package de.taimos.dvalin.jaxrs.security.jwt;

import com.nimbusds.jose.JOSEException;
import com.nimbusds.jose.JWSAlgorithm;
import com.nimbusds.jose.JWSHeader;
import com.nimbusds.jose.crypto.MACSigner;
import com.nimbusds.jose.crypto.MACVerifier;
import com.nimbusds.jwt.JWTClaimsSet;
import com.nimbusds.jwt.SignedJWT;
import de.taimos.daemon.spring.conditional.OnSystemProperty;
import de.taimos.dvalin.jaxrs.JaxRsComponent;
import de.taimos.dvalin.jaxrs.context.DvalinRSContext;
import java.text.ParseException;
import java.util.Date;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;

@JaxRsComponent
@OnSystemProperty(propertyName = "jwtauth.secret")
/* loaded from: input_file:de/taimos/dvalin/jaxrs/security/jwt/JWTAuth.class */
public class JWTAuth implements IJWTAuth {

    @Value("${jwtauth.secret}")
    private String jwtSharedSecret;

    @Value("${jwtauth.timeout:3600000}")
    private Long jwtTimeout;

    @Value("${jwtauth.issuer}")
    private String jwtIssuer;

    @Autowired
    private DvalinRSContext context;

    public SignedJWT signToken(JWTClaimsSet jWTClaimsSet) {
        try {
            SignedJWT signedJWT = new SignedJWT(new JWSHeader(JWSAlgorithm.HS256), jWTClaimsSet);
            signedJWT.sign(new MACSigner(this.jwtSharedSecret));
            return signedJWT;
        } catch (JOSEException e) {
            throw new RuntimeException("Error signing JSON Web Token", e);
        }
    }

    public String signToken(AuthenticatedUser authenticatedUser) {
        return signToken(authenticatedUser.toClaimSet(this.jwtIssuer, new Date(System.currentTimeMillis() + this.jwtTimeout.longValue()))).serialize();
    }

    public SignedJWT verifyToken(String str) throws ParseException {
        try {
            SignedJWT parse = SignedJWT.parse(str);
            if (parse.verify(new MACVerifier(this.jwtSharedSecret))) {
                return parse;
            }
            return null;
        } catch (JOSEException e) {
            throw new RuntimeException("Error verifying JSON Web Token", e);
        }
    }

    @Override // de.taimos.dvalin.jaxrs.security.jwt.IJWTAuth
    public AuthenticatedUser validateToken(String str) throws ParseException {
        JWTClaimsSet jWTClaimsSet = verifyToken(str).getJWTClaimsSet();
        if (jWTClaimsSet.getExpirationTime().before(new Date())) {
            return null;
        }
        return new AuthenticatedUser(jWTClaimsSet);
    }

    public AuthenticatedUser getCurrentUser() {
        return (AuthenticatedUser) this.context.getCurrentUser();
    }
}
