package org.sakaiproject.basiclti.util;

import java.security.KeyPair;
import java.security.NoSuchAlgorithmException;
import java.time.Instant;
import java.util.Map;
import java.util.TreeMap;
import org.sakaiproject.component.api.ServerConfigurationService;
import org.sakaiproject.component.cover.ComponentManager;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.cache.Cache;
import org.springframework.cache.CacheManager;
import org.tsugi.lti13.LTI13KeySetUtil;
import org.tsugi.lti13.LTI13Util;

/* loaded from: input_file:org/sakaiproject/basiclti/util/SakaiKeySetUtil.class */
public class SakaiKeySetUtil {
    public static final String LTI_ADVANTAGE_KEY_ROTATION_DAYS = "lti.advantage.key.rotation.days";
    public static final String LTI_ADVANTAGE_KEY_ROTATION_DAYS_DEFAULT = "30";
    private static final Logger log = LoggerFactory.getLogger(SakaiKeySetUtil.class);
    private static final String CACHE_NAME = SakaiKeySetUtil.class.getName() + "_cache";
    public static final long LTI_ADVANTAGE_PREVIOUS_RETENTION_SECONDS = 86400;
    public static long expirePrevSeconds = LTI_ADVANTAGE_PREVIOUS_RETENTION_SECONDS;
    private static Map<String, String> mockIgnite = null;
    public static long testExpireDays = 0;

    public static void mockIgnite() {
        mockIgnite = new TreeMap();
    }

    private static Cache getCache() {
        return ((CacheManager) ComponentManager.get("org.sakaiproject.ignite.SakaiCacheManager")).getCache(CACHE_NAME);
    }

    public static String getCacheKey(String str) {
        if (mockIgnite != null) {
            return mockIgnite.get(str);
        }
        Cache.ValueWrapper valueWrapper = getCache().get(str);
        if (valueWrapper == null) {
            return null;
        }
        return (String) valueWrapper.get();
    }

    public static void putCacheKey(String str, String str2) {
        if (mockIgnite != null) {
            mockIgnite.put(str, str2);
        } else {
            getCache().put(str, str2);
        }
    }

    public static KeyPair getCurrent() {
        return rotateKeys()[0];
    }

    public static long getExpireDays() {
        return testExpireDays != 0 ? testExpireDays : LTI13Util.getLong(((ServerConfigurationService) ComponentManager.get("org.sakaiproject.component.api.ServerConfigurationService")).getString("lti.advantage.key.rotation.days", "30")).longValue();
    }

    public static KeyPair[] rotateKeys() {
        return rotateKeysInternal(false);
    }

    public static KeyPair[] getValidSigningKeys() {
        return rotateKeysInternal(true);
    }

    private static KeyPair[] rotateKeysInternal(boolean z) {
        long j;
        long j2;
        long epochSecond = Instant.now().getEpochSecond();
        KeyPair deSerializeKeyPair = LTI13Util.deSerializeKeyPair(getCacheKey("next"));
        KeyPair deSerializeKeyPair2 = LTI13Util.deSerializeKeyPair(getCacheKey("prev"));
        KeyPair deSerializeKeyPair3 = LTI13Util.deSerializeKeyPair(getCacheKey("current"));
        try {
            j = Long.parseLong(getCacheKey("current_time"));
        } catch (Exception e) {
            j = -1;
        }
        try {
            j2 = Long.parseLong(getCacheKey("prev_time"));
        } catch (Exception e2) {
            j2 = -1;
        }
        if (deSerializeKeyPair3 == null) {
            deSerializeKeyPair3 = LTI13Util.generateKeyPair();
            putCacheKey("current", LTI13Util.serializeKeyPair(deSerializeKeyPair3));
            putCacheKey("current_time", epochSecond);
            j = epochSecond;
            log.info("Bootstrapping current public/private key");
        }
        if (deSerializeKeyPair == null) {
            deSerializeKeyPair = LTI13Util.generateKeyPair();
            putCacheKey("next", LTI13Util.serializeKeyPair(deSerializeKeyPair));
            log.info("Bootstrapping future public/private key");
        }
        if (deSerializeKeyPair2 == null) {
            deSerializeKeyPair2 = LTI13Util.generateKeyPair();
            j2 = epochSecond;
            putCacheKey("prev", LTI13Util.serializeKeyPair(deSerializeKeyPair2));
            putCacheKey("prev_time", j2);
            log.info("Bootstrapping previous public/private key");
        }
        String publicEncoded = LTI13Util.getPublicEncoded(deSerializeKeyPair3);
        LTI13Util.getPublicEncoded(deSerializeKeyPair);
        String publicEncoded2 = LTI13Util.getPublicEncoded(deSerializeKeyPair2);
        long expireDays = getExpireDays();
        long j3 = (epochSecond - j) / 60;
        long j4 = j3 / 1440;
        long j5 = epochSecond - j2;
        if ((expireDays > 0 && j4 >= expireDays) || (expireDays < -1 && j3 >= (-1) * expireDays)) {
            log.info("Time to rotate");
            if (publicEncoded.equals(publicEncoded2)) {
                deSerializeKeyPair3 = deSerializeKeyPair;
                putCacheKey("current", LTI13Util.serializeKeyPair(deSerializeKeyPair3));
                putCacheKey("current_time", epochSecond);
                deSerializeKeyPair = LTI13Util.generateKeyPair();
                putCacheKey("next", LTI13Util.serializeKeyPair(deSerializeKeyPair));
                log.info("Advancing next to current public/private key");
            } else {
                deSerializeKeyPair2 = deSerializeKeyPair3;
                j2 = epochSecond;
                putCacheKey("prev", LTI13Util.serializeKeyPair(deSerializeKeyPair2));
                putCacheKey("prev_time", j2);
                log.info("Copying current to previous before advancing current");
            }
        }
        return (!z || (j2 != -1 && epochSecond <= j2 + expirePrevSeconds)) ? new KeyPair[]{deSerializeKeyPair3, deSerializeKeyPair, deSerializeKeyPair2} : new KeyPair[]{deSerializeKeyPair3, deSerializeKeyPair};
    }

    public static String getKeySet() throws NoSuchAlgorithmException {
        KeyPair[] validSigningKeys = getValidSigningKeys();
        TreeMap treeMap = new TreeMap();
        for (KeyPair keyPair : validSigningKeys) {
            LTI13KeySetUtil.addPublicKey(treeMap, LTI13Util.getPublicEncoded(keyPair));
        }
        return LTI13KeySetUtil.getKeySetJSON(treeMap);
    }
}
