package org.zowe.apiml.zaas.security.service;

import io.jsonwebtoken.Claims;
import io.jsonwebtoken.ExpiredJwtException;
import io.jsonwebtoken.JwtException;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.MalformedJwtException;
import java.nio.charset.StandardCharsets;
import java.util.Base64;
import lombok.Generated;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.zowe.apiml.security.common.token.TokenExpireException;
import org.zowe.apiml.security.common.token.TokenNotValidException;

/* loaded from: input_file:org/zowe/apiml/zaas/security/service/JwtUtils.class */
public final class JwtUtils {

    @Generated
    private static final Logger log = LoggerFactory.getLogger(JwtUtils.class);
    private static final String HEADER_NONE_SIGNATURE = Base64.getEncoder().encodeToString("{\"typ\":\"JWT\",\"alg\":\"none\"}".getBytes(StandardCharsets.UTF_8));
    private static final String TOKEN_IS_NOT_VALID_DUE_TO = "Token is not valid due to: {}.";

    public static Claims getJwtClaims(String str) {
        try {
            return (Claims) Jwts.parser().unsecured().build().parseUnsecuredClaims(removeJwtSign(str)).getPayload();
        } catch (RuntimeException e) {
            throw handleJwtParserException(e);
        }
    }

    public static String removeJwtSign(String str) {
        if (str == null) {
            return null;
        }
        int indexOf = str.indexOf(46);
        int lastIndexOf = str.lastIndexOf(46);
        if (indexOf < 0 || indexOf >= lastIndexOf) {
            throw new MalformedJwtException("Invalid JWT format");
        }
        return HEADER_NONE_SIGNATURE + str.substring(indexOf, lastIndexOf + 1);
    }

    public static RuntimeException handleJwtParserException(RuntimeException runtimeException) {
        if (runtimeException instanceof ExpiredJwtException) {
            ExpiredJwtException expiredJwtException = (ExpiredJwtException) runtimeException;
            log.debug("Token with id '{}' for user '{}' is expired.", expiredJwtException.getClaims().getId(), expiredJwtException.getClaims().getSubject());
            return new TokenExpireException("Token is expired.", runtimeException);
        }
        if (runtimeException instanceof JwtException) {
            log.debug(TOKEN_IS_NOT_VALID_DUE_TO, runtimeException.getMessage());
            return new TokenNotValidException("Token is not valid.", runtimeException);
        }
        log.debug(TOKEN_IS_NOT_VALID_DUE_TO, runtimeException.getMessage());
        return new TokenNotValidException("An internal error occurred while validating the token therefore the token is no longer valid.", runtimeException);
    }

    @Generated
    private JwtUtils() {
        throw new UnsupportedOperationException("This is a utility class and cannot be instantiated");
    }
}
