package org.xdi.oxauth.client.model;

import java.io.UnsupportedEncodingException;
import java.net.URLEncoder;
import java.security.SecureRandom;
import org.apache.commons.configuration.tree.DefaultExpressionEngine;
import org.apache.commons.lang.StringUtils;
import org.apache.log4j.Logger;
import org.codehaus.jettison.json.JSONException;
import org.codehaus.jettison.json.JSONObject;
import org.xdi.oxauth.model.crypto.AbstractCryptoProvider;
import org.xdi.oxauth.model.crypto.encryption.BlockEncryptionAlgorithm;
import org.xdi.oxauth.model.crypto.encryption.KeyEncryptionAlgorithm;
import org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm;
import org.xdi.oxauth.model.exception.InvalidJwtException;
import org.xdi.oxauth.model.jwe.JweEncrypterImpl;
import org.xdi.oxauth.model.jwt.JwtHeader;
import org.xdi.oxauth.model.jwt.JwtStateClaimName;
import org.xdi.oxauth.model.jwt.JwtType;
import org.xdi.oxauth.model.util.Base64Util;
import org.xdi.oxauth.model.util.Pair;

/* loaded from: input_file:org/xdi/oxauth/client/model/JwtState.class */
public class JwtState {
    private static final Logger LOG = Logger.getLogger(JwtState.class);
    private JwtType type;
    private SignatureAlgorithm signatureAlgorithm;
    private KeyEncryptionAlgorithm keyEncryptionAlgorithm;
    private BlockEncryptionAlgorithm blockEncryptionAlgorithm;
    private String keyId;
    private String rfp;
    private String iat;
    private String exp;
    private String iss;
    private String aud;
    private String targetLinkUri;
    private String as;
    private String jti;
    private String atHash;
    private String cHash;
    private JSONObject additionalClaims;
    private String sharedKey;
    private AbstractCryptoProvider cryptoProvider;

    public JwtState(SignatureAlgorithm signatureAlgorithm, AbstractCryptoProvider abstractCryptoProvider) {
        this(signatureAlgorithm, abstractCryptoProvider, null, null, null);
    }

    public JwtState(SignatureAlgorithm signatureAlgorithm, String str, AbstractCryptoProvider abstractCryptoProvider) {
        this(signatureAlgorithm, abstractCryptoProvider, null, null, str);
    }

    public JwtState(KeyEncryptionAlgorithm keyEncryptionAlgorithm, BlockEncryptionAlgorithm blockEncryptionAlgorithm, AbstractCryptoProvider abstractCryptoProvider) {
        this(null, abstractCryptoProvider, keyEncryptionAlgorithm, blockEncryptionAlgorithm, null);
    }

    public JwtState(KeyEncryptionAlgorithm keyEncryptionAlgorithm, BlockEncryptionAlgorithm blockEncryptionAlgorithm, String str) {
        this(null, null, keyEncryptionAlgorithm, blockEncryptionAlgorithm, str);
    }

    private JwtState(SignatureAlgorithm signatureAlgorithm, AbstractCryptoProvider abstractCryptoProvider, KeyEncryptionAlgorithm keyEncryptionAlgorithm, BlockEncryptionAlgorithm blockEncryptionAlgorithm, String str) {
        this.type = JwtType.JWT;
        this.signatureAlgorithm = signatureAlgorithm;
        this.cryptoProvider = abstractCryptoProvider;
        this.keyEncryptionAlgorithm = keyEncryptionAlgorithm;
        this.blockEncryptionAlgorithm = blockEncryptionAlgorithm;
        this.sharedKey = str;
    }

    public JwtType getType() {
        return this.type;
    }

    public void setType(JwtType jwtType) {
        this.type = jwtType;
    }

    public SignatureAlgorithm getSignatureAlgorithm() {
        return this.signatureAlgorithm;
    }

    public void setSignatureAlgorithm(SignatureAlgorithm signatureAlgorithm) {
        this.signatureAlgorithm = signatureAlgorithm;
    }

    public KeyEncryptionAlgorithm getKeyEncryptionAlgorithm() {
        return this.keyEncryptionAlgorithm;
    }

