package org.forgerock.jaspi.modules.openid.resolvers;

import java.io.IOException;
import java.net.MalformedURLException;
import java.net.URL;
import org.forgerock.caf.authentication.framework.AuthenticationFramework;
import org.forgerock.jaspi.modules.openid.exceptions.FailedToLoadJWKException;
import org.forgerock.jaspi.modules.openid.helpers.SimpleHTTPClient;
import org.forgerock.json.JsonValue;
import org.forgerock.json.jose.utils.Utils;

/* loaded from: input_file:org/forgerock/jaspi/modules/openid/resolvers/WellKnownOpenIdConfigurationFactory.class */
public class WellKnownOpenIdConfigurationFactory {
    private static final String ISSUER = "issuer";
    private static final String JWKS_URI = "jwks_uri";
    private final SimpleHTTPClient simpleHTTPClient;

    public WellKnownOpenIdConfigurationFactory(int i, int i2) {
        this.simpleHTTPClient = new SimpleHTTPClient(i, i2);
    }

    WellKnownOpenIdConfigurationFactory(SimpleHTTPClient simpleHTTPClient) {
        this.simpleHTTPClient = simpleHTTPClient;
    }

    public JWKOpenIdResolverImpl build(URL url) throws FailedToLoadJWKException {
        try {
            JsonValue jsonValue = new JsonValue(Utils.parseJson(this.simpleHTTPClient.get(url)));
            String asString = jsonValue.get("issuer").asString();
            String asString2 = jsonValue.get(JWKS_URI).asString();
            if (asString == null || asString.isEmpty()) {
                AuthenticationFramework.LOG.debug("Invalid configuration - must include an issuer key");
                throw new FailedToLoadJWKException("Invalid configuration - must include an issuer key");
            }
            if (asString2 == null || asString2.isEmpty()) {
                AuthenticationFramework.LOG.debug("No JWK URI in the supplied configuration");
                throw new FailedToLoadJWKException("No JWK URI in the supplied configuration");
            }
            try {
                return new JWKOpenIdResolverImpl(asString, new URL(asString2), this.simpleHTTPClient);
            } catch (MalformedURLException e) {
                AuthenticationFramework.LOG.debug("Invalid URL supplied to generate JWKs");
                throw new FailedToLoadJWKException("Invalid URL supplied to generate JWKs", e);
            }
        } catch (IOException e2) {
            AuthenticationFramework.LOG.debug("Unable to load the Configuration at  " + url + " over HTTP", e2);
            throw new FailedToLoadJWKException("Unable to load the Configuration over HTTP", e2);
        }
    }
}
