package fr.wseduc.webutils.security;

import java.io.ByteArrayInputStream;
import java.io.UnsupportedEncodingException;
import java.net.URI;
import java.security.PublicKey;
import java.security.Signature;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.ConcurrentMap;
import org.vertx.java.core.Handler;
import org.vertx.java.core.Vertx;
import org.vertx.java.core.VoidHandler;
import org.vertx.java.core.buffer.Buffer;
import org.vertx.java.core.http.HttpClient;
import org.vertx.java.core.http.HttpClientResponse;
import org.vertx.java.core.json.JsonObject;
import org.vertx.java.core.json.impl.Base64;
import org.vertx.java.core.logging.Logger;
import org.vertx.java.core.logging.impl.LoggerFactory;

/* loaded from: input_file:fr/wseduc/webutils/security/JWT.class */
public class JWT {
    private static final Logger log = LoggerFactory.getLogger(JWT.class);
    private final HttpClient httpClient;
    private final String certsPath;
    private final ConcurrentMap<String, PublicKey> certificates = new ConcurrentHashMap();

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:fr/wseduc/webutils/security/JWT$Algorithm.class */
    public enum Algorithm {
        RS256("SHA256withRSA"),
        RS384("SHA384withRSA"),
        RS512("SHA512withRSA");

        private final String algo;

        Algorithm(String str) {
            this.algo = str;
        }

        public String getAlgo() {
            return this.algo;
        }
    }

    public JWT(Vertx vertx, URI uri) {
        this.httpClient = ((HttpClient) vertx.createHttpClient().setHost(uri.getHost()).setPort(uri.getPort()).setSSL("https".equals(uri.getScheme()))).setMaxPoolSize(4).setKeepAlive(false);
        this.certsPath = uri.getPath();
        findCertificates(null);
    }

    private void findCertificates(final VoidHandler voidHandler) {
        this.httpClient.getNow(this.certsPath, new Handler<HttpClientResponse>() { // from class: fr.wseduc.webutils.security.JWT.1
            public void handle(HttpClientResponse httpClientResponse) {
                if (httpClientResponse.statusCode() == 200) {
                    httpClientResponse.bodyHandler(new Handler<Buffer>() { // from class: fr.wseduc.webutils.security.JWT.1.1
                        public void handle(Buffer buffer) {
                            JsonObject jsonObject = new JsonObject(buffer.toString("UTF-8"));
                            try {
                                try {
                                    CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
                                    for (String str : jsonObject.getFieldNames()) {
                                        String string = jsonObject.getString(str);
                                        if (string != null) {
                                            try {
                                                JWT.this.certificates.putIfAbsent(str, certificateFactory.generateCertificate(new ByteArrayInputStream(string.getBytes("UTF-8"))).getPublicKey());
                                            } catch (UnsupportedEncodingException | CertificateException e) {
                                                JWT.log.error(e.getMessage(), e);
                                            }
                                        }
                                    }
                                    if (voidHandler != null) {
                                        voidHandler.handle((Void) null);
                                    }
                                } catch (Throwable th) {
                                    if (voidHandler != null) {
                                        voidHandler.handle((Void) null);
                                    }
                                    throw th;
                                }
                            } catch (CertificateException e2) {
                                JWT.log.error(e2.getMessage(), e2);
                                if (voidHandler != null) {
                                    voidHandler.handle((Void) null);
                                }
                            }
                        }
                    });
                } else if (voidHandler != null) {
                    voidHandler.handle((Void) null);
                }
            }
        });
    }

    private static String base64Decode(String str) throws UnsupportedEncodingException {
        return new String(base64DecodeToByte(str), "UTF-8");
    }

    private static byte[] base64DecodeToByte(String str) {
        int length = 4 - (str.length() % 4);
        StringBuilder sb = new StringBuilder("");
        for (int i = 0; i < length; i++) {
            sb.append("=");
        }
        return Base64.decode(str + sb.toString(), 16);
    }

    public void verifyAndGet(final String str, final Handler<JsonObject> handler) {
        String[] split = str.split("\\.");
        if (split.length != 3) {
            handler.handle((Object) null);
            return;
        }
        try {
            final String string = new JsonObject(base64Decode(split[0])).getString("kid");
            if (string != null) {
                PublicKey publicKey = this.certificates.get(string);
                if (publicKey == null) {
                    findCertificates(new VoidHandler() { // from class: fr.wseduc.webutils.security.JWT.2
                        protected void handle() {
                            handler.handle(JWT.verifyAndGet(str, (PublicKey) JWT.this.certificates.get(string)));
                        }
                    });
                } else {
                    handler.handle(verifyAndGet(str, publicKey));
                }
            }
        } catch (UnsupportedEncodingException e) {
            log.error(e.getMessage(), e);
            handler.handle((Object) null);
        }
    }

    public static JsonObject verifyAndGet(String str, PublicKey publicKey) {
        String[] split = str.split("\\.");
        if (split.length != 3 || publicKey == null) {
            return null;
        }
        try {
            JsonObject jsonObject = new JsonObject(base64Decode(split[0]));
            JsonObject jsonObject2 = new JsonObject(base64Decode(split[1]));
            byte[] base64DecodeToByte = base64DecodeToByte(split[2]);
            Signature signature = Signature.getInstance(Algorithm.valueOf(jsonObject.getString("alg")).getAlgo());
            signature.initVerify(publicKey);
            signature.update((split[0] + "." + split[1]).getBytes("UTF-8"));
            if (signature.verify(base64DecodeToByte)) {
                return jsonObject2;
            }
            return null;
        } catch (Exception e) {
            log.error(e.getMessage(), e);
            return null;
        }
    }
}
