this.log.debug("Trying to archive jwk {} ...", kid);
            ArchivedJwk archivedJwk = new ArchivedJwk();
            archivedJwk.setDn(buildDn(kid));
            archivedJwk.setId(kid);
            archivedJwk.setData(jSONObject);
            archivedJwk.setCreationDate(new Date());
            archivedJwk.setDeletable(true);
            archivedJwk.setExpirationDate(getExpirationDate());
            archivedJwk.setTtl(getLifetimeInSeconds());
            persist(archivedJwk);
            this.log.debug("Archived jwk {} successfully.", kid);
        } catch (Exception e) {
            this.log.error("Failed to archive jwk: {}", jSONObject);
        }
    }

    public int getLifetimeInSeconds() {
        int archivedJwkLifetimeInSeconds = this.appConfiguration.getArchivedJwkLifetimeInSeconds();
        return archivedJwkLifetimeInSeconds > 0 ? archivedJwkLifetimeInSeconds : SECONDS_IN_ONE_YEAR;
    }

    private Date getExpirationDate() {
        int lifetimeInSeconds = getLifetimeInSeconds();
        Calendar calendar = Calendar.getInstance();
        calendar.add(13, lifetimeInSeconds);
        return calendar.getTime();
    }

    public Map<String, JSONObject> findRemovedKeys(JSONObject jSONObject, JSONObject jSONObject2) {
        Map<String, JSONObject> createKidToKeyMap = createKidToKeyMap(jSONObject);
        Iterator<String> it = createKidToKeyMap(jSONObject2).keySet().iterator();
        while (it.hasNext()) {
            createKidToKeyMap.remove(it.next());
        }
        return createKidToKeyMap;
    }

    public void archiveRemovedKeys(JSONObject jSONObject, JSONObject jSONObject2) {
        for (Map.Entry<String, JSONObject> entry : findRemovedKeys(jSONObject, jSONObject2).entrySet()) {
            if (entry.getValue() != null) {
                archiveJwk(entry.getValue());
            }
        }
    }

    public static Map<String, JSONObject> createKidToKeyMap(JSONObject jSONObject) {
        HashMap hashMap = new HashMap();
        JSONArray jSONArray = jSONObject.getJSONArray("keys");
        for (int i = 0; i < jSONArray.length(); i++) {
            JSONObject jSONObject2 = jSONArray.getJSONObject(i);
            hashMap.put(jSONObject2.optString("kid"), jSONObject2);
        }
        return hashMap;
    }
}
