package org.wso2.carbon.apimgt.gateway.handlers.security.jwt;

import com.nimbusds.jwt.util.DateUtils;
import java.util.Base64;
import java.util.Date;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Map;
import javax.cache.Cache;
import net.minidev.json.JSONObject;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.synapse.MessageContext;
import org.apache.synapse.core.axis2.Axis2MessageContext;
import org.aspectj.lang.JoinPoint;
import org.aspectj.runtime.internal.AroundClosure;
import org.aspectj.runtime.internal.Conversions;
import org.aspectj.runtime.reflect.Factory;
import org.wso2.carbon.apimgt.api.APIManagementException;
import org.wso2.carbon.apimgt.api.model.KeyManager;
import org.wso2.carbon.apimgt.common.gateway.dto.JWTInfoDto;
import org.wso2.carbon.apimgt.common.gateway.dto.JWTValidationInfo;
import org.wso2.carbon.apimgt.common.gateway.exception.JWTGeneratorException;
import org.wso2.carbon.apimgt.common.gateway.jwtgenerator.AbstractAPIMgtGatewayJWTGenerator;
import org.wso2.carbon.apimgt.gateway.APIMgtGatewayConstants;
import org.wso2.carbon.apimgt.gateway.MethodStats;
import org.wso2.carbon.apimgt.gateway.MethodTimeLogger;
import org.wso2.carbon.apimgt.gateway.handlers.Utils;
import org.wso2.carbon.apimgt.gateway.handlers.security.APIKeyValidator;
import org.wso2.carbon.apimgt.gateway.handlers.security.APISecurityConstants;
import org.wso2.carbon.apimgt.gateway.handlers.security.APISecurityException;
import org.wso2.carbon.apimgt.gateway.handlers.security.AuthenticationContext;
import org.wso2.carbon.apimgt.gateway.handlers.streaming.websocket.WebSocketApiConstants;
import org.wso2.carbon.apimgt.gateway.internal.ServiceReferenceHolder;
import org.wso2.carbon.apimgt.gateway.jwt.RevokedJWTDataHolder;
import org.wso2.carbon.apimgt.gateway.threatprotection.utils.ThreatProtectorConstants;
import org.wso2.carbon.apimgt.gateway.utils.GatewayUtils;
import org.wso2.carbon.apimgt.impl.APIManagerConfiguration;
import org.wso2.carbon.apimgt.impl.caching.CacheProvider;
import org.wso2.carbon.apimgt.impl.dto.APIKeyValidationInfoDTO;
import org.wso2.carbon.apimgt.impl.dto.ExtendedJWTConfigurationDto;
import org.wso2.carbon.apimgt.impl.factory.KeyManagerHolder;
import org.wso2.carbon.apimgt.impl.jwt.JWTValidationService;
import org.wso2.carbon.apimgt.impl.jwt.SignedJWTInfo;
import org.wso2.carbon.apimgt.impl.utils.APIUtil;
import org.wso2.carbon.apimgt.impl.utils.SigningUtil;
import org.wso2.carbon.apimgt.keymgt.service.TokenValidationContext;
import org.wso2.carbon.context.CarbonContext;
import org.wso2.carbon.context.PrivilegedCarbonContext;
import org.wso2.carbon.identity.oauth.config.OAuthServerConfiguration;

/* loaded from: input_file:org/wso2/carbon/apimgt/gateway/handlers/security/jwt/JWTValidator.class */
public class JWTValidator {
    private static final Log log;
    private boolean isGatewayTokenCacheEnabled;
    private APIKeyValidator apiKeyValidator;
    private boolean jwtGenerationEnabled;
    private AbstractAPIMgtGatewayJWTGenerator apiMgtGatewayJWTGenerator;
    ExtendedJWTConfigurationDto jwtConfigurationDto;
    JWTValidationService jwtValidationService;
    private static volatile long ttl;
    private static final JoinPoint.StaticPart ajc$tjp_0 = null;
    private static final JoinPoint.StaticPart ajc$tjp_1 = null;
    private static final JoinPoint.StaticPart ajc$tjp_2 = null;
    private static final JoinPoint.StaticPart ajc$tjp_3 = null;
    private static final JoinPoint.StaticPart ajc$tjp_4 = null;
    private static final JoinPoint.StaticPart ajc$tjp_5 = null;
    private static final JoinPoint.StaticPart ajc$tjp_6 = null;
    private static final JoinPoint.StaticPart ajc$tjp_7 = null;
    private static final JoinPoint.StaticPart ajc$tjp_8 = null;
    private static final JoinPoint.StaticPart ajc$tjp_9 = null;
    private static final JoinPoint.StaticPart ajc$tjp_10 = null;
    private static final JoinPoint.StaticPart ajc$tjp_11 = null;
    private static final JoinPoint.StaticPart ajc$tjp_12 = null;
    private static final JoinPoint.StaticPart ajc$tjp_13 = null;
    private static final JoinPoint.StaticPart ajc$tjp_14 = null;
    private static final JoinPoint.StaticPart ajc$tjp_15 = null;
    private static final JoinPoint.StaticPart ajc$tjp_16 = null;

    /* loaded from: input_file:org/wso2/carbon/apimgt/gateway/handlers/security/jwt/JWTValidator$AjcClosure1.class */
    public class AjcClosure1 extends AroundClosure {
        public AjcClosure1(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return JWTValidator.authenticate_aroundBody0((JWTValidator) objArr2[0], (SignedJWTInfo) objArr2[1], (MessageContext) objArr2[2], (JoinPoint) objArr2[3]);
        }
    }

    /* loaded from: input_file:org/wso2/carbon/apimgt/gateway/handlers/security/jwt/JWTValidator$AjcClosure11.class */
    public class AjcClosure11 extends AroundClosure {
        public AjcClosure11(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return JWTValidator.validateSubscriptionUsingKeyManager_aroundBody10((JWTValidator) objArr2[0], (String) objArr2[1], (String) objArr2[2], (JWTValidationInfo) objArr2[3], (JoinPoint) objArr2[4]);
        }
    }

    /* loaded from: input_file:org/wso2/carbon/apimgt/gateway/handlers/security/jwt/JWTValidator$AjcClosure13.class */
    public class AjcClosure13 extends AroundClosure {
        public AjcClosure13(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return JWTValidator.authenticateForWebSocket_aroundBody12((JWTValidator) objArr2[0], (SignedJWTInfo) objArr2[1], (String) objArr2[2], (String) objArr2[3], (String) objArr2[4], (JoinPoint) objArr2[5]);
        }
    }

    /* loaded from: input_file:org/wso2/carbon/apimgt/gateway/handlers/security/jwt/JWTValidator$AjcClosure15.class */
    public class AjcClosure15 extends AroundClosure {
        public AjcClosure15(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            JWTValidator.validateScopes_aroundBody14((JWTValidator) objArr2[0], (String) objArr2[1], (String) objArr2[2], (String) objArr2[3], (String) objArr2[4], (JWTValidationInfo) objArr2[5], (SignedJWTInfo) objArr2[6], (JoinPoint) objArr2[7]);
            return null;
        }
    }

