package net.bingosoft.oss.ssoclient.internal;

import java.io.UnsupportedEncodingException;
import java.security.Signature;
import java.security.SignatureException;
import java.security.interfaces.RSAPublicKey;
import java.util.Map;
import net.bingosoft.oss.ssoclient.exception.InvalidTokenException;

/* loaded from: input_file:net/bingosoft/oss/ssoclient/internal/JWT.class */
public class JWT {
    public static final String UTF_8 = "UTF-8";
    public static final String ALGORITHM = "SHA256withRSA";

    public static Map<String, Object> verity(String str, RSAPublicKey rSAPublicKey) throws InvalidTokenException {
        String[] split = str.split("\\.");
        if (split.length != 3) {
            throw new InvalidTokenException("Invalid jwt: length of parts expect 3 but actual " + split.length + ", token:" + str);
        }
        String str2 = split[0] + "." + split[1];
        String str3 = split[1];
        if (!verifySignature(str2, split[2], rSAPublicKey)) {
            return null;
        }
        try {
            return JSON.decodeToMap(new String(Base64.urlDecode(str3), UTF_8));
        } catch (UnsupportedEncodingException e) {
            throw new RuntimeException(e);
        }
    }

    private static boolean verifySignature(String str, String str2, RSAPublicKey rSAPublicKey) throws InvalidTokenException {
        try {
            byte[] urlDecode = Base64.urlDecode(str2);
            byte[] bytes = str.getBytes(UTF_8);
            Signature signature = Signature.getInstance(ALGORITHM);
            signature.initVerify(rSAPublicKey);
            signature.update(bytes);
            return signature.verify(urlDecode);
        } catch (SignatureException e) {
            throw new InvalidTokenException("Invalid signature", e);
        } catch (Exception e2) {
            throw new RuntimeException("Verify signature error", e2);
        }
    }
}
