package io.confluent.security.authentication.oauthbearer;

import java.security.Principal;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import org.jose4j.jwt.JwtClaims;
import org.jose4j.jwt.MalformedClaimException;
import org.jose4j.jwt.NumericDate;

/* loaded from: input_file:io/confluent/security/authentication/oauthbearer/JwtPrincipal.class */
public class JwtPrincipal implements Principal, Claims {
    private static final long NOT_BEFORE_NULL = -1;
    private static final long ISSUED_AT_NULL = -1;
    private final String jti;
    private final String issuer;
    private final Set<String> audience;
    private final String subject;
    private final long notBefore;
    private final long issuedAt;
    private final long expiresOn;
    private final JwtClaims claims;

    public JwtPrincipal(JwtClaims jwtClaims) {
        try {
            this.jti = jwtClaims.getJwtId();
            this.issuer = jwtClaims.getIssuer();
            this.audience = new HashSet(jwtClaims.getAudience());
            this.subject = jwtClaims.getSubject();
            NumericDate notBefore = jwtClaims.getNotBefore();
            this.notBefore = notBefore != null ? notBefore.getValueInMillis() : -1L;
            NumericDate issuedAt = jwtClaims.getIssuedAt();
            this.issuedAt = issuedAt != null ? issuedAt.getValueInMillis() : -1L;
            this.expiresOn = jwtClaims.getExpirationTime().getValueInMillis();
            this.claims = jwtClaims;
        } catch (MalformedClaimException e) {
            throw new IllegalArgumentException("Unable to construct Principal", e);
        }
    }

    @Override // java.security.Principal
    public String getName() {
        return this.subject;
    }

    @Override // io.confluent.security.authentication.oauthbearer.Claims
    public String jti() {
        return this.jti;
    }

    @Override // io.confluent.security.authentication.oauthbearer.Claims
    public String issuer() {
        return this.issuer;
    }

    @Override // io.confluent.security.authentication.oauthbearer.Claims
    public String subject() {
        return this.subject;
    }

    @Override // io.confluent.security.authentication.oauthbearer.Claims
    public String authorizedParty() {
        return this.subject;
    }

    @Override // io.confluent.security.authentication.oauthbearer.Claims
    public Set<String> audience() {
        return this.audience;
    }

    @Override // io.confluent.security.authentication.oauthbearer.Claims
    public long notBefore() {
        return this.notBefore;
    }

    @Override // io.confluent.security.authentication.oauthbearer.Claims
    public long issuedAt() {
        return this.issuedAt;
    }

    @Override // io.confluent.security.authentication.oauthbearer.Claims
    public long expiresOn() {
        return this.expiresOn;
    }

    @Override // io.confluent.security.authentication.oauthbearer.Claims
    public Map<String, Object> asMap() {
        return this.claims.getClaimsMap();
    }

    @Override // io.confluent.security.authentication.oauthbearer.Claims
    public <T> Collection<T> claimValues(String str, Class<T> cls) {
        return toTypedCollection((List) claimValue(str, List.class), cls);
    }

    @Override // io.confluent.security.authentication.oauthbearer.Claims
    public <T> T claimValue(String str, Class<T> cls) {
        try {
            return (T) this.claims.getClaimValue(str, cls);
        } catch (Throwable th) {
            throw new IllegalArgumentException("Claim value could not be extracted", th);
        }
    }

    private <T> Collection<T> toTypedCollection(List<?> list, Class<T> cls) {
        if (list == null) {
            return Collections.emptyList();
        }
        ArrayList arrayList = new ArrayList();
        Iterator<?> it = list.iterator();
        while (it.hasNext()) {
            try {
                arrayList.add(cls.cast(it.next()));
            } catch (ClassCastException e) {
                throw new IllegalArgumentException("Claim value could not be extracted", e);
            }
        }
        return arrayList;
    }
}
