package com.alibaba.rsocket.gateway.auth;

import com.auth0.jwt.JWT;
import com.auth0.jwt.algorithms.Algorithm;
import com.auth0.jwt.exceptions.JWTVerificationException;
import com.auth0.jwt.interfaces.JWTVerifier;
import com.github.benmanes.caffeine.cache.Cache;
import com.github.benmanes.caffeine.cache.Caffeine;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.security.KeyFactory;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.X509EncodedKeySpec;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.concurrent.TimeUnit;
import org.jetbrains.annotations.Nullable;
import org.springframework.stereotype.Component;
import org.springframework.util.StreamUtils;

@Component
/* loaded from: input_file:BOOT-INF/classes/com/alibaba/rsocket/gateway/auth/JwtAuthenticationServiceImpl.class */
public class JwtAuthenticationServiceImpl implements JwtAuthenticationService {
    private static String iss = "RSocketBroker";
    private List<JWTVerifier> verifiers = new ArrayList();
    Cache<Integer, NamedPrincipal> jwtVerifyCache = Caffeine.newBuilder().maximumSize(100000).expireAfterWrite(30, TimeUnit.MINUTES).build();

    public JwtAuthenticationServiceImpl() throws Exception {
        File file = new File(System.getProperty("user.home"), ".rsocket/jwt_rsa.pub");
        if (file.exists()) {
            this.verifiers.add(JWT.require(Algorithm.RSA256(readPublicKey(file), null)).withIssuer(iss).build());
        }
    }

    @Override // com.alibaba.rsocket.gateway.auth.JwtAuthenticationService
    @Nullable
    public NamedPrincipal auth(String str) {
        int hashCode = str.hashCode();
        NamedPrincipal ifPresent = this.jwtVerifyCache.getIfPresent(Integer.valueOf(hashCode));
        if (ifPresent == null) {
            Iterator<JWTVerifier> it = this.verifiers.iterator();
            while (it.hasNext()) {
                try {
                    ifPresent = new NamedPrincipal(it.next().verify(str).getSubject());
                    this.jwtVerifyCache.put(Integer.valueOf(hashCode), ifPresent);
                    break;
                } catch (JWTVerificationException e) {
                }
            }
        }
        return ifPresent;
    }

    public RSAPublicKey readPublicKey(File file) throws Exception {
        FileInputStream fileInputStream = new FileInputStream(file);
        try {
            RSAPublicKey rSAPublicKey = (RSAPublicKey) KeyFactory.getInstance("RSA").generatePublic(new X509EncodedKeySpec(toBytes(fileInputStream)));
            fileInputStream.close();
            return rSAPublicKey;
        } catch (Throwable th) {
            try {
                fileInputStream.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }

    public byte[] toBytes(InputStream inputStream) throws IOException {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        StreamUtils.copy(inputStream, byteArrayOutputStream);
        byte[] byteArray = byteArrayOutputStream.toByteArray();
        inputStream.close();
        byteArrayOutputStream.close();
        return byteArray;
    }
}
