package com.uid2.attestation.gcp;

import com.google.api.client.json.gson.GsonFactory;
import com.google.api.client.json.webtoken.JsonWebSignature;
import com.uid2.enclave.AttestationException;
import com.uid2.enclave.IAttestationProvider;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.nio.file.Files;
import java.nio.file.Paths;
import java.time.DateTimeException;
import java.time.Duration;
import java.time.Instant;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/uid2/attestation/gcp/OidcAttestationProvider.class */
public class OidcAttestationProvider implements IAttestationProvider {
    private static final Logger LOGGER = LoggerFactory.getLogger(OidcAttestationProvider.class);
    private final String tokenFilePath;
    private static final String DefaultTokenFilePath = "/run/container_launcher/attestation_verifier_claims_token";
    private final long expirationThresholdSeconds;
    private static final long DefaultExpirationThresholdSeconds = 60;

    public OidcAttestationProvider() {
        this(DefaultTokenFilePath);
    }

    public OidcAttestationProvider(String str) {
        this(str, DefaultExpirationThresholdSeconds);
    }

    public OidcAttestationProvider(String str, long j) {
        this.tokenFilePath = str;
        this.expirationThresholdSeconds = j;
    }

    public boolean isReady() {
        try {
            long seconds = Duration.between(Instant.now(), Instant.ofEpochSecond(JsonWebSignature.parse(GsonFactory.getDefaultInstance(), new String(Files.readAllBytes(Paths.get(this.tokenFilePath, new String[0])))).getPayload().getExpirationTimeSeconds().longValue())).getSeconds();
            if (seconds >= this.expirationThresholdSeconds) {
                return true;
            }
            LOGGER.warn("OIDC token to expire in " + seconds + " seconds");
            return false;
        } catch (IOException e) {
            LOGGER.warn("Failed to load or parse OIDC token: " + e.getMessage());
            return false;
        } catch (DateTimeException e2) {
            LOGGER.warn("Failed to parse OIDC token expiration time: " + e2.getMessage());
            return false;
        } catch (Exception e3) {
            LOGGER.warn("Failed to check OIDC token readiness: " + e3.getMessage());
            return false;
        }
    }

    public byte[] getAttestationRequest(byte[] bArr, byte[] bArr2) throws AttestationException {
        try {
            String str = new String(Files.readAllBytes(Paths.get(this.tokenFilePath, new String[0])));
            if (str.isEmpty()) {
                throw new AttestationException("Token is empty");
            }
            return str.getBytes(StandardCharsets.US_ASCII);
        } catch (IOException e) {
            throw new AttestationException(e);
        }
    }
}
