package com.networknt.security;

import com.fasterxml.jackson.core.type.TypeReference;
import com.networknt.config.Config;
import com.networknt.config.ConfigException;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashMap;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/networknt/security/SecurityConfig.class */
public class SecurityConfig {
    public static final String CONFIG_NAME = "security";
    private static final Logger logger = LoggerFactory.getLogger((Class<?>) SecurityConfig.class);
    private static final String ENABLE_VERIFY_JWT = "enableVerifyJwt";
    private static final String ENABLE_VERIFY_SWT = "enableVerifySwt";
    private static final String SWT_CLIENT_ID_HEADER = "swtClientIdHeader";
    private static final String SWT_CLIENT_SECRET_HEADER = "swtClientSecretHeader";
    private static final String ENABLE_EXTRACT_SCOPE_TOKEN = "enableExtractScopeToken";
    private static final String ENABLE_VERIFY_SCOPE = "enableVerifyScope";
    private static final String SKIP_VERIFY_SCOPE_WITHOUT_SPEC = "skipVerifyScopeWithoutSpec";
    private static final String ENABLE_MOCK_JWT = "enableMockJwt";
    private static final String JWT = "jwt";
    private static final String CERTIFICATE = "certificate";
    private static final String CLOCK_SKEW_IN_SECONDS = "clockSkewInSeconds";
    private static final String KEY_RESOLVER = "keyResolver";
    private static final String LOG_JWT_TOKEN = "logJwtToken";
    private static final String LOG_CLIENT_USER_SCOPE = "logClientUserScope";
    private static final String ENABLE_JWT_CACHE = "enableJwtCache";
    private static final String JWT_CACHE_FULL_SIZE = "jwtCacheFullSize";
    private static final String BOOTSTRAP_FROM_KEY_SERVICE = "bootstrapFromKeyService";
    private static final String IGNORE_JWT_EXPIRY = "ignoreJwtExpiry";
    private static final String PROVIDER_ID = "providerId";
    private static final String ENABLE_H2C = "enableH2c";
    private static final String ENABLE_RELAXED_KEY_CONSTRAINTS = "enableRelaxedKeyValidation";
    private static final String SKIP_PATH_PREFIXES = "skipPathPrefixes";
    private static final String PASS_THROUGH_CLAIMS = "passThroughClaims";
    private Map<String, Object> mappedConfig;
    private Map<String, Object> certificate;
    private final Config config = Config.getInstance();
    private boolean enableVerifyJwt;
    private boolean enableVerifySwt;
    private String swtClientIdHeader;
    private String swtClientSecretHeader;
    private boolean enableExtractScopeToken;
    private boolean enableVerifyScope;
    private boolean skipVerifyScopeWithoutSpec;
    private boolean enableMockJwt;
    private int clockSkewInSeconds;
    private String keyResolver;
    private boolean logJwtToken;
    private boolean logClientUserScope;
    private boolean enableJwtCache;
    private int jwtCacheFullSize;
    private boolean bootstrapFromKeyService;
    private boolean ignoreJwtExpiry;
    private String providerId;
    private boolean enableH2c;
    private boolean enableRelaxedKeyValidation;
    private List<String> skipPathPrefixes;
    private Map<String, String> passThroughClaims;

    private SecurityConfig(String str) {
        this.mappedConfig = this.config.getJsonMapConfigNoCache(str);
        setCertificate();
        setConfigData();
        setSkipPathPrefixes();
        setPassThroughClaims();
    }

    public static SecurityConfig load(String str) {
        return new SecurityConfig(str);
    }

    public void reload(String str) {
        this.mappedConfig = this.config.getJsonMapConfigNoCache(str);
        setCertificate();
        setConfigData();
        setSkipPathPrefixes();
        setPassThroughClaims();
    }

    public Map<String, Object> getCertificate() {
        return this.certificate;
    }

    public boolean isEnableVerifyJwt() {
        return this.enableVerifyJwt;
    }

    public boolean isEnableVerifySwt() {
        return this.enableVerifySwt;
    }

    public String getSwtClientIdHeader() {
        return this.swtClientIdHeader;
    }

    public String getSwtClientSecretHeader() {
        return this.swtClientSecretHeader;
    }

    public boolean isEnableH2c() {
        return this.enableH2c;
    }

    public boolean isEnableRelaxedKeyValidation() {
        return this.enableRelaxedKeyValidation;
    }

    public boolean isEnableExtractScopeToken() {
        return this.enableExtractScopeToken;
    }

    public boolean isEnableVerifyScope() {
        return this.enableVerifyScope;
    }

