package com.fangcloud.sdk.auth;

import com.fangcloud.sdk.YfyAppInfo;
import com.fangcloud.sdk.YfyRequestConfig;
import com.fangcloud.sdk.YfyRequestUtil;
import com.fangcloud.sdk.exception.YfyException;
import com.fangcloud.sdk.util.StringUtil;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureAlgorithm;
import io.jsonwebtoken.impl.DefaultClaims;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.nio.CharBuffer;
import java.security.Key;
import java.security.KeyFactory;
import java.security.PrivateKey;
import java.security.SecureRandom;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.Calendar;
import java.util.Date;
import java.util.HashMap;
import java.util.Map;
import org.apache.commons.codec.binary.Base64;

/* loaded from: input_file:com/fangcloud/sdk/auth/YfyEnterpriseAuth.class */
public class YfyEnterpriseAuth {
    private static final SecureRandom RAND = new SecureRandom();
    private final YfyRequestConfig requestConfig;
    private Map<String, Object> headers;
    private Key key;

    public YfyEnterpriseAuth(YfyRequestConfig yfyRequestConfig, final String str, Key key) {
        if (yfyRequestConfig == null) {
            throw new NullPointerException("requestConfig");
        }
        if (str == null) {
            throw new NullPointerException("kid");
        }
        this.requestConfig = yfyRequestConfig;
        this.headers = new HashMap<String, Object>() { // from class: com.fangcloud.sdk.auth.YfyEnterpriseAuth.1
            {
                put("alg", "RS256");
                put("typ", "JWT");
                put("kid", str);
            }
        };
        this.key = key;
    }

    public YfyAuthFinish getEnterpriseToken(long j, int i) throws YfyException {
        DefaultClaims defaultClaims = new DefaultClaims();
        defaultClaims.put("yifangyun_sub_type", "enterprise");
        defaultClaims.setSubject(String.valueOf(j));
        defaultClaims.setExpiration(getExpirationTimeSecondsInTheFuture(i));
        defaultClaims.setIssuedAt(new Date());
        defaultClaims.setId(getGeneratedJwtId(16));
        final String compact = Jwts.builder().setHeader(this.headers).setClaims(defaultClaims).signWith(SignatureAlgorithm.RS256, this.key).compact();
        return (YfyAuthFinish) YfyRequestUtil.doPostInAuth(this.requestConfig, YfyAppInfo.getHost().getAuth(), "oauth/token", new HashMap<String, String>() { // from class: com.fangcloud.sdk.auth.YfyEnterpriseAuth.2
            {
                put("grant_type", "jwt");
                put("assertion", compact);
            }
        }, YfyAuthFinish.class);
    }

    public YfyAuthFinish getEnterpriseToken(long j) throws YfyException {
        return getEnterpriseToken(j, 60);
    }

    public YfyAuthFinish getUserToken(long j, int i) throws YfyException {
        DefaultClaims defaultClaims = new DefaultClaims();
        defaultClaims.put("yifangyun_sub_type", "user");
        defaultClaims.setSubject(String.valueOf(j));
        defaultClaims.setExpiration(getExpirationTimeSecondsInTheFuture(i));
        defaultClaims.setIssuedAt(new Date());
        defaultClaims.setId(getGeneratedJwtId(16));
        final String compact = Jwts.builder().setHeader(this.headers).setClaims(defaultClaims).signWith(SignatureAlgorithm.RS256, this.key).compact();
        return (YfyAuthFinish) YfyRequestUtil.doPostInAuth(this.requestConfig, YfyAppInfo.getHost().getAuth(), "oauth/token", new HashMap<String, String>() { // from class: com.fangcloud.sdk.auth.YfyEnterpriseAuth.3
            {
                put("grant_type", "jwt");
                put("assertion", compact);
            }
        }, YfyAuthFinish.class);
    }

    public YfyAuthFinish getUserToken(long j) throws YfyException {
        return getUserToken(j, 60);
    }

    private Date getExpirationTimeSecondsInTheFuture(int i) {
        Calendar calendar = Calendar.getInstance();
        calendar.setTime(new Date());
        calendar.add(13, i);
        return calendar.getTime();
    }

    private String getGeneratedJwtId(int i) {
        byte[] bArr = new byte[i];
        RAND.nextBytes(bArr);
        return StringUtil.urlSafeBase64Encode(bArr);
    }

    public static PrivateKey loadPrivateKey(InputStream inputStream) throws Exception {
        InputStreamReader inputStreamReader = new InputStreamReader(inputStream);
        try {
            StringBuilder sb = new StringBuilder();
            CharBuffer allocate = CharBuffer.allocate(2048);
            while (inputStreamReader.read(allocate) != -1) {
                allocate.flip();
                sb.append((CharSequence) allocate);
                allocate.clear();
            }
            String sb2 = sb.toString();
            inputStreamReader.close();
            return KeyFactory.getInstance("RSA").generatePrivate(new PKCS8EncodedKeySpec(Base64.decodeBase64(sb2.replace("-----BEGIN PRIVATE KEY-----", "").replace("-----END PRIVATE KEY-----", "").replaceAll("\\s", ""))));
        } catch (Throwable th) {
            inputStreamReader.close();
            throw th;
        }
    }
}
