package org.apereo.cas.oidc.jwks.generator.jpa;

import java.util.Optional;
import javax.persistence.EntityManager;
import javax.persistence.PersistenceContext;
import lombok.Generated;
import org.apereo.cas.configuration.model.support.oidc.OidcProperties;
import org.apereo.cas.oidc.jwks.generator.OidcJsonWebKeystoreEntity;
import org.apereo.cas.oidc.jwks.generator.OidcJsonWebKeystoreGeneratorService;
import org.jooq.lambda.Unchecked;
import org.jose4j.jwk.JsonWebKey;
import org.jose4j.jwk.JsonWebKeySet;
import org.springframework.core.annotation.Order;
import org.springframework.core.io.Resource;
import org.springframework.transaction.annotation.EnableTransactionManagement;
import org.springframework.transaction.annotation.Transactional;
import org.springframework.transaction.support.TransactionOperations;

@Transactional(transactionManager = "transactionManagerOidcJwks")
@EnableTransactionManagement(proxyTargetClass = false)
@Order(Integer.MIN_VALUE)
/* loaded from: input_file:WEB-INF/lib/cas-server-support-oidc-core-api-6.6.15.jar:org/apereo/cas/oidc/jwks/generator/jpa/OidcJpaJsonWebKeystoreGeneratorService.class */
public class OidcJpaJsonWebKeystoreGeneratorService implements OidcJsonWebKeystoreGeneratorService {
    private final OidcProperties oidcProperties;
    private final TransactionOperations transactionTemplate;

    @PersistenceContext(unitName = "oidcJwksEntityManagerFactory")
    private EntityManager entityManager;

    @Override // org.apereo.cas.oidc.jwks.generator.OidcJsonWebKeystoreGeneratorService
    public Optional<Resource> find() {
        return Optional.ofNullable((OidcJsonWebKeystoreEntity) this.entityManager.find(OidcJsonWebKeystoreEntity.class, this.oidcProperties.getCore().getIssuer())).map(Unchecked.function(oidcJsonWebKeystoreEntity -> {
            return OidcJsonWebKeystoreGeneratorService.toResource(new JsonWebKeySet(oidcJsonWebKeystoreEntity.getData()));
        }));
    }

    @Override // org.apereo.cas.oidc.jwks.generator.OidcJsonWebKeystoreGeneratorService
    public Resource generate() {
        return (Resource) Optional.ofNullable((OidcJsonWebKeystoreEntity) this.entityManager.find(OidcJsonWebKeystoreEntity.class, this.oidcProperties.getCore().getIssuer())).map(Unchecked.function(oidcJsonWebKeystoreEntity -> {
            return OidcJsonWebKeystoreGeneratorService.toResource(new JsonWebKeySet(oidcJsonWebKeystoreEntity.getData()));
        })).orElseGet(Unchecked.supplier(() -> {
            return OidcJsonWebKeystoreGeneratorService.toResource(store(OidcJsonWebKeystoreGeneratorService.generateJsonWebKeySet(this.oidcProperties)));
        }));
    }

    @Override // org.apereo.cas.oidc.jwks.generator.OidcJsonWebKeystoreGeneratorService
    public JsonWebKeySet store(JsonWebKeySet jsonWebKeySet) throws Exception {
        String issuer = this.oidcProperties.getCore().getIssuer();
        return (JsonWebKeySet) this.transactionTemplate.execute(transactionStatus -> {
            String json = jsonWebKeySet.toJson(JsonWebKey.OutputControlLevel.INCLUDE_PRIVATE);
            Optional.ofNullable((OidcJsonWebKeystoreEntity) this.entityManager.find(OidcJsonWebKeystoreEntity.class, issuer)).ifPresentOrElse(oidcJsonWebKeystoreEntity -> {
                oidcJsonWebKeystoreEntity.setData(json);
                this.entityManager.merge(oidcJsonWebKeystoreEntity);
            }, () -> {
                this.entityManager.persist(new OidcJsonWebKeystoreEntity(issuer, json));
            });
            return jsonWebKeySet;
        });
    }

    @Generated
    public OidcJpaJsonWebKeystoreGeneratorService(OidcProperties oidcProperties, TransactionOperations transactionOperations) {
        this.oidcProperties = oidcProperties;
        this.transactionTemplate = transactionOperations;
    }
}
