package org.eclipse.hono.service.auth;

import io.jsonwebtoken.Claims;
import io.jsonwebtoken.Jws;
import io.jsonwebtoken.JwtException;
import io.vertx.core.Future;
import io.vertx.core.Promise;
import io.vertx.core.Vertx;
import io.vertx.core.eventbus.DeliveryOptions;
import io.vertx.core.eventbus.Message;
import io.vertx.core.eventbus.ReplyException;
import io.vertx.core.eventbus.ReplyFailure;
import io.vertx.core.json.JsonObject;
import java.time.Duration;
import java.time.Instant;
import java.time.temporal.TemporalAmount;
import java.util.Objects;
import org.eclipse.hono.auth.Authorities;
import org.eclipse.hono.auth.AuthoritiesImpl;
import org.eclipse.hono.auth.HonoUser;
import org.eclipse.hono.client.ServerErrorException;
import org.eclipse.hono.client.util.StatusCodeMapper;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/eclipse/hono/service/auth/EventBusAuthenticationService.class */
public final class EventBusAuthenticationService implements AuthenticationService {
    private static final int AUTH_REQUEST_TIMEOUT_MILLIS = 3000;
    private final Logger log;
    private final Vertx vertx;
    private final AuthTokenValidator tokenValidator;
    private final String[] supportedSASLMechanisms;

    /* renamed from: org.eclipse.hono.service.auth.EventBusAuthenticationService$1, reason: invalid class name */
    /* loaded from: input_file:org/eclipse/hono/service/auth/EventBusAuthenticationService$1.class */
    static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$io$vertx$core$eventbus$ReplyFailure = new int[ReplyFailure.values().length];

        static {
            try {
                $SwitchMap$io$vertx$core$eventbus$ReplyFailure[ReplyFailure.TIMEOUT.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$io$vertx$core$eventbus$ReplyFailure[ReplyFailure.NO_HANDLERS.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$io$vertx$core$eventbus$ReplyFailure[ReplyFailure.RECIPIENT_FAILURE.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
        }
    }

    /* loaded from: input_file:org/eclipse/hono/service/auth/EventBusAuthenticationService$HonoUserImpl.class */
    public static final class HonoUserImpl implements HonoUser {
        private static Duration expirationLeeway = Duration.ofMinutes(2);
        private final String token;
        private final Jws<Claims> expandedToken;
        private final Authorities authorities;

        private HonoUserImpl(Jws<Claims> jws, String str) {
            Objects.requireNonNull(jws);
            Objects.requireNonNull(str);
            if (jws.getBody() == null) {
                throw new IllegalArgumentException("token has no claims");
            }
            this.token = str;
            this.expandedToken = jws;
            this.authorities = AuthoritiesImpl.from((Claims) jws.getBody());
        }

        public String getName() {
            return ((Claims) this.expandedToken.getBody()).getSubject();
        }

        public Authorities getAuthorities() {
            return this.authorities;
        }

        public String getToken() {
            return this.token;
        }

        public boolean isExpired() {
            return !Instant.now().isBefore(getExpirationTime().plus((TemporalAmount) expirationLeeway));
        }

        public Instant getExpirationTime() {
            return ((Claims) this.expandedToken.getBody()).getExpiration().toInstant();
        }
    }

    public EventBusAuthenticationService(Vertx vertx, AuthTokenValidator authTokenValidator) {
        this(vertx, authTokenValidator, AbstractHonoAuthenticationService.DEFAULT_SASL_MECHANISMS);
    }

    public EventBusAuthenticationService(Vertx vertx, AuthTokenValidator authTokenValidator, String[] strArr) {
        this.log = LoggerFactory.getLogger(EventBusAuthenticationService.class);
        this.vertx = (Vertx) Objects.requireNonNull(vertx);
        this.tokenValidator = (AuthTokenValidator) Objects.requireNonNull(authTokenValidator);
        this.supportedSASLMechanisms = (String[]) Objects.requireNonNull(strArr);
    }

    @Override // org.eclipse.hono.service.auth.AuthenticationService
    public String[] getSupportedSaslMechanisms() {
        return this.supportedSASLMechanisms;
    }

    @Override // org.eclipse.hono.service.auth.AuthenticationService
    public Future<HonoUser> authenticate(JsonObject jsonObject) {
        Promise promise = Promise.promise();
        this.vertx.eventBus().request("authentication.in", jsonObject, new DeliveryOptions().setSendTimeout(3000L), asyncResult -> {
            ServerErrorException serverErrorException;
            if (asyncResult.succeeded()) {
                JsonObject jsonObject2 = (JsonObject) ((Message) asyncResult.result()).body();
                String string = jsonObject2.getString("token");
                this.log.debug("received token [length: {}] in response to authentication request", Integer.valueOf(string.length()));
                try {
                    promise.complete(new HonoUserImpl(this.tokenValidator.expand(jsonObject2.getString("token")), string));
                    return;
                } catch (JwtException e) {
                    promise.fail(new ServerErrorException(500, e));
                    return;
                }
            }
            if (asyncResult.cause() instanceof ReplyException) {
                switch (AnonymousClass1.$SwitchMap$io$vertx$core$eventbus$ReplyFailure[asyncResult.cause().failureType().ordinal()]) {
                    case 1:
                        this.log.debug("timeout processing authentication request", asyncResult.cause());
                        serverErrorException = new ServerErrorException(503, asyncResult.cause());
                        break;
                    case 2:
                        this.log.debug("could not process authentication request", asyncResult.cause());
                        serverErrorException = new ServerErrorException(500, asyncResult.cause());
                        break;
                    case 3:
                        int failureCode = asyncResult.cause().failureCode();
                        if (failureCode >= 400 && failureCode < 600) {
                            serverErrorException = StatusCodeMapper.from(failureCode, asyncResult.cause().getMessage());
                            break;
                        } else {
                            this.log.error("got illegal status code in authentication response exception: {}", Integer.valueOf(failureCode));
                            serverErrorException = new ServerErrorException(500, asyncResult.cause().getMessage());
                            break;
                        }
                        break;
                    default:
                        serverErrorException = new ServerErrorException(500, asyncResult.cause());
                        break;
                }
            } else {
                serverErrorException = new ServerErrorException(500, asyncResult.cause());
            }
            promise.fail(serverErrorException);
        });
        return promise.future();
    }
}
