package org.dspace.app.rest.security.jwt;

import com.nimbusds.jose.JOSEException;
import com.nimbusds.jose.crypto.MACVerifier;
import com.nimbusds.jwt.JWTClaimsSet;
import com.nimbusds.jwt.SignedJWT;
import com.nimbusds.jwt.util.DateUtils;
import jakarta.servlet.http.HttpServletRequest;
import java.util.Date;
import org.apache.commons.lang3.StringUtils;
import org.dspace.core.Context;
import org.dspace.eperson.EPerson;
import org.springframework.stereotype.Component;

@Component
/* loaded from: input_file:org/dspace/app/rest/security/jwt/ShortLivedJWTTokenHandler.class */
public class ShortLivedJWTTokenHandler extends JWTTokenHandler {
    @Override // org.dspace.app.rest.security.jwt.JWTTokenHandler
    protected boolean isValidToken(HttpServletRequest httpServletRequest, SignedJWT signedJWT, JWTClaimsSet jWTClaimsSet, EPerson ePerson) throws JOSEException {
        if (ePerson == null || StringUtils.isBlank(ePerson.getSessionSalt())) {
            return false;
        }
        MACVerifier mACVerifier = new MACVerifier(buildSigningKey(ePerson));
        Date expirationTime = jWTClaimsSet.getExpirationTime();
        return signedJWT.verify(mACVerifier) && expirationTime != null && DateUtils.isAfter(expirationTime, new Date(), 0L);
    }

    @Override // org.dspace.app.rest.security.jwt.JWTTokenHandler
    protected EPerson updateSessionSalt(Context context, Date date) {
        return context.getCurrentUser();
    }

    @Override // org.dspace.app.rest.security.jwt.JWTTokenHandler
    protected String getTokenSecretConfigurationKey() {
        return "jwt.shortLived.token.secret";
    }

    @Override // org.dspace.app.rest.security.jwt.JWTTokenHandler
    protected String getEncryptionSecretConfigurationKey() {
        return "jwt.shortLived.encryption.secret";
    }

    @Override // org.dspace.app.rest.security.jwt.JWTTokenHandler
    protected String getTokenExpirationConfigurationKey() {
        return "jwt.shortLived.token.expiration";
    }

    @Override // org.dspace.app.rest.security.jwt.JWTTokenHandler
    protected String getEncryptionEnabledConfigurationKey() {
        return "jwt.shortLived.encryption.enabled";
    }

    @Override // org.dspace.app.rest.security.jwt.JWTTokenHandler
    protected String getCompressionEnabledConfigurationKey() {
        return "jwt.shortLived.compression.enabled";
    }
}
