package at.letto.lti.service;

import at.letto.lti.dto.LoginDataDTO;
import at.letto.lti.model.lti.PlatformDeployment;
import at.letto.lti.model.lti.RSAKeyEntity;
import at.letto.lti.model.lti.RSAKeyId;
import at.letto.lti.utils.LtiStrings;
import at.letto.lti.utils.TextConstants;
import at.letto.lti.utils.oauth.OAuthUtils;
import com.auth0.jwt.JWT;
import com.auth0.jwt.exceptions.JWTDecodeException;
import com.auth0.jwt.interfaces.DecodedJWT;
import com.nimbusds.jose.JOSEException;
import com.nimbusds.jose.jwk.AsymmetricJWK;
import com.nimbusds.jose.jwk.JWKSet;
import io.jsonwebtoken.Claims;
import io.jsonwebtoken.Jws;
import io.jsonwebtoken.JwsHeader;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureException;
import io.jsonwebtoken.SigningKeyResolverAdapter;
import java.io.IOException;
import java.net.URL;
import java.security.GeneralSecurityException;
import java.security.Key;
import java.text.ParseException;
import java.util.Optional;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;

@Component
/* loaded from: input_file:BOOT-INF/classes/at/letto/lti/service/LTIJWTService.class */
public class LTIJWTService {

    @Autowired
    LTIDataService ltiDataService;
    String error;
    static final Logger log = LoggerFactory.getLogger((Class<?>) LTIJWTService.class);
    private static long id = 0;

    public Jws<Claims> validateState(String str) {
        return Jwts.parser().setSigningKeyResolver(new SigningKeyResolverAdapter() { // from class: at.letto.lti.service.LTIJWTService.1
            @Override // io.jsonwebtoken.SigningKeyResolverAdapter, io.jsonwebtoken.SigningKeyResolver
            public Key resolveSigningKey(JwsHeader jwsHeader, Claims claims) {
                try {
                    Optional<RSAKeyEntity> findById = LTIJWTService.this.ltiDataService.getRepos().rsaKeys.findById(new RSAKeyId(TextConstants.DEFAULT_KID, true));
                    if (findById.isPresent()) {
                        return OAuthUtils.loadPublicKey(findById.get().getPublicKey());
                    }
                    throw new SignatureException("Error validating the state. Error getting the tool public key");
                } catch (GeneralSecurityException e) {
                    LTIJWTService.log.error("Error validating the state. Error generating the tool public key", (Throwable) e);
                    return null;
                }
            }
        }).parseClaimsJws(str);
    }

    public Jws<Claims> validateJWT(String str) {
        return Jwts.parser().setSigningKeyResolver(new SigningKeyResolverAdapter() { // from class: at.letto.lti.service.LTIJWTService.2
            @Override // io.jsonwebtoken.SigningKeyResolverAdapter, io.jsonwebtoken.SigningKeyResolver
            public Key resolveSigningKey(JwsHeader jwsHeader, Claims claims) {
                try {
                    PlatformDeployment platformDeployment = LTIJWTService.this.ltiDataService.getRepos().platformDeploymentRepository.findByPlatformKid(jwsHeader.getKeyId()).get(0);
                    if (platformDeployment.getJwksEndpoint() != null) {
                        try {
                            return ((AsymmetricJWK) JWKSet.load(new URL(platformDeployment.getJwksEndpoint())).getKeyByKeyId(platformDeployment.getPlatformKid())).toPublicKey();
                        } catch (JOSEException | IOException | ParseException e) {
                            LTIJWTService.log.error("Error getting the iss public key", e);
                            return null;
                        }
                    }
                    Optional<RSAKeyEntity> findById = LTIJWTService.this.ltiDataService.getRepos().rsaKeys.findById(new RSAKeyId(platformDeployment.getPlatformKid(), false));
                    if (findById.isPresent()) {
                        return OAuthUtils.loadPublicKey(findById.get().getPublicKey());
                    }
                    LTIJWTService.log.error("Error retrieving the tool public key");
                    return null;
                } catch (IndexOutOfBoundsException e2) {
                    LTIJWTService.log.error("Kid not found in header", (Throwable) e2);
                    return null;
                } catch (GeneralSecurityException e3) {
                    LTIJWTService.log.error("Error generating the tool public key", (Throwable) e3);
                    return null;
                }
            }
        }).parseClaimsJws(str);
    }

