package com.coze.openapi.service.auth;

import com.coze.openapi.client.auth.GetAccessTokenReq;
import com.coze.openapi.client.auth.GrantType;
import com.coze.openapi.client.auth.OAuthToken;
import com.coze.openapi.client.auth.scope.Scope;
import com.coze.openapi.service.auth.OAuthClient;
import com.coze.openapi.service.utils.Utils;
import io.jsonwebtoken.Header;
import io.jsonwebtoken.JwsHeader;
import io.jsonwebtoken.JwtBuilder;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureAlgorithm;
import java.security.KeyFactory;
import java.security.PrivateKey;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.Base64;
import java.util.Date;
import java.util.HashMap;

/* loaded from: classes6.dex */
public class JWTOAuthClient extends OAuthClient {
    private final PrivateKey privateKey;
    private final String publicKey;
    private final Integer ttl;

    /* loaded from: classes6.dex */
    public static class JWTOAuthBuilder extends OAuthClient.OAuthBuilder<JWTOAuthBuilder> {
        private String privateKey;
        private String publicKey;
        private Integer ttl;

        @Override // com.coze.openapi.service.auth.OAuthClient.OAuthBuilder
        public JWTOAuthClient build() {
            Integer num = this.ttl;
            if (num == null || num.equals(0)) {
                this.ttl = 900;
            }
            return new JWTOAuthClient(this);
        }

        public JWTOAuthBuilder privateKey(String str) {
            this.privateKey = str;
            return this;
        }

        public JWTOAuthBuilder publicKey(String str) {
            this.publicKey = str;
            return this;
        }

        /* JADX WARN: Can't rename method to resolve collision */
        @Override // com.coze.openapi.service.auth.OAuthClient.OAuthBuilder
        public JWTOAuthBuilder self() {
            return this;
        }

        public JWTOAuthBuilder ttl(Integer num) {
            this.ttl = num;
            return this;
        }
    }

    public JWTOAuthClient(JWTOAuthBuilder jWTOAuthBuilder) {
        super(jWTOAuthBuilder);
        this.privateKey = parsePrivateKey(jWTOAuthBuilder.privateKey);
        this.publicKey = jWTOAuthBuilder.publicKey;
        this.ttl = jWTOAuthBuilder.ttl;
    }

    /* JADX WARN: Type inference failed for: r1v2, types: [com.coze.openapi.client.auth.GetAccessTokenReq$GetAccessTokenReqBuilder] */
    private OAuthToken doGetAccessToken(Integer num, Scope scope, String str) {
        GetAccessTokenReq.GetAccessTokenReqBuilder<?, ?> builder = GetAccessTokenReq.builder();
        builder.grantType(GrantType.JWTCode.getValue()).durationSeconds(num).scope(scope);
        return getAccessToken(generateJWT(num.intValue(), str), builder.build());
    }

    private String generateJWT(int i, String str) {
        try {
            long currentTimeMillis = System.currentTimeMillis() / 1000;
            HashMap hashMap = new HashMap();
            hashMap.put(JwsHeader.ALGORITHM, "RS256");
            hashMap.put(Header.TYPE, Header.JWT_TYPE);
            hashMap.put(JwsHeader.KEY_ID, this.publicKey);
            JwtBuilder signWith = Jwts.builder().setHeader(hashMap).setIssuer(this.clientID).setAudience(this.hostName).setIssuedAt(new Date(currentTimeMillis * 1000)).setExpiration(new Date((currentTimeMillis + i) * 1000)).setId(Utils.genRandomSign(16)).signWith(this.privateKey, SignatureAlgorithm.RS256);
            if (str != null) {
                signWith.claim("session_name", str);
            }
            return signWith.compact();
        } catch (Exception e) {
            throw new RuntimeException("Failed to generate JWT", e);
        }
    }

    private PrivateKey parsePrivateKey(String str) {
        Base64.Decoder decoder;
        byte[] decode;
        String replaceAll = str.replace("-----BEGIN PRIVATE KEY-----", "").replace("-----END PRIVATE KEY-----", "").replaceAll("\\s", "");
        decoder = Base64.getDecoder();
        decode = decoder.decode(replaceAll);
        return KeyFactory.getInstance("RSA").generatePrivate(new PKCS8EncodedKeySpec(decode));
    }

    public OAuthToken getAccessToken() {
        return doGetAccessToken(this.ttl, null, null);
    }

    public OAuthToken getAccessToken(Scope scope) {
        return doGetAccessToken(this.ttl, scope, null);
    }

    public OAuthToken getAccessToken(Scope scope, String str) {
        return doGetAccessToken(this.ttl, scope, str);
    }

    public OAuthToken getAccessToken(Integer num) {
        return doGetAccessToken(num, null, null);
    }

    public OAuthToken getAccessToken(Integer num, Scope scope) {
        return doGetAccessToken(num, scope, null);
    }

    public OAuthToken getAccessToken(Integer num, Scope scope, String str) {
        return doGetAccessToken(num, scope, str);
    }

    public OAuthToken getAccessToken(Integer num, String str) {
        return doGetAccessToken(num, null, str);
    }

    public OAuthToken getAccessToken(String str) {
        return doGetAccessToken(this.ttl, null, str);
    }

    public Integer getTtl() {
        return this.ttl;
    }

    @Override // com.coze.openapi.service.auth.OAuthClient
    public OAuthToken refreshToken(String str) {
        return null;
    }
}
