// // Decompiled by Procyon v0.6.0 // package com.google.crypto.tink.jwt; import java.util.Iterator; import com.google.errorprone.annotations.Immutable; import com.google.crypto.tink.internal.PrimitiveRegistry; import com.google.crypto.tink.internal.MutablePrimitiveRegistry; import java.security.GeneralSecurityException; import com.google.crypto.tink.internal.MonitoringClient; import java.util.List; import com.google.crypto.tink.internal.MonitoringUtil; import com.google.crypto.tink.internal.MutableMonitoringRegistry; import com.google.crypto.tink.KeyStatus; import java.util.ArrayList; import com.google.crypto.tink.internal.MonitoringAnnotations; import com.google.crypto.tink.internal.KeysetHandleInterface; import com.google.crypto.tink.internal.PrimitiveWrapper; class JwtPublicKeyVerifyWrapper implements PrimitiveWrapper { private static final JwtPublicKeyVerifyWrapper WRAPPER; @Override public JwtPublicKeyVerify wrap(final KeysetHandleInterface keysetHandle, final MonitoringAnnotations annotations, final PrimitiveFactory factory) throws GeneralSecurityException { final List allVerifiers = new ArrayList(keysetHandle.size()); for (int i = 0; i < keysetHandle.size(); ++i) { final KeysetHandleInterface.Entry entry = keysetHandle.getAt(i); if (entry.getStatus().equals(KeyStatus.ENABLED)) { allVerifiers.add(new JwtPublicKeyVerifyWithId(factory.create(entry), entry.getId())); } } MonitoringClient.Logger logger; if (!annotations.isEmpty()) { final MonitoringClient client = MutableMonitoringRegistry.globalInstance().getMonitoringClient(); logger = client.createLogger(keysetHandle, annotations, "jwtverify", "verify"); } else { logger = MonitoringUtil.DO_NOTHING_LOGGER; } return new WrappedJwtPublicKeyVerify(logger, allVerifiers); } @Override public Class getPrimitiveClass() { return JwtPublicKeyVerify.class; } @Override public Class getInputPrimitiveClass() { return JwtPublicKeyVerify.class; } public static void register() throws GeneralSecurityException { MutablePrimitiveRegistry.globalInstance().registerPrimitiveWrapper((PrimitiveWrapper)JwtPublicKeyVerifyWrapper.WRAPPER); } public static void registerToInternalPrimitiveRegistry(final PrimitiveRegistry.Builder primitiveRegistryBuilder) throws GeneralSecurityException { primitiveRegistryBuilder.registerPrimitiveWrapper((PrimitiveWrapper)JwtPublicKeyVerifyWrapper.WRAPPER); } static { WRAPPER = new JwtPublicKeyVerifyWrapper(); } private static class JwtPublicKeyVerifyWithId { final JwtPublicKeyVerify verify; final int id; JwtPublicKeyVerifyWithId(final JwtPublicKeyVerify verify, final int id) { this.verify = verify; this.id = id; } } @Immutable private static class WrappedJwtPublicKeyVerify implements JwtPublicKeyVerify { private final MonitoringClient.Logger logger; private final List allVerifiers; public WrappedJwtPublicKeyVerify(final MonitoringClient.Logger logger, final List allVerifiers) { this.logger = logger; this.allVerifiers = allVerifiers; } @Override public VerifiedJwt verifyAndDecode(final String compact, final JwtValidator validator) throws GeneralSecurityException { GeneralSecurityException interestingException = null; for (final JwtPublicKeyVerifyWithId verifier : this.allVerifiers) { try { final VerifiedJwt result = verifier.verify.verifyAndDecode(compact, validator); this.logger.log(verifier.id, 1L); return result; } catch (final GeneralSecurityException e) { if (!(e instanceof JwtInvalidException)) { continue; } interestingException = e; continue; } break; } this.logger.logFailure(); if (interestingException != null) { throw interestingException; } throw new GeneralSecurityException("invalid JWT"); } } }