package org.picketlink.xwidgets.jws;

import java.util.UUID;
import javax.enterprise.context.ApplicationScoped;
import javax.inject.Inject;
import javax.transaction.SystemException;
import javax.transaction.UserTransaction;
import org.picketlink.authentication.AuthenticationException;
import org.picketlink.idm.IdentityManager;
import org.picketlink.idm.PartitionManager;
import org.picketlink.idm.credential.Token;
import org.picketlink.idm.credential.storage.TokenCredentialStorage;
import org.picketlink.idm.model.Account;
import org.picketlink.idm.model.basic.Realm;
import org.picketlink.json.jose.JWSBuilder;

@ApplicationScoped
/* loaded from: input_file:org/picketlink/xwidgets/jws/JWSTokenProvider.class */
public class JWSTokenProvider implements Token.Provider<JWSToken> {

    @Inject
    private PartitionManager partitionManager;

    @Inject
    private IdentityManager identityManager;

    @Inject
    private UserTransaction userTransaction;

    /* renamed from: issue, reason: merged with bridge method [inline-methods] */
    public JWSToken m0issue(Account account) {
        JWSBuilder jWSBuilder = new JWSBuilder();
        jWSBuilder.id(UUID.randomUUID().toString()).rsa256(getPrivateKey()).issuer(account.getPartition().getName()).issuedAt(getCurrentTime()).subject(account.getId()).expiration(getCurrentTime() + 300).notBefore(getCurrentTime());
        JWSToken jWSToken = new JWSToken(jWSBuilder.build().encode());
        boolean z = true;
        try {
            z = 0 != this.userTransaction.getStatus();
            if (z) {
                this.userTransaction.begin();
            }
            this.identityManager.updateCredential(account, jWSToken);
            if (z) {
                this.userTransaction.commit();
            }
            return jWSToken;
        } catch (Exception e) {
            if (z) {
                try {
                    this.userTransaction.rollback();
                } catch (SystemException e2) {
                }
            }
            throw new AuthenticationException("Could not issue token for account [" + account + "]", e);
        }
    }

    public void invalidate(Account account) {
        getIdentityManager().removeCredential(account, TokenCredentialStorage.class);
    }

    private byte[] getPrivateKey() {
        return (byte[]) getPartition().getAttribute("PrivateKey").getValue();
    }

    private int getCurrentTime() {
        return (int) (System.currentTimeMillis() / 1000);
    }

    private Realm getPartition() {
        return this.partitionManager.getPartition(Realm.class, "default");
    }

    private IdentityManager getIdentityManager() {
        return this.partitionManager.createIdentityManager(getPartition());
    }

    public JWSToken renew(Account account, JWSToken jWSToken) {
        return m0issue(account);
    }

    public Class<JWSToken> getTokenType() {
        return JWSToken.class;
    }
}