    public LoginDataDTO getLoginDataFromJWT(String str) {
        LoginDataDTO loginDataDTO = new LoginDataDTO();
        try {
            DecodedJWT decode = JWT.decode(str);
            loginDataDTO.setUsername(decode.getClaim("https://purl.imsglobal.org/spec/lti/claim/ext").asMap().get("user_username").toString());
            try {
                loginDataDTO.setServer(decode.getClaim("iss").asString());
            } catch (Exception e) {
            }
            try {
                loginDataDTO.setClientid(decode.getClaim("aud").asString());
            } catch (Exception e2) {
            }
            try {
                loginDataDTO.setKursname(decode.getClaim(LtiStrings.LTI_CUSTOM).asMap().get("kursname").toString());
            } catch (Exception e3) {
            }
            try {
                loginDataDTO.setLinktext(decode.getClaim(LtiStrings.LTI_CUSTOM).asMap().get("linktext").toString());
            } catch (Exception e4) {
            }
            try {
                loginDataDTO.setTarget(decode.getClaim(LtiStrings.LTI_CUSTOM).asMap().get("target").toString());
            } catch (Exception e5) {
            }
            try {
                loginDataDTO.setEmail(decode.getClaim("email").asString());
            } catch (Exception e6) {
            }
            try {
                loginDataDTO.setName(decode.getClaim("name").asString());
            } catch (Exception e7) {
            }
            try {
                loginDataDTO.setVorname(decode.getClaim("given_name").asString());
            } catch (Exception e8) {
            }
            try {
                loginDataDTO.setFamilienname(decode.getClaim("family_name").asString());
            } catch (Exception e9) {
            }
            try {
                loginDataDTO.setAktivitaet(decode.getClaim(LtiStrings.LTI_LINK).asMap().get("title").toString());
            } catch (Exception e10) {
            }
            try {
                loginDataDTO.setAktivitaetId(Integer.parseInt(decode.getClaim(LtiStrings.LTI_LINK).asMap().get("id").toString()));
            } catch (Exception e11) {
            }
            try {
                loginDataDTO.setMoodlekurs(decode.getClaim(LtiStrings.LTI_CONTEXT).asMap().get("title").toString());
            } catch (Exception e12) {
            }
            try {
                loginDataDTO.setMoodlekursLabel(decode.getClaim(LtiStrings.LTI_CONTEXT).asMap().get("label").toString());
            } catch (Exception e13) {
            }
            try {
                loginDataDTO.setMoodlekursId(Integer.parseInt(decode.getClaim(LtiStrings.LTI_CONTEXT).asMap().get("id").toString()));
            } catch (Exception e14) {
            }
            try {
                for (String str2 : decode.getClaim(LtiStrings.LTI_ROLES).asList(String.class)) {
                    if (str2.split("#").length == 2) {
                        loginDataDTO.getRoles().add(str2.split("#")[1]);
                    } else if (str2.length() > 0) {
                        loginDataDTO.getRoles().add(str2);
                    }
                }
            } catch (Exception e15) {
            }
            try {
                loginDataDTO.setMoodlekurs(decode.getClaim(LtiStrings.LTI_CONTEXT).asMap().get("title").toString());
            } catch (Exception e16) {
            }
            try {
                loginDataDTO.setLocale(decode.getClaim(LtiStrings.LTI_LAUNCH_PRESENTATION).asMap().get("locale").toString());
            } catch (Exception e17) {
            }
        } catch (JWTDecodeException e18) {
            log.error("Invalid Token");
        }
        return loginDataDTO;
    }

    public synchronized long getId() {
        long j = id;
        id = j + 1;
        return j;
    }
}
