package org.apache.shiro.spring.boot.jwt.token;

import com.google.common.collect.Maps;
import io.jsonwebtoken.Claims;
import io.jsonwebtoken.CompressionCodec;
import io.jsonwebtoken.CompressionCodecResolver;
import io.jsonwebtoken.CompressionCodecs;
import io.jsonwebtoken.InvalidClaimException;
import io.jsonwebtoken.Jws;
import io.jsonwebtoken.JwtBuilder;
import io.jsonwebtoken.JwtException;
import io.jsonwebtoken.JwtParser;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureAlgorithm;
import io.jsonwebtoken.SigningKeyResolver;
import java.security.Key;
import java.text.ParseException;
import java.util.Date;
import java.util.HashMap;
import java.util.Map;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.biz.utils.StringUtils;
import org.apache.shiro.codec.Base64;
import org.apache.shiro.spring.boot.jwt.JwtPayload;
import org.apache.shiro.spring.boot.jwt.exception.ExpiredJwtException;
import org.apache.shiro.spring.boot.jwt.exception.IncorrectJwtException;
import org.apache.shiro.spring.boot.jwt.exception.InvalidJwtToken;
import org.apache.shiro.spring.boot.jwt.exception.NotObtainedJwtException;
import org.apache.shiro.spring.boot.jwt.time.JwtTimeProvider;
import org.apache.shiro.spring.boot.utils.JJwtUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/shiro/spring/boot/jwt/token/SignedWithSecretResolverJWTRepository.class */
public class SignedWithSecretResolverJWTRepository implements JwtKeyResolverRepository<Key> {
    private SigningKeyResolver signingKeyResolver;
    private CompressionCodecResolver compressionCodecResolver;
    private Logger logger = LoggerFactory.getLogger(getClass());
    private long allowedClockSkewSeconds = -1;
    private CompressionCodec compressWith = CompressionCodecs.DEFLATE;
    private JwtTimeProvider timeProvider = JwtTimeProvider.DEFAULT_TIME_PROVIDER;

    public SignedWithSecretResolverJWTRepository() {
    }

    public SignedWithSecretResolverJWTRepository(SigningKeyResolver signingKeyResolver) {
        this.signingKeyResolver = signingKeyResolver;
    }

    @Override // org.apache.shiro.spring.boot.jwt.token.JwtKeyResolverRepository
    public String issueJwt(Key key, String str, String str2, String str3, String str4, String str5, String str6, String str7, String str8, long j) throws AuthenticationException {
        HashMap newHashMap = Maps.newHashMap();
        newHashMap.put("roles", str6);
        newHashMap.put("perms", str7);
        return issueJwt2(key, str, str2, str3, str4, str5, (Map<String, Object>) newHashMap, str8, j);
    }

    /* renamed from: issueJwt, reason: avoid collision after fix types in other method */
    public String issueJwt2(Key key, String str, String str2, String str3, String str4, String str5, Map<String, Object> map, String str6, long j) throws AuthenticationException {
        JwtBuilder signWith = JJwtUtils.jwtBuilder(str2, str3, str4, str5, map, j).setHeaderParam("kid", StringUtils.hasText(str) ? str : Base64.encodeToString(key.getEncoded())).compressWith(getCompressWith()).signWith(SignatureAlgorithm.forName(str6), key);
        long now = getTimeProvider().now();
        Date date = new Date(now);
        signWith.setIssuedAt(date);
        signWith.setNotBefore(date);
        if (j >= 0) {
            signWith.setExpiration(new Date(now + j));
        }
        return signWith.compact();
    }

