package de.adorsys.oauth.server;

import com.nimbusds.jose.util.Base64;
import com.nimbusds.jwt.JWTClaimsSet;
import java.security.Principal;
import java.text.ParseException;
import java.util.ArrayList;
import java.util.Collection;
import java.util.List;
import org.jboss.security.SimpleGroup;
import org.jboss.security.SimplePrincipal;

/* loaded from: input_file:WEB-INF/lib/oauth-server-0.25.jar:de/adorsys/oauth/server/RememberMeTokenUtil.class */
public class RememberMeTokenUtil {
    private static final String SECRET_KEY = System.getProperty("oauth.remembercookie.secretkey");

    public static String serialize(LoginSessionToken loginSessionToken, String str, List<String> list) {
        return EncryptedTokenSerializer.serialize(new JWTClaimsSet.Builder().claim("principal", str).claim("roles", list).claim("loginSession", loginSessionToken.getValue()).build(), getSecretKey());
    }

    private static byte[] getSecretKey() {
        return new Base64(SECRET_KEY).decode();
    }

    public static LoginSessionToken getLoginSession(String str) {
        try {
            return new LoginSessionToken(EncryptedTokenSerializer.deserialize(str, getSecretKey()).getStringClaim("loginSession"));
        } catch (ParseException e) {
            throw new OAuthException("expected valid loginSession in cookie", null);
        }
    }

    public static Collection<Principal> deserialize(String str) {
        JWTClaimsSet deserialize = EncryptedTokenSerializer.deserialize(str, getSecretKey());
        try {
            ArrayList arrayList = new ArrayList();
            Principal simplePrincipal = new SimplePrincipal(deserialize.getStringClaim("principal"));
            arrayList.add(simplePrincipal);
            SimpleGroup simpleGroup = new SimpleGroup("CallerPrincipal");
            arrayList.add(simpleGroup);
            simpleGroup.addMember(simplePrincipal);
            SimpleGroup simpleGroup2 = new SimpleGroup("Roles");
            arrayList.add(simpleGroup2);
            for (String str2 : deserialize.getStringArrayClaim("roles")) {
                if (str2 instanceof String) {
                    simpleGroup2.addMember(new SimplePrincipal(str2));
                }
            }
            return arrayList;
        } catch (ParseException e) {
            throw new OAuthException("expected valid roles and principal in cookie", null);
        }
    }

    public static boolean isEnabled() {
        return SECRET_KEY != null;
    }
}
