package ch.software_atelier.simpleflex.rest.auth.token;

import ch.software_atelier.simpleflex.rest.RestRequest;
import ch.software_atelier.simpleflex.rest.auth.utils.JSONHelper;
import ch.software_atelier.simpleflex.rest.auth.utils.StrHlp;
import io.jsonwebtoken.ExpiredJwtException;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.MalformedJwtException;
import io.jsonwebtoken.SignatureException;
import io.jsonwebtoken.UnsupportedJwtException;
import io.jsonwebtoken.impl.DefaultClaims;
import java.io.UnsupportedEncodingException;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
import java.util.NoSuchElementException;
import java.util.StringTokenizer;
import org.json.JSONObject;

/* loaded from: input_file:ch/software_atelier/simpleflex/rest/auth/token/TokenParser.class */
public class TokenParser {
    private final String _secret;

    public TokenParser(String str) {
        this._secret = str;
    }

    public String getToken(RestRequest restRequest) {
        try {
            if (restRequest.getHeaderValue("Authorization") == null) {
                return restRequest.getRequestArgument("token");
            }
            StringTokenizer stringTokenizer = new StringTokenizer(restRequest.getHeaderValue("Authorization"));
            stringTokenizer.nextToken();
            return stringTokenizer.nextToken();
        } catch (NullPointerException | NoSuchElementException e) {
            return null;
        }
    }

    public boolean isAdmin(String str) throws TokenHandlerException {
        return ((Boolean) getClaims(str).get("admin")).booleanValue();
    }

    public String getUsername(String str) throws TokenHandlerException {
        return getClaims(str).get("username").toString();
    }

    public boolean allowes(String str, JSONObject jSONObject) throws TokenHandlerException {
        DefaultClaims claims = getClaims(str);
        for (String str2 : jSONObject.keySet()) {
            if (!claims.containsKey(str2) || !jSONObject.get(str2).equals(claims.get(str2))) {
                return false;
            }
        }
        return true;
    }

    public boolean isAuthorized(String str, String str2) throws TokenHandlerException {
        return getRealms(str).contains(str2);
    }

    public boolean verifyACL(String str, String str2) throws TokenHandlerException {
        Object atPath;
        try {
            List<String> list = StrHlp.tokenize(str, "/");
            JSONObject mapToJSON = JSONHelper.mapToJSON((Map) getClaims(str2).get("acl", Map.class));
            boolean booleanValue = JSONHelper.getAtPath(mapToJSON, "/_access") != null ? ((Boolean) JSONHelper.getAtPath(mapToJSON, "/_access")).booleanValue() : false;
            StringBuffer stringBuffer = new StringBuffer();
            for (String str3 : list) {
                if (JSONHelper.getAtPath(mapToJSON, new StringBuffer().append(stringBuffer).append("/").append(str3).toString()) == null) {
                    atPath = JSONHelper.getAtPath(mapToJSON, ((Object) stringBuffer) + "/_other/_access");
                    stringBuffer.append("/_other");
                } else {
                    atPath = JSONHelper.getAtPath(mapToJSON, ((Object) stringBuffer) + "/" + str3 + "/_access");
                    stringBuffer.append("/").append(str3);
                }
                if (atPath != null) {
                    booleanValue = ((Boolean) atPath).booleanValue();
                }
            }
            return booleanValue;
        } catch (ClassCastException e) {
            return false;
        }
    }

    public ArrayList<String> getRealms(String str) throws TokenHandlerException {
        return (ArrayList) getClaims(str).get("realms");
    }

    public DefaultClaims getClaims(String str) throws TokenHandlerException {
        try {
            return (DefaultClaims) Jwts.parser().setSigningKey(this._secret.getBytes("UTF-8")).parse(str).getBody();
        } catch (UnsupportedEncodingException e) {
            throw new TokenHandlerException(-100);
        } catch (ExpiredJwtException e2) {
            throw new TokenHandlerException(-2);
        } catch (IllegalArgumentException | UnsupportedJwtException | MalformedJwtException e3) {
            throw new TokenHandlerException(-3);
        } catch (SignatureException e4) {
            throw new TokenHandlerException(-1);
        }
    }
}