    public void setKeyEncryptionAlgorithm(KeyEncryptionAlgorithm keyEncryptionAlgorithm) {
        this.keyEncryptionAlgorithm = keyEncryptionAlgorithm;
    }

    public BlockEncryptionAlgorithm getBlockEncryptionAlgorithm() {
        return this.blockEncryptionAlgorithm;
    }

    public void setBlockEncryptionAlgorithm(BlockEncryptionAlgorithm blockEncryptionAlgorithm) {
        this.blockEncryptionAlgorithm = blockEncryptionAlgorithm;
    }

    public String getKeyId() {
        return this.keyId;
    }

    public void setKeyId(String str) {
        this.keyId = str;
    }

    public String getRfp() {
        return this.rfp;
    }

    public void setRfp(String str) {
        this.rfp = str;
    }

    public String getIat() {
        return this.iat;
    }

    public void setIat(String str) {
        this.iat = str;
    }

    public String getExp() {
        return this.exp;
    }

    public void setExp(String str) {
        this.exp = str;
    }

    public String getIss() {
        return this.iss;
    }

    public void setIss(String str) {
        this.iss = str;
    }

    public String getAud() {
        return this.aud;
    }

    public void setAud(String str) {
        this.aud = str;
    }

    public String getTargetLinkUri() {
        return this.targetLinkUri;
    }

    public void setTargetLinkUri(String str) {
        this.targetLinkUri = str;
    }

    public String getAs() {
        return this.as;
    }

    public void setAs(String str) {
        this.as = str;
    }

    public String getJti() {
        return this.jti;
    }

    public void setJti(String str) {
        this.jti = str;
    }

    public String getAtHash() {
        return this.atHash;
    }

    public void setAtHash(String str) {
        this.atHash = str;
    }

    public String getcHash() {
        return this.cHash;
    }

    public void setcHash(String str) {
        this.cHash = str;
    }

    public JSONObject getAdditionalClaims() {
        return this.additionalClaims;
    }

    public void setAdditionalClaims(JSONObject jSONObject) {
        this.additionalClaims = jSONObject;
    }

    public String getEncodedJwt(JSONObject jSONObject) throws Exception {
        String str;
        JweEncrypterImpl jweEncrypterImpl;
        if (this.keyEncryptionAlgorithm != null && this.blockEncryptionAlgorithm != null) {
            if (this.cryptoProvider == null || jSONObject == null) {
                jweEncrypterImpl = new JweEncrypterImpl(this.keyEncryptionAlgorithm, this.blockEncryptionAlgorithm, this.sharedKey.getBytes("UTF-8"));
            } else {
                jweEncrypterImpl = new JweEncrypterImpl(this.keyEncryptionAlgorithm, this.blockEncryptionAlgorithm, this.cryptoProvider.getPublicKey(this.keyId, jSONObject));
            }
            String base64urlencode = Base64Util.base64urlencode(headerToJSONObject().toString().getBytes("UTF-8"));
            String base64urlencode2 = Base64Util.base64urlencode(payloadToJSONObject().toString().getBytes("UTF-8"));
            byte[] bArr = new byte[this.blockEncryptionAlgorithm.getCmkLength() / 8];
            SecureRandom secureRandom = new SecureRandom();
            secureRandom.nextBytes(bArr);
            String generateEncryptedKey = jweEncrypterImpl.generateEncryptedKey(bArr);
            byte[] bArr2 = new byte[this.blockEncryptionAlgorithm.getInitVectorLength() / 8];
            secureRandom.nextBytes(bArr2);
            String base64urlencode3 = Base64Util.base64urlencode(bArr2);
            Pair<String, String> generateCipherTextAndIntegrityValue = jweEncrypterImpl.generateCipherTextAndIntegrityValue(bArr, bArr2, (base64urlencode + DefaultExpressionEngine.DEFAULT_PROPERTY_DELIMITER + generateEncryptedKey + DefaultExpressionEngine.DEFAULT_PROPERTY_DELIMITER + base64urlencode3).getBytes("UTF-8"), base64urlencode2.getBytes("UTF-8"));
            str = base64urlencode + DefaultExpressionEngine.DEFAULT_PROPERTY_DELIMITER + generateEncryptedKey + DefaultExpressionEngine.DEFAULT_PROPERTY_DELIMITER + base64urlencode3 + DefaultExpressionEngine.DEFAULT_PROPERTY_DELIMITER + generateCipherTextAndIntegrityValue.getFirst() + DefaultExpressionEngine.DEFAULT_PROPERTY_DELIMITER + generateCipherTextAndIntegrityValue.getSecond();
        } else {
            if (this.cryptoProvider == null) {
                throw new Exception("The Crypto Provider cannot be null.");
            }
            JSONObject headerToJSONObject = headerToJSONObject();
            JSONObject payloadToJSONObject = payloadToJSONObject();
            String jSONObject2 = headerToJSONObject.toString();
            String jSONObject3 = payloadToJSONObject.toString();
            String base64urlencode4 = Base64Util.base64urlencode(jSONObject2.getBytes("UTF-8"));
            String base64urlencode5 = Base64Util.base64urlencode(jSONObject3.getBytes("UTF-8"));
            str = base64urlencode4 + DefaultExpressionEngine.DEFAULT_PROPERTY_DELIMITER + base64urlencode5 + DefaultExpressionEngine.DEFAULT_PROPERTY_DELIMITER + this.cryptoProvider.sign(base64urlencode4 + DefaultExpressionEngine.DEFAULT_PROPERTY_DELIMITER + base64urlencode5, this.keyId, this.sharedKey, this.signatureAlgorithm);
        }
        return str;
    }

