package com.mapr.admin.util;

import com.mapr.admin.model.oidc.OpenidConfiguration;
import com.mapr.admin.model.oidc.SsoConf;
import com.mapr.admin.service.impl.MapRAdminService;
import com.mapr.baseutils.sso.JwtValidator;
import com.mapr.baseutils.sso.providers.keycloak.KeyCloakJwtValidator;
import com.mapr.baseutils.sso.providers.okta.OktaJwtValidator;
import com.nimbusds.openid.connect.sdk.op.OIDCProviderConfigurationRequest;
import java.net.URI;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.springframework.security.core.Authentication;
import org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken;
import org.springframework.security.oauth2.client.registration.ClientRegistration;
import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository;
import org.springframework.web.client.RestTemplate;

/* loaded from: input_file:com/mapr/admin/util/Oauth2Util.class */
public class Oauth2Util {
    private static final Logger log = LogManager.getLogger((Class<?>) Oauth2Util.class);
    SsoConf ssoConf;
    JwtValidator jwtValidator = null;
    private static Oauth2Util oauth2Util;

    public static URI getEndpointUri(Authentication authentication, ClientRegistrationRepository clientRegistrationRepository, String str) {
        String registrationId = getRegistrationId(authentication);
        ClientRegistration findByRegistrationId = clientRegistrationRepository.findByRegistrationId(registrationId);
        if (findByRegistrationId == null) {
            return null;
        }
        OpenidConfiguration wellKnownEndpoints = getWellKnownEndpoints(findByRegistrationId.getProviderDetails().getIssuerUri());
        String str2 = null;
        if (str.equalsIgnoreCase("end_session_endpoint")) {
            str2 = wellKnownEndpoints.getEndSessionEndpoint();
        }
        log.debug("registrationId={} endSessionEndpoint={}", registrationId, str2);
        if (str2 != null) {
            return URI.create(str2.toString());
        }
        return null;
    }

    /* JADX WARN: Multi-variable type inference failed */
    public static OpenidConfiguration getWellKnownEndpoints(String str) {
        return (OpenidConfiguration) new RestTemplate().getForEntity(str + OIDCProviderConfigurationRequest.OPENID_PROVIDER_WELL_KNOWN_PATH, OpenidConfiguration.class, new Object[0]).getBody();
    }

    public static String getRegistrationId(Authentication authentication) {
        return ((OAuth2AuthenticationToken) authentication).getAuthorizedClientRegistrationId();
    }

    public static synchronized Oauth2Util getInstance() {
        if (oauth2Util == null) {
            oauth2Util = new Oauth2Util();
            oauth2Util.init();
        }
        return oauth2Util;
    }

    private void init() {
        log.debug("Initializing Oauth2util...");
        this.ssoConf = new MapRAdminService().getSsoConfig();
        if (this.ssoConf == null) {
            return;
        }
        if (this.ssoConf.getProviderName().equalsIgnoreCase("keycloak")) {
            this.jwtValidator = new KeyCloakJwtValidator(this.ssoConf.getIssuerEndPoint());
        } else if (this.ssoConf.getProviderName().equalsIgnoreCase("okta")) {
            this.jwtValidator = new OktaJwtValidator(this.ssoConf.getIssuerEndPoint());
        }
    }

    public SsoConf getSsoConf() {
        return this.ssoConf;
    }

    public JwtValidator getJwtValidator() {
        return this.jwtValidator;
    }
}
