package io.smallrye.jwt.build.impl;

import io.smallrye.jwt.util.KeyUtils;
import io.smallrye.jwt.util.ResourceUtils;
import java.io.IOException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.util.Map;
import java.util.Optional;
import java.util.UUID;
import org.eclipse.microprofile.config.ConfigProvider;
import org.eclipse.microprofile.jwt.Claims;
import org.jose4j.jwt.JwtClaims;
import org.jose4j.jwt.NumericDate;

/* loaded from: input_file:io/smallrye/jwt/build/impl/JwtBuildUtils.class */
public class JwtBuildUtils {
    public static final String SIGN_KEY_LOCATION_PROPERTY = "smallrye.jwt.sign.key.location";
    public static final String SIGN_KEY_PROPERTY = "smallrye.jwt.sign.key";
    public static final String SIGN_KEY_ID_PROPERTY = "smallrye.jwt.sign.key.id";
    public static final String SIGN_KEY_RELAX_VALIDATION_PROPERTY = "smallrye.jwt.sign.relax-key-validation";
    public static final String ENC_KEY_LOCATION_PROPERTY = "smallrye.jwt.encrypt.key.location";
    public static final String ENC_KEY_PROPERTY = "smallrye.jwt.encrypt.key";
    public static final String ENC_KEY_ID_PROPERTY = "smallrye.jwt.encrypt.key.id";
    public static final String ENC_KEY_RELAX_VALIDATION_PROPERTY = "smallrye.jwt.encrypt.relax-key-validation";
    public static final String NEW_TOKEN_ISSUER_PROPERTY = "smallrye.jwt.new-token.issuer";
    public static final String NEW_TOKEN_AUDIENCE_PROPERTY = "smallrye.jwt.new-token.audience";
    public static final String NEW_TOKEN_OVERRIDE_CLAIMS_PROPERTY = "smallrye.jwt.new-token.override-matching-claims";
    public static final String NEW_TOKEN_LIFESPAN_PROPERTY = "smallrye.jwt.new-token.lifespan";
    public static final String NEW_TOKEN_SIGNATURE_ALG_PROPERTY = "smallrye.jwt.new-token.signature-algorithm";
    public static final String NEW_TOKEN_KEY_ENCRYPTION_ALG_PROPERTY = "smallrye.jwt.new-token.key-encryption-algorithm";
    public static final String NEW_TOKEN_CONTENT_ENCRYPTION_ALG_PROPERTY = "smallrye.jwt.new-token.content-encryption-algorithm";
    public static final String KEYSTORE_PASSWORD = "smallrye.jwt.keystore.password";
    public static final String KEYSTORE_TYPE = "smallrye.jwt.keystore.type";
    public static final String KEYSTORE_PROVIDER = "smallrye.jwt.keystore.provider";
    public static final String SIGN_KEYSTORE_KEY_ALIAS = "smallrye.jwt.keystore.sign.key.alias";
    public static final String SIGN_KEYSTORE_KEY_PASSWORD = "smallrye.jwt.keystore.sign.key.password";
    public static final String ENC_KEYSTORE_KEY_ALIAS = "smallrye.jwt.keystore.encrypt.key.alias";

    private JwtBuildUtils() {
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void setDefaultJwtClaims(JwtClaims jwtClaims, Long l) {
        String str;
        String str2;
        if (!jwtClaims.hasClaim(Claims.iat.name())) {
            jwtClaims.setIssuedAt(NumericDate.fromSeconds(currentTimeInSecs()));
        }
        setExpiryClaim(jwtClaims, l);
        if (!jwtClaims.hasClaim(Claims.jti.name())) {
            jwtClaims.setClaim(Claims.jti.name(), UUID.randomUUID().toString());
        }
        Boolean bool = (Boolean) getConfigProperty(NEW_TOKEN_OVERRIDE_CLAIMS_PROPERTY, Boolean.class);
        if ((Boolean.TRUE.equals(bool) || !jwtClaims.hasClaim(Claims.iss.name())) && (str = (String) getConfigProperty(NEW_TOKEN_ISSUER_PROPERTY, String.class)) != null) {
            jwtClaims.setIssuer(str);
        }
        if ((Boolean.TRUE.equals(bool) || !jwtClaims.hasClaim(Claims.aud.name())) && (str2 = (String) getConfigProperty(NEW_TOKEN_AUDIENCE_PROPERTY, String.class)) != null) {
            jwtClaims.setAudience(str2);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static <T> T getConfigProperty(String str, Class<T> cls) {
        return (T) getConfigProperty(str, cls, null);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static <T> T getConfigProperty(String str, Class<T> cls, T t) {
        return (T) getOptionalConfigProperty(str, cls).orElse(t);
    }

