package com.sap.cloud.security.xsuaa.client;

import com.sap.cloud.security.client.HttpClientFactory;
import com.sap.cloud.security.xsuaa.Assertions;
import com.sap.cloud.security.xsuaa.http.HttpHeaders;
import com.sap.cloud.security.xsuaa.util.HttpClientUtil;
import java.io.IOException;
import java.net.URI;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.impl.client.CloseableHttpClient;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/sap/cloud/security/xsuaa/client/DefaultOAuth2TokenKeyService.class */
public class DefaultOAuth2TokenKeyService implements OAuth2TokenKeyService {
    private static final Logger LOGGER = LoggerFactory.getLogger(DefaultOAuth2TokenKeyService.class);
    private final CloseableHttpClient httpClient;

    public DefaultOAuth2TokenKeyService() {
        this.httpClient = HttpClientFactory.create(null);
    }

    public DefaultOAuth2TokenKeyService(@Nonnull CloseableHttpClient closeableHttpClient) {
        Assertions.assertNotNull(closeableHttpClient, "httpClient is required");
        this.httpClient = closeableHttpClient;
    }

    @Override // com.sap.cloud.security.xsuaa.client.OAuth2TokenKeyService
    public String retrieveTokenKeys(URI uri, @Nullable String str) throws OAuth2ServiceException {
        Assertions.assertNotNull(uri, "Token key endpoint must not be null!");
        HttpGet httpGet = new HttpGet(uri);
        if (str != null) {
            httpGet.addHeader(HttpHeaders.X_ZONE_UUID, str);
        }
        httpGet.addHeader("User-Agent", HttpClientUtil.getUserAgent());
        LOGGER.debug("Executing token key retrieval GET request to {} with headers: {} ", uri, httpGet.getAllHeaders());
        try {
            CloseableHttpResponse execute = this.httpClient.execute(httpGet);
            try {
                String extractResponseBodyAsString = HttpClientUtil.extractResponseBodyAsString(execute);
                int statusCode = execute.getStatusLine().getStatusCode();
                if (statusCode != 200) {
                    throw OAuth2ServiceException.builder("Error retrieving token keys for x-zone_uuid " + str).withUri(uri).withHeaders("x-zone_uuid=" + str).withStatusCode(statusCode).withResponseBody(extractResponseBodyAsString).build();
                }
                LOGGER.debug("Successfully retrieved token keys from {} for zone '{}'", uri, str);
                if (execute != null) {
                    execute.close();
                }
                return extractResponseBodyAsString;
            } finally {
            }
        } catch (IOException e) {
            throw new OAuth2ServiceException("Error retrieving token keys: " + e.getMessage());
        }
    }
}
