package org.eclipse.hono.service.auth;

import io.jsonwebtoken.Claims;
import io.jsonwebtoken.Jws;
import io.jsonwebtoken.JwtException;
import io.vertx.core.AsyncResult;
import io.vertx.core.Future;
import io.vertx.core.Handler;
import io.vertx.core.Vertx;
import io.vertx.core.eventbus.DeliveryOptions;
import io.vertx.core.eventbus.Message;
import io.vertx.core.json.JsonObject;
import io.vertx.proton.sasl.ProtonSaslAuthenticator;
import io.vertx.proton.sasl.ProtonSaslAuthenticatorFactory;
import java.time.Duration;
import java.time.Instant;
import java.time.temporal.TemporalAmount;
import java.util.Objects;
import org.eclipse.hono.auth.Authorities;
import org.eclipse.hono.auth.AuthoritiesImpl;
import org.eclipse.hono.auth.HonoUser;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.stereotype.Component;

@Component
/* loaded from: input_file:org/eclipse/hono/service/auth/HonoSaslAuthenticatorFactory.class */
public final class HonoSaslAuthenticatorFactory implements ProtonSaslAuthenticatorFactory {
    private final AuthenticationService authenticationService;

    /* loaded from: input_file:org/eclipse/hono/service/auth/HonoSaslAuthenticatorFactory$EventBusAuthenticationService.class */
    public static final class EventBusAuthenticationService implements AuthenticationService {
        private static final int AUTH_REQUEST_TIMEOUT_MILLIS = 3000;
        private final Logger log = LoggerFactory.getLogger(EventBusAuthenticationService.class);
        private final Vertx vertx;
        private final AuthTokenHelper tokenValidator;

        public EventBusAuthenticationService(Vertx vertx, AuthTokenHelper authTokenHelper) {
            this.vertx = (Vertx) Objects.requireNonNull(vertx);
            this.tokenValidator = (AuthTokenHelper) Objects.requireNonNull(authTokenHelper);
        }

        @Override // org.eclipse.hono.service.auth.AuthenticationService
        public void authenticate(JsonObject jsonObject, Handler<AsyncResult<HonoUser>> handler) {
            this.vertx.eventBus().send("authentication.in", jsonObject, new DeliveryOptions().setSendTimeout(3000L), asyncResult -> {
                if (!asyncResult.succeeded()) {
                    handler.handle(Future.failedFuture(asyncResult.cause()));
                    return;
                }
                JsonObject jsonObject2 = (JsonObject) ((Message) asyncResult.result()).body();
                String string = jsonObject2.getString("token");
                this.log.debug("received token [length: {}] in response to authentication request", Integer.valueOf(string.length()));
                try {
                    handler.handle(Future.succeededFuture(new HonoUserImpl(this.tokenValidator.expand(jsonObject2.getString("token")), string)));
                } catch (JwtException e) {
                    handler.handle(Future.failedFuture(e));
                }
            });
        }
    }

    /* loaded from: input_file:org/eclipse/hono/service/auth/HonoSaslAuthenticatorFactory$HonoUserImpl.class */
    public static final class HonoUserImpl implements HonoUser {
        private static Duration expirationLeeway = Duration.ofMinutes(2);
        private final String token;
        private final Jws<Claims> expandedToken;
        private final Authorities authorities;

        private HonoUserImpl(Jws<Claims> jws, String str) {
            Objects.requireNonNull(jws);
            Objects.requireNonNull(str);
            if (jws.getBody() == null) {
                throw new IllegalArgumentException("token has no claims");
            }
            this.token = str;
            this.expandedToken = jws;
            this.authorities = AuthoritiesImpl.from((Claims) jws.getBody());
        }

        public String getName() {
            return ((Claims) this.expandedToken.getBody()).getSubject();
        }

        public Authorities getAuthorities() {
            return this.authorities;
        }

        public String getToken() {
            return this.token;
        }

        public boolean isExpired() {
            return !Instant.now().isBefore(getExpirationTime().plus((TemporalAmount) expirationLeeway));
        }

        public Instant getExpirationTime() {
            return ((Claims) this.expandedToken.getBody()).getExpiration().toInstant();
        }
    }

    @Autowired
    public HonoSaslAuthenticatorFactory(Vertx vertx, @Qualifier("authentication") AuthTokenHelper authTokenHelper) {
        this(new EventBusAuthenticationService(vertx, authTokenHelper));
    }

    public HonoSaslAuthenticatorFactory(AuthenticationService authenticationService) {
        this.authenticationService = (AuthenticationService) Objects.requireNonNull(authenticationService);
    }

    public ProtonSaslAuthenticator create() {
        return new HonoSaslAuthenticator(this.authenticationService);
    }
}
