package top.dcenter.ums.security.jwt.endpoint;

import com.nimbusds.jose.jwk.JWKSet;
import com.nimbusds.jose.jwk.RSAKey;
import java.lang.reflect.InvocationTargetException;
import java.security.interfaces.RSAPublicKey;
import java.util.List;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import net.minidev.json.JSONObject;
import org.springframework.beans.BeansException;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.context.ApplicationContext;
import org.springframework.context.ApplicationContextAware;
import org.springframework.lang.NonNull;
import org.springframework.lang.Nullable;
import org.springframework.util.ReflectionUtils;
import org.springframework.util.StringUtils;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;
import top.dcenter.ums.security.common.enums.ErrorCodeEnum;
import top.dcenter.ums.security.common.utils.JsonUtil;
import top.dcenter.ums.security.common.utils.ReflectionUtil;
import top.dcenter.ums.security.core.mdc.utils.MdcUtil;
import top.dcenter.ums.security.jwt.api.endpoind.service.JwkEndpointPermissionService;
import top.dcenter.ums.security.jwt.config.JwtAutoConfiguration;
import top.dcenter.ums.security.jwt.exception.JwkSetUriAccessDeniedException;

@ResponseBody
/* loaded from: input_file:top/dcenter/ums/security/jwt/endpoint/JwkEndpoint.class */
public class JwkEndpoint implements InitializingBean, ApplicationContextAware {
    public static final String JWS_SET_URI = "/.well-known/jwks.json";
    private final String jwsSetJsonString;
    private final JwkEndpointPermissionService jwkEndpointPermissionService;
    private ApplicationContext applicationContext;

    public JwkEndpoint(@NonNull RSAPublicKey rSAPublicKey, @NonNull String str, @NonNull JwkEndpointPermissionService jwkEndpointPermissionService, @Nullable String str2) throws InvocationTargetException, IllegalAccessException {
        Map map;
        this.jwkEndpointPermissionService = jwkEndpointPermissionService;
        Object invoke = ReflectionUtils.findMethod(JWKSet.class, "toJSONObject").invoke(new JWKSet(new RSAKey.Builder(rSAPublicKey).build()), new Object[0]);
        if (invoke instanceof JSONObject) {
            map = (Map) ((List) ((JSONObject) invoke).get("keys")).get(0);
        } else {
            if (!(invoke instanceof Map)) {
                throw new RuntimeException("生成 jws set json string 错误");
            }
            map = (Map) ((List) ((Map) invoke).get("keys")).get(0);
        }
        map.put("alg", str);
        if (StringUtils.hasText(str2)) {
            map.put(JwtAutoConfiguration.KID_PARAM_NAME, str2);
        }
        this.jwsSetJsonString = JsonUtil.toJsonString(invoke);
    }

    @RequestMapping(path = {JWS_SET_URI}, method = {RequestMethod.GET}, produces = {"application/json"})
    public String getKey(HttpServletRequest httpServletRequest) {
        if (this.jwkEndpointPermissionService.hasPermission(httpServletRequest).booleanValue()) {
            return this.jwsSetJsonString;
        }
        throw new JwkSetUriAccessDeniedException(ErrorCodeEnum.NOT_FOUND, MdcUtil.getMdcTraceId());
    }

    public void afterPropertiesSet() throws Exception {
        ReflectionUtil.registerController("jwkEndpoint", this.applicationContext, JwkEndpoint.class);
    }

    public void setApplicationContext(@NonNull ApplicationContext applicationContext) throws BeansException {
        this.applicationContext = applicationContext;
    }
}
