package org.apache.ambari.server.security.authentication.jwt;

import java.io.UnsupportedEncodingException;
import java.security.cert.CertificateException;
import java.security.interfaces.RSAPublicKey;
import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
import java.util.Map;
import org.apache.ambari.server.configuration.AmbariServerConfiguration;
import org.apache.ambari.server.configuration.AmbariServerConfigurationKey;
import org.apache.ambari.server.security.encryption.CertificateUtils;
import org.apache.commons.lang.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/ambari/server/security/authentication/jwt/JwtAuthenticationProperties.class */
public class JwtAuthenticationProperties extends AmbariServerConfiguration {
    private static final Logger LOG = LoggerFactory.getLogger(JwtAuthenticationPropertiesProvider.class);
    private static final String PEM_CERTIFICATE_HEADER = "-----BEGIN CERTIFICATE-----";
    private static final String PEM_CERTIFICATE_FOOTER = "-----END CERTIFICATE-----";
    private String authenticationProviderUrl = null;
    private RSAPublicKey publicKey = null;
    private List<String> audiences = null;
    private String cookieName = "hadoop-jwt";
    private String originalUrlQueryParam = null;
    private boolean enabledForAmbari;

    /* JADX INFO: Access modifiers changed from: package-private */
    public JwtAuthenticationProperties(Map<String, String> map) {
        setEnabledForAmbari(Boolean.valueOf(getValue(AmbariServerConfigurationKey.SSO_AUTHENTICATION_ENABLED, map)).booleanValue());
        setAudiencesString(getValue(AmbariServerConfigurationKey.SSO_JWT_AUDIENCES, map));
        setAuthenticationProviderUrl(getValue(AmbariServerConfigurationKey.SSO_PROVIDER_URL, map));
        setCookieName(getValue(AmbariServerConfigurationKey.SSO_JWT_COOKIE_NAME, map));
        setOriginalUrlQueryParam(getValue(AmbariServerConfigurationKey.SSO_PROVIDER_ORIGINAL_URL_PARAM_NAME, map));
        setPublicKey(getValue(AmbariServerConfigurationKey.SSO_PROVIDER_CERTIFICATE, map));
    }

    public String getAuthenticationProviderUrl() {
        return this.authenticationProviderUrl;
    }

    public void setAuthenticationProviderUrl(String str) {
        this.authenticationProviderUrl = str;
    }

    public RSAPublicKey getPublicKey() {
        return this.publicKey;
    }

    public void setPublicKey(String str) {
        setPublicKey(createPublicKey(str));
    }

    public void setPublicKey(RSAPublicKey rSAPublicKey) {
        this.publicKey = rSAPublicKey;
    }

    public List<String> getAudiences() {
        return this.audiences;
    }

    public void setAudiences(List<String> list) {
        this.audiences = list;
    }

    public void setAudiencesString(String str) {
        if (!StringUtils.isNotEmpty(str)) {
            this.audiences = null;
            return;
        }
        String[] split = str.split(",");
        this.audiences = new ArrayList();
        Collections.addAll(this.audiences, split);
    }

    public String getCookieName() {
        return this.cookieName;
    }

    public void setCookieName(String str) {
        this.cookieName = str;
    }

    public String getOriginalUrlQueryParam() {
        return this.originalUrlQueryParam;
    }

    public void setOriginalUrlQueryParam(String str) {
        this.originalUrlQueryParam = str;
    }

    public boolean isEnabledForAmbari() {
        return this.enabledForAmbari;
    }

    public void setEnabledForAmbari(boolean z) {
        this.enabledForAmbari = z;
    }

    private RSAPublicKey createPublicKey(String str) {
        RSAPublicKey rSAPublicKey = null;
        if (str != null) {
            str = str.trim();
        }
        if (!StringUtils.isEmpty(str)) {
            if (!str.startsWith(PEM_CERTIFICATE_HEADER)) {
                str = "-----BEGIN CERTIFICATE-----/n" + str;
            }
            if (!str.endsWith(PEM_CERTIFICATE_FOOTER)) {
                str = str + "/n" + PEM_CERTIFICATE_FOOTER;
            }
            try {
                rSAPublicKey = CertificateUtils.getPublicKeyFromString(str);
            } catch (UnsupportedEncodingException | CertificateException e) {
                LOG.error("Unable to parse public certificate file. JTW authentication will fail.", e);
            }
        }
        return rSAPublicKey;
    }
}