    /* loaded from: input_file:org/wso2/carbon/apimgt/gateway/handlers/security/jwt/JWTValidator$AjcClosure17.class */
    public class AjcClosure17 extends AroundClosure {
        public AjcClosure17(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return JWTValidator.checkTokenExpiration_aroundBody16((JWTValidator) objArr2[0], (String) objArr2[1], (JWTValidationInfo) objArr2[2], (String) objArr2[3], (JoinPoint) objArr2[4]);
        }
    }

    /* loaded from: input_file:org/wso2/carbon/apimgt/gateway/handlers/security/jwt/JWTValidator$AjcClosure19.class */
    public class AjcClosure19 extends AroundClosure {
        public AjcClosure19(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return Conversions.longObject(JWTValidator.getTimeStampSkewInSeconds_aroundBody18((JWTValidator) objArr2[0], (JoinPoint) objArr2[1]));
        }
    }

    /* loaded from: input_file:org/wso2/carbon/apimgt/gateway/handlers/security/jwt/JWTValidator$AjcClosure21.class */
    public class AjcClosure21 extends AroundClosure {
        public AjcClosure21(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return JWTValidator.getJwtValidationInfo_aroundBody20((JWTValidator) objArr2[0], (SignedJWTInfo) objArr2[1], (String) objArr2[2], (JoinPoint) objArr2[3]);
        }
    }

    /* loaded from: input_file:org/wso2/carbon/apimgt/gateway/handlers/security/jwt/JWTValidator$AjcClosure23.class */
    public class AjcClosure23 extends AroundClosure {
        public AjcClosure23(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return JWTValidator.getJWTTokenIdentifier_aroundBody22((JWTValidator) objArr2[0], (SignedJWTInfo) objArr2[1], (JoinPoint) objArr2[2]);
        }
    }

    /* loaded from: input_file:org/wso2/carbon/apimgt/gateway/handlers/security/jwt/JWTValidator$AjcClosure25.class */
    public class AjcClosure25 extends AroundClosure {
        public AjcClosure25(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return JWTValidator.getGatewayTokenCache_aroundBody24((JWTValidator) objArr2[0], (JoinPoint) objArr2[1]);
        }
    }

    /* loaded from: input_file:org/wso2/carbon/apimgt/gateway/handlers/security/jwt/JWTValidator$AjcClosure27.class */
    public class AjcClosure27 extends AroundClosure {
        public AjcClosure27(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return JWTValidator.getInvalidTokenCache_aroundBody26((JWTValidator) objArr2[0], (JoinPoint) objArr2[1]);
        }
    }

    /* loaded from: input_file:org/wso2/carbon/apimgt/gateway/handlers/security/jwt/JWTValidator$AjcClosure29.class */
    public class AjcClosure29 extends AroundClosure {
        public AjcClosure29(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return JWTValidator.getGatewayKeyCache_aroundBody28((JWTValidator) objArr2[0], (JoinPoint) objArr2[1]);
        }
    }

    /* loaded from: input_file:org/wso2/carbon/apimgt/gateway/handlers/security/jwt/JWTValidator$AjcClosure3.class */
    public class AjcClosure3 extends AroundClosure {
        public AjcClosure3(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return Conversions.longObject(JWTValidator.getTtl_aroundBody2((JWTValidator) objArr2[0], (JoinPoint) objArr2[1]));
        }
    }

    /* loaded from: input_file:org/wso2/carbon/apimgt/gateway/handlers/security/jwt/JWTValidator$AjcClosure31.class */
    public class AjcClosure31 extends AroundClosure {
        public AjcClosure31(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return JWTValidator.getGatewayJWTTokenCache_aroundBody30((JWTValidator) objArr2[0], (JoinPoint) objArr2[1]);
        }
    }

    /* loaded from: input_file:org/wso2/carbon/apimgt/gateway/handlers/security/jwt/JWTValidator$AjcClosure33.class */
    public class AjcClosure33 extends AroundClosure {
        public AjcClosure33(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return JWTValidator.getUserClaimsFromKeyManager_aroundBody32((JWTValidator) objArr2[0], (JWTInfoDto) objArr2[1], (JoinPoint) objArr2[2]);
        }
    }

    /* loaded from: input_file:org/wso2/carbon/apimgt/gateway/handlers/security/jwt/JWTValidator$AjcClosure5.class */
    public class AjcClosure5 extends AroundClosure {
        public AjcClosure5(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return JWTValidator.generateAndRetrieveJWTToken_aroundBody4((JWTValidator) objArr2[0], (String) objArr2[1], (JWTInfoDto) objArr2[2], (JoinPoint) objArr2[3]);
        }
    }

    /* loaded from: input_file:org/wso2/carbon/apimgt/gateway/handlers/security/jwt/JWTValidator$AjcClosure7.class */
    public class AjcClosure7 extends AroundClosure {
        public AjcClosure7(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            JWTValidator.includeUserStoreClaimsIntoClaims_aroundBody6((JWTValidator) objArr2[0], (JWTInfoDto) objArr2[1], (JoinPoint) objArr2[2]);
            return null;
        }
    }

    /* loaded from: input_file:org/wso2/carbon/apimgt/gateway/handlers/security/jwt/JWTValidator$AjcClosure9.class */
    public class AjcClosure9 extends AroundClosure {
        public AjcClosure9(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return JWTValidator.validateSubscriptionUsingKeyManager_aroundBody8((JWTValidator) objArr2[0], (MessageContext) objArr2[1], (JWTValidationInfo) objArr2[2], (JoinPoint) objArr2[3]);
        }
    }

    static {
        ajc$preClinit();
        log = LogFactory.getLog(JWTValidator.class);
        ttl = -1L;
    }

    public JWTValidator(APIKeyValidator aPIKeyValidator, String str) throws APIManagementException {
        int tenantIdFromTenantDomain = APIUtil.getTenantIdFromTenantDomain(str);
        this.isGatewayTokenCacheEnabled = GatewayUtils.isGatewayTokenCacheEnabled();
        this.apiKeyValidator = aPIKeyValidator;
        this.jwtConfigurationDto = ServiceReferenceHolder.getInstance().getAPIManagerConfiguration().getJwtConfigurationDto();
        this.jwtGenerationEnabled = this.jwtConfigurationDto.isEnabled();
        this.apiMgtGatewayJWTGenerator = ServiceReferenceHolder.getInstance().getApiMgtGatewayJWTGenerator().get(this.jwtConfigurationDto.getGatewayJWTGeneratorImpl());
        if (this.jwtGenerationEnabled) {
            if (this.jwtConfigurationDto.isTenantBasedSigningEnabled()) {
                this.jwtConfigurationDto.setPublicCert(SigningUtil.getPublicCertificate(tenantIdFromTenantDomain));
                this.jwtConfigurationDto.setPrivateKey(SigningUtil.getSigningKey(tenantIdFromTenantDomain));
            } else {
                this.jwtConfigurationDto.setPublicCert(ServiceReferenceHolder.getInstance().getPublicCert());
                this.jwtConfigurationDto.setPrivateKey(ServiceReferenceHolder.getInstance().getPrivateKey());
            }
            this.jwtConfigurationDto.setTtl(getTtl());
            this.apiMgtGatewayJWTGenerator.setJWTConfigurationDto(this.jwtConfigurationDto);
        }
        this.jwtValidationService = ServiceReferenceHolder.getInstance().getJwtValidationService();
    }

    protected JWTValidator(String str, boolean z, APIKeyValidator aPIKeyValidator, boolean z2, AbstractAPIMgtGatewayJWTGenerator abstractAPIMgtGatewayJWTGenerator, ExtendedJWTConfigurationDto extendedJWTConfigurationDto, JWTValidationService jWTValidationService) {
        this.isGatewayTokenCacheEnabled = z;
        this.apiKeyValidator = aPIKeyValidator;
        this.jwtGenerationEnabled = z2;
        this.apiMgtGatewayJWTGenerator = abstractAPIMgtGatewayJWTGenerator;
        this.jwtConfigurationDto = extendedJWTConfigurationDto;
        this.jwtValidationService = jWTValidationService;
    }

