package org.wso2.carbon.apimgt.impl.token;

import com.nimbusds.jwt.JWTClaimsSet;
import java.nio.charset.Charset;
import java.util.Base64;
import java.util.UUID;
import java.util.concurrent.TimeUnit;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.aspectj.lang.JoinPoint;
import org.aspectj.runtime.internal.AroundClosure;
import org.aspectj.runtime.reflect.Factory;
import org.json.JSONObject;
import org.wso2.carbon.apimgt.api.APIManagementException;
import org.wso2.carbon.apimgt.impl.APIConstants;
import org.wso2.carbon.apimgt.impl.MethodTimeLogger;
import org.wso2.carbon.apimgt.impl.dto.JwtTokenInfoDTO;
import org.wso2.carbon.apimgt.impl.utils.APIUtil;
import org.wso2.carbon.core.util.KeyStoreManager;
import org.wso2.carbon.identity.oauth.config.OAuthServerConfiguration;

/* loaded from: input_file:org/wso2/carbon/apimgt/impl/token/ApiKeyGenerator.class */
public class ApiKeyGenerator {
    private static final Log log;
    private static final JoinPoint.StaticPart ajc$tjp_0 = null;
    private static final JoinPoint.StaticPart ajc$tjp_1 = null;
    private static final JoinPoint.StaticPart ajc$tjp_2 = null;
    private static final JoinPoint.StaticPart ajc$tjp_3 = null;
    private static final JoinPoint.StaticPart ajc$tjp_4 = null;

    /* loaded from: input_file:org/wso2/carbon/apimgt/impl/token/ApiKeyGenerator$AjcClosure1.class */
    public class AjcClosure1 extends AroundClosure {
        public AjcClosure1(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return ApiKeyGenerator.generateToken_aroundBody0((JwtTokenInfoDTO) objArr2[0], (JoinPoint) objArr2[1]);
        }
    }

    /* loaded from: input_file:org/wso2/carbon/apimgt/impl/token/ApiKeyGenerator$AjcClosure3.class */
    public class AjcClosure3 extends AroundClosure {
        public AjcClosure3(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return ApiKeyGenerator.buildBody_aroundBody2((JwtTokenInfoDTO) objArr2[0], (JoinPoint) objArr2[1]);
        }
    }

    /* loaded from: input_file:org/wso2/carbon/apimgt/impl/token/ApiKeyGenerator$AjcClosure5.class */
    public class AjcClosure5 extends AroundClosure {
        public AjcClosure5(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            return ApiKeyGenerator.buildHeader_aroundBody4((JoinPoint) ((AroundClosure) this).state[0]);
        }
    }

    /* loaded from: input_file:org/wso2/carbon/apimgt/impl/token/ApiKeyGenerator$AjcClosure7.class */
    public class AjcClosure7 extends AroundClosure {
        public AjcClosure7(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return ApiKeyGenerator.buildSignature_aroundBody6((String) objArr2[0], (JoinPoint) objArr2[1]);
        }
    }

    /* loaded from: input_file:org/wso2/carbon/apimgt/impl/token/ApiKeyGenerator$AjcClosure9.class */
    public class AjcClosure9 extends AroundClosure {
        public AjcClosure9(Object[] objArr) {
            super(objArr);
        }

        public Object run(Object[] objArr) {
            Object[] objArr2 = ((AroundClosure) this).state;
            return ApiKeyGenerator.encode_aroundBody8((byte[]) objArr2[0], (JoinPoint) objArr2[1]);
        }
    }

    static {
        ajc$preClinit();
        log = LogFactory.getLog(ApiKeyGenerator.class);
    }

    public static String generateToken(JwtTokenInfoDTO jwtTokenInfoDTO) throws APIManagementException {
        JoinPoint makeJP = Factory.makeJP(ajc$tjp_0, (Object) null, (Object) null, jwtTokenInfoDTO);
        return (MethodTimeLogger.pointCutAll() && MethodTimeLogger.isConfigEnabled()) ? (String) MethodTimeLogger.aspectOf().log(new AjcClosure1(new Object[]{jwtTokenInfoDTO, makeJP}).linkClosureAndJoinPoint(65536)) : generateToken_aroundBody0(jwtTokenInfoDTO, makeJP);
    }

