package com.atlassian.connect.spring.internal.jwt;

import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.OutputStream;
import java.io.UnsupportedEncodingException;
import java.net.URLEncoder;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.stream.Collectors;
import org.apache.commons.lang3.StringUtils;
import org.bouncycastle.util.encoders.Hex;

/* loaded from: input_file:com/atlassian/connect/spring/internal/jwt/HttpRequestCanonicalizer.class */
public class HttpRequestCanonicalizer {
    public static final String QUERY_STRING_HASH_CLAIM_NAME = "qsh";
    public static final String JWT_PARAM_NAME = "jwt";
    public static final char QUERY_PARAMS_SEPARATOR = '&';
    private static final String ENCODED_PARAM_VALUE_SEPARATOR = ",";
    private static final char CANONICAL_REQUEST_PART_SEPARATOR = '&';

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/atlassian/connect/spring/internal/jwt/HttpRequestCanonicalizer$ComparableParameter.class */
    public static class ComparableParameter implements Comparable<ComparableParameter> {
        final Map.Entry<String, String[]> parameter;
        private final String key;

        ComparableParameter(Map.Entry<String, String[]> entry) throws UnsupportedEncodingException {
            this.parameter = entry;
            String safeToString = HttpRequestCanonicalizer.safeToString(entry.getKey());
            List asList = Arrays.asList(entry.getValue());
            Collections.sort(asList);
            this.key = HttpRequestCanonicalizer.percentEncode(safeToString) + ' ' + HttpRequestCanonicalizer.percentEncode((String) asList.stream().collect(Collectors.joining(HttpRequestCanonicalizer.ENCODED_PARAM_VALUE_SEPARATOR)));
        }

        @Override // java.lang.Comparable
        public int compareTo(ComparableParameter comparableParameter) {
            return this.key.compareTo(comparableParameter.key);
        }

        public String toString() {
            return this.key;
        }
    }

    public static String canonicalize(CanonicalHttpRequest canonicalHttpRequest) throws UnsupportedEncodingException {
        return String.format("%s%s%s%s%s", canonicalizeMethod(canonicalHttpRequest), '&', canonicalizeUri(canonicalHttpRequest), '&', canonicalizeQueryParameters(canonicalHttpRequest));
    }

    public static String computeCanonicalRequestHash(CanonicalHttpRequest canonicalHttpRequest) throws UnsupportedEncodingException, NoSuchAlgorithmException {
        return computeSha256Hash(canonicalize(canonicalHttpRequest));
    }

    private static String computeSha256Hash(String str) throws NoSuchAlgorithmException, UnsupportedEncodingException {
        if (null == str) {
            throw new IllegalArgumentException("hashInput cannot be null");
        }
        MessageDigest messageDigest = MessageDigest.getInstance("SHA-256");
        byte[] bytes = str.getBytes();
        messageDigest.update(bytes, 0, bytes.length);
        return new String(Hex.encode(messageDigest.digest()));
    }

    private static String canonicalizeUri(CanonicalHttpRequest canonicalHttpRequest) throws UnsupportedEncodingException {
        String str = (String) StringUtils.defaultIfBlank(StringUtils.removeEnd(canonicalHttpRequest.getRelativePath(), "/"), "/");
        String valueOf = String.valueOf('&');
        String replaceAll = str.replaceAll(valueOf, percentEncode(valueOf));
        return replaceAll.startsWith("/") ? replaceAll : "/" + replaceAll;
    }

    private static String canonicalizeMethod(CanonicalHttpRequest canonicalHttpRequest) {
        return StringUtils.upperCase(canonicalHttpRequest.getMethod());
    }

    private static String canonicalizeQueryParameters(CanonicalHttpRequest canonicalHttpRequest) throws UnsupportedEncodingException {
        String str = "";
        if (null != canonicalHttpRequest.getParameterMap()) {
            ArrayList arrayList = new ArrayList(canonicalHttpRequest.getParameterMap().size());
            for (Map.Entry<String, String[]> entry : canonicalHttpRequest.getParameterMap().entrySet()) {
                if (!JWT_PARAM_NAME.equals(entry.getKey())) {
                    arrayList.add(new ComparableParameter(entry));
                }
            }
            Collections.sort(arrayList);
            str = percentEncode(getParameters(arrayList));
        }
        return str;
    }

    private static List<Map.Entry<String, String[]>> getParameters(Collection<ComparableParameter> collection) {
        if (collection == null) {
            return null;
        }
        ArrayList arrayList = new ArrayList(collection.size());
        Iterator<ComparableParameter> it = collection.iterator();
        while (it.hasNext()) {
            arrayList.add(it.next().parameter);
        }
        return arrayList;
    }

    private static String percentEncode(Iterable<? extends Map.Entry<String, String[]>> iterable) {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        try {
            percentEncode(iterable, byteArrayOutputStream);
            return new String(byteArrayOutputStream.toByteArray());
        } catch (IOException e) {
            throw new RuntimeException(e);
        }
    }

    private static void percentEncode(Iterable<? extends Map.Entry<String, String[]>> iterable, OutputStream outputStream) throws IOException {
        if (iterable != null) {
            boolean z = true;
            for (Map.Entry<String, String[]> entry : iterable) {
                if (z) {
                    z = false;
                } else {
                    outputStream.write(38);
                }
                outputStream.write(percentEncode(safeToString(entry.getKey())).getBytes());
                outputStream.write(61);
                ArrayList arrayList = new ArrayList(entry.getValue().length);
                for (String str : entry.getValue()) {
                    arrayList.add(percentEncode(str));
                }
                outputStream.write(((String) arrayList.stream().collect(Collectors.joining(ENCODED_PARAM_VALUE_SEPARATOR))).getBytes());
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static String percentEncode(String str) throws UnsupportedEncodingException {
        return str == null ? "" : URLEncoder.encode(str, "UTF-8").replace("+", "%20").replace("*", "%2A").replace("%7E", "~");
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static String safeToString(Object obj) {
        if (null == obj) {
            return null;
        }
        return obj.toString();
    }
}