    @MethodStats
    public AuthenticationContext authenticate(SignedJWTInfo signedJWTInfo, MessageContext messageContext) throws APISecurityException {
        JoinPoint makeJP = Factory.makeJP(ajc$tjp_0, this, this, signedJWTInfo, messageContext);
        return ((this != null && getClass().isAnnotationPresent(MethodStats.class) && MethodTimeLogger.isConfigEnabled()) || MethodTimeLogger.isConfigEnabled() || (MethodTimeLogger.isConfigEnabled() && MethodTimeLogger.pointCutAll())) ? (AuthenticationContext) MethodTimeLogger.aspectOf().log(new AjcClosure1(new Object[]{this, signedJWTInfo, messageContext, makeJP}).linkClosureAndJoinPoint(69648)) : authenticate_aroundBody0(this, signedJWTInfo, messageContext, makeJP);
    }

    private long getTtl() {
        JoinPoint makeJP = Factory.makeJP(ajc$tjp_1, this, this);
        return ((this != null && getClass().isAnnotationPresent(MethodStats.class) && MethodTimeLogger.isConfigEnabled()) || (MethodTimeLogger.isConfigEnabled() && MethodTimeLogger.pointCutAll())) ? Conversions.longValue(MethodTimeLogger.aspectOf().log(new AjcClosure3(new Object[]{this, makeJP}).linkClosureAndJoinPoint(69648))) : getTtl_aroundBody2(this, makeJP);
    }

    private String generateAndRetrieveJWTToken(String str, JWTInfoDto jWTInfoDto) throws APISecurityException {
        JoinPoint makeJP = Factory.makeJP(ajc$tjp_2, this, this, str, jWTInfoDto);
        return ((this != null && getClass().isAnnotationPresent(MethodStats.class) && MethodTimeLogger.isConfigEnabled()) || (MethodTimeLogger.isConfigEnabled() && MethodTimeLogger.pointCutAll())) ? (String) MethodTimeLogger.aspectOf().log(new AjcClosure5(new Object[]{this, str, jWTInfoDto, makeJP}).linkClosureAndJoinPoint(69648)) : generateAndRetrieveJWTToken_aroundBody4(this, str, jWTInfoDto, makeJP);
    }

    private void includeUserStoreClaimsIntoClaims(JWTInfoDto jWTInfoDto) {
        JoinPoint makeJP = Factory.makeJP(ajc$tjp_3, this, this, jWTInfoDto);
        if ((this != null && getClass().isAnnotationPresent(MethodStats.class) && MethodTimeLogger.isConfigEnabled()) || (MethodTimeLogger.isConfigEnabled() && MethodTimeLogger.pointCutAll())) {
            MethodTimeLogger.aspectOf().log(new AjcClosure7(new Object[]{this, jWTInfoDto, makeJP}).linkClosureAndJoinPoint(69648));
        } else {
            includeUserStoreClaimsIntoClaims_aroundBody6(this, jWTInfoDto, makeJP);
        }
    }

    private APIKeyValidationInfoDTO validateSubscriptionUsingKeyManager(MessageContext messageContext, JWTValidationInfo jWTValidationInfo) throws APISecurityException {
        JoinPoint makeJP = Factory.makeJP(ajc$tjp_4, this, this, messageContext, jWTValidationInfo);
        return ((this != null && getClass().isAnnotationPresent(MethodStats.class) && MethodTimeLogger.isConfigEnabled()) || (MethodTimeLogger.isConfigEnabled() && MethodTimeLogger.pointCutAll())) ? (APIKeyValidationInfoDTO) MethodTimeLogger.aspectOf().log(new AjcClosure9(new Object[]{this, messageContext, jWTValidationInfo, makeJP}).linkClosureAndJoinPoint(69648)) : validateSubscriptionUsingKeyManager_aroundBody8(this, messageContext, jWTValidationInfo, makeJP);
    }

    private APIKeyValidationInfoDTO validateSubscriptionUsingKeyManager(String str, String str2, JWTValidationInfo jWTValidationInfo) throws APISecurityException {
        JoinPoint makeJP = Factory.makeJP(ajc$tjp_5, this, this, new Object[]{str, str2, jWTValidationInfo});
        return ((this != null && getClass().isAnnotationPresent(MethodStats.class) && MethodTimeLogger.isConfigEnabled()) || (MethodTimeLogger.isConfigEnabled() && MethodTimeLogger.pointCutAll())) ? (APIKeyValidationInfoDTO) MethodTimeLogger.aspectOf().log(new AjcClosure11(new Object[]{this, str, str2, jWTValidationInfo, makeJP}).linkClosureAndJoinPoint(69648)) : validateSubscriptionUsingKeyManager_aroundBody10(this, str, str2, jWTValidationInfo, makeJP);
    }

    @MethodStats
    public AuthenticationContext authenticateForWebSocket(SignedJWTInfo signedJWTInfo, String str, String str2, String str3) throws APISecurityException {
        JoinPoint makeJP = Factory.makeJP(ajc$tjp_6, this, this, new Object[]{signedJWTInfo, str, str2, str3});
        return ((this != null && getClass().isAnnotationPresent(MethodStats.class) && MethodTimeLogger.isConfigEnabled()) || MethodTimeLogger.isConfigEnabled() || (MethodTimeLogger.isConfigEnabled() && MethodTimeLogger.pointCutAll())) ? (AuthenticationContext) MethodTimeLogger.aspectOf().log(new AjcClosure13(new Object[]{this, signedJWTInfo, str, str2, str3, makeJP}).linkClosureAndJoinPoint(69648)) : authenticateForWebSocket_aroundBody12(this, signedJWTInfo, str, str2, str3, makeJP);
    }

    private void validateScopes(String str, String str2, String str3, String str4, JWTValidationInfo jWTValidationInfo, SignedJWTInfo signedJWTInfo) throws APISecurityException {
        JoinPoint makeJP = Factory.makeJP(ajc$tjp_7, this, this, new Object[]{str, str2, str3, str4, jWTValidationInfo, signedJWTInfo});
        if ((this != null && getClass().isAnnotationPresent(MethodStats.class) && MethodTimeLogger.isConfigEnabled()) || (MethodTimeLogger.isConfigEnabled() && MethodTimeLogger.pointCutAll())) {
            MethodTimeLogger.aspectOf().log(new AjcClosure15(new Object[]{this, str, str2, str3, str4, jWTValidationInfo, signedJWTInfo, makeJP}).linkClosureAndJoinPoint(69648));
        } else {
            validateScopes_aroundBody14(this, str, str2, str3, str4, jWTValidationInfo, signedJWTInfo, makeJP);
        }
    }

