package org.picketlink.json.sig;

import java.io.UnsupportedEncodingException;
import org.json.JSONException;
import org.json.JSONObject;
import org.picketlink.common.PicketLinkLogger;
import org.picketlink.common.PicketLinkLoggerFactory;
import org.picketlink.common.exceptions.ProcessingException;
import org.picketlink.common.util.Base64;
import org.picketlink.json.PicketLinkJSONConstants;
import org.picketlink.json.PicketLinkJSONMessages;
import org.picketlink.json.util.HmacSha256Util;
import org.picketlink.json.util.PicketLinkJSONUtil;

/* loaded from: input_file:WEB-INF/classes/org/picketlink/json/sig/JSONWebSignature.class */
public class JSONWebSignature {
    private static final PicketLinkLogger logger = PicketLinkLoggerFactory.getLogger();
    protected JSONObject payload;
    protected JSONWebSignatureHeader header;

    public JSONWebSignatureHeader createHeader(String str) {
        if (this.header == null) {
            this.header = new JSONWebSignatureHeader(str);
        }
        return this.header;
    }

    public JSONObject getPayload() {
        return this.payload;
    }

    public void setPayload(JSONObject jSONObject) {
        this.payload = jSONObject;
    }

    public void setPayload(String str) throws JSONException {
        this.payload = new JSONObject(str);
    }

    public JSONWebSignatureHeader getHeader() {
        return this.header;
    }

    public void setHeader(JSONWebSignatureHeader jSONWebSignatureHeader) {
        this.header = jSONWebSignatureHeader;
    }

    public String encode() throws ProcessingException {
        if (this.header == null) {
            throw PicketLinkJSONMessages.MESSAGES.jsonWebSignatureHeaderMissing();
        }
        if ("HS256".equals(this.header.getAlg())) {
            return encodeUsingHmacSha26();
        }
        throw new RuntimeException();
    }

    public static JSONWebSignature decode(String str) throws ProcessingException {
        String[] split = str.split("\\.");
        String str2 = split[0];
        String str3 = split[1];
        try {
            if (!HmacSha256Util.encode(str2 + PicketLinkJSONConstants.COMMON.PERIOD + str3).equals(new String(Base64.decode(split[2]), "UTF-8"))) {
                throw PicketLinkJSONMessages.MESSAGES.jsonWebSignatureValidationFailed();
            }
            JSONWebSignature jSONWebSignature = new JSONWebSignature();
            try {
                jSONWebSignature.setHeader(JSONWebSignatureHeader.create(new String(Base64.decode(str2), "UTF-8")));
                jSONWebSignature.setPayload(new String(Base64.decode(str3), "UTF-8"));
                return jSONWebSignature;
            } catch (Exception e) {
                throw PicketLinkJSONMessages.MESSAGES.processingException(e);
            }
        } catch (UnsupportedEncodingException e2) {
            throw PicketLinkJSONMessages.MESSAGES.processingException(e2);
        }
    }

    protected String encodeUsingHmacSha26() throws ProcessingException {
        try {
            String b64Encode = PicketLinkJSONUtil.b64Encode(this.header.get().toString());
            String b64Encode2 = PicketLinkJSONUtil.b64Encode(this.payload.toString());
            StringBuilder sb = new StringBuilder(b64Encode);
            sb.append(PicketLinkJSONConstants.COMMON.PERIOD).append(b64Encode2);
            String b64Encode3 = PicketLinkJSONUtil.b64Encode(HmacSha256Util.encode(sb.toString()));
            StringBuilder sb2 = new StringBuilder();
            sb2.append(b64Encode).append(PicketLinkJSONConstants.COMMON.PERIOD).append(b64Encode2).append(PicketLinkJSONConstants.COMMON.PERIOD).append(b64Encode3);
            return sb2.toString();
        } catch (Exception e) {
            throw PicketLinkJSONMessages.MESSAGES.processingException(e);
        }
    }
}
