package com.atlassian.servicedesk.internal.util.tokens.jwt;

import com.atlassian.jwt.JwtService;
import com.atlassian.jwt.core.HttpRequestCanonicalizer;
import com.atlassian.jwt.core.TimeUtil;
import com.atlassian.jwt.core.writer.JsonSmartJwtJsonBuilder;
import com.atlassian.jwt.core.writer.JwtClaimsBuilder;
import com.atlassian.jwt.httpclient.CanonicalHttpUriRequest;
import com.atlassian.jwt.writer.JwtJsonBuilder;
import com.google.common.collect.ImmutableMap;
import io.atlassian.fugue.Option;
import java.io.UnsupportedEncodingException;
import java.net.URI;
import java.security.NoSuchAlgorithmException;
import java.util.Map;
import javax.annotation.Nonnull;
import org.apache.commons.lang3.StringUtils;
import org.apache.http.client.utils.URLEncodedUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;

@Component
/* loaded from: input_file:com/atlassian/servicedesk/internal/util/tokens/jwt/JwtTokenGeneratorImpl.class */
public class JwtTokenGeneratorImpl implements JwtTokenGenerator {
    private static final int DEFAULT_JWT_TOKEN_EXPIRY_SECOND = 2419200;
    private static final Logger logger = LoggerFactory.getLogger(JwtTokenGeneratorImpl.class);
    private final JwtService jwtService;
    private final ServiceDeskJwtIssuer jwtIssuer;

    @Autowired
    public JwtTokenGeneratorImpl(JwtService jwtService, ServiceDeskJwtIssuer serviceDeskJwtIssuer) {
        this.jwtService = jwtService;
        this.jwtIssuer = serviceDeskJwtIssuer;
    }

    @Override // com.atlassian.servicedesk.internal.util.tokens.jwt.JwtTokenGenerator
    public Option<String> generateToken(@Nonnull URI uri, @Nonnull URI uri2, @Nonnull String str, @Nonnull Map<String, String> map) {
        JwtJsonBuilder claim = new JsonSmartJwtJsonBuilder().issuedAt(TimeUtil.currentTimeSeconds()).expirationTime(TimeUtil.currentTimePlusNSeconds(2419200L)).issuer(this.jwtIssuer.getName()).claim(JwtTokenGenerator.CONTEXT_CLAIM, map);
        ImmutableMap.Builder builder = ImmutableMap.builder();
        try {
            if (StringUtils.isNotEmpty(uri.getQuery())) {
                builder.putAll(constructParameterMap(uri));
            }
            CanonicalHttpUriRequest canonicalHttpUriRequest = new CanonicalHttpUriRequest(str, uri.toString(), uri2.toString(), builder.build());
            logger.debug("Canonical request is: " + HttpRequestCanonicalizer.canonicalize(canonicalHttpUriRequest));
            JwtClaimsBuilder.appendHttpRequestClaims(claim, canonicalHttpUriRequest);
            String sharedSecret = this.jwtIssuer.getSharedSecret();
            if (sharedSecret != null) {
                return Option.some(this.jwtService.issueJwt(claim.build(), sharedSecret));
            }
            logger.warn("Failed to generate token due to no available secretkey");
            return Option.none();
        } catch (UnsupportedEncodingException e) {
            logger.warn("Failed to generate token due to UnsupportedEncoding");
            return Option.none();
        } catch (NoSuchAlgorithmException e2) {
            logger.warn("Failed to generate token due to NoSuchAlgorithm");
            return Option.none();
        }
    }

    private Map<String, String[]> constructParameterMap(URI uri) throws UnsupportedEncodingException {
        ImmutableMap.Builder builder = ImmutableMap.builder();
        URLEncodedUtils.parse(uri, "UTF-8").stream().filter(nameValuePair -> {
            return StringUtils.isNotBlank(nameValuePair.getName());
        }).forEach(nameValuePair2 -> {
            builder.put(nameValuePair2.getName(), new String[]{nameValuePair2.getValue()});
        });
        return builder.build();
    }
}