    private JWTValidationInfo checkTokenExpiration(String str, JWTValidationInfo jWTValidationInfo, String str2) throws APISecurityException {
        JoinPoint makeJP = Factory.makeJP(ajc$tjp_8, this, this, new Object[]{str, jWTValidationInfo, str2});
        return ((this != null && getClass().isAnnotationPresent(MethodStats.class) && MethodTimeLogger.isConfigEnabled()) || (MethodTimeLogger.isConfigEnabled() && MethodTimeLogger.pointCutAll())) ? (JWTValidationInfo) MethodTimeLogger.aspectOf().log(new AjcClosure17(new Object[]{this, str, jWTValidationInfo, str2, makeJP}).linkClosureAndJoinPoint(69648)) : checkTokenExpiration_aroundBody16(this, str, jWTValidationInfo, str2, makeJP);
    }

    protected long getTimeStampSkewInSeconds() {
        JoinPoint makeJP = Factory.makeJP(ajc$tjp_9, this, this);
        return ((this != null && getClass().isAnnotationPresent(MethodStats.class) && MethodTimeLogger.isConfigEnabled()) || (MethodTimeLogger.isConfigEnabled() && MethodTimeLogger.pointCutAll())) ? Conversions.longValue(MethodTimeLogger.aspectOf().log(new AjcClosure19(new Object[]{this, makeJP}).linkClosureAndJoinPoint(69648))) : getTimeStampSkewInSeconds_aroundBody18(this, makeJP);
    }

    private JWTValidationInfo getJwtValidationInfo(SignedJWTInfo signedJWTInfo, String str) throws APISecurityException {
        JoinPoint makeJP = Factory.makeJP(ajc$tjp_10, this, this, signedJWTInfo, str);
        return ((this != null && getClass().isAnnotationPresent(MethodStats.class) && MethodTimeLogger.isConfigEnabled()) || (MethodTimeLogger.isConfigEnabled() && MethodTimeLogger.pointCutAll())) ? (JWTValidationInfo) MethodTimeLogger.aspectOf().log(new AjcClosure21(new Object[]{this, signedJWTInfo, str, makeJP}).linkClosureAndJoinPoint(69648)) : getJwtValidationInfo_aroundBody20(this, signedJWTInfo, str, makeJP);
    }

    private String getJWTTokenIdentifier(SignedJWTInfo signedJWTInfo) {
        JoinPoint makeJP = Factory.makeJP(ajc$tjp_11, this, this, signedJWTInfo);
        return ((this != null && getClass().isAnnotationPresent(MethodStats.class) && MethodTimeLogger.isConfigEnabled()) || (MethodTimeLogger.isConfigEnabled() && MethodTimeLogger.pointCutAll())) ? (String) MethodTimeLogger.aspectOf().log(new AjcClosure23(new Object[]{this, signedJWTInfo, makeJP}).linkClosureAndJoinPoint(69648)) : getJWTTokenIdentifier_aroundBody22(this, signedJWTInfo, makeJP);
    }

    protected Cache getGatewayTokenCache() {
        JoinPoint makeJP = Factory.makeJP(ajc$tjp_12, this, this);
        return ((this != null && getClass().isAnnotationPresent(MethodStats.class) && MethodTimeLogger.isConfigEnabled()) || (MethodTimeLogger.isConfigEnabled() && MethodTimeLogger.pointCutAll())) ? (Cache) MethodTimeLogger.aspectOf().log(new AjcClosure25(new Object[]{this, makeJP}).linkClosureAndJoinPoint(69648)) : getGatewayTokenCache_aroundBody24(this, makeJP);
    }

    protected Cache getInvalidTokenCache() {
        JoinPoint makeJP = Factory.makeJP(ajc$tjp_13, this, this);
        return ((this != null && getClass().isAnnotationPresent(MethodStats.class) && MethodTimeLogger.isConfigEnabled()) || (MethodTimeLogger.isConfigEnabled() && MethodTimeLogger.pointCutAll())) ? (Cache) MethodTimeLogger.aspectOf().log(new AjcClosure27(new Object[]{this, makeJP}).linkClosureAndJoinPoint(69648)) : getInvalidTokenCache_aroundBody26(this, makeJP);
    }

    protected Cache getGatewayKeyCache() {
        JoinPoint makeJP = Factory.makeJP(ajc$tjp_14, this, this);
        return ((this != null && getClass().isAnnotationPresent(MethodStats.class) && MethodTimeLogger.isConfigEnabled()) || (MethodTimeLogger.isConfigEnabled() && MethodTimeLogger.pointCutAll())) ? (Cache) MethodTimeLogger.aspectOf().log(new AjcClosure29(new Object[]{this, makeJP}).linkClosureAndJoinPoint(69648)) : getGatewayKeyCache_aroundBody28(this, makeJP);
    }

    protected Cache getGatewayJWTTokenCache() {
        JoinPoint makeJP = Factory.makeJP(ajc$tjp_15, this, this);
        return ((this != null && getClass().isAnnotationPresent(MethodStats.class) && MethodTimeLogger.isConfigEnabled()) || (MethodTimeLogger.isConfigEnabled() && MethodTimeLogger.pointCutAll())) ? (Cache) MethodTimeLogger.aspectOf().log(new AjcClosure31(new Object[]{this, makeJP}).linkClosureAndJoinPoint(69648)) : getGatewayJWTTokenCache_aroundBody30(this, makeJP);
    }

    private Map<String, String> getUserClaimsFromKeyManager(JWTInfoDto jWTInfoDto) {
        JoinPoint makeJP = Factory.makeJP(ajc$tjp_16, this, this, jWTInfoDto);
        return ((this != null && getClass().isAnnotationPresent(MethodStats.class) && MethodTimeLogger.isConfigEnabled()) || (MethodTimeLogger.isConfigEnabled() && MethodTimeLogger.pointCutAll())) ? (Map) MethodTimeLogger.aspectOf().log(new AjcClosure33(new Object[]{this, jWTInfoDto, makeJP}).linkClosureAndJoinPoint(69648)) : getUserClaimsFromKeyManager_aroundBody32(this, jWTInfoDto, makeJP);
    }

