package io.dimeformat;

import io.dimeformat.enums.Claim;
import io.dimeformat.enums.IdentityCapability;
import io.dimeformat.enums.KeyCapability;
import io.dimeformat.exceptions.CryptographyException;
import io.dimeformat.exceptions.InvalidFormatException;
import io.dimeformat.keyring.IntegrityState;
import java.nio.charset.StandardCharsets;
import java.time.Instant;
import java.util.Collections;
import java.util.List;
import java.util.Map;
import java.util.UUID;
import java.util.stream.Collectors;

/* loaded from: input_file:io/dimeformat/Identity.class */
public class Identity extends Item {
    public static final String HEADER = "ID";
    private Key _publicKey;
    private List<IdentityCapability> _capabilities;
    private Map<String, Object> _principles;
    private static final List<Claim> allowedClaims = List.of((Object[]) new Claim[]{Claim.AMB, Claim.AUD, Claim.CTX, Claim.EXP, Claim.IAT, Claim.ISS, Claim.ISU, Claim.KID, Claim.MTD, Claim.PRI, Claim.SUB, Claim.SYS, Claim.UID});
    private static final int MINIMUM_NBR_COMPONENTS = 3;
    private static final int MAXIMUM_NBR_COMPONENTS = 4;
    private static final int COMPONENTS_CHAIN_INDEX = 2;
    private Identity trustChain;

    @Override // io.dimeformat.Item
    public String getHeader() {
        return HEADER;
    }

    public Key getPublicKey() {
        if (this._publicKey == null) {
            try {
                this._publicKey = new Key(List.of(KeyCapability.SIGN), (String) getClaim(Claim.PUB), Claim.PUB);
            } catch (CryptographyException e) {
                return null;
            }
        }
        return this._publicKey;
    }

    public List<IdentityCapability> getCapabilities() {
        if (this._capabilities == null) {
            this._capabilities = (List) ((List) getClaim(Claim.CAP)).stream().map(IdentityCapability::fromString).collect(Collectors.toList());
        }
        return this._capabilities;
    }

    public Map<String, Object> getPrinciples() {
        Map map;
        if (this._principles == null && (map = (Map) getClaim(Claim.PRI)) != null) {
            this._principles = Collections.unmodifiableMap(map);
        }
        return this._principles;
    }

    public Identity getTrustChain() {
        return this.trustChain;
    }

    public boolean isSelfIssued() {
        return ((UUID) getClaim(Claim.SUB)).compareTo((UUID) getClaim(Claim.ISS)) == 0 && hasCapability(IdentityCapability.SELF);
    }

    @Override // io.dimeformat.Item
    public IntegrityState verify(Key key, List<Item> list) {
        Identity trustChain = getTrustChain();
        if (trustChain == null || key != null) {
            return super.verify(key, list);
        }
        IntegrityState verify = trustChain.verify();
        return !verify.isValid() ? verify : super.verify(trustChain.getPublicKey(), list);
    }

    public boolean hasCapability(IdentityCapability identityCapability) {
        return getCapabilities().contains(identityCapability);
    }

    @Override // io.dimeformat.Item
    public void convertToLegacy() {
        if (isLegacy()) {
            return;
        }
        super.convertToLegacy();
        Key.convertKeyToLegacy(this, KeyCapability.SIGN, Claim.PUB);
    }

    public void sign(Identity identity, Key key, boolean z) throws CryptographyException {
        if (z) {
            setTrustChain(identity);
        }
        super.sign(key);
    }

    Identity() {
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Identity(String str, UUID uuid, Key key, Instant instant, Instant instant2, UUID uuid2, List<String> list, Map<String, Object> map, List<String> list2, List<String> list3) {
        if (str == null || str.length() == 0) {
            throw new IllegalArgumentException("System name must not be null or empty.");
        }
        setClaimValue(Claim.UID, UUID.randomUUID());
        setClaimValue(Claim.SYS, str);
        setClaimValue(Claim.SUB, uuid);
        setClaimValue(Claim.ISS, uuid2);
        setClaimValue(Claim.IAT, instant);
        setClaimValue(Claim.EXP, instant2);
        setClaimValue(Claim.PUB, key.getPublic());
        setClaimValue(Claim.CAP, list);
        setClaimValue(Claim.PRI, map);
        setClaimValue(Claim.AMB, list2);
        setClaimValue(Claim.MTD, list3);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setTrustChain(Identity identity) {
        this.trustChain = identity;
    }

    @Override // io.dimeformat.Item
    protected boolean allowedToSetClaimDirectly(Claim claim) {
        return allowedClaims.contains(claim);
    }

    @Override // io.dimeformat.Item
    protected void customDecoding(List<String> list) throws InvalidFormatException {
        if (list.size() > MAXIMUM_NBR_COMPONENTS) {
            throw new InvalidFormatException("More components in item than expected, got " + list.size() + ", expected maximum 4");
        }
        if (list.size() == MAXIMUM_NBR_COMPONENTS) {
            this.trustChain = fromEncodedIdentity(new String(Utility.fromBase64(list.get(COMPONENTS_CHAIN_INDEX)), StandardCharsets.UTF_8));
        }
        this.isSigned = true;
    }

    @Override // io.dimeformat.Item
    protected void customEncoding(StringBuilder sb) throws InvalidFormatException {
        super.customEncoding(sb);
        if (this.trustChain != null) {
            sb.append(".");
            sb.append(Utility.toBase64(this.trustChain.forExport()));
        }
    }

    @Override // io.dimeformat.Item
    protected int getMinNbrOfComponents() {
        return MINIMUM_NBR_COMPONENTS;
    }

    private static Identity fromEncodedIdentity(String str) throws InvalidFormatException {
        Identity identity = new Identity();
        identity.decode(str);
        return identity;
    }
}
