package com.sap.cloudfoundry.client.facade.oauth2;

import com.sap.cloudfoundry.client.facade.util.JsonUtil;
import java.nio.charset.StandardCharsets;
import java.time.Instant;
import java.util.Base64;
import java.util.Collections;
import java.util.HashSet;
import java.util.List;
import java.util.Map;
import org.springframework.http.HttpStatus;
import org.springframework.security.oauth2.core.OAuth2AccessToken;
import org.springframework.web.server.ResponseStatusException;

/* loaded from: input_file:WEB-INF/lib/cloudfoundry-client-facade-2.10.0.jar:com/sap/cloudfoundry/client/facade/oauth2/TokenFactory.class */
public class TokenFactory {
    private static final int JWT_TOKEN_PARTS_COUNT = 3;
    public static final String SCOPE_CC_READ = "cloud_controller.read";
    public static final String SCOPE_CC_WRITE = "cloud_controller.write";
    public static final String SCOPE_CC_ADMIN = "cloud_controller.admin";
    public static final String SCOPE_SCIM_USERIDS = "scim.userids";
    public static final String SCOPE_PASSWORD_WRITE = "password.write";
    public static final String SCOPE_OPENID = "openid";
    public static final String SCOPE = "scope";
    public static final String EXPIRES_AT_KEY = "exp";
    public static final String ISSUED_AT_KEY = "iat";
    public static final String USER_NAME = "user_name";
    public static final String USER_ID = "user_id";
    public static final String CLIENT_ID = "client_id";

    public OAuth2AccessTokenWithAdditionalInfo createToken(String str) {
        return createToken(str, parseToken(str));
    }

    public OAuth2AccessTokenWithAdditionalInfo createToken(String str, Map<String, Object> map) {
        List<String> list = (List) map.get("scope");
        Number number = (Number) map.get("exp");
        Number number2 = (Number) map.get("iat");
        if (list == null || number == null || number2 == null) {
            return null;
        }
        return new OAuth2AccessTokenWithAdditionalInfo(createOAuth2AccessToken(str, list, number, number2), map);
    }

    private OAuth2AccessToken createOAuth2AccessToken(String str, List<String> list, Number number, Number number2) {
        try {
            return new OAuth2AccessToken(OAuth2AccessToken.TokenType.BEARER, str, Instant.ofEpochSecond(number2.longValue()), Instant.ofEpochSecond(number.longValue()), new HashSet(list));
        } catch (IllegalArgumentException e) {
            throw new ResponseStatusException(HttpStatus.UNAUTHORIZED, e.getMessage(), e);
        }
    }

    private Map<String, Object> parseToken(String str) {
        String[] split = str.split("\\.");
        return split.length != 3 ? Collections.emptyMap() : JsonUtil.convertJsonToMap(decode(split[1]));
    }

    private String decode(String str) {
        return new String(Base64.getUrlDecoder().decode(str), StandardCharsets.UTF_8);
    }

    public OAuth2AccessTokenWithAdditionalInfo createToken(Oauth2AccessTokenResponse oauth2AccessTokenResponse) {
        return createToken(oauth2AccessTokenResponse.getAccessToken());
    }
}
