package com.ibm.ws.security.jwt.internal;

import com.ibm.websphere.ras.Tr;
import com.ibm.websphere.ras.TraceComponent;
import com.ibm.websphere.ras.annotation.TraceObjectField;
import com.ibm.websphere.security.jwt.Consumer;
import com.ibm.websphere.security.jwt.InvalidConsumerException;
import com.ibm.websphere.security.jwt.InvalidTokenException;
import com.ibm.websphere.security.jwt.JwtToken;
import com.ibm.ws.ffdc.annotation.FFDCIgnore;
import com.ibm.ws.ras.instrument.annotation.InjectedFFDC;
import com.ibm.ws.security.jwt.config.ConsumerUtils;
import com.ibm.ws.security.jwt.config.JwtConsumerConfig;
import com.ibm.ws.ssl.KeyStoreService;
import com.ibm.wsspi.kernel.service.utils.AtomicServiceReference;
import com.ibm.wsspi.kernel.service.utils.ConcurrentServiceReferenceMap;
import java.util.Map;
import org.osgi.framework.ServiceReference;
import org.osgi.service.component.ComponentContext;
import org.osgi.service.component.annotations.Activate;
import org.osgi.service.component.annotations.Component;
import org.osgi.service.component.annotations.ConfigurationPolicy;
import org.osgi.service.component.annotations.Deactivate;
import org.osgi.service.component.annotations.Modified;
import org.osgi.service.component.annotations.Reference;
import org.osgi.service.component.annotations.ReferenceCardinality;
import org.osgi.service.component.annotations.ReferencePolicy;
import org.osgi.service.component.annotations.ReferencePolicyOption;

@InjectedFFDC
@TraceObjectField(fieldName = "tc", fieldDesc = "Lcom/ibm/websphere/ras/TraceComponent;")
@Component(service = {Consumer.class}, immediate = true, configurationPolicy = ConfigurationPolicy.IGNORE, property = {"service.vendor=IBM"}, name = "consumer")
/* loaded from: input_file:com/ibm/ws/security/jwt/internal/ConsumerImpl.class */
public class ConsumerImpl implements Consumer {
    private String configId;
    private static final String KEY_KEYSTORE_SERVICE = "keyStoreService";
    private static final String CFG_KEY_ID = "id";
    static final long serialVersionUID = 8572723232957933525L;
    private static final TraceComponent tc = Tr.register(ConsumerImpl.class, "JWTBUILDER", "com.ibm.ws.security.jwt.internal.resources.JWTMessages");
    private static boolean active = false;
    private static final String KEY_JWT_CONSUMER_SERVICE = "jwtConsumerConfig";
    private static ConcurrentServiceReferenceMap<String, JwtConsumerConfig> jwtServiceMapRef = new ConcurrentServiceReferenceMap<>(KEY_JWT_CONSUMER_SERVICE);
    private static AtomicServiceReference<KeyStoreService> keyStoreServiceRef = new AtomicServiceReference<>("keyStoreService");

    @Reference(service = JwtConsumerConfig.class, name = KEY_JWT_CONSUMER_SERVICE, policy = ReferencePolicy.DYNAMIC, cardinality = ReferenceCardinality.MULTIPLE, policyOption = ReferencePolicyOption.RELUCTANT)
    protected void setJwtConsumerConfig(ServiceReference<JwtConsumerConfig> serviceReference) {
        synchronized (jwtServiceMapRef) {
            jwtServiceMapRef.putReference((String) serviceReference.getProperty("id"), serviceReference);
        }
    }

    protected void unsetJwtConsumerConfig(ServiceReference<JwtConsumerConfig> serviceReference) {
        synchronized (jwtServiceMapRef) {
            jwtServiceMapRef.removeReference((String) serviceReference.getProperty("id"), serviceReference);
        }
    }

