package net.officefloor.identity.google.mock;

import com.google.api.client.googleapis.auth.oauth2.GoogleIdToken;
import com.google.api.client.googleapis.auth.oauth2.GoogleIdTokenVerifier;
import com.google.api.client.googleapis.auth.oauth2.GooglePublicKeysManager;
import com.google.api.client.json.gson.GsonFactory;
import com.google.api.client.json.webtoken.JsonWebSignature;
import com.google.api.client.testing.http.MockHttpTransport;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.util.ArrayList;
import net.officefloor.identity.google.GoogleIdTokenVerifierManagedObjectSource;
import net.officefloor.test.JUnitAgnosticAssert;
import net.officefloor.test.module.ModuleAccessible;

/* loaded from: input_file:net/officefloor/identity/google/mock/AbstractGoogleIdTokenJUnit.class */
public class AbstractGoogleIdTokenJUnit {
    private static KeyPair pair = null;
    private volatile GoogleIdTokenVerifier mockVerifier = null;

    private static KeyPair getMockKeyPair() {
        if (pair == null) {
            try {
                pair = KeyPairGenerator.getInstance("RSA").generateKeyPair();
            } catch (Exception e) {
                return (KeyPair) JUnitAgnosticAssert.fail(e);
            }
        }
        return pair;
    }

    public String getMockIdToken(String str, String str2, String... strArr) {
        ensureInContext("mock id token");
        PrivateKey privateKey = getMockKeyPair().getPrivate();
        JsonWebSignature.Header algorithm = new JsonWebSignature.Header().setAlgorithm("RS256");
        GoogleIdToken.Payload issuer = new GoogleIdToken.Payload().setSubject(str).setEmail(str2).setEmailVerified(true).setIssuedAtTimeSeconds(Long.valueOf(this.mockVerifier.getClock().currentTimeMillis())).setExpirationTimeSeconds(10L).setIssuer(this.mockVerifier.getIssuer());
        for (int i = 0; i < strArr.length; i += 2) {
            issuer = issuer.set(strArr[i], strArr[i + 1]);
        }
        try {
            return GoogleIdToken.signUsingRsaSha256(privateKey, GsonFactory.getDefaultInstance(), algorithm, issuer);
        } catch (Exception e) {
            return (String) JUnitAgnosticAssert.fail(e);
        }
    }

    public GoogleIdTokenVerifier getGoogleIdTokenVerifier() {
        ensureInContext(GoogleIdTokenVerifier.class.getSimpleName());
        return this.mockVerifier;
    }

    private void ensureInContext(String str) {
        if (this.mockVerifier == null) {
            throw new IllegalStateException("Can only obtain " + str + " within context of rule");
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void setupMockTokens() {
        final PublicKey publicKey = getMockKeyPair().getPublic();
        GooglePublicKeysManager googlePublicKeysManager = new GooglePublicKeysManager(new MockHttpTransport(), GsonFactory.getDefaultInstance()) { // from class: net.officefloor.identity.google.mock.AbstractGoogleIdTokenJUnit.1
            public GooglePublicKeysManager refresh() throws GeneralSecurityException, IOException {
                ArrayList arrayList = new ArrayList();
                arrayList.add(publicKey);
                ModuleAccessible.setFieldValue(this, "publicKeys", arrayList, "Setting up Google mock tokens");
                return this;
            }
        };
        this.mockVerifier = new GoogleIdTokenVerifier.Builder(googlePublicKeysManager).setClock(() -> {
            return 300L;
        }).build();
        GoogleIdTokenVerifierManagedObjectSource.setVerifyFactory(() -> {
            return getGoogleIdTokenVerifier();
        });
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void tearDownMockTokens() {
        GoogleIdTokenVerifierManagedObjectSource.setVerifyFactory(null);
        this.mockVerifier = null;
    }
}
