package com.nimbusds.jose.aws.kms.scripts;

import com.amazonaws.services.kms.AWSKMSClientBuilder;
import com.nimbusds.jose.EncryptionMethod;
import com.nimbusds.jose.JWEAlgorithm;
import com.nimbusds.jose.JWEHeader;
import com.nimbusds.jose.JWEObject;
import com.nimbusds.jose.Payload;
import com.nimbusds.jose.aws.kms.crypto.KmsSymmetricEncrypter;
import org.apache.commons.cli.CommandLine;
import org.apache.commons.cli.DefaultParser;
import org.apache.commons.cli.HelpFormatter;
import org.apache.commons.cli.Option;
import org.apache.commons.cli.Options;

/* loaded from: input_file:com/nimbusds/jose/aws/kms/scripts/KmsSymmetricJweCompactEncrypterScript.class */
public class KmsSymmetricJweCompactEncrypterScript {
    private static final String COMMAND = "gradle kmsSymmetricJWSEncrypt";

    public static void main(String[] strArr) throws Exception {
        new KmsSymmetricJweCompactEncrypterScript().execute(strArr);
    }

    private void execute(String[] strArr) throws Exception {
        Options buildOptions = buildOptions();
        CommandLine parse = new DefaultParser().parse(buildOptions, strArr);
        if (parse.hasOption("help")) {
            System.out.println(ScriptConstants.LINE_SEPARATOR);
            new HelpFormatter().printHelp(COMMAND, buildOptions);
            System.out.println(ScriptConstants.LINE_SEPARATOR);
        } else if (!parse.hasOption("alg") || !parse.hasOption(KmsSymmetricJweCompactEncrypterScriptOptionNames.ENC) || !parse.hasOption("kid") || !parse.hasOption("payload")) {
            System.out.printf("%1$s%2$s, %3$s, %4$s and %5$s options are required. Use '%6$s' for details of these options.%1$s", ScriptConstants.LINE_SEPARATOR, "alg", KmsSymmetricJweCompactEncrypterScriptOptionNames.ENC, "kid", "payload", "help");
        } else {
            System.out.printf("%1$sJWE Token:%1$s%2$s%1$s", ScriptConstants.LINE_SEPARATOR, encrypt(JWEAlgorithm.parse(parse.getOptionValue("alg")), EncryptionMethod.parse(parse.getOptionValue(KmsSymmetricJweCompactEncrypterScriptOptionNames.ENC)), parse.getOptionValue("kid"), parse.getOptionValue("payload")).serialize());
        }
    }

    private Options buildOptions() {
        Options options = new Options();
        options.addOption(Option.builder().longOpt("help").desc("Print this help message.").build());
        options.addOption(Option.builder().hasArg().longOpt("alg").desc("Data-key encryption algorithm").build());
        options.addOption(Option.builder().hasArg().longOpt(KmsSymmetricJweCompactEncrypterScriptOptionNames.ENC).desc("Content encryption algorithm/method.").build());
        options.addOption(Option.builder().hasArg().longOpt("kid").desc("Id of the key, which should used for encrypting data-key. Pass a KMS CMK ARN or alias ARN. Note: You'll have to configure credentials of an IAM user in the default profile, who as access to the provided CMK. Follow these instruction to configure user credentials: https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-files.html#cli-configure-files-where").build());
        options.addOption(Option.builder().longOpt("payload").hasArg().desc("Payload to encrypt.").build());
        return options;
    }

    private JWEObject encrypt(JWEAlgorithm jWEAlgorithm, EncryptionMethod encryptionMethod, String str, String str2) throws Exception {
        KmsSymmetricEncrypter kmsSymmetricEncrypter = new KmsSymmetricEncrypter(AWSKMSClientBuilder.defaultClient(), str);
        JWEObject jWEObject = new JWEObject(new JWEHeader.Builder(jWEAlgorithm, encryptionMethod).keyID(str).build(), new Payload(str2));
        jWEObject.encrypt(kmsSymmetricEncrypter);
        return jWEObject;
    }
}
