package org.adamalang.services.security;

import io.jsonwebtoken.Jwts;
import java.security.PrivateKey;
import java.util.HashSet;
import java.util.function.Consumer;
import org.adamalang.ErrorCodes;
import org.adamalang.common.Callback;
import org.adamalang.common.ErrorCodeException;
import org.adamalang.common.Json;
import org.adamalang.common.NamedRunnable;
import org.adamalang.common.SimpleExecutor;
import org.adamalang.metrics.FirstPartyMetrics;
import org.adamalang.runtime.natives.NtPrincipal;
import org.adamalang.runtime.remote.ServiceConfig;
import org.adamalang.runtime.remote.SimpleService;
import org.adamalang.runtime.security.Keystore;

/* loaded from: input_file:org/adamalang/services/security/IdentitySigner.class */
public class IdentitySigner extends SimpleService {
    private final FirstPartyMetrics metrics;
    private final SimpleExecutor offload;
    private final String authority;
    private final PrivateKey privateKey;

    public IdentitySigner(FirstPartyMetrics firstPartyMetrics, SimpleExecutor simpleExecutor, String str, String str2) throws ErrorCodeException {
        super("identitysigner", new NtPrincipal("identitysigner", "service"), true);
        this.metrics = firstPartyMetrics;
        this.offload = simpleExecutor;
        this.authority = str;
        this.privateKey = Keystore.parsePrivateKey(Json.parseJsonObject(str2));
    }

    public static IdentitySigner build(FirstPartyMetrics firstPartyMetrics, ServiceConfig serviceConfig, SimpleExecutor simpleExecutor) throws ErrorCodeException {
        return new IdentitySigner(firstPartyMetrics, simpleExecutor, serviceConfig.getString("authority", ""), serviceConfig.getDecryptedSecret("private_key"));
    }

    public static String definition(int i, String str, HashSet<String> hashSet, Consumer<String> consumer) {
        StringBuilder sb = new StringBuilder();
        sb.append("message _IdentitySigner_Req").append(" { string agent; }\n");
        sb.append("message _IdentitySigner_Res").append(" { string identity; }\n");
        sb.append("service identitysigner {\n");
        sb.append("  class=\"identitysigner\";\n");
        sb.append("  ").append(str).append("\n");
        if (!hashSet.contains("authority")) {
            consumer.accept("identitysigner requires an 'authority' field");
        }
        if (!hashSet.contains("private_key")) {
            consumer.accept("identitysigner requires a 'private_key' field (and it should be encrypted)");
        }
        sb.append("  method<_IdentitySigner_Req").append(", _IdentitySigner_Res").append("> sign;\n");
        sb.append("}\n");
        return sb.toString();
    }

    @Override // org.adamalang.runtime.remote.SimpleService
    public void request(NtPrincipal ntPrincipal, final String str, final String str2, final Callback<String> callback) {
        this.offload.execute(new NamedRunnable("off-main", new String[0]) { // from class: org.adamalang.services.security.IdentitySigner.1
            @Override // org.adamalang.common.NamedRunnable
            public void execute() throws Exception {
                try {
                    if ("sign".equals(str)) {
                        callback.success("{\"identity\":\"" + Jwts.builder().mo1280subject(Json.parseJsonObject(str2).get("agent").textValue()).mo1282issuer(IdentitySigner.this.authority).signWith(IdentitySigner.this.privateKey).compact() + "\"}");
                    } else {
                        callback.failure(new ErrorCodeException(ErrorCodes.FIRST_PARTY_SERVICES_METHOD_NOT_FOUND));
                    }
                } catch (Exception e) {
                    callback.failure(new ErrorCodeException(ErrorCodes.FIRST_PARTY_SERVICES_METHOD_EXCEPTION));
                }
            }
        });
    }
}
