package io.dialob.security.spring.apikey;

import ch.qos.logback.core.net.ssl.SSL;
import io.dialob.security.UUIDUtils;
import io.dialob.security.key.ApiKey;
import io.dialob.security.key.ImmutableApiKey;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.util.Base64;
import java.util.UUID;
import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;

/* loaded from: input_file:BOOT-INF/lib/dialob-security-spring-2.1.17.jar:io/dialob/security/spring/apikey/HmacSHA256ApiKeyGenerator.class */
public class HmacSHA256ApiKeyGenerator implements ApiKeyGenerator {
    private final SecretKeySpec secretKey;
    private final SecureRandom secureRandom = SecureRandom.getInstance(SSL.DEFAULT_SECURE_RANDOM_ALGORITHM);

    public HmacSHA256ApiKeyGenerator(byte[] bArr) throws NoSuchAlgorithmException {
        this.secretKey = new SecretKeySpec(bArr, "HmacSHA256");
    }

    @Override // io.dialob.security.spring.apikey.ApiKeyGenerator
    public ApiKey generateApiKey(String str, byte[] bArr) {
        try {
            Mac mac = Mac.getInstance("HmacSHA256");
            mac.init(this.secretKey);
            byte[] doFinal = mac.doFinal(bArr);
            byte[] bArr2 = new byte[30];
            System.arraycopy(UUIDUtils.toBytes(UUID.fromString(str)), 0, bArr2, 0, 16);
            System.arraycopy(bArr, 0, bArr2, 16, 14);
            return ImmutableApiKey.builder().clientId(str).hash(Base64.getEncoder().encodeToString(doFinal)).token(Base64.getEncoder().encodeToString(bArr2)).build();
        } catch (Exception e) {
            throw new IllegalStateException(e);
        }
    }

    @Override // io.dialob.security.spring.apikey.ApiKeyGenerator
    public ApiKey generateApiKey(String str) {
        byte[] bArr = new byte[14];
        this.secureRandom.nextBytes(bArr);
        return generateApiKey(str, bArr);
    }
}
