package io.smallrye.jwt.auth.principal;

import io.smallrye.jwt.KeyUtils;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
import java.io.StringReader;
import java.io.StringWriter;
import java.math.BigInteger;
import java.net.URL;
import java.security.Key;
import java.security.KeyFactory;
import java.security.PublicKey;
import java.security.spec.RSAPublicKeySpec;
import java.util.Base64;
import java.util.List;
import javax.json.Json;
import javax.json.JsonArray;
import javax.json.JsonObject;
import org.jboss.logging.Logger;
import org.jose4j.jws.JsonWebSignature;
import org.jose4j.jwx.JsonWebStructure;
import org.jose4j.keys.resolvers.VerificationKeyResolver;
import org.jose4j.lang.UnresolvableKeyException;

/* loaded from: input_file:io/smallrye/jwt/auth/principal/KeyLocationResolver.class */
public class KeyLocationResolver implements VerificationKeyResolver {
    private static final Logger log = Logger.getLogger(KeyLocationResolver.class);
    private String location;
    private StringWriter contents;
    private byte[] base64Decode;

    public KeyLocationResolver(String str) {
        this.location = str;
    }

    public Key resolveKey(JsonWebSignature jsonWebSignature, List<JsonWebStructure> list) throws UnresolvableKeyException {
        String stringHeaderValue = jsonWebSignature.getHeaders().getStringHeaderValue("kid");
        try {
            loadContents();
            PublicKey tryAsJWKx = tryAsJWKx(stringHeaderValue);
            if (tryAsJWKx == null) {
                tryAsJWKx = tryAsPEM();
            }
            if (tryAsJWKx == null) {
                throw new UnresolvableKeyException("Failed to read location as any of JWK, JWKS, PEM; " + this.location);
            }
            return tryAsJWKx;
        } catch (IOException e) {
            throw new UnresolvableKeyException("Failed to load key from: " + this.location, e);
        }
    }

    private PublicKey tryAsPEM() {
        PublicKey publicKey = null;
        try {
            publicKey = KeyUtils.decodePublicKey(this.contents.toString());
        } catch (Exception e) {
            log.debug("Failed to read location as PEM", e);
        }
        return publicKey;
    }

    private PublicKey tryAsJWKx(String str) {
        PublicKey publicKey = null;
        try {
            log.debugf("Trying location as JWK(S)...", new Object[0]);
            JsonObject readObject = Json.createReader(new StringReader(this.base64Decode != null ? new String(this.base64Decode) : this.contents.toString())).readObject();
            JsonArray jsonArray = readObject.getJsonArray("keys");
            JsonObject jsonObject = jsonArray != null ? jsonArray.getJsonObject(0) : readObject;
            String string = jsonObject.getString("e");
            publicKey = KeyFactory.getInstance("RSA").generatePublic(new RSAPublicKeySpec(new BigInteger(1, Base64.getUrlDecoder().decode(jsonObject.getString("n"))), new BigInteger(1, Base64.getUrlDecoder().decode(string))));
        } catch (Exception e) {
            log.debug("Failed to read location as JWK(S)", e);
        }
        return publicKey;
    }

    private void loadContents() throws IOException {
        this.contents = new StringWriter();
        BufferedReader bufferedReader = new BufferedReader(new InputStreamReader((this.location.startsWith("classpath:") || this.location.indexOf(58) < 0) ? Thread.currentThread().getContextClassLoader().getResourceAsStream(this.location.startsWith("classpath:") ? this.location.substring(10) : this.location) : new URL(this.location).openStream()));
        Throwable th = null;
        try {
            try {
                for (String readLine = bufferedReader.readLine(); readLine != null; readLine = bufferedReader.readLine()) {
                    if (!readLine.startsWith("-----BEGIN") && !readLine.startsWith("-----END")) {
                        this.contents.write(readLine);
                    }
                }
                if (bufferedReader != null) {
                    if (0 != 0) {
                        try {
                            bufferedReader.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        bufferedReader.close();
                    }
                }
                try {
                    this.base64Decode = Base64.getDecoder().decode(this.contents.toString());
                } catch (Exception e) {
                    this.base64Decode = null;
                    log.debug("contents does not appear to be base64 encoded");
                }
            } catch (Throwable th3) {
                th = th3;
                throw th3;
            }
        } catch (Throwable th4) {
            if (bufferedReader != null) {
                if (th != null) {
                    try {
                        bufferedReader.close();
                    } catch (Throwable th5) {
                        th.addSuppressed(th5);
                    }
                } else {
                    bufferedReader.close();
                }
            }
            throw th4;
        }
    }
}
