package com.uid2.shared.secure.azurecc;

import com.azure.security.attestation.AttestationClientBuilder;
import com.azure.security.attestation.models.AttestationSigner;
import com.google.common.cache.CacheBuilder;
import com.google.common.cache.CacheLoader;
import com.google.common.cache.LoadingCache;
import com.google.common.collect.ImmutableMap;
import com.uid2.shared.secure.AttestationException;
import java.security.PublicKey;
import java.security.cert.X509Certificate;
import java.util.List;
import java.util.Map;
import java.util.concurrent.ExecutionException;
import java.util.concurrent.TimeUnit;

/* loaded from: input_file:com/uid2/shared/secure/azurecc/AzurePublicKeyProvider.class */
public class AzurePublicKeyProvider implements IPublicKeyProvider {
    private final LoadingCache<String, Map<String, PublicKey>> publicKeyCache = CacheBuilder.newBuilder().expireAfterWrite(1, TimeUnit.HOURS).build(new CacheLoader<String, Map<String, PublicKey>>(this) { // from class: com.uid2.shared.secure.azurecc.AzurePublicKeyProvider.1
        public Map<String, PublicKey> load(String str) throws AttestationException {
            return AzurePublicKeyProvider.loadPublicKeys(str);
        }
    });

    @Override // com.uid2.shared.secure.azurecc.IPublicKeyProvider
    public PublicKey GetPublicKey(String str, String str2) throws AttestationException {
        try {
            PublicKey publicKey = (PublicKey) ((Map) this.publicKeyCache.get(str)).get(str2);
            if (publicKey == null) {
                throw new AttestationException("Could not find PublicKey for provided keyId: " + str2);
            }
            return publicKey;
        } catch (ExecutionException e) {
            throw new AttestationException(String.format("Error fetching PublicKey from certificate location: %s, error: %s.", str, e.getMessage()));
        }
    }

    private static Map<String, PublicKey> loadPublicKeys(String str) throws AttestationException {
        List<AttestationSigner> attestationSigners = new AttestationClientBuilder().endpoint(str).buildClient().listAttestationSigners().getAttestationSigners();
        ImmutableMap.Builder builder = new ImmutableMap.Builder();
        for (AttestationSigner attestationSigner : attestationSigners) {
            String keyId = attestationSigner.getKeyId();
            List certificates = attestationSigner.getCertificates();
            if (!certificates.isEmpty()) {
                builder.put(keyId, ((X509Certificate) certificates.get(0)).getPublicKey());
            }
        }
        ImmutableMap build = builder.build();
        if (build.isEmpty()) {
            throw new AttestationException("Fail to load certs from: " + str);
        }
        return build;
    }
}
