package com.mulesoft.connectors.google.bigquery.internal.connection.token;

import com.auth0.jwt.JWT;
import com.auth0.jwt.algorithms.Algorithm;
import com.google.api.client.util.PemReader;
import com.google.api.client.util.SecurityUtils;
import java.io.IOException;
import java.io.StringReader;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.Date;
import org.mule.runtime.api.exception.MuleRuntimeException;
import org.mule.runtime.api.i18n.I18nMessageFactory;

/* loaded from: input_file:com/mulesoft/connectors/google/bigquery/internal/connection/token/JWTTokenGenerator.class */
public class JWTTokenGenerator implements TokenGenerator<ExpirableTokenContext> {
    private final Algorithm signAlgorithm;
    private String privateKeyId;
    private String issuer;
    private String subject;
    private String audience;

    public JWTTokenGenerator(String str, String str2, String str3, String str4, String str5) {
        this.privateKeyId = str;
        this.issuer = str2;
        this.subject = str3;
        this.audience = str4;
        this.signAlgorithm = Algorithm.RSA256((RSAPublicKey) null, (RSAPrivateKey) privateKeyFromPkcs8(str5));
    }

    @Override // com.mulesoft.connectors.google.bigquery.internal.connection.token.TokenGenerator
    public String generate(ExpirableTokenContext expirableTokenContext) {
        return JWT.create().withKeyId(this.privateKeyId).withIssuer(this.issuer).withSubject(this.subject).withAudience(new String[]{this.audience}).withIssuedAt(Date.from(expirableTokenContext.getIssuedAt())).withExpiresAt(Date.from(expirableTokenContext.getExpiresAt())).sign(this.signAlgorithm);
    }

    protected PrivateKey privateKeyFromPkcs8(String str) {
        try {
            PemReader.Section readFirstSectionAndClose = PemReader.readFirstSectionAndClose(new StringReader(str.replace("   ", System.getProperty("line.separator"))), "PRIVATE KEY");
            if (readFirstSectionAndClose == null) {
                throw new MuleRuntimeException(I18nMessageFactory.createStaticMessage("Invalid PKCS8 data."));
            }
            try {
                return SecurityUtils.getRsaKeyFactory().generatePrivate(new PKCS8EncodedKeySpec(readFirstSectionAndClose.getBase64DecodedBytes()));
            } catch (NoSuchAlgorithmException e) {
                throw new MuleRuntimeException(I18nMessageFactory.createStaticMessage("No such algorithm"), e);
            } catch (InvalidKeySpecException e2) {
                throw new MuleRuntimeException(I18nMessageFactory.createStaticMessage("Invalid private key"), e2);
            }
        } catch (IOException e3) {
            throw new MuleRuntimeException(I18nMessageFactory.createStaticMessage("Cant read the private key."));
        }
    }
}