    public boolean isSkipVerifyScopeWithoutSpec() {
        return this.skipVerifyScopeWithoutSpec;
    }

    public boolean isIgnoreJwtExpiry() {
        return this.ignoreJwtExpiry;
    }

    public boolean isEnableMockJwt() {
        return this.enableMockJwt;
    }

    public int getClockSkewInSeconds() {
        return this.clockSkewInSeconds;
    }

    public String getKeyResolver() {
        return this.keyResolver;
    }

    public boolean isLogJwtToken() {
        return this.logJwtToken;
    }

    public boolean isLogClientUserScope() {
        return this.logClientUserScope;
    }

    public boolean isEnableJwtCache() {
        return this.enableJwtCache;
    }

    public int getJwtCacheFullSize() {
        return this.jwtCacheFullSize;
    }

    public boolean isBootstrapFromKeyService() {
        return this.bootstrapFromKeyService;
    }

    public List<String> getSkipPathPrefixes() {
        return this.skipPathPrefixes;
    }

    public Map<String, String> getPassThroughClaims() {
        return this.passThroughClaims;
    }

    public Map<String, Object> getMappedConfig() {
        return this.mappedConfig;
    }

    public String getProviderId() {
        return this.providerId;
    }

    Config getConfig() {
        return this.config;
    }

    private void setCertificate() {
        if (getMappedConfig() != null) {
            Object obj = ((Map) getMappedConfig().get("jwt")).get(CERTIFICATE);
            if (!(obj instanceof String)) {
                if (obj instanceof Map) {
                    this.certificate = (Map) obj;
                    return;
                } else {
                    this.certificate = new HashMap();
                    return;
                }
            }
            String str = (String) obj;
            if (logger.isTraceEnabled()) {
                logger.trace("s = " + str);
            }
            LinkedHashMap linkedHashMap = new LinkedHashMap();
            for (String str2 : str.split(" *& *")) {
                String[] split = str2.split(" *= *", 2);
                linkedHashMap.put(split[0], split.length == 1 ? "" : split[1]);
            }
            this.certificate = linkedHashMap;
        }
    }

    private void setConfigData() {
        if (getMappedConfig() != null) {
            Object obj = getMappedConfig().get(ENABLE_VERIFY_JWT);
            if (obj != null) {
                this.enableVerifyJwt = Config.loadBooleanValue(ENABLE_VERIFY_JWT, obj).booleanValue();
            }
            Object obj2 = getMappedConfig().get(ENABLE_VERIFY_SWT);
            if (obj2 != null) {
                this.enableVerifySwt = Config.loadBooleanValue(ENABLE_VERIFY_SWT, obj2).booleanValue();
            }
            Object obj3 = getMappedConfig().get(SWT_CLIENT_ID_HEADER);
            if (obj3 != null) {
                this.swtClientIdHeader = (String) obj3;
            }
            Object obj4 = getMappedConfig().get(SWT_CLIENT_SECRET_HEADER);
            if (obj4 != null) {
                this.swtClientSecretHeader = (String) obj4;
            }
            Object obj5 = getMappedConfig().get(ENABLE_H2C);
            if (obj5 != null) {
                this.enableH2c = Config.loadBooleanValue(ENABLE_H2C, obj5).booleanValue();
            }
            Object obj6 = getMappedConfig().get(ENABLE_RELAXED_KEY_CONSTRAINTS);
            if (obj6 != null) {
                this.enableRelaxedKeyValidation = Config.loadBooleanValue(ENABLE_RELAXED_KEY_CONSTRAINTS, obj6).booleanValue();
            }
            Object obj7 = getMappedConfig().get(ENABLE_EXTRACT_SCOPE_TOKEN);
            if (obj7 != null) {
                this.enableExtractScopeToken = Config.loadBooleanValue(ENABLE_EXTRACT_SCOPE_TOKEN, obj7).booleanValue();
            }
            Object obj8 = getMappedConfig().get(ENABLE_VERIFY_SCOPE);
            if (obj8 != null) {
                this.enableVerifyScope = Config.loadBooleanValue(ENABLE_VERIFY_SCOPE, obj8).booleanValue();
            }
            Object obj9 = getMappedConfig().get(SKIP_VERIFY_SCOPE_WITHOUT_SPEC);
            if (obj9 != null) {
                this.skipVerifyScopeWithoutSpec = Config.loadBooleanValue(SKIP_VERIFY_SCOPE_WITHOUT_SPEC, obj9).booleanValue();
            }
            Object obj10 = getMappedConfig().get(ENABLE_MOCK_JWT);
            if (obj10 != null) {
                this.enableMockJwt = Config.loadBooleanValue(ENABLE_MOCK_JWT, obj10).booleanValue();
            }
            Object obj11 = getMappedConfig().get(LOG_JWT_TOKEN);
            if (obj11 != null) {
                this.logJwtToken = Config.loadBooleanValue(LOG_JWT_TOKEN, obj11).booleanValue();
            }
            Object obj12 = getMappedConfig().get(LOG_CLIENT_USER_SCOPE);
            if (obj12 != null) {
                this.logClientUserScope = Config.loadBooleanValue(LOG_CLIENT_USER_SCOPE, obj12).booleanValue();
            }
            Object obj13 = getMappedConfig().get(ENABLE_JWT_CACHE);
            if (obj13 != null) {
                this.enableJwtCache = Config.loadBooleanValue(ENABLE_JWT_CACHE, obj13).booleanValue();
            }
            Object obj14 = getMappedConfig().get(JWT_CACHE_FULL_SIZE);
            if (obj14 != null) {
                this.jwtCacheFullSize = Config.loadIntegerValue(JWT_CACHE_FULL_SIZE, obj14).intValue();
            }
            Object obj15 = getMappedConfig().get(BOOTSTRAP_FROM_KEY_SERVICE);
            if (obj15 != null) {
                this.bootstrapFromKeyService = Config.loadBooleanValue(BOOTSTRAP_FROM_KEY_SERVICE, obj15).booleanValue();
            }
            Object obj16 = getMappedConfig().get(IGNORE_JWT_EXPIRY);
            if (obj16 != null) {
                this.ignoreJwtExpiry = Config.loadBooleanValue(IGNORE_JWT_EXPIRY, obj16).booleanValue();
            }
            Object obj17 = getMappedConfig().get("providerId");
            if (obj17 != null) {
                this.providerId = (String) obj17;
            }
            Map map = (Map) getMappedConfig().get("jwt");
            if (map != null) {
                Object obj18 = map.get(CLOCK_SKEW_IN_SECONDS);
                if (obj18 != null) {
                    this.clockSkewInSeconds = Config.loadIntegerValue(CLOCK_SKEW_IN_SECONDS, obj18).intValue();
                }
                this.keyResolver = (String) map.get(KEY_RESOLVER);
            }
        }
    }

