package io.vertx.ext.auth.oauth2.impl;

import io.vertx.core.AsyncResult;
import io.vertx.core.Future;
import io.vertx.core.Handler;
import io.vertx.core.buffer.Buffer;
import io.vertx.core.json.JsonObject;
import io.vertx.core.logging.Logger;
import io.vertx.core.logging.LoggerFactory;
import io.vertx.ext.auth.AbstractUser;
import io.vertx.ext.auth.AuthProvider;
import io.vertx.ext.auth.oauth2.AccessToken;
import io.vertx.ext.auth.oauth2.OAuth2Auth;
import io.vertx.ext.auth.oauth2.OAuth2RBAC;
import java.util.Base64;
import java.util.regex.Pattern;
import org.jbpm.ruleflow.core.factory.EventNodeFactory;
import org.jose4j.jwt.ReservedClaimNames;

/* loaded from: input_file:io/vertx/ext/auth/oauth2/impl/OAuth2UserImpl.class */
public abstract class OAuth2UserImpl extends AbstractUser implements AccessToken {
    private static final Logger LOG = LoggerFactory.getLogger((Class<?>) OAuth2UserImpl.class);
    private JsonObject principal;
    private transient OAuth2AuthProviderImpl provider;
    private transient OAuth2RBAC rbac;
    protected transient JsonObject accessToken;
    protected transient JsonObject refreshToken;
    protected transient JsonObject idToken;

    public OAuth2UserImpl() {
    }

    public OAuth2UserImpl(OAuth2Auth oAuth2Auth, JsonObject jsonObject) {
        this.principal = jsonObject;
        setAuthProvider(oAuth2Auth);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void init(JsonObject jsonObject) {
        Long l;
        Long valueOf;
        clearCache();
        this.principal = jsonObject;
        if (this.principal != null) {
            if (!this.principal.containsKey("expires_at") && this.principal.containsKey("expires_in")) {
                try {
                    valueOf = this.principal.getLong("expires_in");
                } catch (ClassCastException e) {
                    valueOf = Long.valueOf(this.principal.getString("expires_in"));
                }
                this.principal.put("expires_at", Long.valueOf(System.currentTimeMillis() + (1000 * valueOf.longValue())));
            }
            if (this.provider != null) {
                this.accessToken = decodeToken("access_token");
                if (!this.principal.containsKey("expires_at") && this.accessToken != null && (l = this.accessToken.getLong(ReservedClaimNames.EXPIRATION_TIME)) != null) {
                    this.principal.put("expires_at", Long.valueOf(l.longValue() * 1000));
                }
                this.refreshToken = decodeToken("refresh_token", true);
                this.idToken = decodeToken("id_token");
                String string = this.principal.getString(EventNodeFactory.METHOD_SCOPE);
                if (string != null) {
                    for (String str : string.split(Pattern.quote(this.provider.getConfig().getScopeSeparator()))) {
                        cachePermission(str);
                    }
                }
            }
        }
    }

    @Override // io.vertx.ext.auth.User
    public void setAuthProvider(AuthProvider authProvider) {
        this.provider = (OAuth2AuthProviderImpl) authProvider;
        this.rbac = this.provider.getRBACHandler();
        init(this.principal);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public OAuth2AuthProviderImpl getProvider() {
        return this.provider;
    }

    @Override // io.vertx.ext.auth.User
    public JsonObject principal() {
        return this.principal;
    }

    @Override // io.vertx.ext.auth.AbstractUser
    protected void doIsPermitted(String str, Handler<AsyncResult<Boolean>> handler) {
        if (expired()) {
            handler.handle(Future.failedFuture("Expired Token"));
        } else if (this.rbac == null) {
            handler.handle(Future.failedFuture("No RBAC Handler available"));
        } else {
            this.rbac.isAuthorized(this, str, handler);
        }
    }

    @Override // io.vertx.ext.auth.AbstractUser, io.vertx.core.shareddata.impl.ClusterSerializable
    public void writeToBuffer(Buffer buffer) {
        super.writeToBuffer(buffer);
        if (this.principal == null) {
            buffer.appendInt(0);
            return;
        }
        Buffer buffer2 = this.principal.toBuffer();
        buffer.appendInt(buffer2.length());
        buffer.appendBuffer(buffer2);
    }

    @Override // io.vertx.ext.auth.AbstractUser, io.vertx.core.shareddata.impl.ClusterSerializable
    public int readFromBuffer(int i, Buffer buffer) {
        int readFromBuffer = super.readFromBuffer(i, buffer);
        int i2 = buffer.getInt(readFromBuffer);
        int i3 = readFromBuffer + 4;
        if (i2 > 0) {
            this.principal = new JsonObject(buffer.getBuffer(i3, i3 + i2));
            i3 += i2;
        } else {
            this.principal.clear();
        }
        init(this.principal);
        return i3;
    }

    protected JsonObject decodeToken(String str) {
        return decodeToken(str, false);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public JsonObject decodeToken(String str, boolean z) {
        Object value = this.principal.getValue(str);
        if (value == null) {
            return null;
        }
        if (value instanceof JsonObject) {
            return (JsonObject) value;
        }
        try {
            if (!z) {
                return this.provider.getJWT().decode((String) value);
            }
            String[] split = ((String) value).split("\\.");
            if (split.length != 2 && split.length != 3) {
                return null;
            }
            return new JsonObject(Buffer.buffer(Base64.getUrlDecoder().decode(split[1])));
        } catch (RuntimeException e) {
            LOG.debug("Cannot decode token:", e);
            return null;
        }
    }

    @Override // io.vertx.ext.auth.oauth2.AccessToken
    public String opaqueAccessToken() {
        return this.principal.getString("access_token");
    }

    @Override // io.vertx.ext.auth.oauth2.AccessToken
    public String opaqueRefreshToken() {
        return this.principal.getString("refresh_token");
    }

    @Override // io.vertx.ext.auth.oauth2.AccessToken
    public String opaqueIdToken() {
        return this.principal.getString("id_token");
    }

    @Override // io.vertx.ext.auth.oauth2.AccessToken
    public JsonObject accessToken() {
        if (this.accessToken != null) {
            return this.accessToken.copy();
        }
        return null;
    }

    @Override // io.vertx.ext.auth.oauth2.AccessToken
    @Deprecated
    public JsonObject refreshToken() {
        if (this.refreshToken != null) {
            return this.refreshToken.copy();
        }
        return null;
    }

    @Override // io.vertx.ext.auth.oauth2.AccessToken
    public JsonObject idToken() {
        if (this.idToken != null) {
            return this.idToken.copy();
        }
        return null;
    }

    @Override // io.vertx.ext.auth.oauth2.AccessToken
    public boolean expired() {
        if (this.principal == null) {
            return true;
        }
        if (this.accessToken != null) {
            try {
                this.provider.getJWT().isExpired(this.accessToken, this.provider.getConfig().getJWTOptions());
            } catch (RuntimeException e) {
                LOG.debug("Expired token:", e);
                return true;
            }
        }
        return this.principal.containsKey("expires_at") && this.principal.getLong("expires_at", 0L).longValue() < System.currentTimeMillis();
    }
}
