package de.openknowledge.authentication.domain.token;

import java.io.BufferedReader;
import java.io.BufferedWriter;
import java.io.File;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.OutputStreamWriter;
import java.net.URISyntaxException;
import java.net.URL;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.Arrays;
import java.util.Base64;
import java.util.List;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:de/openknowledge/authentication/domain/token/KeycloakKeyService.class */
public class KeycloakKeyService {
    private static final Logger LOG = LoggerFactory.getLogger(KeycloakKeyService.class);
    private static final String BEGIN_PUBLIC_KEY = "-----BEGIN PUBLIC KEY-----";
    private static final String END_PUBLIC_KEY = "-----END PUBLIC KEY-----";
    private static final String BEGIN_PRIVATE_KEY = "-----BEGIN PRIVATE KEY-----";
    private static final String END_PRIVATE_KEY = "-----END PRIVATE KEY-----";
    private static final List<String> IGNORED_LINES = Arrays.asList(BEGIN_PUBLIC_KEY, END_PUBLIC_KEY, BEGIN_PRIVATE_KEY, END_PRIVATE_KEY);

    public static KeyPair readKeyPair(KeycloakKeyConfiguration keycloakKeyConfiguration) {
        keycloakKeyConfiguration.validate();
        PublicKey publicKey = null;
        String readFromFile = readFromFile(keycloakKeyConfiguration.getFilenamePublicKey());
        LOG.debug("read public key content\n{}", readFromFile);
        if (!readFromFile.isEmpty()) {
            publicKey = convertPublicKeyContent(readFromFile, keycloakKeyConfiguration.getAlgorithm());
            LOG.debug("read public key");
        }
        PrivateKey privateKey = null;
        String readFromFile2 = readFromFile(keycloakKeyConfiguration.getFilenamePrivateKey());
        LOG.debug("read private key content\n{}", readFromFile2);
        if (!readFromFile2.isEmpty()) {
            privateKey = convertPrivateKeyContent(readFromFile2, keycloakKeyConfiguration.getAlgorithm());
            LOG.debug("read private key");
        }
        if (publicKey != null && privateKey != null) {
            return new KeyPair(publicKey, privateKey);
        }
        LOG.info("public key or private key are empty - fallback: generate new key pair");
        return generateKeyPair(keycloakKeyConfiguration);
    }

    public static KeyPair generateKeyPair(KeycloakKeyConfiguration keycloakKeyConfiguration) {
        keycloakKeyConfiguration.validate();
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(keycloakKeyConfiguration.getAlgorithm());
            keyPairGenerator.initialize(2048);
            KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
            writeToFile(formatToFile(generateKeyPair.getPublic()), keycloakKeyConfiguration.getFilenamePublicKey());
            writeToFile(formatToFile(generateKeyPair.getPrivate()), keycloakKeyConfiguration.getFilenamePrivateKey());
            return generateKeyPair;
        } catch (NoSuchAlgorithmException e) {
            throw new IllegalArgumentException("algorithm is not supported");
        }
    }

    static PublicKey convertPublicKeyContent(String str, String str2) {
        try {
            return KeyFactory.getInstance(str2).generatePublic(new X509EncodedKeySpec(Base64.getDecoder().decode(mergeLines(str))));
        } catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
            LOG.error(e.getMessage(), e);
            throw new IllegalArgumentException("error during read key from content", e);
        }
    }

    static PrivateKey convertPrivateKeyContent(String str, String str2) {
        try {
            return KeyFactory.getInstance(str2).generatePrivate(new PKCS8EncodedKeySpec(Base64.getDecoder().decode(mergeLines(str))));
        } catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
            LOG.error(e.getMessage(), e);
            throw new IllegalArgumentException("error during read key from content", e);
        }
    }

    private static String formatToFile(PublicKey publicKey) {
        return "-----BEGIN PUBLIC KEY-----" + System.lineSeparator() + splitLines(Base64.getEncoder().encodeToString(publicKey.getEncoded())) + "-----END PUBLIC KEY-----";
    }

    private static String formatToFile(PrivateKey privateKey) {
        return "-----BEGIN PRIVATE KEY-----" + System.lineSeparator() + splitLines(Base64.getEncoder().encodeToString(privateKey.getEncoded())) + "-----END PRIVATE KEY-----";
    }

    private static String mergeLines(String str) {
        StringBuilder sb = new StringBuilder();
        for (String str2 : str.split(System.lineSeparator())) {
            if (!IGNORED_LINES.contains(str2)) {
                sb.append(str2);
            }
        }
        return sb.toString();
    }

    private static String splitLines(String str) {
        StringBuilder sb = new StringBuilder();
        int i = 0;
        for (int i2 = 64; i2 < str.length(); i2 += 64) {
            sb.append(str.substring(i, i2)).append(System.lineSeparator());
            i = i2;
        }
        sb.append(str.substring(i)).append(System.lineSeparator());
        return sb.toString();
    }

    private static void writeToFile(String str, String str2) {
        BufferedWriter bufferedWriter = null;
        try {
            try {
                URL resource = KeycloakKeyService.class.getClassLoader().getResource(str2);
                if (resource == null) {
                    throw new IllegalArgumentException("'" + str2 + "' is not a resource");
                }
                BufferedWriter bufferedWriter2 = new BufferedWriter(new OutputStreamWriter(new FileOutputStream(new File(resource.toURI()))));
                for (String str3 : str.split(System.lineSeparator())) {
                    LOG.debug("write line: {}", str3);
                    bufferedWriter2.write(str3);
                    bufferedWriter2.newLine();
                }
                bufferedWriter2.flush();
                if (bufferedWriter2 != null) {
                    try {
                        bufferedWriter2.close();
                    } catch (IOException e) {
                    }
                }
            } catch (IOException | URISyntaxException e2) {
                throw new IllegalArgumentException("problem during writing resource with name " + str2, e2);
            }
        } catch (Throwable th) {
            if (0 != 0) {
                try {
                    bufferedWriter.close();
                } catch (IOException e3) {
                }
            }
            throw th;
        }
    }

    private static String readFromFile(String str) {
        try {
            InputStream resourceAsStream = KeycloakKeyService.class.getClassLoader().getResourceAsStream(str);
            if (resourceAsStream == null) {
                throw new IllegalArgumentException("'" + str + "' is not a resource to stream");
            }
            BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(resourceAsStream));
            StringBuilder sb = new StringBuilder();
            while (true) {
                String readLine = bufferedReader.readLine();
                if (readLine == null) {
                    return sb.toString();
                }
                sb.append(readLine).append(System.lineSeparator());
            }
        } catch (IOException e) {
            throw new IllegalArgumentException("problem during reading resource with name " + str, e);
        }
    }
}