    static <T> Optional<T> getOptionalConfigProperty(String str, Class<T> cls) {
        return ConfigProvider.getConfig().getOptionalValue(str, cls);
    }

    static String readJsonContent(String str) {
        try {
            String readResource = ResourceUtils.readResource(str);
            if (readResource == null) {
                throw ImplMessages.msg.failureToOpenInputStreamFromJsonResName(str);
            }
            return readResource;
        } catch (IOException e) {
            throw ImplMessages.msg.failureToReadJsonContentFromJsonResName(str, e.getMessage(), e);
        }
    }

    static JwtClaims convertToClaims(Map<String, Object> map) {
        JwtClaims jwtClaims = new JwtClaims();
        convertToClaims(jwtClaims, map);
        return jwtClaims;
    }

    static void convertToClaims(JwtClaims jwtClaims, Map<String, Object> map) {
        for (Map.Entry<String, Object> entry : map.entrySet()) {
            jwtClaims.setClaim(entry.getKey(), entry.getValue());
        }
    }

    static int currentTimeInSecs() {
        return (int) (System.currentTimeMillis() / 1000);
    }

    private static void setExpiryClaim(JwtClaims jwtClaims, Long l) {
        if (jwtClaims.hasClaim(Claims.exp.name())) {
            return;
        }
        Object claimValue = jwtClaims.getClaimValue(Claims.iat.name());
        Long valueOf = Long.valueOf(claimValue instanceof NumericDate ? ((NumericDate) claimValue).getValue() : ((Long) claimValue).longValue());
        Long l2 = l;
        if (l2 == null) {
            l2 = (Long) getConfigProperty(NEW_TOKEN_LIFESPAN_PROPERTY, Long.class, 300L);
        }
        jwtClaims.setExpirationTime(NumericDate.fromSeconds(valueOf.longValue() + l2.longValue()));
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static JwtClaims parseJwtClaims(String str) {
        try {
            return JwtClaims.parse(readJsonContent(str));
        } catch (Exception e) {
            throw ImplMessages.msg.failureToParseJWTClaims(e.getMessage(), e);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static PrivateKey readPrivateKeyFromKeystore(String str) {
        Optional optionalConfigProperty = getOptionalConfigProperty(KEYSTORE_PASSWORD, String.class);
        if (!optionalConfigProperty.isPresent()) {
            return null;
        }
        Optional optionalConfigProperty2 = getOptionalConfigProperty(SIGN_KEYSTORE_KEY_ALIAS, String.class);
        if (!optionalConfigProperty2.isPresent()) {
            return null;
        }
        try {
            return (PrivateKey) KeyUtils.loadKeyStore(str, (String) optionalConfigProperty.get(), getOptionalConfigProperty(KEYSTORE_TYPE, String.class), getOptionalConfigProperty(KEYSTORE_PROVIDER, String.class)).getKey((String) optionalConfigProperty2.get(), ((String) getOptionalConfigProperty(SIGN_KEYSTORE_KEY_PASSWORD, String.class).orElse((String) optionalConfigProperty.get())).toCharArray());
        } catch (Exception e) {
            throw ImplMessages.msg.signingKeyCanNotBeReadFromKeystore(e);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static PublicKey readPublicKeyFromKeystore(String str) {
        Optional optionalConfigProperty = getOptionalConfigProperty(KEYSTORE_PASSWORD, String.class);
        if (!optionalConfigProperty.isPresent()) {
            return null;
        }
        Optional optionalConfigProperty2 = getOptionalConfigProperty(ENC_KEYSTORE_KEY_ALIAS, String.class);
        if (!optionalConfigProperty2.isPresent()) {
            return null;
        }
        try {
            return KeyUtils.loadKeyStore(str, (String) optionalConfigProperty.get(), getOptionalConfigProperty(KEYSTORE_TYPE, String.class), getOptionalConfigProperty(KEYSTORE_PROVIDER, String.class)).getCertificate((String) optionalConfigProperty2.get()).getPublicKey();
        } catch (Exception e) {
            throw ImplMessages.msg.encryptionKeyCanNotBeReadFromKeystore(e);
        }
    }
}
