package com.visa.dmpd.token;

import com.fasterxml.jackson.core.JsonParseException;
import com.fasterxml.jackson.core.type.TypeReference;
import com.fasterxml.jackson.databind.JsonMappingException;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.visa.dmpd.encryption.GenericEncryptionUtility;
import com.visa.dmpd.encryption.exception.ExceptionType;
import com.visa.dmpd.encryption.exception.TokenException;
import com.visa.dmpd.token.JWTUtility;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.nio.charset.Charset;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.util.Map;
import org.bouncycastle.util.encoders.EncoderException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: classes.dex */
public final class AuthorizeToken {
    private static final Logger LOG = LoggerFactory.getLogger(AuthorizeToken.class);
    private static final Charset UTF_8 = Charset.forName("UTF-8");

    /* loaded from: classes.dex */
    public enum Validation {
        SUCCESS,
        FAILURE,
        EXPIRED
    }

    private static String computeHmacSHA256(String str, String str2) throws IllegalStateException, NoSuchAlgorithmException, InvalidKeyException, UnsupportedEncodingException {
        return GenericEncryptionUtility.computeHmacUrlSafeBase64("HmacSHA256", str, str2);
    }

    public static final String create(String str, String str2, String str3, String str4) throws TokenException {
        LOG.trace("Generating authorizeToken for \n claimSet : {} \n kid : {} \n algorithm : {}", new Object[]{str3, str2, str});
        validateAndThrowException("secret", str4);
        validateAndThrowException("claimset", str3);
        validateAndThrowException("kid", str2);
        validateAndThrowException("algorithm", str);
        if ("HS256".equals(str.trim())) {
            return createHmacSHA256AuthorizeToken(str, str2, str3, str4);
        }
        LOG.error("Invalid algorithm passed. Algorithm : {}. Expected HS256.", str);
        throw new TokenException("Error in generating authorizeToken: UnsupportedAlgorithm, Expected HS256.", ExceptionType.INPUT_ERROR);
    }

    public static final String create(String str, String str2, String str3, String str4, String str5) throws TokenException {
        return create(str, str2, str4, str5);
    }

    protected static String createHmacSHA256AuthorizeToken(String str, String str2, String str3, String str4) throws TokenException {
        try {
            StringBuilder sb = new StringBuilder(JWTUtility.buildAuthorizeTokenJWSHeaderBase64String(str2, str));
            sb.append('.');
            sb.append(GenericEncryptionUtility.bs64Encode(str3.getBytes(UTF_8)));
            String computeHmacSHA256 = computeHmacSHA256(str4, sb.toString());
            sb.append(".");
            sb.append(computeHmacSHA256);
            String sb2 = sb.toString();
            LOG.debug("Generated authorize token: {}", sb2);
            return sb2;
        } catch (UnsupportedEncodingException | IllegalStateException | NoSuchAlgorithmException e) {
            throw new TokenException("Error in generating authorizeToken: " + e.getMessage(), ExceptionType.SYSTEM_ERROR, e);
        } catch (RuntimeException e2) {
            throw new TokenException("Error in generating authorizeToken: " + e2.getMessage(), ExceptionType.INPUT_ERROR, e2);
        } catch (InvalidKeyException | EncoderException e3) {
            throw new TokenException("Error in generating authorizeToken: " + e3.getMessage(), ExceptionType.INPUT_ERROR, e3);
        } catch (Exception e4) {
            throw new TokenException("Error in generating authorizeToken:Unexpected error ", ExceptionType.SYSTEM_ERROR, e4);
        }
    }

    public static final String getKid(String str) throws TokenException {
        validateAndThrowException("JWS", str);
        LOG.trace("Getting kid from the JWS {}", str);
        try {
            JWTUtility.JWEPushProvisioningHeader header = new JWTUtility.JWSData(str).getHeader();
            if (header == null) {
                throw new TokenException("No JWE Header found in the given JWS.", ExceptionType.INPUT_ERROR);
            }
            String kid = header.getKid();
            LOG.debug("Extracted kid: {} ", kid);
            return kid;
        } catch (TokenException e) {
            throw e;
        } catch (RuntimeException e2) {
            throw new TokenException("Error extracting kid from input JWS", ExceptionType.INPUT_ERROR, e2);
        } catch (Throwable th) {
            throw new TokenException("Error extracting kid from input JWS", ExceptionType.SYSTEM_ERROR, th);
        }
    }