    public String getEncodedJwt() throws Exception {
        return getEncodedJwt(null);
    }

    protected JSONObject headerToJSONObject() throws InvalidJwtException {
        JwtHeader jwtHeader = new JwtHeader();
        jwtHeader.setType(this.type);
        if (this.keyEncryptionAlgorithm == null || this.blockEncryptionAlgorithm == null) {
            jwtHeader.setAlgorithm(this.signatureAlgorithm);
        } else {
            jwtHeader.setAlgorithm(this.keyEncryptionAlgorithm);
            jwtHeader.setEncryptionMethod(this.blockEncryptionAlgorithm);
        }
        jwtHeader.setKeyId(this.keyId);
        return jwtHeader.toJsonObject();
    }

    protected JSONObject payloadToJSONObject() throws JSONException {
        JSONObject jSONObject = new JSONObject();
        try {
            if (StringUtils.isNotBlank(this.rfp)) {
                jSONObject.put(JwtStateClaimName.RFP, this.rfp);
            }
            if (StringUtils.isNotBlank(this.keyId)) {
                jSONObject.put("kid", this.keyId);
            }
            if (StringUtils.isNotBlank(this.iat)) {
                jSONObject.put("iat", this.iat);
            }
            if (StringUtils.isNotBlank(this.exp)) {
                jSONObject.put("exp", this.exp);
            }
            if (StringUtils.isNotBlank(this.iss)) {
                jSONObject.put("iss", this.iss);
            }
            if (StringUtils.isNotBlank(this.aud)) {
                jSONObject.put("aud", this.aud);
            }
            if (StringUtils.isNotBlank(this.targetLinkUri)) {
                jSONObject.put(JwtStateClaimName.TARGET_LINK_URI, URLEncoder.encode(this.targetLinkUri, "UTF-8"));
            }
            if (StringUtils.isNotBlank(this.as)) {
                jSONObject.put("as", this.as);
            }
            if (StringUtils.isNotBlank(this.jti)) {
                jSONObject.put("jti", this.jti);
            }
            if (StringUtils.isNotBlank(this.atHash)) {
                jSONObject.put("at_hash", this.atHash);
            }
            if (StringUtils.isNotBlank(this.cHash)) {
                jSONObject.put("c_hash", this.cHash);
            }
            if (this.additionalClaims != null) {
                jSONObject.put(JwtStateClaimName.ADDITIONAL_CLAIMS, this.additionalClaims);
            }
        } catch (UnsupportedEncodingException e) {
            e.printStackTrace();
        }
        return jSONObject;
    }
}
