package io.antmedia.filter;

import com.auth0.jwk.JwkException;
import com.auth0.jwk.UrlJwkProvider;
import com.auth0.jwt.JWT;
import com.auth0.jwt.algorithms.Algorithm;
import com.auth0.jwt.exceptions.JWTVerificationException;
import com.auth0.jwt.interfaces.DecodedJWT;
import io.antmedia.AppSettings;
import jakarta.servlet.FilterChain;
import jakarta.servlet.ServletException;
import jakarta.servlet.ServletRequest;
import jakarta.servlet.ServletResponse;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.util.Date;
import org.apache.commons.lang3.exception.ExceptionUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:io/antmedia/filter/JWTFilter.class */
public class JWTFilter extends AbstractFilter {
    protected static Logger log = LoggerFactory.getLogger(JWTFilter.class);
    public static final String JWT_TOKEN_HEADER = "Authorization";
    private AppSettings appSettings;

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        this.appSettings = getAppSettings();
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        if (this.appSettings == null) {
            ((HttpServletResponse) servletResponse).sendError(403, "Application is getting initialized");
        } else if (!this.appSettings.isJwtControlEnabled() || (httpServletRequest.getHeader(JWT_TOKEN_HEADER) != null && checkJWT(httpServletRequest.getHeader(JWT_TOKEN_HEADER)))) {
            filterChain.doFilter(servletRequest, servletResponse);
        } else {
            ((HttpServletResponse) servletResponse).sendError(403, "Invalid App JWT Token");
        }
    }

    private boolean checkJWT(String str) {
        String jwksURL = this.appSettings.getJwksURL();
        return (jwksURL == null || jwksURL.isEmpty()) ? isJWTTokenValid(this.appSettings.getJwtSecretKey(), str) : isJWKSTokenValid(this.appSettings.getJwksURL(), str);
    }

    private static boolean isJWKSTokenValid(String str, String str2) {
        boolean z = false;
        try {
            DecodedJWT decode = JWT.decode(str2);
            Algorithm.RSA256((RSAPublicKey) new UrlJwkProvider(str).get(decode.getKeyId()).getPublicKey(), (RSAPrivateKey) null).verify(decode);
            z = true;
        } catch (JwkException e) {
            logger.error(e.toString());
        } catch (JWTVerificationException e2) {
            logger.error(e2.toString());
        }
        return z;
    }

    public static boolean isJWTTokenValid(String str, String str2) {
        boolean z = false;
        try {
            JWT.require(Algorithm.HMAC256(str)).build().verify(str2);
            z = true;
        } catch (JWTVerificationException e) {
            logger.error("JWT token is not valid for a jwtToken. Error is {}", e.getMessage());
        }
        return z;
    }

    public static boolean isJWTTokenValid(String str, String str2, String str3) {
        boolean z = false;
        try {
            JWT.require(Algorithm.HMAC256(str)).withIssuer(str3).build().verify(str2);
            z = true;
        } catch (JWTVerificationException e) {
            logger.error("JWT token is not valid for issuer name: {}", str3);
        }
        return z;
    }

    public static boolean isJWTTokenValid(String str, String str2, String str3, String str4) {
        boolean z = false;
        try {
            JWT.require(Algorithm.HMAC256(str)).withClaim(str3, str4).build().verify(str2);
            z = true;
        } catch (JWTVerificationException e) {
            logger.error("JWT token is not valid for claim name: {}", str3);
        }
        return z;
    }

    public static String generateJwtToken(String str, long j, String str2, String str3) {
        String str4 = null;
        try {
            str4 = JWT.create().withExpiresAt(new Date(j)).withClaim(str2, str3).sign(Algorithm.HMAC256(str));
        } catch (Exception e) {
            logger.error(ExceptionUtils.getStackTrace(e));
        }
        return str4;
    }

    public static String generateJwtToken(String str, long j) {
        return generateJwtToken(str, j, "");
    }

    public static String generateJwtToken(String str, long j, String str2) {
        String str3 = null;
        try {
            str3 = JWT.create().withExpiresAt(new Date(j)).withIssuer(str2).sign(Algorithm.HMAC256(str));
        } catch (Exception e) {
            logger.error(ExceptionUtils.getStackTrace(e));
        }
        return str3;
    }
}
