package io.hawt.web.auth.oidc.token;

import com.nimbusds.jose.JOSEException;
import com.nimbusds.jose.JWSAlgorithm;
import com.nimbusds.jose.JWSHeader;
import com.nimbusds.jose.jwk.JWK;
import com.nimbusds.jose.jwk.KeyUse;
import com.nimbusds.jose.proc.JWKSecurityContext;
import com.nimbusds.jose.proc.JWSKeySelector;
import java.security.Key;
import java.util.Collections;
import java.util.List;

/* loaded from: input_file:BOOT-INF/lib/hawtio-system-4.0.0.jar:io/hawt/web/auth/oidc/token/KidKeySelector.class */
public class KidKeySelector implements JWSKeySelector<JWKSecurityContext> {
    @Override // com.nimbusds.jose.proc.JWSKeySelector
    public List<? extends Key> selectJWSKeys(JWSHeader jWSHeader, JWKSecurityContext jWKSecurityContext) {
        for (JWK jwk : jWKSecurityContext.getKeys()) {
            if (jwk.getKeyUse() == KeyUse.SIGNATURE && jwk.getKeyID().equals(jWSHeader.getKeyID())) {
                if (JWSAlgorithm.Family.RSA.contains(jWSHeader.getAlgorithm())) {
                    try {
                        return Collections.singletonList(jwk.toRSAKey().toPublicKey());
                    } catch (JOSEException e) {
                    }
                }
                if (JWSAlgorithm.Family.EC.contains(jWSHeader.getAlgorithm())) {
                    try {
                        return Collections.singletonList(jwk.toECKey().toPublicKey());
                    } catch (JOSEException e2) {
                    }
                } else {
                    continue;
                }
            }
        }
        return Collections.emptyList();
    }
}
