package org.apache.tomee.microprofile.jwt.principal;

import io.smallrye.openapi.runtime.io.contact.ContactConstant;
import jakarta.json.Json;
import jakarta.json.JsonArray;
import jakarta.json.JsonArrayBuilder;
import jakarta.json.JsonNumber;
import jakarta.json.JsonObject;
import jakarta.json.JsonObjectBuilder;
import jakarta.json.JsonValue;
import java.util.Collection;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Optional;
import java.util.Set;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.security.auth.Subject;
import org.apache.openejb.spi.CallerPrincipal;
import org.eclipse.microprofile.jwt.Claims;
import org.eclipse.microprofile.jwt.JsonWebToken;
import org.jose4j.jwt.JwtClaims;
import org.jose4j.jwt.MalformedClaimException;

@CallerPrincipal
/* loaded from: input_file:lib/mp-jwt-9.0.0.RC1.jar:org/apache/tomee/microprofile/jwt/principal/JWTCallerPrincipal.class */
public class JWTCallerPrincipal implements JsonWebToken {
    private static final Logger logger = Logger.getLogger(JWTCallerPrincipal.class.getName());
    private final String jwt;
    private final String type;
    private final JwtClaims claimsSet;
    private final String name;

    public JWTCallerPrincipal(String str, String str2, JwtClaims jwtClaims, String str3) {
        this.name = str3;
        this.jwt = str;
        this.type = str2;
        this.claimsSet = jwtClaims;
        fixJoseTypes();
    }

    @Override // org.eclipse.microprofile.jwt.JsonWebToken, java.security.Principal
    public String getName() {
        return this.name;
    }

    @Override // org.eclipse.microprofile.jwt.JsonWebToken
    public <T> Optional<T> claim(String str) {
        return Optional.ofNullable(getClaim(str));
    }

    @Override // org.eclipse.microprofile.jwt.JsonWebToken
    public Set<String> getAudience() {
        HashSet hashSet = new HashSet();
        try {
            List<String> stringListClaimValue = this.claimsSet.getStringListClaimValue("aud");
            if (stringListClaimValue != null) {
                hashSet.addAll(stringListClaimValue);
            }
        } catch (MalformedClaimException e) {
            try {
                hashSet.add(this.claimsSet.getStringClaimValue("aud"));
            } catch (MalformedClaimException e2) {
                logger.log(Level.FINEST, "Can't retrieve malformed 'aud' claim.", (Throwable) e);
            }
        }
        if (hashSet.isEmpty()) {
            return null;
        }
        return hashSet;
    }

    @Override // org.eclipse.microprofile.jwt.JsonWebToken
    public Set<String> getGroups() {
        HashSet hashSet = new HashSet();
        try {
            List<String> stringListClaimValue = this.claimsSet.getStringListClaimValue("groups");
            if (stringListClaimValue != null) {
                hashSet.addAll(stringListClaimValue);
            }
        } catch (MalformedClaimException e) {
            logger.log(Level.FINEST, "Can't retrieve malformed 'groups' claim.", (Throwable) e);
        }
        return hashSet;
    }

    @Override // org.eclipse.microprofile.jwt.JsonWebToken
    public Set<String> getClaimNames() {
        return new HashSet(this.claimsSet.getClaimNames());
    }

    @Override // org.eclipse.microprofile.jwt.JsonWebToken
    public String getRawToken() {
        return this.jwt;
    }

    @Override // org.eclipse.microprofile.jwt.JsonWebToken
    public Object getClaim(String str) {
        Claims claims = Claims.UNKNOWN;
        Object obj = null;
        try {
            claims = Claims.valueOf(str);
        } catch (IllegalArgumentException e) {
        }
        switch (claims) {
            case auth_time:
            case updated_at:
                try {
                    obj = this.claimsSet.getClaimValue(claims.name(), Long.class);
                    if (obj == null) {
                        obj = 0L;
                    }
                    break;
                } catch (MalformedClaimException e2) {
                    logger.log(Level.FINEST, "Can't retrieve 'updated_at' a malformed claim.", (Throwable) e2);
                    break;
                }
            case groups:
                obj = getGroups();
                break;
            case aud:
                obj = getAudience();
                break;
            case UNKNOWN:
                obj = this.claimsSet.getClaimValue(str);
                break;
            default:
                obj = this.claimsSet.getClaimValue(claims.name());
                break;
        }
        return obj;
    }

    @Override // java.security.Principal
    public boolean implies(Subject subject) {
        return false;
    }

    @Override // java.security.Principal
    public String toString() {
        return toString(false);
    }

