package uk.co.spudsoft.jwtvalidatorvertx.impl;

import com.google.common.cache.Cache;
import io.vertx.core.json.JsonArray;
import io.vertx.core.json.JsonObject;
import java.nio.charset.StandardCharsets;
import java.security.SecureRandom;
import java.util.Arrays;
import java.util.Base64;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.annotation.Nullable;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import uk.co.spudsoft.jwtvalidatorvertx.AlgorithmAndKeyPair;
import uk.co.spudsoft.jwtvalidatorvertx.JsonWebAlgorithm;
import uk.co.spudsoft.jwtvalidatorvertx.TokenBuilder;

/* loaded from: input_file:uk/co/spudsoft/jwtvalidatorvertx/impl/AbstractTokenBuilder.class */
public abstract class AbstractTokenBuilder implements TokenBuilder {
    private static final Logger logger = LoggerFactory.getLogger(AbstractTokenBuilder.class);
    protected static final Base64.Encoder BASE64 = Base64.getUrlEncoder().withoutPadding();
    protected static final SecureRandom RANDOM = new SecureRandom();
    private boolean headerNotValidBase64 = false;
    private boolean payloadNotValidBase64 = false;
    private boolean signatureNotValidBase64 = false;
    private boolean headerNotJson = false;
    private boolean payloadNotJson = false;
    private boolean signatureNotValidHash = false;
    private boolean kidInvalid = false;
    protected final Cache<String, AlgorithmAndKeyPair> keyCache;

    public AbstractTokenBuilder(Cache<String, AlgorithmAndKeyPair> cache) {
        this.keyCache = cache;
    }

    @Override // uk.co.spudsoft.jwtvalidatorvertx.TokenBuilder
    public TokenBuilder setHeaderNotValidBase64(boolean z) {
        this.headerNotValidBase64 = z;
        return this;
    }

    @Override // uk.co.spudsoft.jwtvalidatorvertx.TokenBuilder
    public TokenBuilder setPayloadNotValidBase64(boolean z) {
        this.payloadNotValidBase64 = z;
        return this;
    }

    @Override // uk.co.spudsoft.jwtvalidatorvertx.TokenBuilder
    public TokenBuilder setSignatureNotValidBase64(boolean z) {
        this.signatureNotValidBase64 = z;
        return this;
    }

    @Override // uk.co.spudsoft.jwtvalidatorvertx.TokenBuilder
    public TokenBuilder setHeaderNotJson(boolean z) {
        this.headerNotJson = z;
        return this;
    }

    @Override // uk.co.spudsoft.jwtvalidatorvertx.TokenBuilder
    public TokenBuilder setPayloadNotJson(boolean z) {
        this.payloadNotJson = z;
        return this;
    }

    @Override // uk.co.spudsoft.jwtvalidatorvertx.TokenBuilder
    public TokenBuilder setSignatureNotValidHash(boolean z) {
        this.signatureNotValidHash = z;
        return this;
    }

    @Override // uk.co.spudsoft.jwtvalidatorvertx.TokenBuilder
    public TokenBuilder setKidInvalid(boolean z) {
        this.kidInvalid = z;
        return this;
    }

    @Override // uk.co.spudsoft.jwtvalidatorvertx.TokenBuilder
    public String buildToken(JsonWebAlgorithm jsonWebAlgorithm, String str, String str2, String str3, List<String> list, Long l, Long l2, Map<String, Object> map) throws Exception {
        String str4;
        JsonObject generateHeaderNode = generateHeaderNode(str, jsonWebAlgorithm);
        JsonObject generateClaimsNode = generateClaimsNode(str2, str3, l2, l, list, map);
        String base64Header = base64Header(generateHeaderNode);
        String base64Claims = base64Claims(generateClaimsNode);
        if (str == null || jsonWebAlgorithm == JsonWebAlgorithm.none) {
            str4 = "";
        } else {
            byte[] generateSignature = generateSignature(str, jsonWebAlgorithm, base64Header, base64Claims);
            if (this.signatureNotValidHash) {
                generateSignature = Arrays.copyOf(generateSignature, generateSignature.length - 1);
            }
            str4 = base64Signature(generateSignature);
        }
        String constructToken = constructToken(base64Header, base64Claims, str4);
        logger.debug("{} Token: {}", jsonWebAlgorithm, constructToken);
        return constructToken;
    }

    protected JsonObject generateHeaderNode(String str, JsonWebAlgorithm jsonWebAlgorithm) {
        JsonObject jsonObject = new JsonObject();
        jsonObject.put("typ", "JWT");
        if (str != null) {
            if (this.kidInvalid) {
                jsonObject.put("kid", "INVALID");
            } else {
                jsonObject.put("kid", str);
            }
        }
        jsonObject.put("alg", jsonWebAlgorithm.getName());
        return jsonObject;
    }

    protected JsonObject generateClaimsNode(@Nullable String str, @Nullable String str2, @Nullable Long l, @Nullable Long l2, @Nullable List<String> list, @Nullable Map<String, Object> map) {
        JsonObject jsonObject = new JsonObject();
        if (str2 != null) {
            jsonObject.put("sub", str2);
        }
        if (str != null) {
            jsonObject.put("iss", str);
        }
        if (l != null) {
            jsonObject.put("exp", l);
        }
        if (l2 != null) {
            jsonObject.put("nbf", l2);
        }
        if (list != null) {
            if (list.size() == 1) {
                jsonObject.put("aud", list.get(0));
            } else {
                JsonArray jsonArray = new JsonArray();
                jsonObject.put("aud", jsonArray);
                Iterator<String> it = list.iterator();
                while (it.hasNext()) {
                    jsonArray.add(it.next());
                }
            }
        }
        if (map != null) {
            for (Map.Entry<String, Object> entry : map.entrySet()) {
                jsonObject.put(entry.getKey(), entry.getValue());
            }
        }
        return jsonObject;
    }

    protected String base64JSon(boolean z, boolean z2, JsonObject jsonObject) {
        String jsonObject2 = jsonObject.toString();
        if (z) {
            jsonObject2 = jsonObject2.replaceAll("\"", "");
        }
        String encodeToString = BASE64.encodeToString(jsonObject2.getBytes(StandardCharsets.UTF_8));
        if (z2) {
            encodeToString = encodeToString.substring(0, encodeToString.length() - 1);
        }
        return encodeToString;
    }

    protected String base64Header(JsonObject jsonObject) {
        return base64JSon(this.headerNotJson, this.headerNotValidBase64, jsonObject);
    }

    protected String base64Claims(JsonObject jsonObject) {
        return base64JSon(this.payloadNotJson, this.payloadNotValidBase64, jsonObject);
    }

    protected abstract byte[] generateSignature(String str, JsonWebAlgorithm jsonWebAlgorithm, String str2, String str3) throws Exception;

    protected String base64Signature(byte[] bArr) {
        String encodeToString = BASE64.encodeToString(bArr);
        if (this.signatureNotValidBase64) {
            encodeToString = encodeToString.substring(0, encodeToString.length() - 1);
        }
        return encodeToString;
    }

    protected String constructToken(String str, String str2, String str3) {
        return str + "." + str2 + "." + str3;
    }
}
