package com.hp.sdd.hpc.lib.authz;

import android.util.Base64;
import com.hp.sdd.hpc.lib.authz.models.JWKS;
import com.hp.sdd.hpc.lib.authz.models.Key;
import com.hp.sdd.hpc.lib.hpidaccount.data.HpidIDTokenInfo;
import io.jsonwebtoken.Claims;
import io.jsonwebtoken.Jws;
import io.jsonwebtoken.Jwts;
import java.io.ByteArrayInputStream;
import java.security.PublicKey;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.List;
import kotlin.jvm.internal.q;
import kotlin.p;
import kotlin.y.p;

/* compiled from: JwksUtils.kt */
/* loaded from: classes2.dex */
public final class c {
    public static final c a = new c();

    private c() {
    }

    public static final boolean a(JWKS jwks, AuthZToken authZToken) {
        if (jwks == null) {
            n.a.a.d("signingKeys is null!", new Object[0]);
            return false;
        }
        List<Key> keys = jwks.getKeys();
        if (keys == null || keys.isEmpty()) {
            n.a.a.d("signingKeysList.size() <= 0!", new Object[0]);
            return false;
        }
        while (true) {
            boolean z = false;
            for (Key key : keys) {
                PublicKey publicKey = null;
                if (q.d(key.getKid(), authZToken != null ? authZToken.getKid() : null)) {
                    List<String> x5c = key.getX5c();
                    String str = x5c != null ? (String) p.Z(x5c) : null;
                    if (str == null || str.length() == 0) {
                        continue;
                    } else {
                        try {
                            Certificate generateCertificate = CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(Base64.decode(str, 0)));
                            if (!(generateCertificate instanceof X509Certificate)) {
                                generateCertificate = null;
                            }
                            X509Certificate x509Certificate = (X509Certificate) generateCertificate;
                            if (x509Certificate != null) {
                                publicKey = x509Certificate.getPublicKey();
                            }
                            if (publicKey != null && a.b(publicKey, authZToken)) {
                                z = true;
                            }
                        } catch (CertificateException e2) {
                            n.a.a.f(e2, "generateRSAPublicKey() : CertificateException encountered.", new Object[0]);
                        }
                    }
                }
            }
            return z;
        }
    }

    private final boolean b(PublicKey publicKey, AuthZToken authZToken) {
        Object a2;
        try {
            p.a aVar = kotlin.p.f25083h;
            Jws<Claims> parseClaimsJws = Jwts.parserBuilder().setAllowedClockSkewSeconds(300L).setSigningKey(publicKey).build().parseClaimsJws(authZToken != null ? authZToken.getAccess_token() : null);
            q.g(parseClaimsJws, "Jwts.parserBuilder()\n   …s(jwtToken?.access_token)");
            Claims body = parseClaimsJws.getBody();
            q.g(body, "Jwts.parserBuilder()\n   …Token?.access_token).body");
            a2 = body.getSubject();
            kotlin.p.b(a2);
        } catch (Throwable th) {
            p.a aVar2 = kotlin.p.f25083h;
            a2 = kotlin.q.a(th);
            kotlin.p.b(a2);
        }
        Throwable d2 = kotlin.p.d(a2);
        if (d2 != null) {
            n.a.a.e(d2);
        }
        if (kotlin.p.f(a2)) {
            a2 = null;
        }
        String str = (String) a2;
        n.a.a.a("the gotten Subject is : %s", str);
        HpidIDTokenInfo.HpidUserInfo tokenInfo = authZToken != null ? authZToken.getTokenInfo() : null;
        if (str != null) {
            if (q.d(tokenInfo != null ? tokenInfo.getSub() : null, str)) {
                return true;
            }
        }
        n.a.a.a("validatePublicKey() - Token is not Authentic! Token Subject mismatch found!", new Object[0]);
        return false;
    }
}
