package org.ameba.oauth2.parser;

import com.auth0.jwk.JwkProvider;
import io.jsonwebtoken.Claims;
import io.jsonwebtoken.Jws;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureAlgorithm;
import java.security.KeyFactory;
import java.security.spec.X509EncodedKeySpec;
import org.ameba.oauth2.Asymmetric;
import org.ameba.oauth2.InvalidTokenException;
import org.ameba.oauth2.TokenParser;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:BOOT-INF/lib/ameba-lib-3.0.jar:org/ameba/oauth2/parser/RSA256TokenParser.class */
public class RSA256TokenParser implements TokenParser<Asymmetric, Jws<Claims>> {
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) RSA256TokenParser.class);
    private final JwkProvider jwkProvider;

    public RSA256TokenParser(JwkProvider jwkProvider) {
        this.jwkProvider = jwkProvider;
    }

    @Override // org.ameba.oauth2.TokenParser
    public String supportAlgorithm() {
        return SignatureAlgorithm.RS256.toString();
    }

    @Override // org.ameba.oauth2.TokenParser
    public Jws<Claims> parse(String str, Asymmetric asymmetric) {
        if (asymmetric == null) {
            throw new IllegalArgumentException("Expected asymmetric issuer is null");
        }
        if (asymmetric.getKID() == null || "".equals(asymmetric.getKID())) {
            throw new IllegalArgumentException("JWK kid is null or empty. Configure a kid");
        }
        try {
            if (LOGGER.isDebugEnabled()) {
                LOGGER.debug(String.format("Checking issuer with KID [%s]", asymmetric.getKID()));
            }
            return Jwts.parser().setAllowedClockSkewSeconds(asymmetric.getSkewSeconds()).setSigningKey(KeyFactory.getInstance("RSA").generatePublic(new X509EncodedKeySpec(this.jwkProvider.get(asymmetric.getKID()).getPublicKey().getEncoded()))).parseClaimsJws(str);
        } catch (Exception e) {
            LOGGER.error(e.getMessage(), (Throwable) e);
            throw new InvalidTokenException(e.getMessage());
        }
    }
}
