package net.dona.doip.client;

import com.google.gson.JsonObject;
import java.security.PrivateKey;
import java.security.SecureRandom;
import net.handle.hdllib.trust.JsonWebSignatureFactory;
import net.handle.hdllib.trust.TrustException;
import org.apache.commons.codec.binary.Hex;

/* loaded from: input_file:net/dona/doip/client/PrivateKeyAuthenticationInfo.class */
public class PrivateKeyAuthenticationInfo implements AuthenticationInfo {
    private final String clientId;
    private final PrivateKey privateKey;
    private final SecureRandom random;
    private final String asUserId;

    public PrivateKeyAuthenticationInfo(String str, PrivateKey privateKey) {
        this(str, privateKey, null);
    }

    public PrivateKeyAuthenticationInfo(String str, PrivateKey privateKey, String str2) {
        this.clientId = str;
        this.privateKey = privateKey;
        this.random = new SecureRandom();
        this.asUserId = str2;
    }

    @Override // net.dona.doip.client.AuthenticationInfo
    public String getClientId() {
        return this.clientId;
    }

    @Override // net.dona.doip.client.AuthenticationInfo
    public JsonObject getAuthentication() throws DoipException {
        JsonObject jsonObject = new JsonObject();
        try {
            jsonObject.addProperty("token", createBearerToken(this.privateKey, this.clientId));
            if (this.asUserId != null) {
                jsonObject.addProperty("asUserId", this.asUserId);
            }
            return jsonObject;
        } catch (TrustException e) {
            throw new DoipException(e);
        }
    }

    private String createBearerToken(PrivateKey privateKey, String str) throws TrustException {
        long currentTimeMillis = System.currentTimeMillis() / 1000;
        JsonObject jsonObject = new JsonObject();
        jsonObject.addProperty("iss", str);
        jsonObject.addProperty("sub", str);
        jsonObject.addProperty("jti", generateJti());
        jsonObject.addProperty("iat", Long.valueOf(currentTimeMillis));
        jsonObject.addProperty("exp", Long.valueOf(currentTimeMillis + 600));
        return JsonWebSignatureFactory.getInstance().create(jsonObject.toString(), privateKey).serialize();
    }

    private String generateJti() {
        byte[] bArr = new byte[10];
        this.random.nextBytes(bArr);
        return Hex.encodeHexString(bArr);
    }
}
