package com.microsoft.aad.adal4j;

import com.nimbusds.jose.JWSAlgorithm;
import com.nimbusds.jose.JWSHeader;
import com.nimbusds.jose.crypto.RSASSASigner;
import com.nimbusds.jose.util.Base64;
import com.nimbusds.jose.util.Base64URL;
import com.nimbusds.jwt.SignedJWT;
import java.security.interfaces.RSAPrivateKey;
import java.util.ArrayList;
import java.util.Date;

/* loaded from: input_file:WEB-INF/lib/adal4j-1.1.2.jar:com/microsoft/aad/adal4j/JwtHelper.class */
final class JwtHelper {
    JwtHelper() {
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static ClientAssertion buildJwt(AsymmetricKeyCredential asymmetricKeyCredential, String str) throws AuthenticationException {
        if (asymmetricKeyCredential == null) {
            throw new IllegalArgumentException("credential is null");
        }
        AdalJWTClaimsSet adalJWTClaimsSet = new AdalJWTClaimsSet();
        ArrayList arrayList = new ArrayList();
        arrayList.add(str);
        adalJWTClaimsSet.setAudience(arrayList);
        adalJWTClaimsSet.setIssuer(asymmetricKeyCredential.getClientId());
        long currentTimeMillis = System.currentTimeMillis();
        adalJWTClaimsSet.setNotBeforeTime(new Date(currentTimeMillis));
        adalJWTClaimsSet.setExpirationTime(new Date(currentTimeMillis + 600000));
        adalJWTClaimsSet.setSubject(asymmetricKeyCredential.getClientId());
        try {
            JWSHeader.Builder builder = new JWSHeader.Builder(JWSAlgorithm.RS256);
            ArrayList arrayList2 = new ArrayList();
            arrayList2.add(new Base64(asymmetricKeyCredential.getPublicCertificate()));
            builder.x509CertChain(arrayList2);
            builder.x509CertThumbprint(new Base64URL(asymmetricKeyCredential.getPublicCertificateHash()));
            SignedJWT signedJWT = new SignedJWT(builder.build(), adalJWTClaimsSet);
            signedJWT.sign(new RSASSASigner((RSAPrivateKey) asymmetricKeyCredential.getKey()));
            return new ClientAssertion(signedJWT.serialize());
        } catch (Exception e) {
            throw new AuthenticationException(e);
        }
    }
}
