package com.auth0.web;

import com.auth0.Auth0Exception;
import com.auth0.Auth0User;
import com.auth0.SessionUtils;
import com.auth0.Tokens;
import com.auth0.jwt.Algorithm;
import com.auth0.jwt.JWTVerifier;
import com.auth0.jwt.JWTVerifyException;
import com.auth0.jwt.pem.PemReader;
import java.io.IOException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.PublicKey;
import java.security.SignatureException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.lang3.Validate;

/* loaded from: input_file:com/auth0/web/Auth0Filter.class */
public class Auth0Filter implements Filter {
    private String onFailRedirectTo;
    private JWTVerifier jwtVerifier;
    private Auth0Config auth0Config;

    /* renamed from: com.auth0.web.Auth0Filter$1, reason: invalid class name */
    /* loaded from: input_file:com/auth0/web/Auth0Filter$1.class */
    static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$com$auth0$jwt$Algorithm = new int[Algorithm.values().length];

        static {
            try {
                $SwitchMap$com$auth0$jwt$Algorithm[Algorithm.HS256.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$com$auth0$jwt$Algorithm[Algorithm.HS384.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$com$auth0$jwt$Algorithm[Algorithm.HS512.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
            try {
                $SwitchMap$com$auth0$jwt$Algorithm[Algorithm.RS256.ordinal()] = 4;
            } catch (NoSuchFieldError e4) {
            }
            try {
                $SwitchMap$com$auth0$jwt$Algorithm[Algorithm.RS384.ordinal()] = 5;
            } catch (NoSuchFieldError e5) {
            }
            try {
                $SwitchMap$com$auth0$jwt$Algorithm[Algorithm.RS512.ordinal()] = 6;
            } catch (NoSuchFieldError e6) {
            }
        }
    }

    public Auth0Filter(Auth0Config auth0Config) {
        this.auth0Config = auth0Config;
    }

    public void init(FilterConfig filterConfig) throws ServletException {
        this.onFailRedirectTo = filterConfig.getInitParameter("redirectOnAuthError");
        Validate.notNull(this.onFailRedirectTo);
        String issuer = this.auth0Config.getIssuer();
        Validate.notNull(issuer);
        String clientId = this.auth0Config.getClientId();
        Validate.notNull(clientId);
        Algorithm valueOf = Algorithm.valueOf(this.auth0Config.getSigningAlgorithm());
        switch (AnonymousClass1.$SwitchMap$com$auth0$jwt$Algorithm[valueOf.ordinal()]) {
            case 1:
            case 2:
            case 3:
                String clientSecret = this.auth0Config.getClientSecret();
                Validate.notNull(clientSecret);
                new Base64(true);
                this.jwtVerifier = new JWTVerifier(Base64.decodeBase64(clientSecret), clientId, issuer);
                return;
            case 4:
            case 5:
            case 6:
                String publicKeyPath = this.auth0Config.getPublicKeyPath();
                Validate.notEmpty(publicKeyPath);
                try {
                    PublicKey readPublicKey = PemReader.readPublicKey(filterConfig.getServletContext().getRealPath(publicKeyPath));
                    Validate.notNull(readPublicKey);
                    this.jwtVerifier = new JWTVerifier(readPublicKey, clientId, issuer);
                    return;
                } catch (Exception e) {
                    throw new IllegalStateException(e.getMessage(), e.getCause());
                }
            default:
                throw new IllegalStateException("Unsupported signing method: " + valueOf.getValue());
        }
    }

    protected void onSuccess(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain, Auth0User auth0User) throws IOException, ServletException {
        filterChain.doFilter(new Auth0RequestWrapper((HttpServletRequest) servletRequest, auth0User), servletResponse);
    }

    protected void onReject(HttpServletResponse httpServletResponse) throws IOException, ServletException {
        httpServletResponse.sendRedirect(this.onFailRedirectTo);
    }

    protected boolean tokensExist(Tokens tokens) {
        return (tokens == null || tokens.getIdToken() == null || tokens.getAccessToken() == null) ? false : true;
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        Tokens tokens = SessionUtils.getTokens(httpServletRequest);
        if (!tokensExist(tokens)) {
            onReject(httpServletResponse);
            return;
        }
        try {
            this.jwtVerifier.verify(tokens.getIdToken());
            onSuccess(httpServletRequest, httpServletResponse, filterChain, SessionUtils.getAuth0User(httpServletRequest));
        } catch (IllegalStateException e) {
            throw new Auth0Exception("IllegalStateException thrown while decoding JWT token " + e.getLocalizedMessage());
        } catch (JWTVerifyException e2) {
            throw new Auth0Exception("JWTVerifyException thrown while decoding JWT token " + e2.getLocalizedMessage());
        } catch (IOException e3) {
            throw new Auth0Exception("IOException thrown while decoding JWT token " + e3.getLocalizedMessage());
        } catch (InvalidKeyException e4) {
            throw new Auth0Exception("InvalidKeyException thrown while decoding JWT token " + e4.getLocalizedMessage());
        } catch (NoSuchAlgorithmException e5) {
            throw new Auth0Exception("NoSuchAlgorithmException thrown while decoding JWT token " + e5.getLocalizedMessage());
        } catch (SignatureException e6) {
            throw new Auth0Exception("SignatureException thrown while decoding JWT token " + e6.getLocalizedMessage());
        }
    }

    public void destroy() {
    }
}