    static final AuthenticationContext authenticate_aroundBody0(JWTValidator jWTValidator, SignedJWTInfo signedJWTInfo, MessageContext messageContext, JoinPoint joinPoint) {
        String str = (String) messageContext.getProperty(ThreatProtectorConstants.API_CONTEXT);
        String str2 = (String) messageContext.getProperty("SYNAPSE_REST_API_VERSION");
        org.apache.axis2.context.MessageContext axis2MessageContext = ((Axis2MessageContext) messageContext).getAxis2MessageContext();
        String str3 = (String) axis2MessageContext.getProperty(ThreatProtectorConstants.HTTP_METHOD);
        String str4 = (String) messageContext.getProperty(APIMgtGatewayConstants.API_ELECTED_RESOURCE);
        String jWTTokenIdentifier = jWTValidator.getJWTTokenIdentifier(signedJWTInfo);
        String jWSHeader = signedJWTInfo.getSignedJWT().getHeader().toString();
        try {
            signedJWTInfo.setX509ClientCertificate(Utils.getClientCertificate(axis2MessageContext));
        } catch (APIManagementException unused) {
            log.error("Error while obtaining client certificate. " + GatewayUtils.getMaskedToken(jWSHeader));
        }
        if (StringUtils.isNotEmpty(jWTTokenIdentifier) && RevokedJWTDataHolder.isJWTTokenSignatureExistsInRevokedMap(jWTTokenIdentifier)) {
            if (log.isDebugEnabled()) {
                log.debug("Token retrieved from the revoked jwt token map. Token: " + GatewayUtils.getMaskedToken(jWSHeader));
            }
            log.error("Invalid JWT token. " + GatewayUtils.getMaskedToken(jWSHeader));
            throw new APISecurityException(APISecurityConstants.API_AUTH_INVALID_CREDENTIALS, "Invalid JWT token");
        }
        JWTValidationInfo jwtValidationInfo = jWTValidator.getJwtValidationInfo(signedJWTInfo, jWTTokenIdentifier);
        if (jwtValidationInfo == null) {
            throw new APISecurityException(900900, APISecurityConstants.API_AUTH_GENERAL_ERROR_MESSAGE);
        }
        if (!jwtValidationInfo.isValid()) {
            throw new APISecurityException(jwtValidationInfo.getValidationCode(), APISecurityConstants.getAuthenticationFailureMessage(jwtValidationInfo.getValidationCode()));
        }
        log.debug("Begin subscription validation via Key Manager: " + jwtValidationInfo.getKeyManager());
        APIKeyValidationInfoDTO validateSubscriptionUsingKeyManager = jWTValidator.validateSubscriptionUsingKeyManager(messageContext, jwtValidationInfo);
        if (log.isDebugEnabled()) {
            log.debug("Subscription validation via Key Manager. Status: " + validateSubscriptionUsingKeyManager.isAuthorized());
        }
        if (!validateSubscriptionUsingKeyManager.isAuthorized()) {
            log.debug("User is NOT authorized to access the Resource. API Subscription validation failed.");
            throw new APISecurityException(validateSubscriptionUsingKeyManager.getValidationStatus(), "User is NOT authorized to access the Resource. API Subscription validation failed.");
        }
        jWTValidator.validateScopes(str, str2, str4, str3, jwtValidationInfo, signedJWTInfo);
        messageContext.setProperty(APIMgtGatewayConstants.SCOPES, jwtValidationInfo.getScopes().toString());
        if (validateSubscriptionUsingKeyManager.isAuthorized()) {
            messageContext.setProperty(APIMgtGatewayConstants.API_PUBLISHER, validateSubscriptionUsingKeyManager.getApiPublisher());
            messageContext.setProperty("API_NAME", validateSubscriptionUsingKeyManager.getApiName());
            if ("GRAPHQL".equals(messageContext.getProperty("API_TYPE"))) {
                messageContext.setProperty("max_query_depth", Integer.valueOf(validateSubscriptionUsingKeyManager.getGraphQLMaxDepth()));
                messageContext.setProperty("max_query_complexity", Integer.valueOf(validateSubscriptionUsingKeyManager.getGraphQLMaxComplexity()));
            }
            log.debug("JWT authentication successful.");
        }
        log.debug("JWT authentication successful.");
        String str5 = null;
        if (jWTValidator.jwtGenerationEnabled) {
            str5 = jWTValidator.generateAndRetrieveJWTToken(jWTTokenIdentifier, GatewayUtils.generateJWTInfoDto((JSONObject) null, jwtValidationInfo, validateSubscriptionUsingKeyManager, messageContext));
        }
        return GatewayUtils.generateAuthenticationContext(jWTTokenIdentifier, jwtValidationInfo, validateSubscriptionUsingKeyManager, str5, true);
    }

    /* JADX WARN: Type inference failed for: r0v2, types: [java.lang.Class<org.wso2.carbon.apimgt.common.gateway.jwtgenerator.AbstractAPIMgtGatewayJWTGenerator>, java.lang.Throwable] */
    static final long getTtl_aroundBody2(JWTValidator jWTValidator, JoinPoint joinPoint) {
        if (ttl != -1) {
            return ttl;
        }
        synchronized (AbstractAPIMgtGatewayJWTGenerator.class) {
            if (ttl != -1) {
                return ttl;
            }
            APIManagerConfiguration aPIManagerConfiguration = org.wso2.carbon.apimgt.impl.internal.ServiceReferenceHolder.getInstance().getAPIManagerConfigurationService().getAPIManagerConfiguration();
            if (Boolean.parseBoolean(aPIManagerConfiguration.getFirstProperty("CacheConfigurations.EnableGatewayTokenCache"))) {
                String firstProperty = aPIManagerConfiguration.getFirstProperty("CacheConfigurations.TokenCacheExpiry");
                if (firstProperty != null) {
                    ttl = Long.parseLong(firstProperty);
                } else {
                    Long l = 900L;
                    ttl = l.longValue();
                }
            } else {
                String firstProperty2 = aPIManagerConfiguration.getFirstProperty("APIKeyValidator.JWTExpiryTime");
                if (firstProperty2 != null) {
                    ttl = Long.parseLong(firstProperty2);
                } else {
                    Long l2 = 900L;
                    ttl = l2.longValue();
                }
            }
            return ttl;
        }
    }

    static final String generateAndRetrieveJWTToken_aroundBody4(JWTValidator jWTValidator, String str, JWTInfoDto jWTInfoDto, JoinPoint joinPoint) {
        String str2 = null;
        boolean z = false;
        String concat = jWTInfoDto.getApiContext().concat(":").concat(jWTInfoDto.getVersion()).concat(":").concat(str);
        if (jWTValidator.isGatewayTokenCacheEnabled) {
            Object obj = jWTValidator.getGatewayJWTTokenCache().get(concat);
            if (obj != null) {
                str2 = (String) obj;
                z = (new org.json.JSONObject(new String(Base64.getUrlDecoder().decode(((String) obj).split("\\.")[1]))).getLong("exp") * 1000) - System.currentTimeMillis() > jWTValidator.getTimeStampSkewInSeconds() * 1000;
            }
            if (StringUtils.isEmpty(str2) || !z) {
                try {
                    jWTValidator.includeUserStoreClaimsIntoClaims(jWTInfoDto);
                    str2 = jWTValidator.apiMgtGatewayJWTGenerator.generateToken(jWTInfoDto);
                    jWTValidator.getGatewayJWTTokenCache().put(concat, str2);
                } catch (JWTGeneratorException e) {
                    log.error("Error while Generating Backend JWT", e);
                    throw new APISecurityException(900900, APISecurityConstants.API_AUTH_GENERAL_ERROR_MESSAGE, e);
                }
            }
        } else {
            try {
                jWTValidator.includeUserStoreClaimsIntoClaims(jWTInfoDto);
                str2 = jWTValidator.apiMgtGatewayJWTGenerator.generateToken(jWTInfoDto);
            } catch (JWTGeneratorException e2) {
                log.error("Error while Generating Backend JWT", e2);
                throw new APISecurityException(900900, APISecurityConstants.API_AUTH_GENERAL_ERROR_MESSAGE, e2);
            }
        }
        return str2;
    }

