package net.savantly.jwt;

import com.nimbusds.jose.JOSEException;
import com.nimbusds.jose.JWSAlgorithm;
import com.nimbusds.jose.JWSHeader;
import com.nimbusds.jose.JWSSigner;
import com.nimbusds.jose.crypto.RSASSASigner;
import com.nimbusds.jose.jwk.JWK;
import com.nimbusds.jose.jwk.RSAKey;
import com.nimbusds.jose.jwk.gen.RSAKeyGenerator;
import com.nimbusds.jwt.JWTClaimsSet;
import com.nimbusds.jwt.SignedJWT;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.text.ParseException;
import java.time.Instant;
import java.time.temporal.ChronoUnit;
import java.time.temporal.TemporalUnit;
import java.util.ArrayList;
import java.util.Date;
import java.util.List;
import org.springframework.core.io.Resource;

/* loaded from: input_file:net/savantly/jwt/JwtService.class */
public class JwtService {
    private final RSAKey rsaJWK;
    private final RSAKey rsaPublicJWK;
    private final JWSSigner signer;

    public JwtService(String str) {
        try {
            this.rsaJWK = new RSAKeyGenerator(2048).keyID(str).generate();
            this.rsaPublicJWK = this.rsaJWK.toPublicJWK();
            this.signer = new RSASSASigner(this.rsaJWK);
        } catch (JOSEException e) {
            throw new RuntimeException((Throwable) e);
        }
    }

    public JwtService(Resource resource) throws IOException, JOSEException, ParseException {
        this.rsaJWK = RSAKey.parse(JWK.parseFromPEMEncodedObjects(new String(readAllBytes(resource.getInputStream()))).toJSONObject().toString());
        this.rsaPublicJWK = this.rsaJWK.toPublicJWK();
        this.signer = new RSASSASigner(this.rsaJWK);
    }

    public String createJWT(String str) {
        return createJWT(str, new ArrayList());
    }

    public String createJWT(String str, List<String> list) {
        return createJWT(str, list, new ArrayList());
    }

    public String createJWT(String str, List<String> list, List<String> list2) {
        return createJWT(str, list, list2, 60L);
    }

    public String createJWT(String str, List<String> list, List<String> list2, long j) {
        SignedJWT signedJWT = new SignedJWT(new JWSHeader.Builder(JWSAlgorithm.RS256).keyID(this.rsaJWK.getKeyID()).build(), new JWTClaimsSet.Builder().subject(str).issuer("https://savantly").issueTime(new Date()).expirationTime(new Date(Instant.now().plus(j, (TemporalUnit) ChronoUnit.MINUTES).toEpochMilli())).claim("groups", list).claim("scp", list2).claim("preferred_username", str).build());
        try {
            signedJWT.sign(this.signer);
            return signedJWT.serialize();
        } catch (JOSEException e) {
            throw new RuntimeException("Failed while creating the RSA signature for the JWT");
        }
    }

    public RSAKey getRsaPublicJWK() {
        return this.rsaPublicJWK;
    }

    byte[] readAllBytes(InputStream inputStream) throws IOException {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        byte[] bArr = new byte[1024];
        int i = 0;
        while (true) {
            int i2 = i;
            if (i2 == -1) {
                return byteArrayOutputStream.toByteArray();
            }
            byteArrayOutputStream.write(bArr, 0, i2);
            i = inputStream.read(bArr);
        }
    }
}
