package io.getlime.security.powerauth.lib.cmd.steps;

import com.fasterxml.jackson.core.type.TypeReference;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.google.common.io.BaseEncoding;
import com.mashape.unirest.http.HttpResponse;
import com.mashape.unirest.http.Unirest;
import com.mashape.unirest.http.exceptions.UnirestException;
import io.getlime.core.rest.model.base.request.ObjectRequest;
import io.getlime.core.rest.model.base.response.ObjectResponse;
import io.getlime.security.powerauth.crypto.client.signature.PowerAuthClientSignature;
import io.getlime.security.powerauth.crypto.lib.config.PowerAuthConfiguration;
import io.getlime.security.powerauth.crypto.lib.encryptor.ecies.BasicEciesEncryptor;
import io.getlime.security.powerauth.crypto.lib.encryptor.ecies.model.EciesPayload;
import io.getlime.security.powerauth.crypto.lib.generator.KeyGenerator;
import io.getlime.security.powerauth.http.PowerAuthHttpBody;
import io.getlime.security.powerauth.http.PowerAuthSignatureHttpHeader;
import io.getlime.security.powerauth.lib.cmd.logging.JsonStepLogger;
import io.getlime.security.powerauth.lib.cmd.steps.model.CreateTokenStepModel;
import io.getlime.security.powerauth.lib.cmd.util.EncryptedStorageUtil;
import io.getlime.security.powerauth.lib.cmd.util.HttpUtil;
import io.getlime.security.powerauth.lib.cmd.util.RestClientConfiguration;
import io.getlime.security.powerauth.provider.CryptoProviderUtil;
import io.getlime.security.powerauth.rest.api.model.entity.TokenResponsePayload;
import io.getlime.security.powerauth.rest.api.model.request.TokenCreateRequest;
import io.getlime.security.powerauth.rest.api.model.response.TokenCreateResponse;
import java.io.FileWriter;
import java.security.interfaces.ECPublicKey;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;
import javax.crypto.SecretKey;
import org.json.simple.JSONObject;

/* loaded from: input_file:io/getlime/security/powerauth/lib/cmd/steps/CreateTokenStep.class */
public class CreateTokenStep implements BaseStep {
    private static final CryptoProviderUtil keyConversion = PowerAuthConfiguration.INSTANCE.getKeyConvertor();
    private static final KeyGenerator keyGenerator = new KeyGenerator();
    private static final PowerAuthClientSignature signature = new PowerAuthClientSignature();
    private static final ObjectMapper mapper = new ObjectMapper();