    @Override // org.apache.shiro.spring.boot.jwt.token.JwtKeyResolverRepository
    public boolean verify(String str, boolean z) throws AuthenticationException {
        try {
            JwtParser parser = Jwts.parser();
            if (getAllowedClockSkewSeconds() > 0) {
                parser.setAllowedClockSkewSeconds(getAllowedClockSkewSeconds());
            }
            if (null != getCompressionCodecResolver()) {
                parser.setCompressionCodecResolver(getCompressionCodecResolver());
            }
            Jws parseClaimsJws = parser.setSigningKeyResolver(this.signingKeyResolver).parseClaimsJws(str);
            if (!z) {
                return true;
            }
            Claims claims = (Claims) parseClaimsJws.getBody();
            Date issuedAt = claims.getIssuedAt();
            Date notBefore = claims.getNotBefore();
            Date expiration = claims.getExpiration();
            long now = getTimeProvider().now();
            if (this.logger.isDebugEnabled()) {
                this.logger.debug("JWT IssuedAt:" + issuedAt);
                this.logger.debug("JWT NotBefore:" + notBefore);
                this.logger.debug("JWT Expiration:" + expiration);
                this.logger.debug("JWT Now:" + new Date(now));
            }
            if (notBefore != null && now <= notBefore.getTime()) {
                throw new NotObtainedJwtException(String.format("JWT was not obtained before this timestamp : [%s].", notBefore));
            }
            if (expiration == null || expiration.getTime() >= now) {
                return true;
            }
            throw new ExpiredJwtException("Expired JWT value. ");
        } catch (io.jsonwebtoken.ExpiredJwtException e) {
            throw new ExpiredJwtException((Throwable) e);
        } catch (InvalidClaimException e2) {
            throw new InvalidJwtToken((Throwable) e2);
        } catch (IllegalArgumentException e3) {
            throw new IncorrectJwtException(e3);
        } catch (JwtException e4) {
            throw new IncorrectJwtException((Throwable) e4);
        }
    }

    @Override // org.apache.shiro.spring.boot.jwt.token.JwtKeyResolverRepository
    public JwtPayload getPlayload(String str, boolean z) throws AuthenticationException {
        try {
            JwtParser parser = Jwts.parser();
            if (getAllowedClockSkewSeconds() > 0) {
                parser.setAllowedClockSkewSeconds(getAllowedClockSkewSeconds());
            }
            if (null != getCompressionCodecResolver()) {
                parser.setCompressionCodecResolver(getCompressionCodecResolver());
            }
            return JJwtUtils.payload((Claims) parser.setSigningKeyResolver(this.signingKeyResolver).parseClaimsJws(str).getBody());
        } catch (InvalidClaimException e) {
            throw new InvalidJwtToken((Throwable) e);
        } catch (JwtException e2) {
            throw new IncorrectJwtException((Throwable) e2);
        } catch (IllegalArgumentException e3) {
            throw new IncorrectJwtException(e3);
        } catch (io.jsonwebtoken.ExpiredJwtException e4) {
            throw new ExpiredJwtException((Throwable) e4);
        } catch (ParseException e5) {
            throw new IncorrectJwtException(e5);
        }
    }

    public long getAllowedClockSkewSeconds() {
        return this.allowedClockSkewSeconds;
    }

    public void setAllowedClockSkewSeconds(long j) {
        this.allowedClockSkewSeconds = j;
    }

    public CompressionCodec getCompressWith() {
        return this.compressWith;
    }

    public void setCompressWith(CompressionCodec compressionCodec) {
        this.compressWith = compressionCodec;
    }

    public CompressionCodecResolver getCompressionCodecResolver() {
        return this.compressionCodecResolver;
    }

    public void setCompressionCodecResolver(CompressionCodecResolver compressionCodecResolver) {
        this.compressionCodecResolver = compressionCodecResolver;
    }

    public JwtTimeProvider getTimeProvider() {
        return this.timeProvider;
    }

    public void setTimeProvider(JwtTimeProvider jwtTimeProvider) {
        this.timeProvider = jwtTimeProvider;
    }

    public SigningKeyResolver getSigningKeyResolver() {
        return this.signingKeyResolver;
    }

    public void setSigningKeyResolver(SigningKeyResolver signingKeyResolver) {
        this.signingKeyResolver = signingKeyResolver;
    }

    @Override // org.apache.shiro.spring.boot.jwt.token.JwtKeyResolverRepository
    public /* bridge */ /* synthetic */ String issueJwt(Key key, String str, String str2, String str3, String str4, String str5, Map map, String str6, long j) throws AuthenticationException {
        return issueJwt2(key, str, str2, str3, str4, str5, (Map<String, Object>) map, str6, j);
    }
}
