package edu.kit.datamanager.util;

import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.ObjectMapper;
import edu.kit.datamanager.entities.RepoRole;
import edu.kit.datamanager.entities.RepoUserRole;
import edu.kit.datamanager.security.filter.JwtAuthenticationToken;
import edu.kit.datamanager.security.filter.ScopedPermission;
import io.jsonwebtoken.Claims;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureAlgorithm;
import io.jsonwebtoken.impl.DefaultClaims;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Date;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:edu/kit/datamanager/util/JwtBuilder.class */
public class JwtBuilder {
    private static final Logger LOGGER = LoggerFactory.getLogger(JwtBuilder.class);
    private String principal;
    private JwtAuthenticationToken.TOKEN_TYPE type = JwtAuthenticationToken.TOKEN_TYPE.USER;
    private final Map<String, Object> claims = new HashMap();
    private final List<String> roles = new ArrayList();
    private final List<ScopedPermission> permissions = new ArrayList();

    JwtBuilder() {
    }

    public static JwtBuilder createUserToken(String str, RepoRole... repoRoleArr) {
        JwtBuilder jwtBuilder = new JwtBuilder();
        jwtBuilder.setTokenType(JwtAuthenticationToken.TOKEN_TYPE.USER);
        jwtBuilder.principal = str;
        return jwtBuilder.setRoles(repoRoleArr);
    }

    public static JwtBuilder createServiceToken(String str, RepoRole... repoRoleArr) {
        JwtBuilder jwtBuilder = new JwtBuilder();
        jwtBuilder.setTokenType(JwtAuthenticationToken.TOKEN_TYPE.SERVICE);
        jwtBuilder.principal = str;
        return jwtBuilder.setRoles(repoRoleArr);
    }

    public static JwtBuilder createTemporaryToken(String str, ScopedPermission... scopedPermissionArr) {
        JwtBuilder jwtBuilder = new JwtBuilder();
        jwtBuilder.setTokenType(JwtAuthenticationToken.TOKEN_TYPE.TEMPORARY);
        jwtBuilder.principal = str;
        return jwtBuilder.setScopedPermissions(scopedPermissionArr);
    }

    private void setTokenType(JwtAuthenticationToken.TOKEN_TYPE token_type) {
        this.claims.put("tokenType", token_type.toString());
        this.type = token_type;
    }

    private JwtBuilder setRoles(RepoRole... repoRoleArr) {
        if (repoRoleArr == null || this.type.equals(JwtAuthenticationToken.TOKEN_TYPE.TEMPORARY)) {
            return this;
        }
        for (RepoRole repoRole : repoRoleArr) {
            this.roles.add(repoRole.getValue());
        }
        return this;
    }

    private JwtBuilder setScopedPermissions(ScopedPermission... scopedPermissionArr) {
        if (scopedPermissionArr == null || scopedPermissionArr.length == 0) {
            return this;
        }
        this.permissions.addAll(Arrays.asList(scopedPermissionArr));
        return this;
    }

    public JwtBuilder addSimpleClaim(String str, String str2) {
        this.claims.put(str, str2);
        return this;
    }

    public JwtBuilder addSimpleClaim(String str, Boolean bool) {
        this.claims.put(str, bool);
        return this;
    }

    public JwtBuilder addSimpleClaim(String str, Integer num) {
        this.claims.put(str, num);
        return this;
    }

    public Map<String, Object> getClaimMap() {
        try {
            switch (this.type) {
                case USER:
                    addSimpleClaim("username", this.principal);
                    this.claims.put("roles", new ObjectMapper().writeValueAsString(this.roles.isEmpty() ? new String[]{RepoUserRole.GUEST.getValue()} : this.roles.toArray(new String[0])));
                    break;
                case SERVICE:
                    addSimpleClaim("servicename", this.principal);
                    this.claims.put("roles", new ObjectMapper().writeValueAsString(this.roles.isEmpty() ? new String[]{RepoUserRole.GUEST.getValue()} : this.roles.toArray(new String[0])));
                    break;
                case TEMPORARY:
                    addSimpleClaim("principalname", this.principal);
                    this.claims.put("permissions", new ObjectMapper().writeValueAsString(this.permissions.toArray(new ScopedPermission[0])));
                    break;
            }
        } catch (JsonProcessingException e) {
            LOGGER.warn("Failed to create claim map.", e);
        }
        return this.claims;
    }

    public Claims getClaims() {
        DefaultClaims defaultClaims = new DefaultClaims();
        getClaimMap().entrySet().forEach(entry -> {
            defaultClaims.put(entry.getKey(), entry.getValue());
        });
        return defaultClaims;
    }

    public String getCompactToken(String str) {
        return getCompactToken(str, null);
    }

    public String getCompactToken(String str, Date date) {
        if (date != null) {
            return Jwts.builder().setClaims(getClaims()).setExpiration(date).signWith(SignatureAlgorithm.HS256, str).compact();
        }
        LOGGER.debug("Warn: Creating JWT token without expiration time.");
        return Jwts.builder().setClaims(getClaims()).signWith(SignatureAlgorithm.HS256, str).compact();
    }

    public JwtAuthenticationToken getJwtAuthenticationToken(String str) {
        return JwtAuthenticationToken.factoryToken(getCompactToken(str), getClaimMap());
    }
}
