package de.adorsys.opba.api.security.internal.service;

import io.jsonwebtoken.Jwts;
import java.beans.ConstructorProperties;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.PublicKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.X509EncodedKeySpec;
import java.util.Base64;
import lombok.Generated;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:BOOT-INF/lib/opba-api-security-0.30.0.1.jar:de/adorsys/opba/api/security/internal/service/RsaJwtsVerifyingServiceImpl.class */
public class RsaJwtsVerifyingServiceImpl implements RequestVerifyingService {

    @Generated
    private static final Logger log = LoggerFactory.getLogger((Class<?>) RsaJwtsVerifyingServiceImpl.class);
    private final String claimNameKey;

    @Override // de.adorsys.opba.api.security.internal.service.RequestVerifyingService
    public boolean verify(String str, String str2, String str3) {
        PublicKey rsaPublicKey = getRsaPublicKey(str2);
        if (rsaPublicKey == null) {
            return false;
        }
        try {
            return str3.equals(Jwts.parserBuilder().setSigningKey(rsaPublicKey).build().parseClaimsJws(str).getBody().get(this.claimNameKey));
        } catch (Exception e) {
            log.error("Signature verification error:  {} for signature {}", e.getMessage(), str);
            return false;
        }
    }

    private PublicKey getRsaPublicKey(String str) {
        try {
            return KeyFactory.getInstance("RSA").generatePublic(new X509EncodedKeySpec(Base64.getDecoder().decode(str)));
        } catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
            log.error("Encoded public key has wrong format :  {}", str);
            return null;
        }
    }

    @Generated
    @ConstructorProperties({"claimNameKey"})
    public RsaJwtsVerifyingServiceImpl(String str) {
        this.claimNameKey = str;
    }
}
