package com.authok.utils.tokens;

import com.auth0.jwt.JWT;
import com.auth0.jwt.algorithms.Algorithm;
import com.auth0.jwt.exceptions.AlgorithmMismatchException;
import com.auth0.jwt.exceptions.JWTDecodeException;
import com.auth0.jwt.exceptions.JWTVerificationException;
import com.auth0.jwt.exceptions.SignatureVerificationException;
import com.auth0.jwt.interfaces.DecodedJWT;
import com.auth0.jwt.interfaces.JWTVerifier;
import com.authok.exception.IdTokenValidationException;
import com.authok.utils.Asserts;

/* loaded from: input_file:com/authok/utils/tokens/SignatureVerifier.class */
public abstract class SignatureVerifier {
    private final JWTVerifier verifier;
    private final Algorithm algorithm;

    public static SignatureVerifier forHS256(String str) {
        return new HS256SignatureVerifier(str);
    }

    public static SignatureVerifier forRS256(PublicKeyProvider publicKeyProvider) {
        return new RS256SignatureVerifier(publicKeyProvider);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public SignatureVerifier(Algorithm algorithm) {
        Asserts.assertNotNull(algorithm, "algorithm");
        this.algorithm = algorithm;
        this.verifier = JWT.require(algorithm).ignoreIssuedAt().build();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public DecodedJWT verifySignature(String str) throws IdTokenValidationException {
        DecodedJWT decodeToken = decodeToken(str);
        try {
            this.verifier.verify(decodeToken);
        } catch (SignatureVerificationException e) {
            throw new IdTokenValidationException("Invalid ID token signature", e);
        } catch (JWTVerificationException e2) {
        } catch (AlgorithmMismatchException e3) {
            throw new IdTokenValidationException(String.format("Signature algorithm of \"%s\" is not supported. Expected the ID token to be signed with \"%s\"", decodeToken.getAlgorithm(), this.algorithm.getName()), e3);
        }
        return decodeToken;
    }

    private DecodedJWT decodeToken(String str) throws IdTokenValidationException {
        try {
            return JWT.decode(str);
        } catch (JWTDecodeException e) {
            throw new IdTokenValidationException("ID token could not be decoded", e);
        }
    }
}
