package com.docusign.maestro.client.auth;

import com.auth0.jwt.JWT;
import com.auth0.jwt.JWTCreator;
import com.auth0.jwt.algorithms.Algorithm;
import com.auth0.jwt.exceptions.JWTCreationException;
import java.io.File;
import java.io.FileNotFoundException;
import java.io.FileReader;
import java.io.IOException;
import java.io.StringReader;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.Security;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.Date;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.util.io.pem.PemReader;

/* loaded from: input_file:com/docusign/maestro/client/auth/JWTUtils.class */
public class JWTUtils {
    public static String generateJWTAssertionFromByteArray(byte[] bArr, String str, String str2, String str3, long j, String str4) throws IllegalArgumentException, JWTCreationException, IOException {
        if (j <= 0) {
            throw new IllegalArgumentException("expiresIn should be a non-negative value");
        }
        if (bArr == null || bArr.length == 0) {
            throw new IllegalArgumentException("rsaPrivateKey byte array is empty");
        }
        if (str == null || "".equals(str) || str2 == null || "".equals(str2)) {
            throw new IllegalArgumentException("One of the arguments is null or empty");
        }
        Algorithm RSA256 = Algorithm.RSA256((RSAPublicKey) null, readPrivateKeyFromByteArray(bArr, "RSA"));
        long currentTimeMillis = System.currentTimeMillis();
        JWTCreator.Builder withExpiresAt = JWT.create().withIssuer(str2).withAudience(new String[]{str}).withIssuedAt(new Date(currentTimeMillis)).withClaim("scope", str4).withExpiresAt(new Date(currentTimeMillis + (j * 1000)));
        if (str3 != null && str3 != "") {
            withExpiresAt = withExpiresAt.withSubject(str3);
        }
        return withExpiresAt.sign(RSA256);
    }

    public static String generateJWTAssertion(String str, String str2, String str3, String str4, String str5, long j) throws JWTCreationException, IOException {
        return generateJWTAssertion(str, str2, str3, str4, str5, j, OAuth.Scope_SIGNATURE);
    }

    public static String generateJWTAssertion(String str, String str2, String str3, String str4, String str5, long j, String str6) throws JWTCreationException, IOException {
        if (j <= 0) {
            throw new IllegalArgumentException("expiresIn should be a non-negative value");
        }
        if (str == null || "".equals(str) || str2 == null || "".equals(str2) || str3 == null || "".equals(str3) || str4 == null || "".equals(str4) || str5 == null || "".equals(str5)) {
            throw new IllegalArgumentException("One of the arguments is null or empty");
        }
        try {
            Algorithm RSA256 = Algorithm.RSA256(readPublicKeyFromFile(str, "RSA"), readPrivateKeyFromFile(str2, "RSA"));
            long currentTimeMillis = System.currentTimeMillis();
            return JWT.create().withIssuer(str4).withSubject(str5).withAudience(new String[]{str3}).withNotBefore(new Date(currentTimeMillis)).withExpiresAt(new Date(currentTimeMillis + (j * 1000))).withClaim("scope", str6).sign(RSA256);
        } catch (IOException e) {
            throw e;
        } catch (JWTCreationException e2) {
            throw e2;
        }
    }

    private static RSAPublicKey readPublicKeyFromFile(String str, String str2) throws IOException {
        File file = new File(str);
        if (!file.isFile() || !file.exists()) {
            throw new FileNotFoundException(String.format("The file '%s' doesn't exist.", file.getAbsolutePath()));
        }
        PemReader pemReader = new PemReader(new FileReader(file));
        try {
            RSAPublicKey rSAPublicKey = null;
            try {
                try {
                    rSAPublicKey = (RSAPublicKey) KeyFactory.getInstance(str2).generatePublic(new X509EncodedKeySpec(pemReader.readPemObject().getContent()));
                } catch (InvalidKeySpecException e) {
                    System.out.println("Could not reconstruct the public key");
                }
            } catch (NoSuchAlgorithmException e2) {
                System.out.println("Could not reconstruct the public key, the given algorithm could not be found.");
            }
            return rSAPublicKey;
        } finally {
            pemReader.close();
        }
    }

    private static RSAPrivateKey readPrivateKeyFromFile(String str, String str2) throws IOException {
        File file = new File(str);
        if (!file.isFile() || !file.exists()) {
            throw new FileNotFoundException(String.format("The file '%s' doesn't exist.", file.getAbsolutePath()));
        }
        PemReader pemReader = new PemReader(new FileReader(file));
        try {
            byte[] content = pemReader.readPemObject().getContent();
            RSAPrivateKey rSAPrivateKey = null;
            try {
                try {
                    Security.addProvider(new BouncyCastleProvider());
                    rSAPrivateKey = (RSAPrivateKey) KeyFactory.getInstance(str2, "BC").generatePrivate(new PKCS8EncodedKeySpec(content));
                } catch (NoSuchAlgorithmException e) {
                    System.out.println("Could not reconstruct the private key, the given algorithm could not be found.");
                }
            } catch (NoSuchProviderException e2) {
                System.out.println("Could not reconstruct the private key, invalid provider.");
            } catch (InvalidKeySpecException e3) {
                System.out.println("Could not reconstruct the private key");
            }
            return rSAPrivateKey;
        } finally {
            pemReader.close();
        }
    }

    private static RSAPrivateKey readPrivateKeyFromByteArray(byte[] bArr, String str) throws IOException {
        PemReader pemReader = new PemReader(new StringReader(new String(bArr)));
        try {
            byte[] content = pemReader.readPemObject().getContent();
            RSAPrivateKey rSAPrivateKey = null;
            try {
                try {
                    try {
                        Security.addProvider(new BouncyCastleProvider());
                        rSAPrivateKey = (RSAPrivateKey) KeyFactory.getInstance(str, "BC").generatePrivate(new PKCS8EncodedKeySpec(content));
                    } catch (NoSuchAlgorithmException e) {
                        System.out.println("Could not reconstruct the private key, the given algorithm could not be found.");
                    }
                } catch (InvalidKeySpecException e2) {
                    System.out.println("Could not reconstruct the private key");
                }
            } catch (NoSuchProviderException e3) {
                System.out.println("Could not reconstruct the private key, invalid provider.");
            }
            return rSAPrivateKey;
        } finally {
            pemReader.close();
        }
    }
}
