package io.getlime.security.powerauth.rest.api.jaxrs.provider;

import com.google.common.io.BaseEncoding;
import io.getlime.powerauth.soap.v3.PowerAuthPortV3ServiceStub;
import io.getlime.security.powerauth.crypto.lib.enums.PowerAuthSignatureTypes;
import io.getlime.security.powerauth.http.PowerAuthHttpBody;
import io.getlime.security.powerauth.http.PowerAuthHttpHeader;
import io.getlime.security.powerauth.http.PowerAuthSignatureHttpHeader;
import io.getlime.security.powerauth.http.PowerAuthTokenHttpHeader;
import io.getlime.security.powerauth.http.validator.InvalidPowerAuthHttpHeaderException;
import io.getlime.security.powerauth.http.validator.PowerAuthSignatureHttpHeaderValidator;
import io.getlime.security.powerauth.http.validator.PowerAuthTokenHttpHeaderValidator;
import io.getlime.security.powerauth.rest.api.base.authentication.PowerAuthApiAuthentication;
import io.getlime.security.powerauth.rest.api.base.authentication.PowerAuthAuthentication;
import io.getlime.security.powerauth.rest.api.base.authentication.PowerAuthSignatureAuthentication;
import io.getlime.security.powerauth.rest.api.base.authentication.PowerAuthTokenAuthentication;
import io.getlime.security.powerauth.rest.api.base.exception.PowerAuthAuthenticationException;
import io.getlime.security.powerauth.rest.api.base.provider.PowerAuthAuthenticationProviderBase;
import io.getlime.security.powerauth.rest.api.jaxrs.authentication.PowerAuthApiAuthenticationImpl;
import io.getlime.security.powerauth.rest.api.jaxrs.authentication.PowerAuthSignatureAuthenticationImpl;
import io.getlime.security.powerauth.rest.api.jaxrs.authentication.PowerAuthTokenAuthenticationImpl;
import io.getlime.security.powerauth.rest.api.jaxrs.converter.v3.SignatureTypeConverter;
import io.getlime.security.powerauth.soap.axis.client.PowerAuthServiceClient;
import java.rmi.RemoteException;
import java.util.List;
import javax.ejb.Stateless;
import javax.inject.Inject;

@Stateless
/* loaded from: input_file:io/getlime/security/powerauth/rest/api/jaxrs/provider/PowerAuthAuthenticationProvider.class */
public class PowerAuthAuthenticationProvider extends PowerAuthAuthenticationProviderBase {

    @Inject
    private PowerAuthServiceClient powerAuthClient;

    public PowerAuthApiAuthentication authenticate(PowerAuthAuthentication powerAuthAuthentication) throws RemoteException {
        if (powerAuthAuthentication instanceof PowerAuthSignatureAuthentication) {
            return validateSignatureAuthentication((PowerAuthSignatureAuthentication) powerAuthAuthentication);
        }
        if (powerAuthAuthentication instanceof PowerAuthTokenAuthentication) {
            return validateTokenAuthentication((PowerAuthTokenAuthentication) powerAuthAuthentication);
        }
        return null;
    }

