package net.oauth.signatures;

import com.github.scribejava.core.httpclient.HttpClient;
import java.security.SignatureException;
import javax.servlet.http.HttpServletRequest;
import net.oauth.jsontoken.Clock;
import net.oauth.jsontoken.JsonTokenParser;
import net.oauth.jsontoken.SystemClock;
import net.oauth.jsontoken.discovery.VerifierProviders;

/* loaded from: input_file:lib/jsontoken-1.1.jar:net/oauth/signatures/SignedJsonAssertionTokenParser.class */
public class SignedJsonAssertionTokenParser {
    public static String EXPECTED_CONTENT_TYPE = HttpClient.DEFAULT_CONTENT_TYPE;
    private final VerifierProviders locators;
    private final NonceChecker nonceChecker;
    private final Clock clock;

    public SignedJsonAssertionTokenParser(VerifierProviders verifierProviders, NonceChecker nonceChecker) {
        this(verifierProviders, nonceChecker, new SystemClock());
    }

    public SignedJsonAssertionTokenParser(VerifierProviders verifierProviders, NonceChecker nonceChecker, Clock clock) {
        this.locators = verifierProviders;
        this.nonceChecker = nonceChecker;
        this.clock = clock;
    }

    public SignedJsonAssertionToken parseToken(HttpServletRequest httpServletRequest) throws SignatureException {
        if (!httpServletRequest.getContentType().startsWith(EXPECTED_CONTENT_TYPE)) {
            throw new SignatureException("bad content type: " + httpServletRequest.getContentType());
        }
        String parameter = httpServletRequest.getParameter("grant_type");
        if (parameter == null || !parameter.equalsIgnoreCase(SignedJsonAssertionToken.GRANT_TYPE_VALUE)) {
            throw new SignatureException("bad grant_type: " + parameter);
        }
        String parameter2 = httpServletRequest.getParameter(SignedJsonAssertionToken.JWT);
        if (parameter2 == null) {
            throw new SignatureException("empty json assertion");
        }
        StringBuffer requestURL = httpServletRequest.getRequestURL();
        if (httpServletRequest.getQueryString() != null) {
            requestURL.append("?");
            requestURL.append(httpServletRequest.getQueryString());
        }
        return parseToken(parameter2, requestURL.toString());
    }

    public SignedJsonAssertionToken parseToken(String str, String str2) throws SignatureException {
        SignedJsonAssertionToken signedJsonAssertionToken = new SignedJsonAssertionToken(new JsonTokenParser(this.clock, this.locators, new SignedJsonAssertionAudienceChecker(str2)).verifyAndDeserialize(str));
        if (this.nonceChecker != null) {
            this.nonceChecker.checkNonce(signedJsonAssertionToken.getNonce());
        }
        return signedJsonAssertionToken;
    }
}
