package com.sigpwned.dropwizard.jose.jwt.factory;

import com.nimbusds.jose.JOSEException;
import com.nimbusds.jose.JWSAlgorithm;
import com.nimbusds.jose.JWSHeader;
import com.nimbusds.jose.jwk.JWKSet;
import com.nimbusds.jose.jwk.source.ImmutableJWKSet;
import com.nimbusds.jose.mint.DefaultJWSMinter;
import com.nimbusds.jwt.JWTClaimsSet;
import com.nimbusds.jwt.SignedJWT;
import com.sigpwned.dropwizard.jose.jwt.JWTFactory;
import java.io.IOException;
import java.text.ParseException;
import java.time.Duration;
import java.time.Instant;
import java.time.temporal.TemporalAmount;
import java.util.Date;
import java.util.Map;
import java.util.UUID;

/* loaded from: input_file:com/sigpwned/dropwizard/jose/jwt/factory/DefaultJWTFactory.class */
public class DefaultJWTFactory implements JWTFactory {
    private final JWKSet jwks;
    private final String issuer;
    private final Duration tokenLifetime;
    private final JWSAlgorithm signingAlgorithm;

    public DefaultJWTFactory(JWKSet jWKSet, String str, Duration duration) {
        this(jWKSet, str, duration, JWTFactory.DEFAULT_SIGNING_ALGORITHM);
    }

    public DefaultJWTFactory(JWKSet jWKSet, String str, Duration duration, JWSAlgorithm jWSAlgorithm) {
        this.jwks = jWKSet;
        this.issuer = str;
        this.tokenLifetime = duration;
        this.signingAlgorithm = jWSAlgorithm;
    }

    @Override // com.sigpwned.dropwizard.jose.jwt.JWTFactory
    public SignedJWT create(JWTClaimsSet jWTClaimsSet) throws IOException {
        Instant now = now();
        DefaultJWSMinter defaultJWSMinter = new DefaultJWSMinter();
        defaultJWSMinter.setJWKSource(new ImmutableJWKSet(getJwks()));
        JWSHeader build = new JWSHeader.Builder(getSigningAlgorithm()).build();
        JWTClaimsSet.Builder expirationTime = new JWTClaimsSet.Builder().issuer(getIssuer()).jwtID(generateJwtID()).issueTime(Date.from(now)).expirationTime(Date.from(now.plus((TemporalAmount) getTokenLifetime())));
        for (Map.Entry<String, Object> entry : jWTClaimsSet.getClaims().entrySet()) {
            expirationTime.claim(entry.getKey(), entry.getValue());
        }
        try {
            return SignedJWT.parse(defaultJWSMinter.mint(build, expirationTime.build().toPayload(), null).serialize());
        } catch (JOSEException | ParseException e) {
            throw new IOException("Failed to generate signed JWT", e);
        }
    }

    @Override // com.sigpwned.dropwizard.jose.jwt.JWTFactory
    public JWKSet getJwks() {
        return this.jwks;
    }

    @Override // com.sigpwned.dropwizard.jose.jwt.JWTFactory
    public String getIssuer() {
        return this.issuer;
    }

    @Override // com.sigpwned.dropwizard.jose.jwt.JWTFactory
    public Duration getTokenLifetime() {
        return this.tokenLifetime;
    }

    @Override // com.sigpwned.dropwizard.jose.jwt.JWTFactory
    public JWSAlgorithm getSigningAlgorithm() {
        return this.signingAlgorithm;
    }

    protected Instant now() {
        return Instant.now();
    }

    protected String generateJwtID() {
        return UUID.randomUUID().toString();
    }
}
