package de.yourinspiration.spring.jwt;

import com.nimbusds.jose.JOSEException;
import com.nimbusds.jose.JWSAlgorithm;
import com.nimbusds.jose.JWSHeader;
import com.nimbusds.jose.JWSSigner;
import com.nimbusds.jose.JWSVerifier;
import com.nimbusds.jose.crypto.MACSigner;
import com.nimbusds.jose.crypto.MACVerifier;
import com.nimbusds.jwt.JWTClaimsSet;
import com.nimbusds.jwt.SignedJWT;
import java.util.Date;
import java.util.Optional;
import javax.servlet.http.HttpServletRequest;

/* loaded from: input_file:de/yourinspiration/spring/jwt/JwtServiceImpl.class */
public class JwtServiceImpl implements JwtService {
    private final String secret;
    private final UserService userService;
    private final String issuer;
    private final long expirationTime;
    private final String headerField;
    private final String attribute;
    private final JWSHeader header = new JWSHeader(JWSAlgorithm.HS256);
    private final JWSVerifier verifier;
    private final JWSSigner signer;

    /* JADX INFO: Access modifiers changed from: protected */
    public JwtServiceImpl(String str, String str2, UserService userService, String str3, long j, String str4) {
        this.secret = str;
        this.headerField = str2;
        this.userService = userService;
        this.issuer = str3;
        this.expirationTime = j;
        this.attribute = str4;
        this.signer = new MACSigner(str.getBytes());
        this.verifier = new MACVerifier(str.getBytes());
    }

    @Override // de.yourinspiration.spring.jwt.JwtService
    public Token createTokenFromSubject(String str) {
        if (str == null || str.isEmpty()) {
            throw new IllegalArgumentException("subject must not be null or empty");
        }
        JWTClaimsSet claimsSetFromSubject = getClaimsSetFromSubject(str);
        return getTokenFromSignedJWT(claimsSetFromSubject, getSignedJWT(claimsSetFromSubject));
    }

    @Override // de.yourinspiration.spring.jwt.JwtService
    public Optional<String> getJwtSubject(HttpServletRequest httpServletRequest) {
        return getJwtSubjectFromToken(httpServletRequest.getHeader(this.headerField));
    }

    @Override // de.yourinspiration.spring.jwt.JwtService
    public boolean authenticate(HttpServletRequest httpServletRequest, String[] strArr) {
        if (!isValidToken(httpServletRequest.getHeader(this.headerField))) {
            return false;
        }
        String[] rolesForSubject = this.userService.getRolesForSubject(getJwtSubject(httpServletRequest).get());
        for (String str : strArr) {
            for (String str2 : rolesForSubject) {
                if (str.equals(str2)) {
                    return true;
                }
            }
        }
        return false;
    }

    @Override // de.yourinspiration.spring.jwt.JwtService
    public String getRequestAttribute() {
        return this.attribute;
    }

    private Token getTokenFromSignedJWT(JWTClaimsSet jWTClaimsSet, SignedJWT signedJWT) {
        Token token = new Token();
        token.setToken(signedJWT.serialize());
        token.setExpirationTime(jWTClaimsSet.getExpirationTimeClaim());
        token.setIssuedAt(jWTClaimsSet.getIssuedAtClaim());
        token.setIssuer(jWTClaimsSet.getIssuerClaim());
        return token;
    }

    private JWTClaimsSet getClaimsSetFromSubject(String str) {
        JWTClaimsSet jWTClaimsSet = new JWTClaimsSet();
        jWTClaimsSet.setSubjectClaim(str);
        jWTClaimsSet.setIssuedAtClaim(new Date().getTime());
        jWTClaimsSet.setExpirationTimeClaim(calculateExpirationTime());
        jWTClaimsSet.setIssuerClaim(this.issuer);
        return jWTClaimsSet;
    }

    private long calculateExpirationTime() {
        return new Date().getTime() + this.expirationTime;
    }

    private boolean isValidToken(String str) {
        return str != null && getJwtSubjectFromToken(str).isPresent();
    }

    private Optional<String> getJwtSubjectFromToken(String str) {
        if (str == null || str.isEmpty()) {
            return Optional.empty();
        }
        try {
            SignedJWT parse = SignedJWT.parse(str);
            return parse.verify(this.verifier) ? Optional.ofNullable(parse.getJWTClaimsSet().getSubjectClaim()) : Optional.empty();
        } catch (Exception e) {
            return Optional.empty();
        }
    }

    private SignedJWT getSignedJWT(JWTClaimsSet jWTClaimsSet) {
        SignedJWT signedJWT = new SignedJWT(this.header, jWTClaimsSet);
        try {
            signedJWT.sign(this.signer);
            return signedJWT;
        } catch (JOSEException e) {
            throw new JwtServiceException("error signing the token", e);
        }
    }

    protected String getHeaderField() {
        return this.headerField;
    }

    protected String getSecret() {
        return this.secret;
    }

    protected UserService getUserService() {
        return this.userService;
    }

    protected String getIssuer() {
        return this.issuer;
    }

    protected long getExpirationTime() {
        return this.expirationTime;
    }
}
