package com.manydesigns.portofino.dispatcher.security.jwt;

import com.manydesigns.portofino.dispatcher.security.RolesPermission;
import io.jsonwebtoken.Claims;
import io.jsonwebtoken.Jws;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureAlgorithm;
import io.jsonwebtoken.io.Decoders;
import java.io.Serializable;
import java.util.Collection;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Map;
import java.util.Set;
import javax.crypto.spec.SecretKeySpec;
import org.apache.commons.configuration2.Configuration;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;

/* loaded from: input_file:com/manydesigns/portofino/dispatcher/security/jwt/JWTRealm.class */
public class JWTRealm extends AuthorizingRealm {
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        Set<String> roles = getRoles(principalCollection);
        SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo(roles);
        simpleAuthorizationInfo.addObjectPermission(new RolesPermission(roles));
        return simpleAuthorizationInfo;
    }

    protected Set<String> getRoles(PrincipalCollection principalCollection) {
        return getRoles(principalCollection.getPrimaryPrincipal());
    }

    protected Set<String> getRoles(Object obj) {
        HashSet hashSet = new HashSet();
        if (obj instanceof Map) {
            Object obj2 = ((Map) obj).get("roles");
            if (obj2 instanceof Collection) {
                hashSet.addAll((Collection) obj2);
            }
        }
        return hashSet;
    }

    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        return new SimpleAuthenticationInfo(getPrincipal(Jwts.parser().setSigningKey(new SecretKeySpec((byte[]) Decoders.BASE64.decode(getSecret()), getSignatureAlgorithm().getJcaName())).parseClaimsJws((String) authenticationToken.getPrincipal())), ((String) authenticationToken.getCredentials()).toCharArray(), getName());
    }

    protected SignatureAlgorithm getSignatureAlgorithm() {
        return SignatureAlgorithm.HS512;
    }

    protected Map<String, Serializable> getPrincipal(Jws<Claims> jws) {
        HashMap hashMap = new HashMap();
        hashMap.put("jwt", (Serializable) jws.getBody());
        return hashMap;
    }

    protected Configuration getConfiguration() {
        return null;
    }

    protected String getSecret() {
        return getConfiguration().getString("jwt.secret");
    }

    public boolean supports(AuthenticationToken authenticationToken) {
        return authenticationToken instanceof JSONWebToken;
    }
}