    private PowerAuthApiAuthentication validateSignatureAuthentication(PowerAuthSignatureAuthentication powerAuthSignatureAuthentication) throws RemoteException {
        if (powerAuthSignatureAuthentication.getSignatureType() == null) {
            return null;
        }
        PowerAuthPortV3ServiceStub.SignatureType convertFrom = new SignatureTypeConverter().convertFrom(powerAuthSignatureAuthentication.getSignatureType());
        PowerAuthPortV3ServiceStub.VerifySignatureRequest verifySignatureRequest = new PowerAuthPortV3ServiceStub.VerifySignatureRequest();
        verifySignatureRequest.setActivationId(powerAuthSignatureAuthentication.getActivationId());
        verifySignatureRequest.setApplicationKey(powerAuthSignatureAuthentication.getApplicationKey());
        verifySignatureRequest.setSignature(powerAuthSignatureAuthentication.getSignature());
        verifySignatureRequest.setSignatureType(convertFrom);
        verifySignatureRequest.setData(PowerAuthHttpBody.getSignatureBaseString(powerAuthSignatureAuthentication.getHttpMethod(), powerAuthSignatureAuthentication.getRequestUri(), powerAuthSignatureAuthentication.getNonce(), powerAuthSignatureAuthentication.getData()));
        if (powerAuthSignatureAuthentication.getForcedSignatureVersion() != null) {
            verifySignatureRequest.setForcedSignatureVersion(powerAuthSignatureAuthentication.getForcedSignatureVersion().intValue());
        }
        PowerAuthPortV3ServiceStub.VerifySignatureResponse verifySignature = this.powerAuthClient.verifySignature(verifySignatureRequest);
        if (!verifySignature.getSignatureValid()) {
            return null;
        }
        PowerAuthApiAuthenticationImpl powerAuthApiAuthenticationImpl = new PowerAuthApiAuthenticationImpl();
        powerAuthApiAuthenticationImpl.setActivationId(verifySignature.getActivationId());
        powerAuthApiAuthenticationImpl.setUserId(verifySignature.getUserId());
        powerAuthApiAuthenticationImpl.setApplicationId(Long.valueOf(verifySignature.getApplicationId()));
        powerAuthApiAuthenticationImpl.setSignatureFactors(PowerAuthSignatureTypes.getEnumFromString(verifySignature.getSignatureType().getValue()));
        powerAuthApiAuthenticationImpl.setVersion(powerAuthSignatureAuthentication.getVersion());
        powerAuthApiAuthenticationImpl.setHttpHeader(powerAuthSignatureAuthentication.getHttpHeader());
        return powerAuthApiAuthenticationImpl;
    }

    private PowerAuthApiAuthentication validateTokenAuthentication(PowerAuthTokenAuthentication powerAuthTokenAuthentication) throws RemoteException {
        PowerAuthPortV3ServiceStub.ValidateTokenRequest validateTokenRequest = new PowerAuthPortV3ServiceStub.ValidateTokenRequest();
        validateTokenRequest.setTokenId(powerAuthTokenAuthentication.getTokenId());
        validateTokenRequest.setTokenDigest(powerAuthTokenAuthentication.getTokenDigest());
        validateTokenRequest.setNonce(powerAuthTokenAuthentication.getNonce());
        validateTokenRequest.setTimestamp(Long.valueOf(powerAuthTokenAuthentication.getTimestamp()).longValue());
        PowerAuthPortV3ServiceStub.ValidateTokenResponse validateToken = this.powerAuthClient.validateToken(validateTokenRequest);
        if (validateToken.getTokenValid()) {
            return copyAuthenticationAttributes(validateToken.getActivationId(), validateToken.getUserId(), Long.valueOf(validateToken.getApplicationId()), PowerAuthSignatureTypes.getEnumFromString(validateToken.getSignatureType().getValue()), powerAuthTokenAuthentication.getVersion(), powerAuthTokenAuthentication.getHttpHeader());
        }
        return null;
    }

    private PowerAuthApiAuthentication copyAuthenticationAttributes(String str, String str2, Long l, PowerAuthSignatureTypes powerAuthSignatureTypes, String str3, PowerAuthHttpHeader powerAuthHttpHeader) {
        PowerAuthApiAuthenticationImpl powerAuthApiAuthenticationImpl = new PowerAuthApiAuthenticationImpl();
        powerAuthApiAuthenticationImpl.setActivationId(str);
        powerAuthApiAuthenticationImpl.setUserId(str2);
        powerAuthApiAuthenticationImpl.setApplicationId(l);
        powerAuthApiAuthenticationImpl.setSignatureFactors(powerAuthSignatureTypes);
        powerAuthApiAuthenticationImpl.setVersion(str3);
        powerAuthApiAuthenticationImpl.setHttpHeader(powerAuthHttpHeader);
        return powerAuthApiAuthenticationImpl;
    }