    protected static boolean isClaimsExpired(String str) throws TokenException {
        try {
            String str2 = (String) ((Map) new ObjectMapper().readValue(str, new TypeReference<Map<String, String>>() { // from class: com.visa.dmpd.token.AuthorizeToken.1
            })).get("exp");
            validateAndThrowException("Expiry timestamp", str2);
            long longValue = new Long(str2).longValue();
            long currentTimeMillis = System.currentTimeMillis() / 1000;
            if (currentTimeMillis <= longValue) {
                return false;
            }
            LOG.error("AuthorizeToken: Expired claims found.Current timestamp  {} Received timestamp {}", Long.valueOf(currentTimeMillis), Long.valueOf(longValue));
            return true;
        } catch (JsonParseException | JsonMappingException | TokenException e) {
            throw new TokenException("Error validating authorizeToken: " + e.getMessage(), ExceptionType.INPUT_ERROR, e);
        } catch (IOException e2) {
            throw new TokenException("Error validating authorizeToken: IOException", ExceptionType.INPUT_ERROR, e2);
        }
    }

    protected static boolean isHmacSHA256SignatureValid(String str, String str2, String str3) throws TokenException {
        try {
            String computeHmacSHA256 = computeHmacSHA256(str, str2);
            if (str3.equals(computeHmacSHA256)) {
                LOG.trace("Token validation passed for authorizeToken signature: {}", computeHmacSHA256);
                return true;
            }
            LOG.error("The Input signature {} and the computed signature {} did not match.", str3, computeHmacSHA256);
            return false;
        } catch (UnsupportedEncodingException | IllegalStateException | NoSuchAlgorithmException e) {
            throw new TokenException("Error validating signature: " + e.getMessage(), ExceptionType.SYSTEM_ERROR, e);
        } catch (InvalidKeyException e2) {
            throw new TokenException("Error validating signature: " + e2.getMessage(), ExceptionType.INPUT_ERROR, e2);
        }
    }

    public static final Validation validate(String str, String str2) throws TokenException {
        validateAndThrowException("authorizeToken", str);
        validateAndThrowException("secret", str2);
        LOG.trace("Validating authorizeToken with value[{}]", str);
        try {
            JWTUtility.JWSData jWSData = new JWTUtility.JWSData(str);
            JWTUtility.JWEPushProvisioningHeader header = jWSData.getHeader();
            if (header == null) {
                throw new TokenException("No JWE Header found in the given JWS.", ExceptionType.INPUT_ERROR);
            }
            String alg = header.getAlg();
            validateAndThrowException("algorithm", alg);
            if (!"HS256".equals(alg.trim())) {
                LOG.error("The algorithm in the header is not valid. Algorithm:{}, Expected HS256", alg);
                throw new TokenException("Error in validating authorizeToken: UnsupportedAlgorithm. Expected HS256.", ExceptionType.INPUT_ERROR);
            }
            String signature = jWSData.getSignature();
            validateAndThrowException("Signature", signature);
            String payload = jWSData.getPayload();
            validateAndThrowException("Encoded claims", payload);
            return isClaimsExpired(new String(GenericEncryptionUtility.bs64Decode(payload), UTF_8)) ? Validation.EXPIRED : isHmacSHA256SignatureValid(str2, new StringBuilder().append(jWSData.getHeaderJsonEncoded()).append('.').append(payload).toString(), signature) ? Validation.SUCCESS : Validation.FAILURE;
        } catch (TokenException e) {
            throw e;
        } catch (IllegalStateException e2) {
            throw new TokenException("Error validating authorizeToken: " + e2.getMessage(), ExceptionType.SYSTEM_ERROR, e2);
        } catch (RuntimeException e3) {
            throw new TokenException("Error validating authorizeToken: " + e3.getMessage(), ExceptionType.INPUT_ERROR, e3);
        } catch (Exception e4) {
            throw new TokenException("Error in validating authorizeToken ", ExceptionType.SYSTEM_ERROR, e4);
        }
    }

    private static void validateAndThrowException(String str, String str2) throws TokenException {
        if (str2 == null || str2.trim().isEmpty()) {
            LOG.error("Incorrect " + str + " passed, either null or empty.");
            throw new TokenException("The " + str + " can not be null or empty. Please provide valid value.", ExceptionType.INPUT_ERROR);
        }
    }
}
