package tech.riemann.etp.odic.service.jwt;

import com.auth0.jwt.interfaces.Claim;
import com.nimbusds.jose.JOSEException;
import com.nimbusds.jose.crypto.ECDSAVerifier;
import com.nimbusds.jose.crypto.Ed25519Verifier;
import com.nimbusds.jose.crypto.RSASSAVerifier;
import com.nimbusds.jose.jwk.JWK;
import com.nimbusds.jose.jwk.JWKSet;
import com.nimbusds.jwt.JWT;
import com.nimbusds.jwt.SignedJWT;
import jakarta.annotation.PostConstruct;
import java.io.IOException;
import java.net.URI;
import java.text.ParseException;
import java.util.Map;
import java.util.concurrent.TimeUnit;
import lombok.Generated;
import org.nutz.lang.Lang;
import org.nutz.log.Log;
import org.nutz.log.Logs;
import org.springframework.scheduling.annotation.Scheduled;
import tech.riemann.etp.auth.jwt.JWTGenerator;

/* loaded from: input_file:tech/riemann/etp/odic/service/jwt/JwksJWTGenerator.class */
public class JwksJWTGenerator implements JWTGenerator {
    private static final String UNEXPECTED_VALUE = "Unexpected value: ";
    private final String jwks;
    private JWKSet jwkSet;
    private static final Log logger = Logs.get();

    @PostConstruct
    @Scheduled(fixedRate = 10, initialDelay = 10, timeUnit = TimeUnit.MINUTES)
    public void init() {
        try {
            if (this.jwkSet == null) {
                this.jwkSet = JWKSet.load(URI.create(this.jwks).toURL());
            }
        } catch (IOException | ParseException e) {
            logger.debugf("加载jwks: %s 失败!", new Object[]{this.jwks});
        }
    }

    public String token(String str, Map<String, ?> map) {
        throw Lang.noImplement();
    }

    public String token(String str, Map<String, ?> map, long j, TimeUnit timeUnit) {
        throw Lang.noImplement();
    }

    public String token(String str) {
        throw Lang.noImplement();
    }

    public String refreshToken(String str) {
        throw Lang.noImplement();
    }

    public String token(String str, Map<String, ?> map, String str2, String str3) {
        throw Lang.noImplement();
    }

    public boolean verify(String str) {
        RSASSAVerifier ed25519Verifier;
        try {
            SignedJWT parse = SignedJWT.parse(str);
            String keyID = parse.getHeader().getKeyID();
            JWK keyByKeyId = this.jwkSet.getKeyByKeyId(keyID);
            if (keyByKeyId == null) {
                throw new IllegalArgumentException("No key found in JWKSet with kid: " + keyID);
            }
            String value = keyByKeyId.getKeyType().getValue();
            boolean z = -1;
            switch (value.hashCode()) {
                case 2206:
                    if (value.equals("EC")) {
                        z = true;
                        break;
                    }
                    break;
                case 78080:
                    if (value.equals("OCT")) {
                        z = 2;
                        break;
                    }
                    break;
                case 81440:
                    if (value.equals("RSA")) {
                        z = false;
                        break;
                    }
                    break;
            }
            switch (z) {
                case false:
                    ed25519Verifier = new RSASSAVerifier(keyByKeyId.toRSAKey());
                    break;
                case true:
                    ed25519Verifier = new ECDSAVerifier(keyByKeyId.toECKey());
                    break;
                case true:
                    ed25519Verifier = new Ed25519Verifier(keyByKeyId.toOctetKeyPair());
                    break;
                default:
                    throw new IllegalArgumentException("Unexpected value: " + String.valueOf(keyByKeyId.getKeyType()));
            }
            return ed25519Verifier.verify(parse.getHeader(), parse.getSigningInput(), parse.getSignature());
        } catch (Exception e) {
            logger.debugf("验证token: %s失败!", new Object[]{str, e});
            return false;
        }
    }

    public JWT parse(String str) throws ParseException, JOSEException {
        RSASSAVerifier ed25519Verifier;
        SignedJWT parse = SignedJWT.parse(str);
        String keyID = parse.getHeader().getKeyID();
        JWK keyByKeyId = this.jwkSet.getKeyByKeyId(keyID);
        if (keyByKeyId == null) {
            throw new IllegalArgumentException("No key found in JWKSet with kid: " + keyID);
        }
        String value = keyByKeyId.getKeyType().getValue();
        boolean z = -1;
        switch (value.hashCode()) {
            case 2206:
                if (value.equals("EC")) {
                    z = true;
                    break;
                }
                break;
            case 78080:
                if (value.equals("OCT")) {
                    z = 2;
                    break;
                }
                break;
            case 81440:
                if (value.equals("RSA")) {
                    z = false;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                ed25519Verifier = new RSASSAVerifier(keyByKeyId.toRSAKey());
                break;
            case true:
                ed25519Verifier = new ECDSAVerifier(keyByKeyId.toECKey());
                break;
            case true:
                ed25519Verifier = new Ed25519Verifier(keyByKeyId.toOctetKeyPair());
                break;
            default:
                throw new IllegalArgumentException("Unexpected value: " + String.valueOf(keyByKeyId.getKeyType()));
        }
        if (ed25519Verifier.verify(parse.getHeader(), parse.getSigningInput(), parse.getSignature())) {
            return parse;
        }
        throw new IllegalArgumentException("Unexpected value: " + String.valueOf(keyByKeyId.getKeyType()));
    }

    public String subject(String str) {
        try {
            return parse(str).getJWTClaimsSet().getSubject();
        } catch (ParseException | JOSEException e) {
            Logs.get().debug(e);
            return null;
        }
    }

    public String verifiedSubject(String str) {
        return subject(str);
    }

    public Claim claim(String str, String str2) {
        throw Lang.noImplement();
    }

    public Map<String, Claim> claims(String str) {
        throw Lang.noImplement();
    }

    @Generated
    public JwksJWTGenerator(String str) {
        this.jwks = str;
    }
}
