package io.getlime.security.powerauth.rest.api.jaxrs.controller.v3;

import io.getlime.security.powerauth.crypto.lib.enums.PowerAuthSignatureTypes;
import io.getlime.security.powerauth.rest.api.base.authentication.PowerAuthApiAuthentication;
import io.getlime.security.powerauth.rest.api.base.exception.PowerAuthAuthenticationException;
import io.getlime.security.powerauth.rest.api.jaxrs.provider.PowerAuthAuthenticationProvider;
import io.getlime.security.powerauth.rest.api.jaxrs.service.v3.RecoveryService;
import io.getlime.security.powerauth.rest.api.model.request.v3.EciesEncryptedRequest;
import io.getlime.security.powerauth.rest.api.model.response.v3.EciesEncryptedResponse;
import java.util.Collections;
import javax.inject.Inject;
import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.Consumes;
import javax.ws.rs.HeaderParam;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import javax.ws.rs.core.Context;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Produces({"application/json"})
@Path("/pa/v3/recovery")
/* loaded from: input_file:io/getlime/security/powerauth/rest/api/jaxrs/controller/v3/RecoveryController.class */
public class RecoveryController {
    private static final Logger logger = LoggerFactory.getLogger(RecoveryController.class);

    @Context
    private HttpServletRequest httpServletRequest;

    @Inject
    private PowerAuthAuthenticationProvider authenticationProvider;

    @Inject
    private RecoveryService recoveryService;

    @Path("confirm")
    @Consumes({"application/json"})
    @POST
    @Produces({"application/json"})
    public EciesEncryptedResponse confirmRecoveryCode(EciesEncryptedRequest eciesEncryptedRequest, @HeaderParam("X-PowerAuth-Authorization") String str) throws PowerAuthAuthenticationException {
        if (eciesEncryptedRequest == null) {
            logger.warn("Invalid request object in confirm recovery");
            throw new PowerAuthAuthenticationException();
        }
        PowerAuthApiAuthentication validateRequestSignature = this.authenticationProvider.validateRequestSignature(this.httpServletRequest, "/pa/recovery/confirm", str, Collections.singletonList(PowerAuthSignatureTypes.POSSESSION_KNOWLEDGE));
        if (validateRequestSignature == null || validateRequestSignature.getActivationId() == null) {
            throw new PowerAuthAuthenticationException();
        }
        if ("3.0".equals(validateRequestSignature.getVersion())) {
            return this.recoveryService.confirmRecoveryCode(eciesEncryptedRequest, validateRequestSignature);
        }
        logger.warn("Endpoint does not support PowerAuth protocol version {}", validateRequestSignature.getVersion());
        throw new PowerAuthAuthenticationException();
    }
}
