package io.getlime.security.powerauth.rest.api.spring.service;

import com.wultra.security.powerauth.client.PowerAuthClient;
import com.wultra.security.powerauth.client.model.request.CommitUpgradeRequest;
import com.wultra.security.powerauth.client.model.request.StartUpgradeRequest;
import com.wultra.security.powerauth.client.model.response.StartUpgradeResponse;
import io.getlime.core.rest.model.base.response.Response;
import io.getlime.security.powerauth.crypto.lib.enums.PowerAuthSignatureTypes;
import io.getlime.security.powerauth.http.PowerAuthEncryptionHttpHeader;
import io.getlime.security.powerauth.rest.api.model.request.EciesEncryptedRequest;
import io.getlime.security.powerauth.rest.api.model.response.EciesEncryptedResponse;
import io.getlime.security.powerauth.rest.api.spring.authentication.PowerAuthApiAuthentication;
import io.getlime.security.powerauth.rest.api.spring.exception.PowerAuthAuthenticationException;
import io.getlime.security.powerauth.rest.api.spring.exception.PowerAuthUpgradeException;
import io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthInvalidRequestException;
import io.getlime.security.powerauth.rest.api.spring.exception.authentication.PowerAuthSignatureInvalidException;
import io.getlime.security.powerauth.rest.api.spring.provider.PowerAuthAuthenticationProvider;
import jakarta.servlet.http.HttpServletRequest;
import java.util.Collections;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;

@Service("upgradeServiceV3")
/* loaded from: input_file:io/getlime/security/powerauth/rest/api/spring/service/UpgradeService.class */
public class UpgradeService {
    private static final Logger logger = LoggerFactory.getLogger(UpgradeService.class);
    private final PowerAuthClient powerAuthClient;
    private final PowerAuthAuthenticationProvider authenticationProvider;
    private final HttpCustomizationService httpCustomizationService;

    @Autowired
    public UpgradeService(PowerAuthClient powerAuthClient, PowerAuthAuthenticationProvider powerAuthAuthenticationProvider, HttpCustomizationService httpCustomizationService) {
        this.powerAuthClient = powerAuthClient;
        this.authenticationProvider = powerAuthAuthenticationProvider;
        this.httpCustomizationService = httpCustomizationService;
    }

    public EciesEncryptedResponse upgradeStart(EciesEncryptedRequest eciesEncryptedRequest, PowerAuthEncryptionHttpHeader powerAuthEncryptionHttpHeader) throws PowerAuthUpgradeException {
        try {
            String activationId = powerAuthEncryptionHttpHeader.getActivationId();
            String applicationKey = powerAuthEncryptionHttpHeader.getApplicationKey();
            StartUpgradeRequest startUpgradeRequest = new StartUpgradeRequest();
            startUpgradeRequest.setActivationId(activationId);
            startUpgradeRequest.setApplicationKey(applicationKey);
            startUpgradeRequest.setEphemeralPublicKey(eciesEncryptedRequest.getEphemeralPublicKey());
            startUpgradeRequest.setEncryptedData(eciesEncryptedRequest.getEncryptedData());
            startUpgradeRequest.setMac(eciesEncryptedRequest.getMac());
            startUpgradeRequest.setNonce(eciesEncryptedRequest.getNonce());
            startUpgradeRequest.setProtocolVersion(powerAuthEncryptionHttpHeader.getVersion());
            startUpgradeRequest.setTimestamp(eciesEncryptedRequest.getTimestamp());
            StartUpgradeResponse startUpgrade = this.powerAuthClient.startUpgrade(startUpgradeRequest, this.httpCustomizationService.getQueryParams(), this.httpCustomizationService.getHttpHeaders());
            EciesEncryptedResponse eciesEncryptedResponse = new EciesEncryptedResponse();
            eciesEncryptedResponse.setMac(startUpgrade.getMac());
            eciesEncryptedResponse.setEncryptedData(startUpgrade.getEncryptedData());
            eciesEncryptedResponse.setNonce(startUpgrade.getNonce());
            eciesEncryptedResponse.setTimestamp(startUpgrade.getTimestamp());
            return eciesEncryptedResponse;
        } catch (Exception e) {
            logger.warn("PowerAuth upgrade start failed, error: {}", e.getMessage());
            logger.debug(e.getMessage(), e);
            throw new PowerAuthUpgradeException();
        }
    }

    public Response upgradeCommit(String str, HttpServletRequest httpServletRequest) throws PowerAuthAuthenticationException, PowerAuthUpgradeException {
        try {
            byte[] extractRequestBodyBytes = this.authenticationProvider.extractRequestBodyBytes(httpServletRequest);
            if (extractRequestBodyBytes == null || extractRequestBodyBytes.length == 0) {
                logger.warn("Empty request body");
                throw new PowerAuthInvalidRequestException();
            }
            PowerAuthApiAuthentication validateRequestSignatureWithActivationDetails = this.authenticationProvider.validateRequestSignatureWithActivationDetails("POST", extractRequestBodyBytes, "/pa/upgrade/commit", str, Collections.singletonList(PowerAuthSignatureTypes.POSSESSION), 3);
            if (!validateRequestSignatureWithActivationDetails.getAuthenticationContext().isValid() || validateRequestSignatureWithActivationDetails.getActivationContext().getActivationId() == null) {
                logger.debug("Signature validation failed");
                throw new PowerAuthSignatureInvalidException();
            }
            String activationId = validateRequestSignatureWithActivationDetails.getActivationContext().getActivationId();
            String applicationKey = validateRequestSignatureWithActivationDetails.getHttpHeader().getApplicationKey();
            CommitUpgradeRequest commitUpgradeRequest = new CommitUpgradeRequest();
            commitUpgradeRequest.setActivationId(activationId);
            commitUpgradeRequest.setApplicationKey(applicationKey);
            if (this.powerAuthClient.commitUpgrade(commitUpgradeRequest, this.httpCustomizationService.getQueryParams(), this.httpCustomizationService.getHttpHeaders()).isCommitted()) {
                return new Response();
            }
            logger.debug("Upgrade commit failed");
            throw new PowerAuthUpgradeException();
        } catch (PowerAuthAuthenticationException e) {
            throw e;
        } catch (Exception e2) {
            logger.warn("PowerAuth upgrade commit failed, error: {}", e2.getMessage());
            logger.debug(e2.getMessage(), e2);
            throw new PowerAuthUpgradeException();
        }
    }
}
