package org.apache.hadoop.gateway.services.token.impl;

import com.nimbusds.jose.crypto.RSASSASigner;
import com.nimbusds.jose.crypto.RSASSAVerifier;
import java.security.KeyStoreException;
import java.security.Principal;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.util.Map;
import javax.security.auth.Subject;
import org.apache.hadoop.gateway.config.GatewayConfig;
import org.apache.hadoop.gateway.services.Service;
import org.apache.hadoop.gateway.services.ServiceLifecycleException;
import org.apache.hadoop.gateway.services.security.AliasService;
import org.apache.hadoop.gateway.services.security.KeystoreService;
import org.apache.hadoop.gateway.services.security.KeystoreServiceException;
import org.apache.hadoop.gateway.services.security.token.JWTokenAuthority;
import org.apache.hadoop.gateway.services.security.token.impl.JWTToken;

/* loaded from: input_file:org/apache/hadoop/gateway/services/token/impl/DefaultTokenAuthorityService.class */
public class DefaultTokenAuthorityService implements JWTokenAuthority, Service {
    private AliasService as = null;
    private KeystoreService ks = null;

    public void setKeystoreService(KeystoreService keystoreService) {
        this.ks = keystoreService;
    }

    public void setAliasService(AliasService aliasService) {
        this.as = aliasService;
    }

    public JWTToken issueToken(Subject subject, String str) {
        return issueToken((Principal) subject.getPrincipals().toArray()[0], str);
    }

    public JWTToken issueToken(Principal principal, String str) {
        return issueToken(principal, null, str);
    }

    public JWTToken issueToken(Principal principal, String str, String str2) {
        return issueToken(principal, str, str2, -1L);
    }

    public JWTToken issueToken(Principal principal, String str, String str2, long j) {
        String[] strArr = new String[4];
        strArr[0] = "HSSO";
        strArr[1] = principal.getName();
        if (str == null) {
            str = "HSSO";
        }
        strArr[2] = str;
        if (j == -1) {
            strArr[3] = Long.toString(System.currentTimeMillis() + 30000);
        } else {
            strArr[3] = String.valueOf(j);
        }
        JWTToken jWTToken = null;
        if ("RS256".equals(str2)) {
            jWTToken = new JWTToken("RS256", strArr);
            try {
                jWTToken.sign(new RSASSASigner((RSAPrivateKey) this.ks.getKeyForGateway("gateway-identity", this.as.getPasswordFromAliasForGateway("gateway-identity-passphrase"))));
            } catch (KeystoreServiceException e) {
                e.printStackTrace();
            }
        }
        return jWTToken;
    }

    public boolean verifyToken(JWTToken jWTToken) {
        boolean z = false;
        try {
            z = jWTToken.verify(new RSASSAVerifier((RSAPublicKey) this.ks.getKeystoreForGateway().getCertificate("gateway-identity").getPublicKey()));
        } catch (KeystoreServiceException e) {
            e.printStackTrace();
        } catch (KeyStoreException e2) {
            e2.printStackTrace();
        }
        return z;
    }

    public void init(GatewayConfig gatewayConfig, Map<String, String> map) throws ServiceLifecycleException {
        if (this.as == null || this.ks == null) {
            throw new ServiceLifecycleException("Alias or Keystore service is not set");
        }
    }

    public void start() throws ServiceLifecycleException {
    }

    public void stop() throws ServiceLifecycleException {
    }
}