    public String toString(boolean z) {
        String tokenID = getTokenID();
        String name = getName();
        long expirationTime = getExpirationTime();
        Object claim = getClaim(Claims.nbf.name());
        long issuedAtTime = getIssuedAtTime();
        String issuer = getIssuer();
        Set<String> audience = getAudience();
        String subject = getSubject();
        String str = this.type;
        Object claim2 = getClaim("azp");
        Object claim3 = getClaim("auth_time");
        Object claim4 = getClaim("given_name");
        Object claim5 = getClaim("family_name");
        Object claim6 = getClaim("middle_name");
        Object claim7 = getClaim("nickname");
        Object claim8 = getClaim("preferred_username");
        Object claim9 = getClaim(ContactConstant.PROP_EMAIL);
        Object claim10 = getClaim(Claims.email_verified.name());
        Object claim11 = getClaim("allowedOrigins");
        getClaim("updated_at");
        getClaim("acr");
        StringBuilder sb = new StringBuilder("DefaultJWTCallerPrincipal{id='" + tokenID + "', name='" + name + "', expiration=" + expirationTime + ", notBefore=" + tokenID + ", issuedAt=" + claim + ", issuer='" + issuedAtTime + "', audience=" + tokenID + ", subject='" + issuer + "', type='" + audience + "', issuedFor='" + subject + "', authTime=" + str + ", givenName='" + claim2 + "', familyName='" + claim3 + "', middleName='" + claim4 + "', nickName='" + claim5 + "', preferredUsername='" + claim6 + "', email='" + claim7 + "', emailVerified=" + claim8 + ", allowedOrigins=" + claim9 + ", updatedAt=" + claim10 + ", acr='" + claim11 + "'");
        sb.append(", groups=[");
        Iterator<String> it = getGroups().iterator();
        while (it.hasNext()) {
            sb.append(it.next());
            sb.append(',');
        }
        sb.setLength(sb.length() - 1);
        sb.append("]}");
        return sb.toString();
    }

    private void fixJoseTypes() {
        if (this.claimsSet.hasClaim(Claims.address.name())) {
            replaceMap(Claims.address.name());
        }
        if (this.claimsSet.hasClaim(Claims.jwk.name())) {
            replaceMap(Claims.jwk.name());
        }
        if (this.claimsSet.hasClaim(Claims.sub_jwk.name())) {
            replaceMap(Claims.sub_jwk.name());
        }
        for (String str : filterCustomClaimNames(this.claimsSet.getClaimNames())) {
            Object claimValue = this.claimsSet.getClaimValue(str);
            if (claimValue instanceof List) {
                replaceList(str);
            } else if (claimValue instanceof Map) {
                replaceMap(str);
            } else if (claimValue instanceof Number) {
                replaceNumber(str);
            }
        }
    }

    private Set<String> filterCustomClaimNames(Collection<String> collection) {
        HashSet hashSet = new HashSet(collection);
        for (Claims claims : Claims.values()) {
            hashSet.remove(claims.name());
        }
        return hashSet;
    }

    private void replaceMap(String str) {
        try {
            this.claimsSet.setClaim(str, replaceMap((Map<String, Object>) this.claimsSet.getClaimValue(str, Map.class)));
        } catch (MalformedClaimException e) {
            logger.log(Level.WARNING, "replaceMap failure for: " + str, (Throwable) e);
        }
    }

    private JsonObject replaceMap(Map<String, Object> map) {
        JsonObjectBuilder createObjectBuilder = Json.createObjectBuilder();
        for (Map.Entry<String, Object> entry : map.entrySet()) {
            Object value = entry.getValue();
            if (value instanceof Map) {
                createObjectBuilder.add(entry.getKey(), replaceMap((Map<String, Object>) value));
            } else if (value instanceof List) {
                createObjectBuilder.add(entry.getKey(), (JsonArray) wrapValue(value));
            } else if ((value instanceof Long) || (value instanceof Integer)) {
                createObjectBuilder.add(entry.getKey(), ((Number) value).longValue());
            } else if ((value instanceof Double) || (value instanceof Float)) {
                createObjectBuilder.add(entry.getKey(), ((Number) value).doubleValue());
            } else if (value instanceof Boolean) {
                createObjectBuilder.add(entry.getKey(), ((Boolean) value).booleanValue());
            } else if (value instanceof String) {
                createObjectBuilder.add(entry.getKey(), value.toString());
            }
        }
        return createObjectBuilder.build();
    }

    private JsonValue wrapValue(Object obj) {
        JsonValue jsonValue = null;
        if (obj instanceof Number) {
            Number number = (Number) obj;
            jsonValue = ((number instanceof Long) || (number instanceof Integer)) ? Json.createObjectBuilder().add("tmp", number.longValue()).build().getJsonNumber("tmp") : Json.createObjectBuilder().add("tmp", number.doubleValue()).build().getJsonNumber("tmp");
        } else if (obj instanceof Boolean) {
            jsonValue = ((Boolean) obj).booleanValue() ? JsonValue.TRUE : JsonValue.FALSE;
        } else if (obj instanceof List) {
            JsonArrayBuilder createArrayBuilder = Json.createArrayBuilder();
            for (Object obj2 : (List) obj) {
                if (obj2 instanceof String) {
                    createArrayBuilder.add(obj2.toString());
                } else {
                    createArrayBuilder.add(wrapValue(obj2));
                }
            }
            jsonValue = createArrayBuilder.build();
        }
        return jsonValue;
    }

    private void replaceList(String str) {
        try {
            this.claimsSet.setClaim(str, (JsonArray) wrapValue((List) this.claimsSet.getClaimValue(str, List.class)));
        } catch (MalformedClaimException e) {
            logger.log(Level.WARNING, "replaceList failure for: " + str, (Throwable) e);
        }
    }

    private void replaceNumber(String str) {
        try {
            this.claimsSet.setClaim(str, (JsonNumber) wrapValue((Number) this.claimsSet.getClaimValue(str, Number.class)));
        } catch (MalformedClaimException e) {
            logger.log(Level.WARNING, "replaceNumber failure for: " + str, (Throwable) e);
        }
    }
}
