package com.ibm.ws.security.mp.jwt.impl.utils;

import com.ibm.websphere.ras.Tr;
import com.ibm.websphere.ras.TraceComponent;
import com.ibm.websphere.ras.annotation.ManualTrace;
import com.ibm.websphere.ras.annotation.TraceObjectField;
import com.ibm.websphere.security.jwt.JwtToken;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.ffdc.annotation.FFDCIgnore;
import com.ibm.ws.ras.instrument.annotation.InjectedFFDC;
import com.ibm.ws.security.common.jwk.utils.JsonUtils;
import jakarta.json.Json;
import jakarta.json.JsonBuilderFactory;
import jakarta.json.JsonObjectBuilder;
import java.util.ArrayList;
import java.util.Map;
import org.eclipse.microprofile.jwt.Claims;
import org.jose4j.json.JsonUtil;
import org.jose4j.jwt.JwtClaims;
import org.jose4j.jwt.MalformedClaimException;
import org.jose4j.lang.JoseException;

@InjectedFFDC
@TraceObjectField(fieldName = "tc", fieldDesc = "Lcom/ibm/websphere/ras/TraceComponent;")
/* loaded from: input_file:com/ibm/ws/security/mp/jwt/impl/utils/ClaimsUtils.class */
public class ClaimsUtils {
    public static final TraceComponent tc = Tr.register(ClaimsUtils.class, "MPJWT", "com.ibm.ws.security.mp.jwt.resources.MicroProfileJwtMessages");
    private static final JsonBuilderFactory builderFactory = Json.createBuilderFactory((Map) null);
    static final long serialVersionUID = -7672569722419802758L;

    @ManualTrace
    public static JwtClaims getJwtClaims(JwtToken jwtToken) {
        if (tc.isDebugEnabled()) {
            Tr.entry(tc, "getJwtClaims", new Object[]{jwtToken});
        }
        JwtClaims createJwtClaims = createJwtClaims(jwtToken.getClaims(), jwtToken.compact());
        if (tc.isDebugEnabled()) {
            Tr.exit(tc, "getJwtClaims", createJwtClaims);
        }
        return createJwtClaims;
    }

    @ManualTrace
    public static JwtClaims getJwtClaims(String str) throws JoseException {
        if (tc.isDebugEnabled()) {
            Tr.entry(tc, "getJwtClaims", new Object[]{str});
        }
        String jwtPayload = getJwtPayload(str);
        JwtClaims createJwtClaims = jwtPayload != null ? createJwtClaims(JsonUtil.parseJson(jwtPayload), str) : new JwtClaims();
        if (tc.isDebugEnabled()) {
            Tr.exit(tc, "getJwtClaims", createJwtClaims);
        }
        return createJwtClaims;
    }

    @ManualTrace
    static String getJwtPayload(String str) {
        if (tc.isDebugEnabled()) {
            Tr.entry(tc, "getJwtPayload", new Object[]{str});
        }
        String str2 = null;
        if (str != null) {
            String[] splitTokenString = JsonUtils.splitTokenString(str);
            if (splitTokenString.length > 0) {
                str2 = JsonUtils.fromBase64ToJsonString(splitTokenString[1]);
            }
        }
        if (tc.isDebugEnabled()) {
            Tr.exit(tc, "getJwtPayload", str2);
        }
        return str2;
    }

    @ManualTrace
    static JwtClaims createJwtClaims(Map<String, Object> map, String str) {
        if (tc.isDebugEnabled()) {
            Tr.entry(tc, "getClaimsFromJwtPayload", new Object[]{str});
        }
        JwtClaims jwtClaims = new JwtClaims();
        for (Map.Entry<String, Object> entry : map.entrySet()) {
            String key = entry.getKey();
            Object value = entry.getValue();
            if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                Tr.debug(tc, "Key : " + key + ", Value: " + value, new Object[0]);
            }
            if (key != null && value != null) {
                jwtClaims.setClaim(key, value);
            }
        }
        jwtClaims.setStringClaim(Claims.raw_token.name(), str);
        if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
            Tr.debug(tc, "Key : raw_token, Value: raw_token", new Object[0]);
        }
        convertJoseTypes(jwtClaims);
        if (tc.isDebugEnabled()) {
            Tr.exit(tc, "getClaimsFromJwtPayload", jwtClaims);
        }
        return jwtClaims;
    }

    private static void convertJoseTypes(JwtClaims jwtClaims) {
        if (jwtClaims.hasClaim("address")) {
            replaceMapWithJsonObject("address", jwtClaims);
        }
        if (jwtClaims.hasClaim("jwk")) {
            replaceMapWithJsonObject("jwk", jwtClaims);
        }
        if (jwtClaims.hasClaim("sub_jwk")) {
            replaceMapWithJsonObject("sub_jwk", jwtClaims);
        }
        if (jwtClaims.hasClaim("aud")) {
            convertToList("aud", jwtClaims);
        }
        if (jwtClaims.hasClaim("groups")) {
            convertToList("groups", jwtClaims);
        }
    }

    private static void replaceMapWithJsonObject(String str, JwtClaims jwtClaims) {
        try {
            Map map = (Map) jwtClaims.getClaimValue(str, Map.class);
            JsonObjectBuilder createObjectBuilder = builderFactory.createObjectBuilder();
            for (Map.Entry entry : map.entrySet()) {
                createObjectBuilder.add((String) entry.getKey(), entry.getValue().toString());
            }
            jwtClaims.setClaim(str, createObjectBuilder.build());
        } catch (MalformedClaimException e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.mp.jwt.impl.utils.ClaimsUtils", "171", (Object) null, new Object[]{str, jwtClaims});
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "The value for the claim [" + str + "] could not be convered to a Map: " + e.getLocalizedMessage(), new Object[0]);
            }
        }
    }

    @FFDCIgnore({MalformedClaimException.class})
    private static void convertToList(String str, JwtClaims jwtClaims) {
        try {
            jwtClaims.getStringListClaimValue(str);
        } catch (MalformedClaimException e) {
            try {
                String stringClaimValue = jwtClaims.getStringClaimValue(str);
                if (stringClaimValue != null) {
                    ArrayList arrayList = new ArrayList();
                    arrayList.add(stringClaimValue);
                    jwtClaims.setClaim(str, arrayList);
                }
            } catch (MalformedClaimException e2) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "The value for the claim [" + str + "] could not be convered to a string list: " + e2.getLocalizedMessage(), new Object[0]);
                }
            }
        }
    }
}
