package com.cht.kms.cli;

import com.cht.com.beust.jcommander.JCommander;
import com.cht.com.beust.jcommander.Parameter;
import com.cht.com.beust.jcommander.converters.FileConverter;
import com.cht.kms.client.jwt.JwtClaimsSet;
import com.cht.kms.client.jwt.JwtSignedDataGenerator;
import com.cht.kms.client.util.CryptoUtil;
import com.cht.org.jose4j.jwt.JwtClaims;
import java.io.File;
import java.security.Key;
import java.util.Date;
import java.util.List;
import java.util.UUID;

/* loaded from: input_file:com/cht/kms/cli/JWTSIGN.class */
public class JWTSIGN {

    @Parameter(names = {"-file"}, description = "input key file", converter = FileConverter.class, required = true)
    private File file;

    @Parameter(names = {"-pass"}, description = "pass phrase source", password = true, required = true)
    private String passphrase;
    private char[] cpassphrase;

    @Parameter(names = {"-iss"}, description = "the issuer identifier for the issuer of the response", required = true)
    private String iss;

    @Parameter(names = {"-sub"}, description = "an identifier for the user", required = true)
    private String sub;

    @Parameter(names = {"-aud"}, description = "identifies the audience that this token is intended for", required = true)
    private List<String> aud;

    @Parameter(names = {"-exp"}, description = "the time the token expires in the future (in minutes)", required = true)
    private int exp;

    @Parameter(names = {"-help"}, help = true)
    private boolean help;
    private Key signingKey;

    public static void main(String[] strArr) throws Exception {
        JWTSIGN jwtsign = new JWTSIGN();
        JCommander jCommander = new JCommander(jwtsign, strArr);
        jCommander.setProgramName("JWTSIGN");
        if (jwtsign.help) {
            jCommander.usage();
        } else {
            jwtsign.run();
        }
    }

    public void run() throws Exception {
        this.cpassphrase = this.passphrase.toCharArray();
        this.passphrase = "";
        this.signingKey = CryptoUtil.loadKeyFromFile(this.file, this.cpassphrase);
        doSign();
    }

    private void doSign() throws Exception {
        Date date = new Date();
        JwtClaims build = new JwtClaimsSet.Builder().issuer(this.iss).subject(this.sub).audience(this.aud).expirationTime(new Date(date.getTime() + (this.exp * 60000))).notBeforeTime(date).issueTime(date).jwtID(UUID.randomUUID().toString()).build();
        JwtSignedDataGenerator.RS256 rs256 = new JwtSignedDataGenerator.RS256();
        rs256.setSigningKey(this.signingKey);
        System.out.println(rs256.sign(build));
    }
}
