package edu.uiuc.ncsa.security.oauth_2_0;

import edu.uiuc.ncsa.security.core.exceptions.GeneralException;
import net.sf.json.JSONObject;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.configuration.tree.DefaultExpressionEngine;

/* loaded from: input_file:WEB-INF/lib/ncsa-security-oauth-2.0-3.3.jar:edu/uiuc/ncsa/security/oauth_2_0/IDTokenUtil.class */
public class IDTokenUtil {
    public static String TYPE = "typ";
    public static String ALGORITHM = "alg";

    public static String createIDToken(JSONObject jSONObject) {
        JSONObject jSONObject2 = new JSONObject();
        jSONObject2.put(TYPE, "JWT");
        jSONObject2.put(ALGORITHM, OA2Constants.PROMPT_NONE);
        return Base64.encodeBase64URLSafeString(jSONObject2.toString().getBytes()) + DefaultExpressionEngine.DEFAULT_PROPERTY_DELIMITER + Base64.encodeBase64URLSafeString(jSONObject.toString().getBytes()) + DefaultExpressionEngine.DEFAULT_PROPERTY_DELIMITER;
    }

    public static JSONObject readIDToken(String str) {
        if (!str.endsWith(DefaultExpressionEngine.DEFAULT_PROPERTY_DELIMITER)) {
            throw new GeneralException("Error: only unsigned/unverified id tokens are supported");
        }
        String substring = str.substring(0, str.length() - 1);
        int indexOf = substring.indexOf(DefaultExpressionEngine.DEFAULT_PROPERTY_DELIMITER);
        String substring2 = substring.substring(0, indexOf);
        String substring3 = substring.substring(indexOf + 1);
        JSONObject fromObject = JSONObject.fromObject(new String(Base64.decodeBase64(substring2)));
        JSONObject fromObject2 = JSONObject.fromObject(new String(Base64.decodeBase64(substring3)));
        if (!fromObject.get(TYPE).equals("JWT")) {
            throw new GeneralException("Unsupported token type.");
        }
        if (fromObject.get(ALGORITHM).equals(OA2Constants.PROMPT_NONE)) {
            return fromObject2;
        }
        throw new GeneralException("Unsupported algorithm");
    }
}
