package net.rwx.padlock.internal;

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.ObjectInputStream;
import java.io.ObjectOutputStream;
import java.lang.annotation.Annotation;
import java.lang.reflect.Type;
import java.util.Base64;
import java.util.Enumeration;
import java.util.Optional;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.enterprise.context.ApplicationScoped;
import javax.enterprise.inject.spi.Bean;
import javax.enterprise.inject.spi.BeanManager;
import javax.inject.Inject;
import javax.ws.rs.core.Application;
import javax.ws.rs.core.Context;
import net.rwx.padlock.KeyProvider;
import net.rwx.padlock.PadlockSession;
import org.jose4j.jws.JsonWebSignature;
import org.jose4j.jwt.JwtClaims;
import org.jose4j.jwt.consumer.JwtConsumer;
import org.jose4j.jwt.consumer.JwtConsumerBuilder;
import org.jose4j.keys.HmacKey;
import org.jose4j.lang.JoseException;

@ApplicationScoped
/* loaded from: input_file:net/rwx/padlock/internal/TokenHelper.class */
class TokenHelper {
    private static final String CLAIM_AUTHENTICATED = "net.rwx.padlock.authenticated";
    private static final String CLAIM_ATTRIBUTE_PREFIX = "net.rwx.padlock.attribute.";
    private static final Logger logger = Logger.getLogger(TokenHelper.class.getName());

    @Context
    private Application application;

    @Inject
    private BeanManager beanManager;

    TokenHelper() {
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void parseTokenAndExtractBean(PadlockSession padlockSession, String str) throws BadTokenException {
        try {
            JwtClaims processToClaims = buildTokenConsumer().processToClaims(str);
            for (String str2 : processToClaims.getClaimNames()) {
                if (str2.startsWith(CLAIM_ATTRIBUTE_PREFIX)) {
                    padlockSession.setAttribute(str2.substring(CLAIM_ATTRIBUTE_PREFIX.length()), deserializeBean((String) processToClaims.getClaimValue(str2, String.class)));
                } else if (str2.equals(CLAIM_AUTHENTICATED)) {
                    padlockSession.setAuthenticated(((Boolean) processToClaims.getClaimValue(str2, Boolean.class)).booleanValue());
                }
            }
        } catch (Exception e) {
            logger.log(Level.WARNING, "Error while parsing JWT token", (Throwable) e);
            throw new BadTokenException();
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String serializeBeanAndCreateToken(PadlockSession padlockSession) {
        try {
            JwtClaims jwtClaims = new JwtClaims();
            Enumeration<String> attributeNames = padlockSession.getAttributeNames();
            while (attributeNames.hasMoreElements()) {
                String nextElement = attributeNames.nextElement();
                jwtClaims.setClaim(CLAIM_ATTRIBUTE_PREFIX + nextElement, serializeBean(padlockSession.getAttribute(nextElement)));
            }
            jwtClaims.setClaim(CLAIM_AUTHENTICATED, Boolean.valueOf(padlockSession.isAuthenticated()));
            JsonWebSignature jsonWebSignature = new JsonWebSignature();
            jsonWebSignature.setPayload(jwtClaims.toJson());
            jsonWebSignature.setKey(new HmacKey(retreiveProvidedKey()));
            jsonWebSignature.setAlgorithmHeaderValue("HS256");
            return jsonWebSignature.getCompactSerialization();
        } catch (IOException | JoseException e) {
            logger.log(Level.WARNING, "Error while creating JWT token", (Throwable) e);
            throw new RuntimeException(e);
        }
    }

    private JwtConsumer buildTokenConsumer() {
        return new JwtConsumerBuilder().setVerificationKey(new HmacKey(retreiveProvidedKey())).build();
    }

    private byte[] retreiveProvidedKey() {
        Optional findFirst = this.application.getClasses().stream().filter(cls -> {
            return KeyProvider.class.isAssignableFrom(cls);
        }).findFirst();
        if (!findFirst.isPresent()) {
            throw new RuntimeException("No key provided");
        }
        Bean resolve = this.beanManager.resolve(this.beanManager.getBeans((Type) findFirst.get(), new Annotation[0]));
        return ((KeyProvider) this.beanManager.getReference(resolve, (Type) findFirst.get(), this.beanManager.createCreationalContext(resolve))).getKey();
    }

    private Object deserializeBean(String str) throws Exception {
        ObjectInputStream buildObjectInputStream = buildObjectInputStream(str);
        Throwable th = null;
        try {
            try {
                Object readObject = buildObjectInputStream.readObject();
                if (buildObjectInputStream != null) {
                    if (0 != 0) {
                        try {
                            buildObjectInputStream.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        buildObjectInputStream.close();
                    }
                }
                return readObject;
            } finally {
            }
        } catch (Throwable th3) {
            if (buildObjectInputStream != null) {
                if (th != null) {
                    try {
                        buildObjectInputStream.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    buildObjectInputStream.close();
                }
            }
            throw th3;
        }
    }

    private String serializeBean(Object obj) throws IOException {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        ObjectOutputStream objectOutputStream = new ObjectOutputStream(byteArrayOutputStream);
        Throwable th = null;
        try {
            try {
                objectOutputStream.writeObject(obj);
                if (objectOutputStream != null) {
                    if (0 != 0) {
                        try {
                            objectOutputStream.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        objectOutputStream.close();
                    }
                }
                return Base64.getEncoder().encodeToString(byteArrayOutputStream.toByteArray());
            } finally {
            }
        } catch (Throwable th3) {
            if (objectOutputStream != null) {
                if (th != null) {
                    try {
                        objectOutputStream.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    objectOutputStream.close();
                }
            }
            throw th3;
        }
    }

    private static ObjectInputStream buildObjectInputStream(String str) throws IOException {
        return new ObjectInputStream(new ByteArrayInputStream(Base64.getDecoder().decode(str)));
    }
}
