package com.atlassian.confluence.plugins.remotepageview.jwt;

import com.atlassian.confluence.setup.settings.SettingsManager;
import com.atlassian.jwt.SigningAlgorithm;
import com.atlassian.jwt.core.HttpRequestCanonicalizer;
import com.atlassian.jwt.core.TimeUtil;
import com.atlassian.jwt.core.writer.JsonSmartJwtJsonBuilder;
import com.atlassian.jwt.core.writer.JwtClaimsBuilder;
import com.atlassian.jwt.core.writer.NimbusJwtWriterFactory;
import com.atlassian.jwt.httpclient.CanonicalHttpUriRequest;
import com.atlassian.jwt.writer.JwtJsonBuilder;
import java.io.UnsupportedEncodingException;
import java.net.URI;
import java.security.NoSuchAlgorithmException;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import javax.annotation.Nonnull;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import org.springframework.util.MultiValueMap;
import org.springframework.web.util.UriComponentsBuilder;

@Component
/* loaded from: input_file:com/atlassian/confluence/plugins/remotepageview/jwt/JwtTokenGenerator.class */
public class JwtTokenGenerator {
    private static final Logger LOGGER = LoggerFactory.getLogger(JwtTokenGenerator.class);
    private static final String JWT_EXPIRY_SECONDS_PROPERTY = "com.atlassian.remote_page_view.jwt.expiry_seconds";
    private static final int JWT_EXPIRY_WINDOW_SECONDS_DEFAULT = 10;
    static final int JWT_EXPIRY_WINDOW_SECONDS = Integer.getInteger(JWT_EXPIRY_SECONDS_PROPERTY, JWT_EXPIRY_WINDOW_SECONDS_DEFAULT).intValue();
    public static final String USER_KEY = "userKey";
    private final SettingsManager settingsManager;
    private final RemotePageViewJwtIssuer jwtIssuer;

    @Autowired
    public JwtTokenGenerator(RemotePageViewJwtIssuer remotePageViewJwtIssuer, SettingsManager settingsManager) {
        this.jwtIssuer = remotePageViewJwtIssuer;
        this.settingsManager = settingsManager;
    }

    public String generate(String str, String str2, URI uri, String str3) {
        return encodeJwt(str2, uri, URI.create(this.settingsManager.getGlobalSettings().getBaseUrl()), this.jwtIssuer.getSharedSecret(), str3, str, this.jwtIssuer.getName());
    }

    private String encodeJwt(@Nonnull String str, @Nonnull URI uri, @Nonnull URI uri2, @Nonnull String str2, String str3, String str4, String str5) {
        Objects.requireNonNull(str);
        Objects.requireNonNull(uri);
        Objects.requireNonNull(uri2);
        Objects.requireNonNull(str2);
        JwtJsonBuilder createJsonBuilder = createJsonBuilder(str3, str5, str4);
        try {
            CanonicalHttpUriRequest createCanonicalHttpRequest = createCanonicalHttpRequest(str, uri, uri2);
            if (LOGGER.isDebugEnabled()) {
                LOGGER.debug("Canonical request is: {}", HttpRequestCanonicalizer.canonicalize(createCanonicalHttpRequest));
            }
            JwtClaimsBuilder.appendHttpRequestClaims(createJsonBuilder, createCanonicalHttpRequest);
            return new NimbusJwtWriterFactory().macSigningWriter(SigningAlgorithm.HS256, str2).jsonToJwt(createJsonBuilder.build());
        } catch (UnsupportedEncodingException | NoSuchAlgorithmException e) {
            LOGGER.error("Error generating Jwt token for user {}", str3, e);
            throw new RuntimeException(e);
        }
    }

    private JwtJsonBuilder createJsonBuilder(String str, String str2, String str3) {
        return new JsonSmartJwtJsonBuilder().issuedAt(TimeUtil.currentTimeSeconds()).expirationTime(TimeUtil.currentTimePlusNSeconds(JWT_EXPIRY_WINDOW_SECONDS)).issuer(str2).subject(str3).claim(USER_KEY, str);
    }

    private CanonicalHttpUriRequest createCanonicalHttpRequest(String str, URI uri, URI uri2) {
        return new CanonicalHttpUriRequest(str, uri.getPath(), uri2.getPath(), paramsToArrayMap(UriComponentsBuilder.fromUri(uri).build().getQueryParams()));
    }

    private static Map<String, String[]> paramsToArrayMap(MultiValueMap<String, String> multiValueMap) {
        HashMap hashMap = new HashMap();
        for (Map.Entry entry : multiValueMap.entrySet()) {
            hashMap.put((String) entry.getKey(), (String[]) ((List) entry.getValue()).toArray(new String[0]));
        }
        return hashMap;
    }
}
