package io.confluent.kafka.test.utils;

import com.amazonaws.regions.ServiceAbbreviations;
import java.io.File;
import java.io.FileWriter;
import java.io.IOException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.PublicKey;
import org.apache.kafka.test.TestUtils;
import org.bouncycastle.openssl.jcajce.JcaPEMWriter;
import org.jose4j.jws.AlgorithmIdentifiers;
import org.jose4j.jws.JsonWebSignature;
import org.jose4j.jwt.JwtClaims;
import org.jose4j.jwt.NumericDate;
import org.jose4j.lang.JoseException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:io/confluent/kafka/test/utils/TokenTestUtils.class */
public class TokenTestUtils {
    private static final Logger log = LoggerFactory.getLogger((Class<?>) TokenTestUtils.class);

    /* loaded from: input_file:io/confluent/kafka/test/utils/TokenTestUtils$JwsContainer.class */
    public static class JwsContainer {
        private final String jwsToken;
        private final File publicKeyFile;

        JwsContainer(String str, File file) {
            this.jwsToken = str;
            this.publicKeyFile = file;
        }

        public File getPublicKeyFile() {
            return this.publicKeyFile;
        }

        public String getJwsToken() {
            return this.jwsToken;
        }
    }

    public static JwsContainer setUpJws(Integer num, String str, String str2) throws Exception {
        KeyPair generateKeyPair = generateKeyPair();
        String sign = sign(generateKeyPair.getPrivate(), num, str, str2);
        File tempFile = TestUtils.tempFile();
        writePemFile(tempFile, generateKeyPair.getPublic());
        return new JwsContainer(sign, tempFile);
    }

    public static void writePemFile(File file, PublicKey publicKey) throws IOException {
        JcaPEMWriter jcaPEMWriter = new JcaPEMWriter(new FileWriter(file));
        jcaPEMWriter.writeObject(publicKey);
        jcaPEMWriter.close();
    }

    public static KeyPair generateKeyPair() throws Exception {
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
        keyPairGenerator.initialize(2048);
        return keyPairGenerator.genKeyPair();
    }

    private static String sign(PrivateKey privateKey, Integer num, String str, String str2) {
        try {
            JwtClaims jwtClaims = new JwtClaims();
            jwtClaims.setIssuer(str);
            if (num != null) {
                NumericDate now = NumericDate.now();
                now.addSeconds(num.intValue() / 1000);
                jwtClaims.setExpirationTime(now);
            }
            jwtClaims.setGeneratedJwtId();
            jwtClaims.setIssuedAtToNow();
            jwtClaims.setNotBeforeMinutesInThePast(2.0f);
            if (str2 != null) {
                jwtClaims.setSubject(str2);
            }
            jwtClaims.setClaim(ServiceAbbreviations.CloudWatch, true);
            JsonWebSignature jsonWebSignature = new JsonWebSignature();
            jsonWebSignature.setPayload(jwtClaims.toJson());
            jsonWebSignature.setKey(privateKey);
            jsonWebSignature.setAlgorithmHeaderValue(AlgorithmIdentifiers.RSA_USING_SHA256);
            return jsonWebSignature.getCompactSerialization();
        } catch (JoseException e) {
            log.error("Error creating JWS for test");
            return null;
        }
    }
}