    static final void includeUserStoreClaimsIntoClaims_aroundBody6(JWTValidator jWTValidator, JWTInfoDto jWTInfoDto, JoinPoint joinPoint) {
        JWTInfoDto jWTInfoDto2 = new JWTInfoDto(jWTInfoDto);
        Map<String, String> userClaimsFromKeyManager = jWTValidator.getUserClaimsFromKeyManager(jWTInfoDto2);
        JWTValidationInfo jwtValidationInfo = jWTInfoDto2.getJwtValidationInfo();
        if (jwtValidationInfo == null || jwtValidationInfo.getClaims() == null) {
            return;
        }
        jwtValidationInfo.getClaims().putAll(userClaimsFromKeyManager);
    }

    static final APIKeyValidationInfoDTO validateSubscriptionUsingKeyManager_aroundBody8(JWTValidator jWTValidator, MessageContext messageContext, JWTValidationInfo jWTValidationInfo, JoinPoint joinPoint) {
        return jWTValidator.validateSubscriptionUsingKeyManager((String) messageContext.getProperty(ThreatProtectorConstants.API_CONTEXT), (String) messageContext.getProperty("SYNAPSE_REST_API_VERSION"), jWTValidationInfo);
    }

    static final APIKeyValidationInfoDTO validateSubscriptionUsingKeyManager_aroundBody10(JWTValidator jWTValidator, String str, String str2, JWTValidationInfo jWTValidationInfo, JoinPoint joinPoint) {
        String tenantDomain = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantDomain();
        String consumerKey = jWTValidationInfo.getConsumerKey();
        String keyManager = jWTValidationInfo.getKeyManager();
        if (consumerKey != null && keyManager != null) {
            return jWTValidator.apiKeyValidator.validateSubscription(str, str2, consumerKey, tenantDomain, keyManager);
        }
        log.debug("Cannot call Key Manager to validate subscription. Payload of the token does not contain the Authorized party - the party to which the ID Token was issued");
        throw new APISecurityException(APISecurityConstants.API_AUTH_FORBIDDEN, APISecurityConstants.API_AUTH_FORBIDDEN_MESSAGE);
    }

    static final AuthenticationContext authenticateForWebSocket_aroundBody12(JWTValidator jWTValidator, SignedJWTInfo signedJWTInfo, String str, String str2, String str3, JoinPoint joinPoint) {
        String base64URL = signedJWTInfo.getSignedJWT().getSignature().toString();
        String jWSHeader = signedJWTInfo.getSignedJWT().getHeader().toString();
        String jwtid = signedJWTInfo.getJwtClaimsSet().getJWTID();
        JWTValidationInfo jwtValidationInfo = jWTValidator.getJwtValidationInfo(signedJWTInfo, jwtid);
        if (RevokedJWTDataHolder.isJWTTokenSignatureExistsInRevokedMap(base64URL)) {
            if (log.isDebugEnabled()) {
                log.debug("Token retrieved from the revoked jwt token map. Token: " + GatewayUtils.getMaskedToken(jWSHeader));
            }
            log.error("Invalid JWT token. " + GatewayUtils.getMaskedToken(jWSHeader));
            throw new APISecurityException(APISecurityConstants.API_AUTH_INVALID_CREDENTIALS, "Invalid JWT token");
        }
        if (jwtValidationInfo == null || !jwtValidationInfo.isValid()) {
            if (jwtValidationInfo.isValid()) {
                throw new APISecurityException(900900, APISecurityConstants.API_AUTH_GENERAL_ERROR_MESSAGE);
            }
            throw new APISecurityException(APISecurityConstants.API_AUTH_INVALID_CREDENTIALS, "Invalid JWT token");
        }
        log.debug("Begin subscription validation via Key Manager: " + jwtValidationInfo.getKeyManager());
        APIKeyValidationInfoDTO validateSubscriptionUsingKeyManager = jWTValidator.validateSubscriptionUsingKeyManager(str, str2, jwtValidationInfo);
        if (log.isDebugEnabled()) {
            log.debug("Subscription validation via Key Manager: " + jwtValidationInfo.getKeyManager() + ". Status: " + validateSubscriptionUsingKeyManager.isAuthorized());
        }
        if (!validateSubscriptionUsingKeyManager.isAuthorized()) {
            log.debug("User is NOT authorized to access the Resource. API Subscription validation failed.");
            throw new APISecurityException(validateSubscriptionUsingKeyManager.getValidationStatus(), "User is NOT authorized to access the Resource. API Subscription validation failed.");
        }
        jWTValidator.validateScopes(str, str2, str3, WebSocketApiConstants.WEBSOCKET_DUMMY_HTTP_METHOD_NAME, jwtValidationInfo, signedJWTInfo);
        log.debug("JWT authentication successful. user: " + validateSubscriptionUsingKeyManager.getEndUserName());
        String str4 = null;
        if (jWTValidator.jwtGenerationEnabled) {
            str4 = jWTValidator.generateAndRetrieveJWTToken(base64URL, GatewayUtils.generateJWTInfoDto(jwtValidationInfo, validateSubscriptionUsingKeyManager, str, str2));
        }
        AuthenticationContext generateAuthenticationContext = GatewayUtils.generateAuthenticationContext(jwtid, jwtValidationInfo, validateSubscriptionUsingKeyManager, str4, true);
        generateAuthenticationContext.setApiVersion(str2);
        return generateAuthenticationContext;
    }

    static final void validateScopes_aroundBody14(JWTValidator jWTValidator, String str, String str2, String str3, String str4, JWTValidationInfo jWTValidationInfo, SignedJWTInfo signedJWTInfo, JoinPoint joinPoint) {
        String tenantDomain = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantDomain();
        TokenValidationContext tokenValidationContext = new TokenValidationContext();
        APIKeyValidationInfoDTO aPIKeyValidationInfoDTO = new APIKeyValidationInfoDTO();
        HashSet hashSet = new HashSet();
        hashSet.addAll(jWTValidationInfo.getScopes());
        aPIKeyValidationInfoDTO.setScopes(hashSet);
        tokenValidationContext.setValidationInfoDTO(aPIKeyValidationInfoDTO);
        tokenValidationContext.setAccessToken(signedJWTInfo.getToken());
        tokenValidationContext.setHttpVerb(str4);
        tokenValidationContext.setMatchingResource(str3);
        tokenValidationContext.setContext(str);
        tokenValidationContext.setVersion(str2);
        if (!jWTValidator.apiKeyValidator.validateScopes(tokenValidationContext, tenantDomain)) {
            String str5 = "User is NOT authorized to access the Resource: " + str3 + ". Scope validation failed.";
            log.debug(str5);
            throw new APISecurityException(APISecurityConstants.INVALID_SCOPE, str5);
        }
        if (log.isDebugEnabled()) {
            log.debug("Scope validation successful for the resource: " + str3 + ", user: " + jWTValidationInfo.getUser());
        }
    }

