package net.officefloor.identity.google.mock;

import com.google.api.client.googleapis.auth.oauth2.GoogleIdToken;
import com.google.api.client.googleapis.auth.oauth2.GoogleIdTokenVerifier;
import com.google.api.client.googleapis.auth.oauth2.GooglePublicKeysManager;
import com.google.api.client.json.jackson2.JacksonFactory;
import com.google.api.client.json.webtoken.JsonWebSignature;
import com.google.api.client.testing.http.MockHttpTransport;
import java.io.IOException;
import java.lang.reflect.Field;
import java.security.GeneralSecurityException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.util.ArrayList;
import net.officefloor.identity.google.GoogleIdTokenVerifierManagedObjectSource;
import org.junit.rules.TestRule;
import org.junit.runner.Description;
import org.junit.runners.model.Statement;

/* loaded from: input_file:net/officefloor/identity/google/mock/GoogleIdTokenRule.class */
public class GoogleIdTokenRule implements TestRule {
    private static KeyPair pair = null;
    private volatile GoogleIdTokenVerifier mockVerifier = null;
    private volatile String googleClientId = null;

    private static KeyPair getMockKeyPair() throws Exception {
        if (pair == null) {
            pair = KeyPairGenerator.getInstance("RSA").generateKeyPair();
        }
        return pair;
    }

    public String getMockIdToken(String str, String str2, String... strArr) throws Exception {
        ensureInContext("mock id token");
        PrivateKey privateKey = getMockKeyPair().getPrivate();
        JsonWebSignature.Header algorithm = new JsonWebSignature.Header().setAlgorithm("RS256");
        GoogleIdToken.Payload issuer = new GoogleIdToken.Payload().setSubject(str).setEmail(str2).setIssuedAtTimeSeconds(Long.valueOf(this.mockVerifier.getClock().currentTimeMillis())).setExpirationTimeSeconds(10L).setIssuer(this.mockVerifier.getIssuer());
        for (int i = 0; i < strArr.length; i += 2) {
            issuer = issuer.set(strArr[i], strArr[i + 1]);
        }
        return GoogleIdToken.signUsingRsaSha256(privateKey, JacksonFactory.getDefaultInstance(), algorithm, issuer);
    }

    public GoogleIdTokenVerifier getGoogleIdTokenVerifier() {
        ensureInContext(GoogleIdTokenVerifier.class.getSimpleName());
        return this.mockVerifier;
    }

    public String getGoogleClientId() {
        ensureInContext("google client id");
        return this.googleClientId;
    }

    private void ensureInContext(String str) {
        if (this.mockVerifier == null) {
            throw new IllegalStateException("Can only obtain " + str + " within context of rule");
        }
    }

    public Statement apply(final Statement statement, Description description) {
        return new Statement() { // from class: net.officefloor.identity.google.mock.GoogleIdTokenRule.1
            public void evaluate() throws Throwable {
                GoogleIdTokenRule googleIdTokenRule = GoogleIdTokenRule.this;
                final PublicKey publicKey = GoogleIdTokenRule.access$000().getPublic();
                GooglePublicKeysManager googlePublicKeysManager = new GooglePublicKeysManager(new MockHttpTransport(), JacksonFactory.getDefaultInstance()) { // from class: net.officefloor.identity.google.mock.GoogleIdTokenRule.1.1
                    public GooglePublicKeysManager refresh() throws GeneralSecurityException, IOException {
                        try {
                            Field declaredField = GooglePublicKeysManager.class.getDeclaredField("publicKeys");
                            declaredField.setAccessible(true);
                            ArrayList arrayList = new ArrayList();
                            arrayList.add(publicKey);
                            declaredField.set(this, arrayList);
                            return this;
                        } catch (Exception e) {
                            throw new GeneralSecurityException(e);
                        }
                    }
                };
                try {
                    googleIdTokenRule.mockVerifier = new GoogleIdTokenVerifier.Builder(googlePublicKeysManager).setClock(() -> {
                        return 300L;
                    }).build();
                    GoogleIdTokenVerifierManagedObjectSource.GoogleIdTokenVerifierFactory googleIdTokenVerifierFactory = str -> {
                        googleIdTokenRule.googleClientId = str;
                        return googleIdTokenRule.getGoogleIdTokenVerifier();
                    };
                    Statement statement2 = statement;
                    GoogleIdTokenVerifierManagedObjectSource.runWithFactory(googleIdTokenVerifierFactory, () -> {
                        statement2.evaluate();
                    });
                    googleIdTokenRule.mockVerifier = null;
                    googleIdTokenRule.googleClientId = null;
                } catch (Throwable th) {
                    googleIdTokenRule.mockVerifier = null;
                    googleIdTokenRule.googleClientId = null;
                    throw th;
                }
            }
        };
    }

    static /* synthetic */ KeyPair access$000() throws Exception {
        return getMockKeyPair();
    }
}
