package com.luter.heimdall.plugins.jwt.processor;

import com.luter.heimdall.core.config.ConfigManager;
import com.luter.heimdall.core.config.HeimdallProperties;
import com.luter.heimdall.core.details.UserDetails;
import com.luter.heimdall.core.jwt.JwtProcessor;
import com.luter.heimdall.core.token.SimpleToken;
import com.luter.heimdall.core.token.id.IdGenerator;
import com.luter.heimdall.core.token.id.UUIDIdGenerator;
import com.luter.heimdall.plugins.jwt.exception.HeimdallExpiredJwtException;
import com.luter.heimdall.plugins.jwt.exception.HeimdallInvalidJwtException;
import com.luter.heimdall.plugins.jwt.exception.HeimdallJwtException;
import com.luter.heimdall.plugins.jwt.util.JacksonUtil;
import com.luter.heimdall.plugins.jwt.util.RSAKeyUtil;
import com.nimbusds.jose.JOSEException;
import com.nimbusds.jose.JOSEObjectType;
import com.nimbusds.jose.JWSAlgorithm;
import com.nimbusds.jose.JWSHeader;
import com.nimbusds.jose.JWSObject;
import com.nimbusds.jose.Payload;
import com.nimbusds.jose.crypto.RSASSASigner;
import com.nimbusds.jose.crypto.RSASSAVerifier;
import java.text.ParseException;

/* loaded from: input_file:com/luter/heimdall/plugins/jwt/processor/NimbusRSAJwtProcessor.class */
public class NimbusRSAJwtProcessor implements JwtProcessor {
    private IdGenerator idGenerator;

    public NimbusRSAJwtProcessor() {
        this.idGenerator = new UUIDIdGenerator();
    }

    public NimbusRSAJwtProcessor(IdGenerator idGenerator) {
        this();
        this.idGenerator = idGenerator;
    }

    public String generate(UserDetails userDetails) {
        HeimdallProperties config = ConfigManager.getConfig();
        return generate(JacksonUtil.toJson(SimpleToken.build(this.idGenerator.generate(), config.getToken().getIss(), config.getToken().getTimeout(), userDetails)));
    }

    public String generate(String str) {
        try {
            JWSObject jWSObject = new JWSObject(new JWSHeader.Builder(JWSAlgorithm.RS256).type(JOSEObjectType.JWT).build(), new Payload(str));
            jWSObject.sign(new RSASSASigner(RSAKeyUtil.generateRSAKey()));
            return jWSObject.serialize();
        } catch (JOSEException e) {
            throw new HeimdallJwtException(e.getMessage(), e);
        }
    }

    public String generate(SimpleToken simpleToken) {
        return generate(JacksonUtil.toJson(simpleToken));
    }

    public SimpleToken verify(String str) {
        try {
            JWSObject parse = JWSObject.parse(str);
            if (!parse.verify(new RSASSAVerifier(RSAKeyUtil.generateRSAKey().toPublicJWK()))) {
                throw new HeimdallInvalidJwtException();
            }
            SimpleToken simpleToken = (SimpleToken) JacksonUtil.toObject(parse.getPayload().toString(), SimpleToken.class);
            if (simpleToken.getExp() < System.currentTimeMillis()) {
                throw new HeimdallExpiredJwtException();
            }
            return simpleToken;
        } catch (JOSEException | ParseException e) {
            throw new HeimdallJwtException(e.getMessage(), e);
        }
    }

    public Object generatePublicKey() {
        return RSAKeyUtil.generateRSAKey();
    }

    public IdGenerator getIdGenerator() {
        return this.idGenerator;
    }

    /* renamed from: setIdGenerator, reason: merged with bridge method [inline-methods] */
    public NimbusRSAJwtProcessor m2setIdGenerator(IdGenerator idGenerator) {
        this.idGenerator = idGenerator;
        return this;
    }
}
