package com.mobi.jaas.api.utils;

import com.nimbusds.jose.JOSEException;
import com.nimbusds.jose.JWSAlgorithm;
import com.nimbusds.jose.JWSHeader;
import com.nimbusds.jose.crypto.MACSigner;
import com.nimbusds.jose.crypto.MACVerifier;
import com.nimbusds.jwt.JWTClaimsSet;
import com.nimbusds.jwt.SignedJWT;
import java.io.IOException;
import java.security.SecureRandom;
import java.text.ParseException;
import java.util.Date;
import java.util.Map;
import java.util.Optional;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.ws.rs.container.ContainerRequestContext;
import javax.ws.rs.core.NewCookie;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/mobi/jaas/api/utils/TokenUtils.class */
public class TokenUtils {
    private static final Logger LOG = LoggerFactory.getLogger(TokenUtils.class.getName());
    private static final SecureRandom random = new SecureRandom();
    private static final byte[] KEY = new byte[32];
    private static final String TOKEN_NAME = "mobi_web_token";
    private static final long ONE_DAY_SEC = 86400;
    private static final long ONE_DAY_MS = 86400000;
    private static final long TOKEN_DURATION = 86400000;
    private static final String ISSUER = "http://mobi.com/";
    private static final String ANON_SCOPE = "self anon";
    private static final String AUTH_SCOPE = "self /*";
    public static final String TOKEN_VERIFICATION_FAILED = "com.mobi.attribute.verificationFailed";
    public static final String VERIFIED_TOKEN = "com.mobi.attribute.verifiedToken";

    public static String getTokenString(HttpServletRequest httpServletRequest) {
        if (httpServletRequest.getCookies() == null) {
            return null;
        }
        for (Cookie cookie : httpServletRequest.getCookies()) {
            if (cookie.getName().equals(TOKEN_NAME)) {
                return cookie.getValue();
            }
        }
        return null;
    }

    public static String getTokenString(ContainerRequestContext containerRequestContext) {
        javax.ws.rs.core.Cookie cookie = (javax.ws.rs.core.Cookie) containerRequestContext.getCookies().get(TOKEN_NAME);
        if (cookie != null) {
            return cookie.getValue();
        }
        LOG.debug("Mobi web token cookie not found.");
        return null;
    }

    public static Optional<SignedJWT> verifyToken(String str) throws ParseException, JOSEException {
        return verifyToken(str, KEY);
    }

    public static Optional<SignedJWT> verifyToken(String str, byte[] bArr) throws ParseException, JOSEException {
        if (str == null) {
            return Optional.empty();
        }
        SignedJWT parse = SignedJWT.parse(str);
        return parse.verify(new MACVerifier(padKey(bArr))) ? Optional.of(parse) : Optional.empty();
    }

    public static Optional<SignedJWT> verifyToken(String str, HttpServletResponse httpServletResponse) throws IOException {
        return verifyToken(str, httpServletResponse, KEY);
    }

    public static Optional<SignedJWT> verifyToken(String str, HttpServletResponse httpServletResponse, byte[] bArr) throws IOException {
        if (str == null) {
            return Optional.empty();
        }
        try {
            SignedJWT parse = SignedJWT.parse(str);
            return parse.verify(new MACVerifier(padKey(bArr))) ? Optional.of(parse) : Optional.empty();
        } catch (JOSEException e) {
            LOG.error("Problem Creating or Verifying JWT Token", e);
            httpServletResponse.sendError(500, "Problem Creating or Verifying JWT Token");
            return Optional.empty();
        } catch (ParseException e2) {
            LOG.error("Problem Parsing JWT Token", e2);
            httpServletResponse.sendError(500, "Problem Parsing JWT Token");
            return Optional.empty();
        }
    }

    public static SignedJWT generateUnauthToken(HttpServletResponse httpServletResponse) throws IOException {
        return generateToken(httpServletResponse, "anon", ANON_SCOPE, KEY, null);
    }

    public static SignedJWT generateUnauthToken() throws IOException, JOSEException {
        return generateToken("anon", ANON_SCOPE, KEY, null);
    }

    public static SignedJWT generateauthToken(HttpServletResponse httpServletResponse, String str) throws IOException {
        return generateToken(httpServletResponse, str, AUTH_SCOPE, KEY, null);
    }

    public static SignedJWT generateauthToken(String str) throws IOException, JOSEException {
        return generateToken(str, AUTH_SCOPE, KEY, null);
    }

    public static Cookie createSecureTokenCookie(SignedJWT signedJWT) {
        Cookie cookie = new Cookie(TOKEN_NAME, signedJWT.serialize());
        cookie.setSecure(true);
        cookie.setPath("/");
        return cookie;
    }

    public static NewCookie createSecureTokenNewCookie(SignedJWT signedJWT) {
        return new NewCookie(TOKEN_NAME, signedJWT.serialize(), "/", (String) null, (String) null, -1, true);
    }

    public static void writePayload(HttpServletResponse httpServletResponse, SignedJWT signedJWT) throws IOException {
        httpServletResponse.getWriter().write(signedJWT.getPayload().toString());
        httpServletResponse.getWriter().flush();
        httpServletResponse.setContentType("application/json");
    }

    public static SignedJWT generateToken(HttpServletResponse httpServletResponse, String str, String str2, byte[] bArr, Map<String, Object> map) throws IOException {
        SignedJWT signedJWT = null;
        try {
            signedJWT = createJWT(str, str2, bArr, map);
        } catch (JOSEException e) {
            LOG.error("Problem Creating JWT Token", e);
            httpServletResponse.sendError(500, "Problem Creating JWT Token");
        }
        return signedJWT;
    }

    public static SignedJWT generateToken(String str, String str2, byte[] bArr, Map<String, Object> map) throws IOException, JOSEException {
        return createJWT(str, str2, bArr, map);
    }

    private static SignedJWT createJWT(String str, String str2, byte[] bArr, Map<String, Object> map) throws JOSEException {
        MACSigner mACSigner = new MACSigner(padKey(bArr));
        JWTClaimsSet.Builder claim = new JWTClaimsSet.Builder().subject(str).issuer(ISSUER).expirationTime(new Date(new Date().getTime() + 86400000)).claim("scope", str2);
        if (map != null) {
            claim.getClass();
            map.forEach(claim::claim);
        }
        SignedJWT signedJWT = new SignedJWT(new JWSHeader(JWSAlgorithm.HS256), claim.build());
        signedJWT.sign(mACSigner);
        return signedJWT;
    }

    private static byte[] padKey(byte[] bArr) {
        if (bArr.length >= 32) {
            return bArr;
        }
        byte[] bArr2 = new byte[32];
        System.arraycopy(bArr, 0, bArr2, 32 - bArr.length, bArr.length);
        return bArr2;
    }

    static {
        random.nextBytes(KEY);
    }
}