    static final JWTValidationInfo checkTokenExpiration_aroundBody16(JWTValidator jWTValidator, String str, JWTValidationInfo jWTValidationInfo, String str2, JoinPoint joinPoint) {
        long timeStampSkewInSeconds = jWTValidator.getTimeStampSkewInSeconds();
        if (DateUtils.isAfter(new Date(jWTValidationInfo.getExpiryTime()), new Date(), timeStampSkewInSeconds)) {
            return jWTValidationInfo;
        }
        if (jWTValidator.isGatewayTokenCacheEnabled) {
            jWTValidator.getGatewayTokenCache().remove(str);
            jWTValidator.getGatewayJWTTokenCache().remove(str);
            jWTValidator.getInvalidTokenCache().put(str, str2);
        }
        jWTValidationInfo.setValid(false);
        jWTValidationInfo.setValidationCode(APISecurityConstants.API_AUTH_INVALID_CREDENTIALS);
        return jWTValidationInfo;
    }

    static final long getTimeStampSkewInSeconds_aroundBody18(JWTValidator jWTValidator, JoinPoint joinPoint) {
        return OAuthServerConfiguration.getInstance().getTimeStampSkewInSeconds();
    }

    static final JWTValidationInfo getJwtValidationInfo_aroundBody20(JWTValidator jWTValidator, SignedJWTInfo signedJWTInfo, String str, JoinPoint joinPoint) {
        String jWSHeader = signedJWTInfo.getSignedJWT().getHeader().toString();
        String tenantDomain = GatewayUtils.getTenantDomain();
        JWTValidationInfo jWTValidationInfo = null;
        if (jWTValidator.isGatewayTokenCacheEnabled && !SignedJWTInfo.ValidationStatus.NOT_VALIDATED.equals(signedJWTInfo.getValidationStatus())) {
            String str2 = (String) jWTValidator.getGatewayTokenCache().get(str);
            if (!SignedJWTInfo.ValidationStatus.VALID.equals(signedJWTInfo.getValidationStatus()) || str2 == null) {
                if (SignedJWTInfo.ValidationStatus.INVALID.equals(signedJWTInfo.getValidationStatus()) && jWTValidator.getInvalidTokenCache().get(str) != null) {
                    if (log.isDebugEnabled()) {
                        log.debug("Token retrieved from the invalid token cache. Token: " + GatewayUtils.getMaskedToken(jWSHeader));
                    }
                    log.error("Invalid JWT token. " + GatewayUtils.getMaskedToken(jWSHeader));
                    jWTValidationInfo = new JWTValidationInfo();
                    jWTValidationInfo.setValidationCode(APISecurityConstants.API_AUTH_INVALID_CREDENTIALS);
                    jWTValidationInfo.setValid(false);
                }
            } else if (jWTValidator.getGatewayKeyCache().get(str) != null) {
                JWTValidationInfo jWTValidationInfo2 = (JWTValidationInfo) jWTValidator.getGatewayKeyCache().get(str);
                jWTValidator.checkTokenExpiration(str, jWTValidationInfo2, tenantDomain);
                jWTValidationInfo = jWTValidationInfo2;
            }
        }
        if (jWTValidationInfo != null) {
            return jWTValidationInfo;
        }
        try {
            JWTValidationInfo validateJWTToken = jWTValidator.jwtValidationService.validateJWTToken(signedJWTInfo);
            signedJWTInfo.setValidationStatus(validateJWTToken.isValid() ? SignedJWTInfo.ValidationStatus.VALID : SignedJWTInfo.ValidationStatus.INVALID);
            if (jWTValidator.isGatewayTokenCacheEnabled) {
                if (validateJWTToken.isValid()) {
                    jWTValidator.getGatewayTokenCache().put(str, tenantDomain);
                    jWTValidator.getGatewayKeyCache().put(str, validateJWTToken);
                } else {
                    jWTValidator.getInvalidTokenCache().put(str, tenantDomain);
                }
                if (!"carbon.super".equals(tenantDomain)) {
                    try {
                        PrivilegedCarbonContext.startTenantFlow();
                        PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantDomain("carbon.super", true);
                        if (validateJWTToken.isValid()) {
                            jWTValidator.getGatewayTokenCache().put(str, tenantDomain);
                        } else {
                            jWTValidator.getInvalidTokenCache().put(str, tenantDomain);
                        }
                    } finally {
                        PrivilegedCarbonContext.endTenantFlow();
                    }
                }
            }
            return validateJWTToken;
        } catch (APIManagementException unused) {
            throw new APISecurityException(900900, APISecurityConstants.API_AUTH_GENERAL_ERROR_MESSAGE);
        }
    }

    static final String getJWTTokenIdentifier_aroundBody22(JWTValidator jWTValidator, SignedJWTInfo signedJWTInfo, JoinPoint joinPoint) {
        String jwtid = signedJWTInfo.getJwtClaimsSet().getJWTID();
        return StringUtils.isNotEmpty(jwtid) ? jwtid : signedJWTInfo.getSignedJWT().getSignature().toString();
    }

    static final Cache getGatewayTokenCache_aroundBody24(JWTValidator jWTValidator, JoinPoint joinPoint) {
        return CacheProvider.getGatewayTokenCache();
    }

    static final Cache getInvalidTokenCache_aroundBody26(JWTValidator jWTValidator, JoinPoint joinPoint) {
        return CacheProvider.getInvalidTokenCache();
    }

    static final Cache getGatewayKeyCache_aroundBody28(JWTValidator jWTValidator, JoinPoint joinPoint) {
        return CacheProvider.getGatewayKeyCache();
    }

    static final Cache getGatewayJWTTokenCache_aroundBody30(JWTValidator jWTValidator, JoinPoint joinPoint) {
        return CacheProvider.getGatewayJWTTokenCache();
    }

    static final Map getUserClaimsFromKeyManager_aroundBody32(JWTValidator jWTValidator, JWTInfoDto jWTInfoDto, JoinPoint joinPoint) {
        KeyManager keyManagerInstance;
        if (jWTValidator.jwtConfigurationDto.isEnableUserClaimRetrievalFromUserStore()) {
            String tenantDomain = CarbonContext.getThreadLocalCarbonContext().getTenantDomain();
            JWTValidationInfo jwtValidationInfo = jWTInfoDto.getJwtValidationInfo();
            if (jwtValidationInfo != null && (keyManagerInstance = KeyManagerHolder.getKeyManagerInstance(tenantDomain, jwtValidationInfo.getKeyManager())) != null) {
                HashMap hashMap = new HashMap();
                if (jwtValidationInfo.getRawPayload() != null) {
                    hashMap.put("accessToken", jwtValidationInfo.getRawPayload());
                }
                if (!StringUtils.isEmpty(jWTValidator.jwtConfigurationDto.getConsumerDialectUri())) {
                    hashMap.put("dialect", jWTValidator.jwtConfigurationDto.getConsumerDialectUri());
                }
                try {
                    return keyManagerInstance.getUserClaims(jWTInfoDto.getEndUser(), hashMap);
                } catch (APIManagementException e) {
                    log.error("Error while retrieving User claims from Key Manager ", e);
                }
            }
        }
        return new HashMap();
    }