    @Override // io.getlime.security.powerauth.lib.cmd.steps.BaseStep
    public JSONObject execute(JsonStepLogger jsonStepLogger, Map<String, Object> map) throws Exception {
        CreateTokenStepModel createTokenStepModel = new CreateTokenStepModel();
        createTokenStepModel.fromMap(map);
        if (jsonStepLogger != null) {
            jsonStepLogger.writeItem("Token Create Started", null, "OK", null);
        }
        String str = createTokenStepModel.getUriString() + "/pa/token/create";
        String str2 = (String) createTokenStepModel.getResultStatusObject().get("activationId");
        long longValue = ((Long) createTokenStepModel.getResultStatusObject().get("counter")).longValue();
        byte[] decode = BaseEncoding.base64().decode((String) createTokenStepModel.getResultStatusObject().get("signaturePossessionKey"));
        byte[] decode2 = BaseEncoding.base64().decode((String) createTokenStepModel.getResultStatusObject().get("signatureKnowledgeKeySalt"));
        byte[] decode3 = BaseEncoding.base64().decode((String) createTokenStepModel.getResultStatusObject().get("signatureKnowledgeKeyEncrypted"));
        char[] readPassword = createTokenStepModel.getPassword() == null ? System.console().readPassword("Enter your password to unlock the knowledge related key: ", new Object[0]) : createTokenStepModel.getPassword().toCharArray();
        SecretKey convertBytesToSharedSecretKey = keyConversion.convertBytesToSharedSecretKey(decode);
        SecretKey signatureKnowledgeKey = EncryptedStorageUtil.getSignatureKnowledgeKey(readPassword, decode3, decode2, keyGenerator);
        byte[] generateRandomBytes = keyGenerator.generateRandomBytes(16);
        BasicEciesEncryptor basicEciesEncryptor = new BasicEciesEncryptor((ECPublicKey) createTokenStepModel.getMasterPublicKey());
        byte[] convertPublicKeyToBytes = keyConversion.convertPublicKeyToBytes(basicEciesEncryptor.getEphemeralPublicKey());
        EciesPayload encrypt = basicEciesEncryptor.encrypt(new byte[0], convertPublicKeyToBytes);
        TokenCreateRequest tokenCreateRequest = new TokenCreateRequest();
        tokenCreateRequest.setEphemeralPublicKey(BaseEncoding.base64().encode(convertPublicKeyToBytes));
        byte[] writeValueAsBytes = RestClientConfiguration.defaultMapper().writeValueAsBytes(new ObjectRequest(tokenCreateRequest));
        String buildHttpHeader = new PowerAuthSignatureHttpHeader(str2, createTokenStepModel.getApplicationKey(), signature.signatureForData((PowerAuthHttpBody.getSignatureBaseString("POST", "/pa/token/create", generateRandomBytes, writeValueAsBytes) + "&" + createTokenStepModel.getApplicationSecret()).getBytes("UTF-8"), Arrays.asList(convertBytesToSharedSecretKey, signatureKnowledgeKey), longValue), createTokenStepModel.getSignatureType().toString(), BaseEncoding.base64().encode(generateRandomBytes), "2.1").buildHttpHeader();
        createTokenStepModel.getResultStatusObject().put("counter", Long.valueOf(longValue + 1));
        String writeValueAsString = mapper.writerWithDefaultPrettyPrinter().writeValueAsString(createTokenStepModel.getResultStatusObject());
        FileWriter fileWriter = new FileWriter(createTokenStepModel.getStatusFileName());
        Throwable th = null;
        try {
            fileWriter.write(writeValueAsString);
            if (fileWriter != null) {
                if (0 != 0) {
                    try {
                        fileWriter.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                } else {
                    fileWriter.close();
                }
            }
            try {
                Map<String, ?> hashMap = new HashMap<>();
                hashMap.put("Accept", "application/json");
                hashMap.put("Content-Type", "application/json");
                hashMap.put("X-PowerAuth-Authorization", buildHttpHeader);
                hashMap.putAll(createTokenStepModel.getHeaders());
                if (jsonStepLogger != null) {
                    jsonStepLogger.writeServerCall(str, "POST", tokenCreateRequest, hashMap);
                }
                HttpResponse asString = Unirest.post(str).headers(hashMap).body(writeValueAsBytes).asString();
                if (asString.getStatus() != 200) {
                    if (jsonStepLogger == null) {
                        return null;
                    }
                    jsonStepLogger.writeServerCallError(asString.getStatus(), asString.getBody(), HttpUtil.flattenHttpHeaders(asString.getHeaders()));
                    jsonStepLogger.writeDoneFailed();
                    return null;
                }
                ObjectResponse objectResponse = (ObjectResponse) RestClientConfiguration.defaultMapper().readValue(asString.getRawBody(), new TypeReference<ObjectResponse<TokenCreateResponse>>() { // from class: io.getlime.security.powerauth.lib.cmd.steps.CreateTokenStep.1
                });
                if (jsonStepLogger != null) {
                    jsonStepLogger.writeServerCallOK(objectResponse, HttpUtil.flattenHttpHeaders(asString.getHeaders()));
                }
                TokenCreateResponse tokenCreateResponse = (TokenCreateResponse) objectResponse.getResponseObject();
                TokenResponsePayload tokenResponsePayload = (TokenResponsePayload) RestClientConfiguration.defaultMapper().readValue(basicEciesEncryptor.decrypt(new EciesPayload(encrypt.getEphemeralPublicKey(), BaseEncoding.base64().decode(tokenCreateResponse.getMac()), BaseEncoding.base64().decode(tokenCreateResponse.getEncryptedData()))), TokenResponsePayload.class);
                HashMap hashMap2 = new HashMap();
                hashMap2.put("tokenId", tokenResponsePayload.getTokenId());
                hashMap2.put("tokenSecret", tokenResponsePayload.getTokenSecret());
                if (jsonStepLogger != null) {
                    jsonStepLogger.writeItem("Token successfully obtained", "Token was successfully generated and decrypted", "OK", hashMap2);
                    jsonStepLogger.writeDoneOK();
                }
                return createTokenStepModel.getResultStatusObject();
            } catch (Exception e) {
                if (jsonStepLogger == null) {
                    return null;
                }
                jsonStepLogger.writeError(e);
                jsonStepLogger.writeDoneFailed();
                return null;
            } catch (UnirestException e2) {
                if (jsonStepLogger == null) {
                    return null;
                }
                jsonStepLogger.writeServerCallConnectionError(e2);
                jsonStepLogger.writeDoneFailed();
                return null;
            }
        } catch (Throwable th3) {
            if (fileWriter != null) {
                if (0 != 0) {
                    try {
                        fileWriter.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    fileWriter.close();
                }
            }
            throw th3;
        }
    }
}