    public PowerAuthApiAuthentication validateRequestSignature(String str, byte[] bArr, String str2, String str3, List<PowerAuthSignatureTypes> list, Integer num) throws PowerAuthAuthenticationException {
        if (str3 == null || str3.equals("undefined")) {
            throw new PowerAuthAuthenticationException("POWER_AUTH_SIGNATURE_INVALID_EMPTY");
        }
        PowerAuthSignatureHttpHeader fromValue = new PowerAuthSignatureHttpHeader().fromValue(str3);
        try {
            PowerAuthSignatureHttpHeaderValidator.validate(fromValue);
            if (!list.contains(PowerAuthSignatureTypes.getEnumFromString(fromValue.getSignatureType()))) {
                throw new PowerAuthAuthenticationException("POWER_AUTH_SIGNATURE_TYPE_INVALID");
            }
            PowerAuthSignatureAuthenticationImpl powerAuthSignatureAuthenticationImpl = new PowerAuthSignatureAuthenticationImpl();
            powerAuthSignatureAuthenticationImpl.setActivationId(fromValue.getActivationId());
            powerAuthSignatureAuthenticationImpl.setApplicationKey(fromValue.getApplicationKey());
            powerAuthSignatureAuthenticationImpl.setNonce(BaseEncoding.base64().decode(fromValue.getNonce()));
            powerAuthSignatureAuthenticationImpl.setSignatureType(fromValue.getSignatureType());
            powerAuthSignatureAuthenticationImpl.setSignature(fromValue.getSignature());
            powerAuthSignatureAuthenticationImpl.setHttpMethod(str);
            powerAuthSignatureAuthenticationImpl.setRequestUri(str2);
            powerAuthSignatureAuthenticationImpl.setData(bArr);
            powerAuthSignatureAuthenticationImpl.setVersion(fromValue.getVersion());
            powerAuthSignatureAuthenticationImpl.setHttpHeader(fromValue);
            powerAuthSignatureAuthenticationImpl.setForcedSignatureVersion(num);
            try {
                PowerAuthApiAuthentication authenticate = authenticate(powerAuthSignatureAuthenticationImpl);
                if (authenticate == null) {
                    throw new PowerAuthAuthenticationException("POWER_AUTH_SIGNATURE_INVALID_VALUE");
                }
                return authenticate;
            } catch (RemoteException e) {
                throw new PowerAuthAuthenticationException("POWER_AUTH_SIGNATURE_SOAP_ERROR");
            }
        } catch (InvalidPowerAuthHttpHeaderException e2) {
            throw new PowerAuthAuthenticationException(e2.getMessage());
        }
    }

    public PowerAuthApiAuthentication validateToken(String str, List<PowerAuthSignatureTypes> list) throws PowerAuthAuthenticationException {
        if (str == null || str.equals("undefined")) {
            throw new PowerAuthAuthenticationException("POWER_AUTH_TOKEN_INVALID_EMPTY");
        }
        PowerAuthTokenHttpHeader fromValue = new PowerAuthTokenHttpHeader().fromValue(str);
        try {
            PowerAuthTokenHttpHeaderValidator.validate(fromValue);
            PowerAuthTokenAuthenticationImpl powerAuthTokenAuthenticationImpl = new PowerAuthTokenAuthenticationImpl();
            powerAuthTokenAuthenticationImpl.setTokenId(fromValue.getTokenId());
            powerAuthTokenAuthenticationImpl.setTokenDigest(fromValue.getTokenDigest());
            powerAuthTokenAuthenticationImpl.setNonce(fromValue.getNonce());
            powerAuthTokenAuthenticationImpl.setTimestamp(fromValue.getTimestamp());
            powerAuthTokenAuthenticationImpl.setVersion(fromValue.getVersion());
            powerAuthTokenAuthenticationImpl.setHttpHeader(fromValue);
            try {
                PowerAuthApiAuthentication authenticate = authenticate(powerAuthTokenAuthenticationImpl);
                if (authenticate == null) {
                    throw new PowerAuthAuthenticationException("POWER_AUTH_TOKEN_INVALID_VALUE");
                }
                if (list.contains(authenticate.getSignatureFactors())) {
                    return authenticate;
                }
                throw new PowerAuthAuthenticationException("POWER_AUTH_TOKEN_SIGNATURE_TYPE_INVALID");
            } catch (RemoteException e) {
                throw new PowerAuthAuthenticationException("POWER_AUTH_TOKEN_SOAP_ERROR");
            }
        } catch (InvalidPowerAuthHttpHeaderException e2) {
            throw new PowerAuthAuthenticationException(e2.getMessage());
        }
    }
}
