package net.sixpointsix.springboot.jwt.builder;

import com.auth0.jwt.algorithms.Algorithm;
import java.io.IOException;
import java.nio.charset.Charset;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.Arrays;
import java.util.Base64;
import java.util.List;
import java.util.Objects;
import net.sixpointsix.springboot.jwt.JwtAlgorithmConfiguration;
import org.apache.commons.io.IOUtils;
import org.springframework.core.io.ResourceLoader;

/* loaded from: input_file:net/sixpointsix/springboot/jwt/builder/FixedTypeAlgorithmBuilder.class */
public class FixedTypeAlgorithmBuilder implements AlgorithmBuilder {
    private static final List<String> HMAC_ALGORITHMS = Arrays.asList("HS256", "HS384", "HS512");
    private static final List<String> KEY_ALGORITHMS = Arrays.asList("RS256", "RS384", "RS512");
    private static KeyFactory rsaKeyFactory;
    private final ResourceLoader resourceLoader;
    private final JwtAlgorithmConfiguration configuration;

    public FixedTypeAlgorithmBuilder(ResourceLoader resourceLoader, JwtAlgorithmConfiguration jwtAlgorithmConfiguration) {
        this.resourceLoader = resourceLoader;
        this.configuration = jwtAlgorithmConfiguration;
    }

    @Override // net.sixpointsix.springboot.jwt.builder.AlgorithmBuilder
    public Algorithm build() {
        String algorithm = this.configuration.getAlgorithm();
        if (HMAC_ALGORITHMS.contains(algorithm)) {
            return buildHmac(this.configuration);
        }
        if (KEY_ALGORITHMS.contains(algorithm)) {
            return buildFixedKey(this.configuration);
        }
        throw new RuntimeException("Unable to build algorithm for " + algorithm);
    }

    private Algorithm buildHmac(JwtAlgorithmConfiguration jwtAlgorithmConfiguration) {
        String str = (String) Objects.requireNonNull(jwtAlgorithmConfiguration.getSecret(), "secret cannot be null for HMAC");
        String algorithm = jwtAlgorithmConfiguration.getAlgorithm();
        boolean z = -1;
        switch (algorithm.hashCode()) {
            case 69015912:
                if (algorithm.equals("HS256")) {
                    z = false;
                    break;
                }
                break;
            case 69016964:
                if (algorithm.equals("HS384")) {
                    z = true;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                return Algorithm.HMAC256(str);
            case true:
                return Algorithm.HMAC384(str);
            default:
                return Algorithm.HMAC512(str);
        }
    }

    private Algorithm buildFixedKey(JwtAlgorithmConfiguration jwtAlgorithmConfiguration) {
        String str = (String) Objects.requireNonNull(jwtAlgorithmConfiguration.getPublicKeyFile(), "Public key is required for " + jwtAlgorithmConfiguration.getAlgorithm());
        String str2 = (String) Objects.requireNonNull(jwtAlgorithmConfiguration.getPrivateKeyFile(), "Private key is required for " + jwtAlgorithmConfiguration.getAlgorithm());
        byte[] keyContent = getKeyContent(str);
        byte[] keyContent2 = getKeyContent(str2);
        X509EncodedKeySpec x509EncodedKeySpec = new X509EncodedKeySpec(keyContent);
        PKCS8EncodedKeySpec pKCS8EncodedKeySpec = new PKCS8EncodedKeySpec(keyContent2);
        try {
            RSAPublicKey rSAPublicKey = (RSAPublicKey) getRsaKeyFactory().generatePublic(x509EncodedKeySpec);
            RSAPrivateKey rSAPrivateKey = (RSAPrivateKey) getRsaKeyFactory().generatePrivate(pKCS8EncodedKeySpec);
            String algorithm = jwtAlgorithmConfiguration.getAlgorithm();
            boolean z = -1;
            switch (algorithm.hashCode()) {
                case 78251122:
                    if (algorithm.equals("RS256")) {
                        z = false;
                        break;
                    }
                    break;
                case 78252174:
                    if (algorithm.equals("RS384")) {
                        z = true;
                        break;
                    }
                    break;
                case 78253877:
                    if (algorithm.equals("RS512")) {
                        z = 2;
                        break;
                    }
                    break;
            }
            switch (z) {
                case false:
                    return Algorithm.RSA256(rSAPublicKey, rSAPrivateKey);
                case true:
                    return Algorithm.RSA384(rSAPublicKey, rSAPrivateKey);
                case true:
                    return Algorithm.RSA512(rSAPublicKey, rSAPrivateKey);
                default:
                    throw new RuntimeException("unable to build RSA algorithm");
            }
        } catch (InvalidKeySpecException e) {
            throw new RuntimeException("Unable to parse certificate", e);
        }
    }

    private byte[] getKeyContent(String str) {
        try {
            return Base64.getDecoder().decode(IOUtils.toString(this.resourceLoader.getResource(str).getInputStream(), Charset.defaultCharset()).replace("-----BEGIN PRIVATE KEY-----", "").replace("-----END PRIVATE KEY-----", "").replaceAll("\\n", "").replace("-----BEGIN PUBLIC KEY-----", "").replace("-----END PUBLIC KEY-----", ""));
        } catch (IOException e) {
            throw new RuntimeException("Unable to load " + str, e);
        }
    }

    private static KeyFactory getRsaKeyFactory() {
        if (rsaKeyFactory == null) {
            try {
                rsaKeyFactory = KeyFactory.getInstance("RSA");
            } catch (NoSuchAlgorithmException e) {
                throw new RuntimeException("RSA algorithm unavailable", e);
            }
        }
        return rsaKeyFactory;
    }
}
