package org.cloudfoundry.identity.uaa.oauth.jwk;

import com.fasterxml.jackson.databind.annotation.JsonDeserialize;
import com.fasterxml.jackson.databind.annotation.JsonSerialize;
import java.math.BigInteger;
import java.nio.charset.StandardCharsets;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.PublicKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.RSAPublicKeySpec;
import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.stream.Collectors;
import org.apache.batik.util.SVGConstants;
import org.apache.commons.codec.binary.Base64;
import org.springframework.util.StringUtils;

@JsonDeserialize(using = JsonWebKeyDeserializer.class)
@JsonSerialize(using = JsonWebKeySerializer.class)
/* loaded from: input_file:WEB-INF/lib/cloudfoundry-identity-model-4.8.3.jar:org/cloudfoundry/identity/uaa/oauth/jwk/JsonWebKey.class */
public class JsonWebKey {
    private final Map<String, Object> json;

    /* loaded from: input_file:WEB-INF/lib/cloudfoundry-identity-model-4.8.3.jar:org/cloudfoundry/identity/uaa/oauth/jwk/JsonWebKey$KeyOperation.class */
    public enum KeyOperation {
        sign,
        verify,
        encrypt,
        decrypt,
        wrapKey,
        unwrapKey,
        deriveKey,
        deriveBits
    }

    /* loaded from: input_file:WEB-INF/lib/cloudfoundry-identity-model-4.8.3.jar:org/cloudfoundry/identity/uaa/oauth/jwk/JsonWebKey$KeyType.class */
    public enum KeyType {
        RSA,
        MAC
    }

    /* loaded from: input_file:WEB-INF/lib/cloudfoundry-identity-model-4.8.3.jar:org/cloudfoundry/identity/uaa/oauth/jwk/JsonWebKey$KeyUse.class */
    public enum KeyUse {
        sig,
        enc
    }

    public JsonWebKey(Map<String, Object> map) {
        if (map.get("kty") == null) {
            throw new IllegalArgumentException("kty field is required");
        }
        KeyType.valueOf((String) map.get("kty"));
        this.json = new HashMap(map);
    }

    public Map<String, Object> getKeyProperties() {
        return Collections.unmodifiableMap(this.json);
    }

    public final KeyType getKty() {
        return KeyType.valueOf((String) getKeyProperties().get("kty"));
    }

    public final String getKid() {
        return (String) getKeyProperties().get("kid");
    }

    public JsonWebKey setKid(String str) {
        this.json.put("kid", str);
        return this;
    }

    public final KeyUse getUse() {
        String str = (String) getKeyProperties().get("use");
        KeyUse keyUse = null;
        if (StringUtils.hasText(str)) {
            keyUse = KeyUse.valueOf(str);
        }
        return keyUse;
    }

    public boolean equals(Object obj) {
        if (this == obj) {
            return true;
        }
        if (!(obj instanceof JsonWebKey)) {
            return false;
        }
        JsonWebKey jsonWebKey = (JsonWebKey) obj;
        return getKid() != null ? getKid().equals(jsonWebKey.getKid()) : jsonWebKey.getKid() == null && getKeyProperties().equals(jsonWebKey.getKeyProperties());
    }

    public int hashCode() {
        return getKid() == null ? getKty().hashCode() : getKid().hashCode();
    }

    public String getAlgorithm() {
        return (String) getKeyProperties().get("alg");
    }

    public String getValue() {
        String str = (String) getKeyProperties().get("value");
        if (str == null) {
            if (KeyType.RSA.equals(getKty())) {
                str = pemEncodePublicKey(getRsaPublicKey(this));
                this.json.put("value", str);
            } else if (KeyType.MAC.equals(getKty())) {
                str = (String) getKeyProperties().get(SVGConstants.SVG_K_ATTRIBUTE);
                this.json.put("value", str);
            }
        }
        return str;
    }

    public Set<KeyOperation> getKeyOps() {
        List list = (List) getKeyProperties().get("key_ops");
        if (list == null) {
            list = Collections.emptyList();
        }
        return (Set) list.stream().map(str -> {
            return KeyOperation.valueOf(str);
        }).collect(Collectors.toSet());
    }

    public static String pemEncodePublicKey(PublicKey publicKey) {
        return "-----BEGIN PUBLIC KEY-----\n" + new String(new Base64(false).encode(publicKey.getEncoded())) + "\n-----END PUBLIC KEY-----";
    }

    public static PublicKey getRsaPublicKey(JsonWebKey jsonWebKey) {
        Base64 base64 = new Base64(true);
        String str = (String) jsonWebKey.getKeyProperties().get("e");
        try {
            return KeyFactory.getInstance("RSA").generatePublic(new RSAPublicKeySpec(new BigInteger(1, base64.decode(((String) jsonWebKey.getKeyProperties().get("n")).getBytes(StandardCharsets.UTF_8))), new BigInteger(1, base64.decode(str.getBytes(StandardCharsets.UTF_8)))));
        } catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
            throw new IllegalStateException(e);
        }
    }
}