    private static String buildBody(JwtTokenInfoDTO jwtTokenInfoDTO) {
        JoinPoint makeJP = Factory.makeJP(ajc$tjp_1, (Object) null, (Object) null, jwtTokenInfoDTO);
        return (MethodTimeLogger.pointCutAll() && MethodTimeLogger.isConfigEnabled()) ? (String) MethodTimeLogger.aspectOf().log(new AjcClosure3(new Object[]{jwtTokenInfoDTO, makeJP}).linkClosureAndJoinPoint(65536)) : buildBody_aroundBody2(jwtTokenInfoDTO, makeJP);
    }

    private static String buildHeader() throws APIManagementException {
        JoinPoint makeJP = Factory.makeJP(ajc$tjp_2, (Object) null, (Object) null);
        return (MethodTimeLogger.pointCutAll() && MethodTimeLogger.isConfigEnabled()) ? (String) MethodTimeLogger.aspectOf().log(new AjcClosure5(new Object[]{makeJP}).linkClosureAndJoinPoint(65536)) : buildHeader_aroundBody4(makeJP);
    }

    private static byte[] buildSignature(String str) throws APIManagementException {
        JoinPoint makeJP = Factory.makeJP(ajc$tjp_3, (Object) null, (Object) null, str);
        return (MethodTimeLogger.pointCutAll() && MethodTimeLogger.isConfigEnabled()) ? (byte[]) MethodTimeLogger.aspectOf().log(new AjcClosure7(new Object[]{str, makeJP}).linkClosureAndJoinPoint(65536)) : buildSignature_aroundBody6(str, makeJP);
    }

    private static String encode(byte[] bArr) throws APIManagementException {
        JoinPoint makeJP = Factory.makeJP(ajc$tjp_4, (Object) null, (Object) null, bArr);
        return (MethodTimeLogger.pointCutAll() && MethodTimeLogger.isConfigEnabled()) ? (String) MethodTimeLogger.aspectOf().log(new AjcClosure9(new Object[]{bArr, makeJP}).linkClosureAndJoinPoint(65536)) : encode_aroundBody8(bArr, makeJP);
    }

    static final String generateToken_aroundBody0(JwtTokenInfoDTO jwtTokenInfoDTO, JoinPoint joinPoint) {
        String buildHeader = buildHeader();
        String encode = buildHeader != null ? encode(buildHeader.getBytes(Charset.defaultCharset())) : "";
        String buildBody = buildBody(jwtTokenInfoDTO);
        String encode2 = buildBody != null ? encode(buildBody.getBytes()) : "";
        byte[] buildSignature = buildSignature(String.valueOf(encode) + '.' + encode2);
        if (log.isDebugEnabled()) {
            log.debug("signed assertion value : " + new String(buildSignature, Charset.defaultCharset()));
        }
        return String.valueOf(encode) + '.' + encode2 + '.' + encode(buildSignature);
    }

    static final String buildBody_aroundBody2(JwtTokenInfoDTO jwtTokenInfoDTO, JoinPoint joinPoint) {
        long seconds = TimeUnit.MILLISECONDS.toSeconds(System.currentTimeMillis());
        long expirationTime = (jwtTokenInfoDTO.getExpirationTime() == -1 || jwtTokenInfoDTO.getExpirationTime() > 2147483647L - seconds) ? -1L : seconds + jwtTokenInfoDTO.getExpirationTime();
        String openIDConnectIDTokenIssuerIdentifier = OAuthServerConfiguration.getInstance().getOpenIDConnectIDTokenIssuerIdentifier();
        JWTClaimsSet.Builder builder = new JWTClaimsSet.Builder();
        builder.claim(APIConstants.JwtTokenConstants.SUBJECT, APIUtil.getUserNameWithTenantSuffix(jwtTokenInfoDTO.getEndUserName()));
        builder.claim("jti", UUID.randomUUID().toString());
        builder.claim("iss", openIDConnectIDTokenIssuerIdentifier);
        builder.claim(APIConstants.JwtTokenConstants.ISSUED_TIME, Long.valueOf(seconds));
        if (expirationTime != -1) {
            builder.claim("exp", Long.valueOf(expirationTime));
        }
        builder.claim(APIConstants.JwtTokenConstants.SUBSCRIBED_APIS, jwtTokenInfoDTO.getSubscribedApiDTOList());
        builder.claim(APIConstants.JwtTokenConstants.TIER_INFO, jwtTokenInfoDTO.getSubscriptionPolicyDTOList());
        builder.claim(APIConstants.JwtTokenConstants.APPLICATION, jwtTokenInfoDTO.getApplication());
        builder.claim(APIConstants.JwtTokenConstants.KEY_TYPE, jwtTokenInfoDTO.getKeyType());
        if (jwtTokenInfoDTO.getPermittedIP() != null) {
            builder.claim(APIConstants.JwtTokenConstants.PERMITTED_IP, jwtTokenInfoDTO.getPermittedIP());
        }
        if (jwtTokenInfoDTO.getPermittedReferer() != null) {
            builder.claim(APIConstants.JwtTokenConstants.PERMITTED_REFERER, jwtTokenInfoDTO.getPermittedReferer());
        }
        return builder.build().toJSONObject().toJSONString();
    }

