package io.vertx.up.unity;

import io.vertx.core.buffer.Buffer;
import io.vertx.core.file.FileSystemException;
import io.vertx.core.json.JsonArray;
import io.vertx.core.json.JsonObject;
import io.vertx.ext.auth.JWTOptions;
import io.vertx.ext.auth.KeyStoreOptions;
import io.vertx.ext.auth.PubSecKeyOptions;
import io.vertx.ext.auth.SecretOptions;
import io.vertx.ext.auth.jwt.JWTAuthOptions;
import io.vertx.ext.jwt.JWK;
import io.vertx.ext.jwt.JWT;
import io.vertx.up.exception.web._500JwtRuntimeException;
import io.vertx.up.fn.Fn;
import io.vertx.up.secure.provider.JwtAuthProvider;
import io.vertx.up.uca.yaml.Node;
import io.vertx.up.uca.yaml.ZeroUniform;
import io.vertx.up.util.Ut;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.util.List;
import java.util.function.Function;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:io/vertx/up/unity/UxJwt.class */
public class UxJwt {
    private static JWT JWT_INSTANCE;

    UxJwt() {
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static JsonObject extract(String str) {
        JsonObject readOptions = readOptions();
        return (JsonObject) Fn.getNull(() -> {
            return extract(str, readOptions);
        }, new Object[]{readOptions});
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static String generate(JsonObject jsonObject, JWTOptions jWTOptions) {
        return generate(jsonObject, jWTOptions, Ut::ioBuffer);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static String generate(JsonObject jsonObject, JWTOptions jWTOptions, Function<String, Buffer> function) {
        JsonObject readOptions = readOptions();
        JWTAuthOptions jWTAuthOptions = (JWTAuthOptions) Fn.getNull(new JWTAuthOptions(), () -> {
            return new JWTAuthOptions(readOptions);
        }, new Object[]{readOptions});
        return (String) Fn.getNull(() -> {
            JsonObject copy = jsonObject.copy();
            if (jWTOptions.getPermissions() != null && !copy.containsKey(jWTAuthOptions.getPermissionsClaimKey())) {
                copy.put(jWTAuthOptions.getPermissionsClaimKey(), new JsonArray(jWTOptions.getPermissions()));
            }
            return create(jWTAuthOptions, function).sign(copy, jWTOptions);
        }, new Object[]{jWTAuthOptions, jsonObject});
    }

    private static JsonObject readOptions() {
        JsonObject jsonObject = (JsonObject) ((Node) Ut.instance(ZeroUniform.class, new Object[0])).read();
        JsonObject jsonObject2 = (JsonObject) Fn.getNull(() -> {
            return jsonObject.getJsonObject("secure");
        }, new Object[]{jsonObject});
        JsonObject jsonObject3 = (JsonObject) Fn.getNull(() -> {
            return jsonObject2.getJsonObject("jwt");
        }, new Object[]{jsonObject2});
        return (JsonObject) Fn.getNull(() -> {
            return jsonObject3.getJsonObject("config");
        }, new Object[]{jsonObject3});
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static JsonObject extract(String str, JsonObject jsonObject) {
        return Ut.isNil(str) ? new JsonObject() : create(new JWTAuthOptions(jsonObject), Ut::ioBuffer).decode(str);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static JWT create(JWTAuthOptions jWTAuthOptions, Function<String, Buffer> function) {
        if (null == JWT_INSTANCE) {
            synchronized (UxJwt.class) {
                if (null == JWT_INSTANCE) {
                    JWT_INSTANCE = createDirect(jWTAuthOptions, function);
                }
            }
        }
        return JWT_INSTANCE;
    }

    private static JWT createDirect(JWTAuthOptions jWTAuthOptions, Function<String, Buffer> function) {
        JWT jwt;
        KeyStoreOptions keyStore = jWTAuthOptions.getKeyStore();
        try {
            if (keyStore != null) {
                KeyStore keyStore2 = KeyStore.getInstance(keyStore.getType());
                synchronized (JwtAuthProvider.class) {
                    ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(function.apply(keyStore.getPath()).getBytes());
                    Throwable th = null;
                    try {
                        try {
                            keyStore2.load(byteArrayInputStream, keyStore.getPassword().toCharArray());
                            if (byteArrayInputStream != null) {
                                if (0 != 0) {
                                    try {
                                        byteArrayInputStream.close();
                                    } catch (Throwable th2) {
                                        th.addSuppressed(th2);
                                    }
                                } else {
                                    byteArrayInputStream.close();
                                }
                            }
                        } finally {
                        }
                    } catch (Throwable th3) {
                        if (byteArrayInputStream != null) {
                            if (th != null) {
                                try {
                                    byteArrayInputStream.close();
                                } catch (Throwable th4) {
                                    th.addSuppressed(th4);
                                }
                            } else {
                                byteArrayInputStream.close();
                            }
                        }
                        throw th3;
                    }
                }
                jwt = new JWT(keyStore2, keyStore.getPassword().toCharArray());
            } else {
                jwt = new JWT();
                if (jWTAuthOptions.getPubSecKeys() != null) {
                    for (PubSecKeyOptions pubSecKeyOptions : jWTAuthOptions.getPubSecKeys()) {
                        if (pubSecKeyOptions.isSymmetric()) {
                            jwt.addJWK(new JWK(pubSecKeyOptions.getAlgorithm(), pubSecKeyOptions.getPublicKey()));
                        } else {
                            jwt.addJWK(new JWK(pubSecKeyOptions.getAlgorithm(), pubSecKeyOptions.isCertificate(), pubSecKeyOptions.getPublicKey(), pubSecKeyOptions.getSecretKey()));
                        }
                    }
                }
                List<SecretOptions> secrets = jWTAuthOptions.getSecrets();
                if (secrets != null) {
                    for (SecretOptions secretOptions : secrets) {
                        jwt.addSecret(secretOptions.getType(), secretOptions.getSecret());
                    }
                }
            }
            return jwt;
        } catch (IOException | FileSystemException | KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
            throw new _500JwtRuntimeException(UxJwt.class, e);
        }
    }
}
