package com.auth0.android.provider;

import androidx.annotation.NonNull;
import androidx.annotation.Nullable;
import com.auth0.android.authentication.AuthenticationAPIClient;
import com.auth0.android.authentication.AuthenticationException;
import com.auth0.android.callback.AuthenticationCallback;
import com.auth0.android.callback.Callback;
import com.auth0.android.request.internal.Jwt;
import io.reactivex.annotations.SchedulerSupport;
import java.security.InvalidKeyException;
import java.security.PublicKey;
import java.util.List;
import java.util.Map;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: classes.dex */
public abstract class SignatureVerifier {
    private final List<String> supportedAlgorithms;

    /* JADX INFO: Access modifiers changed from: package-private */
    public SignatureVerifier(List<String> list) {
        this.supportedAlgorithms = list;
    }

    private void checkAlgorithm(String str) throws TokenValidationException {
        if (!this.supportedAlgorithms.contains(str) || SchedulerSupport.NONE.equalsIgnoreCase(str)) {
            if (this.supportedAlgorithms.size() != 1) {
                throw new TokenValidationException(String.format("Signature algorithm of \"%s\" is not supported. Expected the ID token to be signed with any of %s.", str, this.supportedAlgorithms));
            }
            throw new TokenValidationException(String.format("Signature algorithm of \"%s\" is not supported. Expected the ID token to be signed with %s.", str, this.supportedAlgorithms.get(0)));
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void forAsymmetricAlgorithm(@Nullable final String str, @NonNull AuthenticationAPIClient authenticationAPIClient, @NonNull final Callback<SignatureVerifier, TokenValidationException> callback) {
        authenticationAPIClient.fetchJsonWebKeys().start(new AuthenticationCallback<Map<String, PublicKey>>() { // from class: com.auth0.android.provider.SignatureVerifier.1
            @Override // com.auth0.android.callback.Callback
            public void onFailure(@NonNull AuthenticationException authenticationException) {
                callback.onFailure(new TokenValidationException(String.format("Could not find a public key for kid \"%s\"", str)));
            }

            @Override // com.auth0.android.callback.Callback
            public void onSuccess(@Nullable Map<String, PublicKey> map) {
                try {
                    callback.onSuccess(new AsymmetricSignatureVerifier(map.get(str)));
                } catch (InvalidKeyException unused) {
                    callback.onFailure(new TokenValidationException(String.format("Could not find a public key for kid \"%s\"", str)));
                }
            }
        });
    }

    protected abstract void checkSignature(@NonNull String[] strArr) throws TokenValidationException;

    /* JADX INFO: Access modifiers changed from: package-private */
    public void verify(@NonNull Jwt jwt) throws TokenValidationException {
        checkAlgorithm(jwt.getAlgorithm());
        checkSignature(jwt.getParts());
    }
}