    private void setSkipPathPrefixes() {
        if (this.mappedConfig == null || this.mappedConfig.get(SKIP_PATH_PREFIXES) == null) {
            return;
        }
        Object obj = this.mappedConfig.get(SKIP_PATH_PREFIXES);
        this.skipPathPrefixes = new ArrayList();
        if (!(obj instanceof String)) {
            if (!(obj instanceof List)) {
                throw new ConfigException("skipPathPrefixes must be a string or a list of strings.");
            }
            ((List) obj).forEach(obj2 -> {
                this.skipPathPrefixes.add((String) obj2);
            });
            return;
        }
        String trim = ((String) obj).trim();
        if (logger.isTraceEnabled()) {
            logger.trace("s = " + trim);
        }
        if (!trim.startsWith("[")) {
            this.skipPathPrefixes = Arrays.asList(trim.split("\\s*,\\s*"));
        } else {
            try {
                this.skipPathPrefixes = (List) Config.getInstance().getMapper().readValue(trim, new TypeReference<List<String>>() { // from class: com.networknt.security.SecurityConfig.1
                });
            } catch (Exception e) {
                throw new ConfigException("could not parse the skipPathPrefixes json with a list of strings.");
            }
        }
    }

    private void setPassThroughClaims() {
        if (this.mappedConfig == null || this.mappedConfig.get(PASS_THROUGH_CLAIMS) == null) {
            return;
        }
        Object obj = this.mappedConfig.get(PASS_THROUGH_CLAIMS);
        if (!(obj instanceof String)) {
            if (obj instanceof Map) {
                this.passThroughClaims = (Map) obj;
                return;
            } else {
                logger.error("passThroughClaims is the wrong type. Only JSON map or YAML map is supported.");
                return;
            }
        }
        String str = (String) obj;
        if (logger.isTraceEnabled()) {
            logger.trace("s = " + str);
        }
        if (str.startsWith("{")) {
            try {
                this.passThroughClaims = (Map) Config.getInstance().getMapper().readValue(str, Map.class);
                return;
            } catch (IOException e) {
                logger.error("IOException:", (Throwable) e);
                return;
            }
        }
        this.passThroughClaims = new HashMap();
        for (String str2 : str.split(" *& *")) {
            String[] split = str2.split(" *= *", 2);
            this.passThroughClaims.put(split[0], split[1]);
        }
    }
}
