package oracle.idm.mobile.auth.openID;

import android.util.Log;
import com.nimbusds.jose.JOSEException;
import com.nimbusds.jose.JWSHeader;
import com.nimbusds.jose.crypto.factories.DefaultJWSVerifierFactory;
import com.nimbusds.jose.jwk.ECKey;
import com.nimbusds.jose.jwk.JWK;
import com.nimbusds.jose.jwk.JWKMatcher;
import com.nimbusds.jose.jwk.JWKSelector;
import com.nimbusds.jose.jwk.JWKSet;
import com.nimbusds.jose.jwk.RSAKey;
import com.nimbusds.jwt.SignedJWT;
import java.security.Key;
import java.text.ParseException;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import oracle.idm.mobile.auth.openID.OpenIDToken;
import oracle.idm.mobile.logging.OMLog;

/* loaded from: classes.dex */
public class OpenIDTokenService {
    private static final String TAG = "OpenIDTokenService";
    private TokenType mType = TokenType.JWT;

    /* loaded from: classes.dex */
    enum TokenType {
        JWT
    }

    public OpenIDToken generate(String str, boolean z) throws ParseException {
        if (str == null || !z) {
            return null;
        }
        return new OpenIDToken(SignedJWT.m48parse(str));
    }

    public OpenIDUserInfo generateUserInfo(OpenIDToken openIDToken) {
        if (openIDToken != null) {
            return new OpenIDUserInfo(openIDToken.getAllClaims());
        }
        return null;
    }

    public boolean ifExistsThenValidate(OpenIDToken openIDToken, OpenIDToken.TokenClaims tokenClaims, String str) {
        OMLog.debug(TAG, "ifExistsThenValidate");
        if (openIDToken == null) {
            OMLog.debug(TAG, "Source token is null, return false!");
            return false;
        }
        if (str == null) {
            return true;
        }
        if (!openIDToken.getAllClaims().containsKey(tokenClaims.getName())) {
            OMLog.debug(TAG, "Claim: " + tokenClaims.name() + " Does not exist");
            return true;
        }
        boolean equalsIgnoreCase = str.equalsIgnoreCase((String) openIDToken.getAllClaims().get(tokenClaims.getName()));
        OMLog.debug(TAG, "Claim: " + tokenClaims.name() + " validate : " + equalsIgnoreCase);
        return equalsIgnoreCase;
    }

    public OpenIDToken validateAndGenerate(String str, Key key) {
        return null;
    }

    public boolean validateClaims(OpenIDToken openIDToken, Map<String, String> map) {
        if (openIDToken == null) {
            return false;
        }
        boolean z = true;
        if (map != null) {
            Iterator<Map.Entry<String, String>> it = map.entrySet().iterator();
            while (true) {
                if (!it.getHasNext()) {
                    break;
                }
                Map.Entry<String, String> next = it.next();
                String key = next.getKey();
                String value = next.getValue();
                Object obj = openIDToken.getAllClaims().get(key);
                if (obj == null && value != null) {
                    z = false;
                    break;
                }
                if (obj instanceof List) {
                    z = ((List) obj).contains(value);
                } else if (obj instanceof String) {
                    if (value != null) {
                        z = value.equalsIgnoreCase((String) obj);
                    } else if (obj != null) {
                        z = false;
                    }
                }
                OMLog.debug(TAG, "Claim: " + key + " Validation status : " + z);
                if (!z) {
                    break;
                }
            }
        }
        OMLog.debug(TAG, "validateClaims : " + z);
        return z;
    }

    public boolean verifySignature(OpenIDToken openIDToken, String str) {
        boolean z = false;
        try {
            JWKSet parse = JWKSet.parse(str);
            JWSHeader header = openIDToken.getSignedJWT().getHeader();
            if (parse == null) {
                return false;
            }
            List<JWK> select = new JWKSelector(new JWKMatcher.Builder().keyID(header.getKeyID()).algorithm(header.getAlgorithm()).build()).select(parse);
            OMLog.trace(TAG, "Found " + select.size() + " matching JWKs");
            DefaultJWSVerifierFactory defaultJWSVerifierFactory = new DefaultJWSVerifierFactory();
            for (JWK jwk : select) {
                Key key = null;
                try {
                    if (jwk instanceof RSAKey) {
                        key = ((RSAKey) jwk).toRSAPublicKey();
                    } else if (jwk instanceof ECKey) {
                        key = ((ECKey) jwk).toECPublicKey();
                    }
                    if (key != null) {
                        boolean verify = openIDToken.getSignedJWT().verify(defaultJWSVerifierFactory.createJWSVerifier(header, key));
                        if (verify) {
                            try {
                                openIDToken.setVerified(true);
                                return verify;
                            } catch (JOSEException e) {
                                e = e;
                                z = verify;
                                OMLog.error(TAG, e.getMessage(), e);
                            } catch (ParseException e2) {
                                e = e2;
                                z = verify;
                                Log.e(TAG, e.getMessage(), e);
                                return z;
                            }
                        } else {
                            z = verify;
                        }
                    } else {
                        continue;
                    }
                } catch (JOSEException e3) {
                    e = e3;
                }
            }
            return z;
        } catch (ParseException e4) {
            e = e4;
        }
    }
}