    @Reference(service = KeyStoreService.class, name = "keyStoreService", policy = ReferencePolicy.DYNAMIC, cardinality = ReferenceCardinality.OPTIONAL, policyOption = ReferencePolicyOption.GREEDY)
    protected void setKeyStoreService(ServiceReference<KeyStoreService> serviceReference) {
        keyStoreServiceRef.setReference(serviceReference);
    }

    protected void unsetKeyStoreService(ServiceReference<KeyStoreService> serviceReference) {
        keyStoreServiceRef.unsetReference(serviceReference);
    }

    @Activate
    protected void activate(ComponentContext componentContext) {
        jwtServiceMapRef.activate(componentContext);
        keyStoreServiceRef.activate(componentContext);
        active = true;
        Tr.info(tc, "JWT_CONSUMER_SERVICE_ACTIVATED", new Object[0]);
    }

    @Modified
    protected void modify(Map<String, Object> map) {
    }

    @Deactivate
    protected void deactivate(int i, ComponentContext componentContext) {
        jwtServiceMapRef.deactivate(componentContext);
        keyStoreServiceRef.deactivate(componentContext);
        active = false;
    }

    public ConsumerImpl() {
        this("defaultJwtConsumer");
    }

    public ConsumerImpl(String str) {
        this.configId = "defaultJwtConsumer";
        if (str == null) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Null config ID provided; using defaultJwtConsumer instead", new Object[0]);
            }
            str = "defaultJwtConsumer";
        }
        if (str.equals("")) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Blank config ID provided; using defaultJwtConsumer instead", new Object[0]);
            }
            str = "defaultJwtConsumer";
        }
        this.configId = str;
    }

    @Override // com.ibm.websphere.security.jwt.Consumer
    public synchronized Consumer create() throws InvalidConsumerException {
        if (active) {
            return create("defaultJwtConsumer");
        }
        throw new InvalidConsumerException(Tr.formatMessage(tc, "JWT_CONSUMER_SERVICE_NOT_ACTIVATED", new Object[0]));
    }

    @Override // com.ibm.websphere.security.jwt.Consumer
    public synchronized Consumer create(String str) throws InvalidConsumerException {
        if (!active) {
            throw new InvalidConsumerException(Tr.formatMessage(tc, "JWT_CONSUMER_SERVICE_NOT_ACTIVATED", new Object[0]));
        }
        if (str == null) {
            throw new InvalidConsumerException(Tr.formatMessage(tc, "JWT_CONSUMER_NULL_ID", new Object[0]));
        }
        return new ConsumerImpl(str);
    }

    @Override // com.ibm.websphere.security.jwt.Consumer
    @FFDCIgnore({Exception.class})
    public JwtToken createJwt(String str) throws InvalidTokenException, InvalidConsumerException {
        JwtConsumerConfig jwtConsumerConfig = (JwtConsumerConfig) jwtServiceMapRef.getService(this.configId);
        if (jwtConsumerConfig == null) {
            throw new InvalidConsumerException(Tr.formatMessage(tc, "JWT_CONSUMER_CONFIG_NOT_FOUND", new Object[]{this.configId}));
        }
        if (str == null || str.isEmpty()) {
            throw new InvalidTokenException(Tr.formatMessage(tc, "JWT_CONSUMER_NULL_OR_EMPTY_STRING", new Object[]{this.configId, str}));
        }
        ConsumerUtils consumerUtils = jwtConsumerConfig.getConsumerUtils();
        if (consumerUtils == null) {
            if (!tc.isDebugEnabled()) {
                return null;
            }
            Tr.debug(tc, "ConsumerUtil object was not found for config [" + this.configId + "]", new Object[0]);
            return null;
        }
        try {
            return consumerUtils.parseJwt(str, jwtConsumerConfig);
        } catch (Exception e) {
            String formatMessage = Tr.formatMessage(tc, "JWT_ERROR_PROCESSING_JWT", new Object[]{this.configId, e.getLocalizedMessage()});
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, formatMessage, new Object[0]);
            }
            throw new InvalidTokenException(formatMessage, e);
        }
    }
}