    private static void ajc$preClinit() {
        Factory factory = new Factory("JWTValidator.java", JWTValidator.class);
        ajc$tjp_0 = factory.makeSJP("method-execution", factory.makeMethodSig("1", "authenticate", "org.wso2.carbon.apimgt.gateway.handlers.security.jwt.JWTValidator", "org.wso2.carbon.apimgt.impl.jwt.SignedJWTInfo:org.apache.synapse.MessageContext", "signedJWTInfo:synCtx", "org.wso2.carbon.apimgt.gateway.handlers.security.APISecurityException", "org.wso2.carbon.apimgt.gateway.handlers.security.AuthenticationContext"), 141);
        ajc$tjp_1 = factory.makeSJP("method-execution", factory.makeMethodSig("2", "getTtl", "org.wso2.carbon.apimgt.gateway.handlers.security.jwt.JWTValidator", "", "", "", "long"), 234);
        ajc$tjp_10 = factory.makeSJP("method-execution", factory.makeMethodSig("2", "getJwtValidationInfo", "org.wso2.carbon.apimgt.gateway.handlers.security.jwt.JWTValidator", "org.wso2.carbon.apimgt.impl.jwt.SignedJWTInfo:java.lang.String", "signedJWTInfo:jti", "org.wso2.carbon.apimgt.gateway.handlers.security.APISecurityException", "org.wso2.carbon.apimgt.common.gateway.dto.JWTValidationInfo"), 502);
        ajc$tjp_11 = factory.makeSJP("method-execution", factory.makeMethodSig("2", "getJWTTokenIdentifier", "org.wso2.carbon.apimgt.gateway.handlers.security.jwt.JWTValidator", "org.wso2.carbon.apimgt.impl.jwt.SignedJWTInfo", "signedJWTInfo", "", "java.lang.String"), 577);
        ajc$tjp_12 = factory.makeSJP("method-execution", factory.makeMethodSig("4", "getGatewayTokenCache", "org.wso2.carbon.apimgt.gateway.handlers.security.jwt.JWTValidator", "", "", "", "javax.cache.Cache"), 586);
        ajc$tjp_13 = factory.makeSJP("method-execution", factory.makeMethodSig("4", "getInvalidTokenCache", "org.wso2.carbon.apimgt.gateway.handlers.security.jwt.JWTValidator", "", "", "", "javax.cache.Cache"), 591);
        ajc$tjp_14 = factory.makeSJP("method-execution", factory.makeMethodSig("4", "getGatewayKeyCache", "org.wso2.carbon.apimgt.gateway.handlers.security.jwt.JWTValidator", "", "", "", "javax.cache.Cache"), 596);
        ajc$tjp_15 = factory.makeSJP("method-execution", factory.makeMethodSig("4", "getGatewayJWTTokenCache", "org.wso2.carbon.apimgt.gateway.handlers.security.jwt.JWTValidator", "", "", "", "javax.cache.Cache"), 601);
        ajc$tjp_16 = factory.makeSJP("method-execution", factory.makeMethodSig("2", "getUserClaimsFromKeyManager", "org.wso2.carbon.apimgt.gateway.handlers.security.jwt.JWTValidator", "org.wso2.carbon.apimgt.common.gateway.dto.JWTInfoDto", "jwtInfoDto", "", "java.util.Map"), 605);
        ajc$tjp_2 = factory.makeSJP("method-execution", factory.makeMethodSig("2", "generateAndRetrieveJWTToken", "org.wso2.carbon.apimgt.gateway.handlers.security.jwt.JWTValidator", "java.lang.String:org.wso2.carbon.apimgt.common.gateway.dto.JWTInfoDto", "tokenSignature:jwtInfoDto", "org.wso2.carbon.apimgt.gateway.handlers.security.APISecurityException", "java.lang.String"), 269);
        ajc$tjp_3 = factory.makeSJP("method-execution", factory.makeMethodSig("2", "includeUserStoreClaimsIntoClaims", "org.wso2.carbon.apimgt.gateway.handlers.security.jwt.JWTValidator", "org.wso2.carbon.apimgt.common.gateway.dto.JWTInfoDto", "jwtInfoDto", "", "void"), 310);
        ajc$tjp_4 = factory.makeSJP("method-execution", factory.makeMethodSig("2", "validateSubscriptionUsingKeyManager", "org.wso2.carbon.apimgt.gateway.handlers.security.jwt.JWTValidator", "org.apache.synapse.MessageContext:org.wso2.carbon.apimgt.common.gateway.dto.JWTValidationInfo", "synCtx:jwtValidationInfo", "org.wso2.carbon.apimgt.gateway.handlers.security.APISecurityException", "org.wso2.carbon.apimgt.impl.dto.APIKeyValidationInfoDTO"), 320);
        ajc$tjp_5 = factory.makeSJP("method-execution", factory.makeMethodSig("2", "validateSubscriptionUsingKeyManager", "org.wso2.carbon.apimgt.gateway.handlers.security.jwt.JWTValidator", "java.lang.String:java.lang.String:org.wso2.carbon.apimgt.common.gateway.dto.JWTValidationInfo", "apiContext:apiVersion:jwtValidationInfo", "org.wso2.carbon.apimgt.gateway.handlers.security.APISecurityException", "org.wso2.carbon.apimgt.impl.dto.APIKeyValidationInfoDTO"), 329);
        ajc$tjp_6 = factory.makeSJP("method-execution", factory.makeMethodSig("1", "authenticateForWebSocket", "org.wso2.carbon.apimgt.gateway.handlers.security.jwt.JWTValidator", "org.wso2.carbon.apimgt.impl.jwt.SignedJWTInfo:java.lang.String:java.lang.String:java.lang.String", "signedJWTInfo:apiContext:apiVersion:matchingResource", "org.wso2.carbon.apimgt.gateway.handlers.security.APISecurityException", "org.wso2.carbon.apimgt.gateway.handlers.security.AuthenticationContext"), 359);
        ajc$tjp_7 = factory.makeSJP("method-execution", factory.makeMethodSig("2", "validateScopes", "org.wso2.carbon.apimgt.gateway.handlers.security.jwt.JWTValidator", "java.lang.String:java.lang.String:java.lang.String:java.lang.String:org.wso2.carbon.apimgt.common.gateway.dto.JWTValidationInfo:org.wso2.carbon.apimgt.impl.jwt.SignedJWTInfo", "apiContext:apiVersion:matchingResource:httpMethod:jwtValidationInfo:jwtToken", "org.wso2.carbon.apimgt.gateway.handlers.security.APISecurityException", "void"), 432);
        ajc$tjp_8 = factory.makeSJP("method-execution", factory.makeMethodSig("2", "checkTokenExpiration", "org.wso2.carbon.apimgt.gateway.handlers.security.jwt.JWTValidator", "java.lang.String:org.wso2.carbon.apimgt.common.gateway.dto.JWTValidationInfo:java.lang.String", "tokenIdentifier:payload:tenantDomain", "org.wso2.carbon.apimgt.gateway.handlers.security.APISecurityException", "org.wso2.carbon.apimgt.common.gateway.dto.JWTValidationInfo"), 476);
        ajc$tjp_9 = factory.makeSJP("method-execution", factory.makeMethodSig("4", "getTimeStampSkewInSeconds", "org.wso2.carbon.apimgt.gateway.handlers.security.jwt.JWTValidator", "", "", "", "long"), 497);
    }
}
