package com.supwisdom.infras.security.utils;

import com.supwisdom.infras.crypto.cert.CertUtil;
import com.supwisdom.infras.crypto.sm.jsonwebtoken.Jwts;
import com.supwisdom.infras.security.configure.jwt.util.HttpUtil;
import io.jsonwebtoken.Claims;
import io.jsonwebtoken.SignatureException;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
import java.io.UnsupportedEncodingException;
import java.security.NoSuchAlgorithmException;
import java.security.PublicKey;
import java.security.spec.InvalidKeySpecException;
import org.apache.http.HttpResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.beans.factory.annotation.Value;

/* loaded from: input_file:com/supwisdom/infras/security/utils/JWTValidateUtil.class */
public class JWTValidateUtil implements InitializingBean {
    private static final Logger logger = LoggerFactory.getLogger(JWTValidateUtil.class);

    @Value("${infras.security.jwt.key-alg:RSA}")
    private String keyAlg;

    @Value("${infras.security.jwt.public-key-pem:}")
    private String publicKeyPem;

    @Value("${infras.security.jwt.token.signing.key.url:}")
    private String signingKeyUrl;
    private PublicKey realPublicKey;

    public void afterPropertiesSet() throws Exception {
        initKey();
    }

    public void initKey() {
        if (this.signingKeyUrl != null && this.signingKeyUrl.length() > 0) {
            HttpResponse httpResponse = null;
            try {
                try {
                    try {
                        try {
                            httpResponse = HttpUtil.executeGet(this.signingKeyUrl);
                            StringBuilder sb = new StringBuilder();
                            BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(httpResponse.getEntity().getContent(), "UTF-8"), 8192);
                            while (true) {
                                String readLine = bufferedReader.readLine();
                                if (readLine == null) {
                                    break;
                                } else {
                                    sb.append(readLine);
                                }
                            }
                            logger.debug("Fetch response [{}]", sb.toString());
                            this.publicKeyPem = sb.toString();
                            if (httpResponse != null) {
                                HttpUtil.close(httpResponse);
                            }
                        } catch (UnsupportedEncodingException e) {
                            logger.error(e.getMessage());
                            if (httpResponse != null) {
                                HttpUtil.close(httpResponse);
                            }
                        }
                    } catch (Exception e2) {
                        logger.error(e2.getMessage());
                        if (httpResponse != null) {
                            HttpUtil.close(httpResponse);
                        }
                    }
                } catch (IOException e3) {
                    logger.error(e3.getMessage());
                    if (httpResponse != null) {
                        HttpUtil.close(httpResponse);
                    }
                } catch (UnsupportedOperationException e4) {
                    logger.error(e4.getMessage());
                    if (httpResponse != null) {
                        HttpUtil.close(httpResponse);
                    }
                }
            } catch (Throwable th) {
                if (httpResponse != null) {
                    HttpUtil.close(httpResponse);
                }
                throw th;
            }
        }
        if (this.publicKeyPem != null && this.publicKeyPem.length() > 0) {
            try {
                CertUtil.initAlg(this.keyAlg);
                this.realPublicKey = CertUtil.getRealPublicKey(CertUtil.stringToPublicKey(this.publicKeyPem));
            } catch (NoSuchAlgorithmException e5) {
                logger.error(e5.getMessage());
            } catch (InvalidKeySpecException e6) {
                logger.error(e6.getMessage());
            } catch (Exception e7) {
                logger.error(e7.getMessage());
            }
        }
        if (this.realPublicKey == null) {
            logger.warn("publicKey is null");
        }
        logger.info("publicKey is {}", this.realPublicKey);
    }

    public Claims getClaimsFromToken(String str) {
        int i = 0;
        while (i <= 1) {
            i++;
            try {
                return (Claims) Jwts.parser().setSigningKey(this.realPublicKey).parseClaimsJws(str).getBody();
            } catch (Exception e) {
                logger.error(e.getMessage());
            } catch (SignatureException e2) {
                initKey();
            }
        }
        return null;
    }
}
