package de.cidaas.jwt;

import com.nimbusds.jose.EncryptionMethod;
import com.nimbusds.jose.JWEAlgorithm;
import com.nimbusds.jose.JWEHeader;
import com.nimbusds.jose.crypto.RSADecrypter;
import com.nimbusds.jose.crypto.RSAEncrypter;
import com.nimbusds.jose.crypto.bc.BouncyCastleProviderSingleton;
import com.nimbusds.jwt.EncryptedJWT;
import com.nimbusds.jwt.JWTClaimsSet;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.text.ParseException;
import java.util.HashMap;
import java.util.Map;
import net.minidev.json.JSONObject;

/* loaded from: input_file:de/cidaas/jwt/JWEGenerator.class */
public class JWEGenerator {
    public String sign(Map<String, Object> map, Options options) throws Exception {
        RSAPublicKey rSAPublicKey = null;
        if (options.getPublicKey() != null && options.getPublicKey().trim().length() > 0) {
            rSAPublicKey = RSAKeyHelper.parsePublicKey(options.getPublicKey());
        } else if (options.getPublicKeyPath() != null && options.getPublicKeyPath().trim().length() > 0) {
            rSAPublicKey = RSAKeyHelper.getPublicKey(options.getPublicKeyPath());
        }
        if (rSAPublicKey == null) {
            return null;
        }
        Map<String, Object> encodedPayload = JWTHelper.encodedPayload(map, options);
        JWTClaimsSet.Builder builder = new JWTClaimsSet.Builder();
        for (Map.Entry<String, Object> entry : encodedPayload.entrySet()) {
            builder.claim(entry.getKey(), entry.getValue());
        }
        EncryptedJWT encryptedJWT = new EncryptedJWT(new JWEHeader(JWEAlgorithm.RSA_OAEP, EncryptionMethod.A128GCM), builder.build());
        RSAEncrypter rSAEncrypter = new RSAEncrypter(rSAPublicKey);
        rSAEncrypter.getJCAContext().setProvider(BouncyCastleProviderSingleton.getInstance());
        encryptedJWT.encrypt(rSAEncrypter);
        String serialize = encryptedJWT.serialize();
        System.out.println(serialize);
        return serialize;
    }

    public Map<String, Object> verify(String str, Options options) throws Exception {
        RSAPrivateKey rSAPrivateKey = null;
        if (options.getPrivateKey() != null && options.getPrivateKey().trim().length() > 0) {
            rSAPrivateKey = RSAKeyHelper.parsePrivateKey(options.getPrivateKey());
        } else if (options.getPrivateKeyPath() != null && options.getPrivateKeyPath().trim().length() > 0) {
            rSAPrivateKey = RSAKeyHelper.getPrivateKey(options.getPrivateKeyPath());
        }
        if (rSAPrivateKey == null) {
            return null;
        }
        EncryptedJWT parse = EncryptedJWT.parse(str);
        RSADecrypter rSADecrypter = new RSADecrypter(rSAPrivateKey);
        rSADecrypter.getJCAContext().setProvider(BouncyCastleProviderSingleton.getInstance());
        parse.decrypt(rSADecrypter);
        if (parse.getPayload() == null) {
            return null;
        }
        JSONObject jSONObject = parse.getPayload().toJSONObject();
        if (jSONObject == null) {
            throw new ParseException("Payload of JWE object is not a valid JSON object", 0);
        }
        HashMap hashMap = new HashMap();
        for (String str2 : jSONObject.keySet()) {
            hashMap.put(str2, jSONObject.get(str2));
        }
        return hashMap;
    }
}
