package org.eulerframework.common.util.jwt;

import java.util.Date;
import org.eulerframework.common.base.log.LogSupport;
import org.eulerframework.common.util.Assert;
import org.eulerframework.common.util.DateUtils;
import org.eulerframework.common.util.json.JsonConvertException;
import org.eulerframework.common.util.json.JsonUtils;
import org.eulerframework.common.util.jwt.springcode.JwtHelper;
import org.eulerframework.common.util.jwt.springcode.crypto.sign.RsaSigner;
import org.eulerframework.common.util.jwt.springcode.crypto.sign.RsaVerifier;
import org.eulerframework.common.util.jwt.springcode.crypto.sign.SignatureVerifier;
import org.eulerframework.common.util.jwt.springcode.crypto.sign.Signer;

/* loaded from: input_file:org/eulerframework/common/util/jwt/JwtEncryptor.class */
public class JwtEncryptor extends LogSupport {
    private String signingKey;
    private String verifierKey;
    private Signer signer;
    private SignatureVerifier verifier;

    public void setSigningKey(String str) {
        Assert.hasText(str);
        this.signingKey = str.trim();
        if (!this.signingKey.startsWith("-----BEGIN")) {
            throw new IllegalArgumentException("SigningKey property must be a RSA private key");
        }
        this.signer = new RsaSigner(this.signingKey);
        this.logger.info("Configured with RSA signing key");
    }

    public void setVerifierKey(String str) {
        Assert.hasText(str);
        this.verifierKey = str.trim();
        try {
            new RsaSigner(this.verifierKey);
            throw new IllegalArgumentException("Private key cannot be set as verifierKey property");
        } catch (Exception e) {
            this.verifier = new RsaVerifier(this.verifierKey);
        }
    }

    public Jwt encode(JwtClaims jwtClaims) {
        if (this.signer == null) {
            throw new RuntimeException("signingKey is null, cannot encode claims");
        }
        try {
            return JwtHelper.encode(JsonUtils.toJsonStr(jwtClaims), this.signer);
        } catch (JsonConvertException e) {
            throw new RuntimeException("Cannot convert object to JSON");
        }
    }

    public Jwt decode(String str) throws InvalidJwtException {
        Date parseDateFromUnixTimestamp;
        Date parseDateFromUnixTimestamp2;
        if (this.verifier == null) {
            throw new RuntimeException("verifierKey is null, cannot dencode jwt");
        }
        try {
            Jwt decode = JwtHelper.decode(str);
            decode.verifySignature(this.verifier);
            String claims = decode.getClaims();
            Long l = (Long) JsonUtils.readKeyValue(claims, "exp", Long.class);
            Long l2 = (Long) JsonUtils.readKeyValue(claims, "nbf", Long.class);
            Date date = new Date();
            if (l != null && (parseDateFromUnixTimestamp2 = DateUtils.parseDateFromUnixTimestamp(l.longValue())) != null && parseDateFromUnixTimestamp2.compareTo(date) <= 0) {
                throw new InvalidJwtException("token has expired");
            }
            if (l2 == null || (parseDateFromUnixTimestamp = DateUtils.parseDateFromUnixTimestamp(l2.longValue())) == null || parseDateFromUnixTimestamp.compareTo(date) <= 0) {
                return decode;
            }
            throw new InvalidJwtException("token has not effective yet");
        } catch (InvalidJwtException e) {
            throw e;
        } catch (Exception e2) {
            throw new InvalidJwtException("Invalid jwt string", e2);
        }
    }

    public <T extends JwtClaims> T decode(String str, Class<T> cls) throws InvalidJwtException {
        try {
            return (T) JsonUtils.toObject(decode(str).getClaims(), cls);
        } catch (JsonConvertException e) {
            throw new InvalidClaimsException("Invalid jwt claims", e);
        }
    }
}
