package org.infinispan.server.configuration.security;

import java.nio.charset.StandardCharsets;
import java.util.Objects;
import org.infinispan.commons.configuration.attributes.AttributeDefinition;
import org.infinispan.commons.configuration.attributes.AttributeSet;
import org.infinispan.commons.configuration.attributes.ConfigurationElement;
import org.infinispan.commons.util.TimeQuantity;
import org.infinispan.server.configuration.Attribute;
import org.infinispan.server.configuration.Element;
import org.infinispan.server.security.HostnameVerificationPolicy;
import org.wildfly.security.auth.realm.token.TokenValidator;
import org.wildfly.security.auth.realm.token.validator.JwtValidator;

/* loaded from: input_file:org/infinispan/server/configuration/security/JwtConfiguration.class */
public class JwtConfiguration extends ConfigurationElement<JwtConfiguration> {
    static final AttributeDefinition<String[]> AUDIENCE = AttributeDefinition.builder(Attribute.AUDIENCE, (Object) null, String[].class).build();
    static final AttributeDefinition<String> CLIENT_SSL_CONTEXT = AttributeDefinition.builder(Attribute.CLIENT_SSL_CONTEXT, (Object) null, String.class).build();
    static final AttributeDefinition<String> HOST_NAME_VERIFICATION_POLICY = AttributeDefinition.builder(Attribute.HOST_NAME_VERIFICATION_POLICY, (Object) null, String.class).build();
    static final AttributeDefinition<String[]> ISSUER = AttributeDefinition.builder(Attribute.ISSUER, (Object) null, String[].class).build();
    static final AttributeDefinition<TimeQuantity> JKU_TIMEOUT = AttributeDefinition.builder(Attribute.JKU_TIMEOUT, TimeQuantity.valueOf("2m")).parser(TimeQuantity.PARSER).build();
    static final AttributeDefinition<String> PUBLIC_KEY = AttributeDefinition.builder(Attribute.PUBLIC_KEY, (Object) null, String.class).build();
    static final AttributeDefinition<TimeQuantity> CONNECTION_TIMEOUT = AttributeDefinition.builder(Attribute.CONNECTION_TIMEOUT, TimeQuantity.valueOf("2s")).immutable().build();
    static final AttributeDefinition<TimeQuantity> READ_TIMEOUT = AttributeDefinition.builder(Attribute.READ_TIMEOUT, TimeQuantity.valueOf("2s")).immutable().build();

    /* JADX INFO: Access modifiers changed from: package-private */
    public static AttributeSet attributeDefinitionSet() {
        return new AttributeSet(JwtConfiguration.class, new AttributeDefinition[]{AUDIENCE, CLIENT_SSL_CONTEXT, HOST_NAME_VERIFICATION_POLICY, ISSUER, JKU_TIMEOUT, PUBLIC_KEY, CONNECTION_TIMEOUT, READ_TIMEOUT});
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public JwtConfiguration(AttributeSet attributeSet) {
        super(Element.JWT, attributeSet, new ConfigurationElement[0]);
    }

    public TokenValidator getValidator(SecurityConfiguration securityConfiguration, RealmConfiguration realmConfiguration) {
        JwtValidator.Builder builder = JwtValidator.builder();
        org.infinispan.commons.configuration.attributes.Attribute attribute = this.attributes.attribute(AUDIENCE);
        Objects.requireNonNull(builder);
        attribute.apply(builder::audience);
        org.infinispan.commons.configuration.attributes.Attribute attribute2 = this.attributes.attribute(ISSUER);
        Objects.requireNonNull(builder);
        attribute2.apply(builder::issuer);
        this.attributes.attribute(JKU_TIMEOUT).apply(timeQuantity -> {
            builder.setJkuTimeout(timeQuantity.longValue());
        });
        this.attributes.attribute(PUBLIC_KEY).apply(str -> {
            builder.publicKey(str.getBytes(StandardCharsets.UTF_8));
        });
        this.attributes.attribute(HOST_NAME_VERIFICATION_POLICY).apply(str2 -> {
            builder.useSslHostnameVerifier(HostnameVerificationPolicy.valueOf(str2).getVerifier());
        });
        this.attributes.attribute(CONNECTION_TIMEOUT).apply(timeQuantity2 -> {
            builder.connectionTimeout(timeQuantity2.intValue());
        });
        this.attributes.attribute(READ_TIMEOUT).apply(timeQuantity3 -> {
            builder.readTimeout(timeQuantity3.intValue());
        });
        builder.useSslContext((this.attributes.attribute(CLIENT_SSL_CONTEXT).isNull() ? realmConfiguration : securityConfiguration.realms().getRealm((String) this.attributes.attribute(CLIENT_SSL_CONTEXT).get())).clientSSLContext());
        return builder.build();
    }
}