    static final String buildHeader_aroundBody4(JoinPoint joinPoint) {
        try {
            JSONObject jSONObject = new JSONObject(APIUtil.generateHeader(KeyStoreManager.getInstance(-1234).getDefaultPrimaryCertificate(), APIConstants.SIGNATURE_ALGORITHM_SHA256_WITH_RSA));
            jSONObject.put("kid", APIUtil.getApiKeyAlias());
            return jSONObject.toString();
        } catch (Exception e) {
            throw new APIManagementException("Error while building Api key header", e);
        }
    }

    static final byte[] buildSignature_aroundBody6(String str, JoinPoint joinPoint) {
        try {
            return APIUtil.signJwt(str, KeyStoreManager.getInstance(-1234).getDefaultPrivateKey(), APIConstants.SIGNATURE_ALGORITHM_SHA256_WITH_RSA);
        } catch (Exception e) {
            throw new APIManagementException("Error while signing Api Key", e);
        }
    }

    static final String encode_aroundBody8(byte[] bArr, JoinPoint joinPoint) {
        try {
            return Base64.getUrlEncoder().encodeToString(bArr);
        } catch (Exception e) {
            throw new APIManagementException("Error while encoding the Api Key ", e);
        }
    }

    private static void ajc$preClinit() {
        Factory factory = new Factory("ApiKeyGenerator.java", ApiKeyGenerator.class);
        ajc$tjp_0 = factory.makeSJP("method-execution", factory.makeMethodSig("9", "generateToken", "org.wso2.carbon.apimgt.impl.token.ApiKeyGenerator", "org.wso2.carbon.apimgt.impl.dto.JwtTokenInfoDTO", "jwtTokenInfoDTO", "org.wso2.carbon.apimgt.api.APIManagementException", "java.lang.String"), 41);
        ajc$tjp_1 = factory.makeSJP("method-execution", factory.makeMethodSig("a", "buildBody", "org.wso2.carbon.apimgt.impl.token.ApiKeyGenerator", "org.wso2.carbon.apimgt.impl.dto.JwtTokenInfoDTO", "jwtTokenInfoDTO", "", "java.lang.String"), 66);
        ajc$tjp_2 = factory.makeSJP("method-execution", factory.makeMethodSig("a", "buildHeader", "org.wso2.carbon.apimgt.impl.token.ApiKeyGenerator", "", "", "org.wso2.carbon.apimgt.api.APIManagementException", "java.lang.String"), 99);
        ajc$tjp_3 = factory.makeSJP("method-execution", factory.makeMethodSig("a", "buildSignature", "org.wso2.carbon.apimgt.impl.token.ApiKeyGenerator", "java.lang.String", "assertion", "org.wso2.carbon.apimgt.api.APIManagementException", "[B"), 115);
        ajc$tjp_4 = factory.makeSJP("method-execution", factory.makeMethodSig("a", "encode", "org.wso2.carbon.apimgt.impl.token.ApiKeyGenerator", "[B", "stringToBeEncoded", "org.wso2.carbon.apimgt.api.APIManagementException", "java.lang.String"), 127);
    }
}
