package nl.curavista.jwt;

import com.fasterxml.jackson.databind.JsonNode;
import com.fasterxml.jackson.databind.ObjectMapper;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.KeyFactory;
import java.security.PublicKey;
import java.security.Signature;
import java.security.spec.X509EncodedKeySpec;
import org.apache.commons.codec.binary.Base64;
import org.apache.log4j.Logger;

/* loaded from: input_file:nl/curavista/jwt/JWT.class */
public class JWT {
    private static final String HEADER_ALGORITHM_PARAMETER = "alg";
    private final String header;
    private final String payload;
    private final String signature;
    private static Logger log4j = Logger.getLogger(JWT.class);

    public JWT(String str) {
        String[] split = str.split("\\.");
        this.header = split.length > 0 ? split[0] : "";
        this.payload = split.length > 1 ? split[1] : "";
        this.signature = split.length > 2 ? split[2] : "";
        if (log4j.isDebugEnabled()) {
            log4j.debug("JWT header (base64 decoded): " + this.header);
            log4j.debug("JWT payload (base64 decoded): " + this.payload);
            log4j.debug("JWT signature (base64 decoded): " + this.signature);
        }
    }

    private JsonNode getDecodedHeaderObject() throws IOException {
        return new ObjectMapper().readTree(Base64.decodeBase64(this.header));
    }

    public JsonNode getDecodedPayloadObject() throws IOException {
        return new ObjectMapper().readTree(Base64.decodeBase64(this.payload));
    }

    public boolean checkSignatureWithPubKey(String str) throws IOException, GeneralSecurityException {
        if (this.header.isEmpty()) {
            throw new GeneralSecurityException("JWT header is missing");
        }
        JsonNode decodedHeaderObject = getDecodedHeaderObject();
        if (log4j.isDebugEnabled()) {
            log4j.debug("JWT Header: " + decodedHeaderObject.toString());
        }
        if (!decodedHeaderObject.has(HEADER_ALGORITHM_PARAMETER)) {
            throw new GeneralSecurityException("alg parameter not set in JWT header");
        }
        if (!decodedHeaderObject.findValue(HEADER_ALGORITHM_PARAMETER).asText().equals("RS256")) {
            throw new GeneralSecurityException("Invalid or unsupported alg parameter value in JWT header");
        }
        PublicKey pemPublicKey = getPemPublicKey(str, "RSA");
        Signature signature = Signature.getInstance("SHA256withRSA");
        signature.initVerify(pemPublicKey);
        signature.update((this.header + "." + this.payload).getBytes());
        boolean verify = signature.verify(Base64.decodeBase64(this.signature));
        if (log4j.isDebugEnabled()) {
            log4j.debug("JWT valid?: " + verify);
        }
        return verify;
    }

    private PublicKey getPemPublicKey(String str, String str2) throws IOException, GeneralSecurityException {
        File file = new File(str);
        int length = (int) file.length();
        FileInputStream fileInputStream = new FileInputStream(file);
        byte[] bArr = new byte[length];
        try {
            fileInputStream.read(bArr, 0, length);
            fileInputStream.close();
            String str3 = new String(bArr);
            if (log4j.isDebugEnabled()) {
                log4j.debug("Public key:\n " + str3);
            }
            String replace = str3.replace("-----BEGIN PUBLIC KEY-----\n", "").replace("-----END PUBLIC KEY-----", "");
            if (log4j.isDebugEnabled()) {
                log4j.debug("Public key without header / footer:\n " + replace);
            }
            PublicKey generatePublic = KeyFactory.getInstance(str2).generatePublic(new X509EncodedKeySpec(Base64.decodeBase64(replace.getBytes("UTF-8"))));
            if (log4j.isDebugEnabled()) {
                log4j.debug("Returning public key: " + generatePublic);
            }
            return generatePublic;
        } catch (Throwable th) {
            fileInputStream.close();
            throw th;
        }
    }
}
