package com.licensespring.api;

import com.licensespring.BaseConfiguration;
import com.licensespring.LicenseData;
import com.licensespring.internal.services.DateProvider;
import com.licensespring.internal.services.NowDateProvider;
import com.licensespring.model.LicenseIdentity;
import com.licensespring.model.exceptions.LicenseSpringException;
import io.jans.as.model.config.Constants;
import io.jans.as.model.uma.UmaConstants;
import java.io.IOException;
import java.io.InputStreamReader;
import java.nio.charset.StandardCharsets;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.PublicKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.X509EncodedKeySpec;
import java.time.Instant;
import java.time.format.DateTimeFormatter;
import java.time.format.DateTimeFormatterBuilder;
import java.util.Base64;
import java.util.Map;
import java.util.TreeMap;
import java.util.stream.Collectors;
import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;
import lombok.Generated;
import org.bouncycastle.util.io.pem.PemReader;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/licensespring/api/AuthorizationService.class */
public class AuthorizationService {
    private static final String HMAC_SHA256_ALGORITHM = "HmacSHA256";
    private DateProvider dateProvider;
    private final BaseConfiguration configuration;
    private static final Logger log = LoggerFactory.getLogger(AuthorizationService.class);
    public static final DateTimeFormatter DONT_TRUNCATE_ZERO_MILLIS = new DateTimeFormatterBuilder().appendInstant(3).toFormatter();

    public AuthorizationService(BaseConfiguration baseConfiguration, DateProvider dateProvider) {
        this.configuration = baseConfiguration;
        this.dateProvider = dateProvider;
    }

    public AuthorizationService(BaseConfiguration baseConfiguration) {
        this(baseConfiguration, new NowDateProvider());
    }

    public Map<String, String> generateHeaders() {
        return addSignatureToHeaders(new TreeMap());
    }

    public Map<String, String> addSignatureToHeaders(Map<String, String> map) {
        String createSignature = createSignature(map);
        log.debug("Signature: " + createSignature);
        map.put(Constants.AUTHORIZATION, "algorithm=\"hmac-sha256\",headers=\"date\",signature=\"" + createSignature + "\",apikey=\"" + this.configuration.getApiKey() + "\"");
        map.put("Content-Type", UmaConstants.JSON_MEDIA_TYPE);
        return map;
    }

    public String createSignature(Map<String, String> map) {
        return hmac(createSignatureString(map));
    }

    public String createSignature(String str, String str2, String str3, String str4) {
        return hmac(createOfflineSignature(str, str2, str3, str4));
    }

    public String createOfflineSignature(String str, String str2, String str3, String str4) {
        return String.join("\n", "licenseSpring", "date: " + str, str2, str3, str4);
    }

    public String createSignatureString(Map<String, String> map) {
        String formattedDate = this.dateProvider.getFormattedDate();
        log.debug("Date: " + formattedDate);
        map.put("date", formattedDate);
        return "licenseSpring\n" + ((String) map.entrySet().stream().map(entry -> {
            return ((String) entry.getKey()) + ": " + ((String) entry.getValue());
        }).collect(Collectors.joining("\n")));
    }

    public void verify(LicenseIdentity licenseIdentity, String str, LicenseData licenseData) {
        try {
            if (checkSignature(licenseData, str, licenseIdentity)) {
            } else {
                throw new LicenseSpringException("Could not verify license");
            }
        } catch (Exception e) {
            log.error("Error in verifying license signature.", e);
            throw new LicenseSpringException("Could not verify license");
        }
    }

    public boolean checkSignature(LicenseData licenseData, String str, LicenseIdentity licenseIdentity) throws NoSuchAlgorithmException, InvalidKeySpecException, InvalidKeyException, SignatureException {
        String buildSignatureString = buildSignatureString(licenseData.getValidityPeriod() == null ? null : licenseData.getValidityPeriod().toInstant(), str, licenseIdentity);
        Signature signature = Signature.getInstance("SHA256withRSA");
        signature.initVerify(buildPublicKey());
        signature.update(buildSignatureString.getBytes());
        return signature.verify(Base64.getDecoder().decode(licenseData.getLicenseSignature().getBytes()));
    }

    private String buildSignatureString(Instant instant, String str, LicenseIdentity licenseIdentity) {
        return String.join("#", str, licenseIdentity.getIdentity(), instant == null ? "" : DONT_TRUNCATE_ZERO_MILLIS.format(instant)).toLowerCase();
    }

    public PublicKey buildPublicKey() throws NoSuchAlgorithmException, InvalidKeySpecException {
        return KeyFactory.getInstance("RSA").generatePublic(new X509EncodedKeySpec(readPemFile()));
    }

    public byte[] readPemFile() {
        try {
            return new PemReader(new InputStreamReader(AuthorizationService.class.getClassLoader().getResourceAsStream(this.configuration.getServiceURL().contains("staging") ? "staging.pem" : "production.pem"))).readPemObject().getContent();
        } catch (IOException e) {
            return null;
        }
    }

    public String hmac(String str) {
        try {
            SecretKeySpec secretKeySpec = new SecretKeySpec(this.configuration.getSharedKey().getBytes(StandardCharsets.UTF_8), HMAC_SHA256_ALGORITHM);
            Mac mac = Mac.getInstance(HMAC_SHA256_ALGORITHM);
            mac.init(secretKeySpec);
            return Base64.getEncoder().encodeToString(mac.doFinal(str.getBytes(StandardCharsets.UTF_8)));
        } catch (InvalidKeyException | NoSuchAlgorithmException e) {
            throw new LicenseSpringException("Exception during creation hmac", e);
        }
    }

    @Generated
    public void setDateProvider(DateProvider dateProvider) {
        this.dateProvider = dateProvider;
    }
}
