package io.getlime.security.powerauth.rest.api.spring.provider;

import com.google.common.io.BaseEncoding;
import io.getlime.powerauth.soap.VerifySignatureRequest;
import io.getlime.powerauth.soap.VerifySignatureResponse;
import io.getlime.security.powerauth.crypto.lib.enums.PowerAuthSignatureTypes;
import io.getlime.security.powerauth.http.PowerAuthHttpBody;
import io.getlime.security.powerauth.http.PowerAuthHttpHeader;
import io.getlime.security.powerauth.rest.api.base.application.PowerAuthApplicationConfiguration;
import io.getlime.security.powerauth.rest.api.base.authentication.PowerAuthApiAuthentication;
import io.getlime.security.powerauth.rest.api.base.exception.PowerAuthAuthenticationException;
import io.getlime.security.powerauth.rest.api.base.provider.PowerAuthAuthenticationProviderBase;
import io.getlime.security.powerauth.rest.api.spring.authentication.PowerAuthApiAuthenticationImpl;
import io.getlime.security.powerauth.rest.api.spring.authentication.PowerAuthAuthenticationImpl;
import io.getlime.security.powerauth.soap.spring.client.PowerAuthServiceClient;
import java.util.List;
import java.util.Map;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.stereotype.Component;

@Component
/* loaded from: input_file:io/getlime/security/powerauth/rest/api/spring/provider/PowerAuthAuthenticationProvider.class */
public class PowerAuthAuthenticationProvider extends PowerAuthAuthenticationProviderBase implements AuthenticationProvider {
    private PowerAuthServiceClient powerAuthClient;
    private PowerAuthApplicationConfiguration applicationConfiguration;

    @Autowired
    public void setPowerAuthClient(PowerAuthServiceClient powerAuthServiceClient) {
        this.powerAuthClient = powerAuthServiceClient;
    }

    @Autowired(required = false)
    public void setApplicationConfiguration(PowerAuthApplicationConfiguration powerAuthApplicationConfiguration) {
        this.applicationConfiguration = powerAuthApplicationConfiguration;
    }

    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
        PowerAuthAuthenticationImpl powerAuthAuthenticationImpl = (PowerAuthAuthenticationImpl) authentication;
        VerifySignatureRequest verifySignatureRequest = new VerifySignatureRequest();
        verifySignatureRequest.setActivationId(powerAuthAuthenticationImpl.getActivationId());
        verifySignatureRequest.setApplicationKey(powerAuthAuthenticationImpl.getApplicationKey());
        verifySignatureRequest.setSignature(powerAuthAuthenticationImpl.getSignature());
        verifySignatureRequest.setSignatureType(powerAuthAuthenticationImpl.getSignatureType());
        verifySignatureRequest.setData(PowerAuthHttpBody.getSignatureBaseString(powerAuthAuthenticationImpl.getHttpMethod(), powerAuthAuthenticationImpl.getRequestUri(), powerAuthAuthenticationImpl.getNonce(), powerAuthAuthenticationImpl.getData()));
        VerifySignatureResponse verifySignature = this.powerAuthClient.verifySignature(verifySignatureRequest);
        if (!verifySignature.isSignatureValid()) {
            return null;
        }
        PowerAuthApiAuthenticationImpl powerAuthApiAuthenticationImpl = new PowerAuthApiAuthenticationImpl();
        powerAuthApiAuthenticationImpl.setActivationId(verifySignature.getActivationId());
        powerAuthApiAuthenticationImpl.setUserId(verifySignature.getUserId());
        powerAuthApiAuthenticationImpl.setAuthenticated(true);
        return powerAuthApiAuthenticationImpl;
    }

    public boolean supports(Class<?> cls) {
        return cls == PowerAuthAuthenticationImpl.class;
    }

    public PowerAuthApiAuthentication validateRequestSignature(String str, byte[] bArr, String str2, String str3, List<PowerAuthSignatureTypes> list) throws PowerAuthAuthenticationException {
        if (str3 == null || str3.equals("undefined")) {
            throw new PowerAuthAuthenticationException("POWER_AUTH_SIGNATURE_INVALID_EMPTY");
        }
        Map parsePowerAuthSignatureHTTPHeader = PowerAuthHttpHeader.parsePowerAuthSignatureHTTPHeader(str3);
        if (parsePowerAuthSignatureHTTPHeader == null) {
            throw new PowerAuthAuthenticationException("POWER_AUTH_SIGNATURE_INVALID_EMPTY");
        }
        String str4 = (String) parsePowerAuthSignatureHTTPHeader.get("pa_activation_id");
        if (str4 == null) {
            throw new PowerAuthAuthenticationException("POWER_AUTH_ACTIVATION_ID_EMPTY");
        }
        String str5 = (String) parsePowerAuthSignatureHTTPHeader.get("pa_nonce");
        if (str5 == null) {
            throw new PowerAuthAuthenticationException("POWER_AUTH_NONCE_EMPTY");
        }
        String str6 = (String) parsePowerAuthSignatureHTTPHeader.get("pa_signature_type");
        if (str6 == null) {
            throw new PowerAuthAuthenticationException("POWER_AUTH_SIGNATURE_TYPE_EMPTY");
        }
        String str7 = (String) parsePowerAuthSignatureHTTPHeader.get("pa_signature");
        if (str7 == null) {
            throw new PowerAuthAuthenticationException("POWER_AUTH_SIGNATURE_EMPTY");
        }
        String str8 = (String) parsePowerAuthSignatureHTTPHeader.get("pa_application_key");
        if (str8 == null) {
            throw new PowerAuthAuthenticationException("POWER_AUTH_APPLICATION_EMPTY");
        }
        if (this.applicationConfiguration != null && !this.applicationConfiguration.isAllowedApplicationKey(str8)) {
            throw new PowerAuthAuthenticationException("POWER_AUTH_SIGNATURE_INVALID_APPLICATION_ID");
        }
        if (!list.contains(PowerAuthSignatureTypes.getEnumFromString(str6))) {
            throw new PowerAuthAuthenticationException("POWER_AUTH_SIGNATURE_TYPE_INVALID");
        }
        PowerAuthAuthenticationImpl powerAuthAuthenticationImpl = new PowerAuthAuthenticationImpl();
        powerAuthAuthenticationImpl.setActivationId(str4);
        powerAuthAuthenticationImpl.setApplicationKey(str8);
        powerAuthAuthenticationImpl.setNonce(BaseEncoding.base64().decode(str5));
        powerAuthAuthenticationImpl.setSignatureType(str6);
        powerAuthAuthenticationImpl.setSignature(str7);
        powerAuthAuthenticationImpl.setHttpMethod(str);
        powerAuthAuthenticationImpl.setRequestUri(str2);
        powerAuthAuthenticationImpl.setData(bArr);
        PowerAuthApiAuthentication authenticate = authenticate(powerAuthAuthenticationImpl);
        if (authenticate == null) {
            throw new PowerAuthAuthenticationException("POWER_AUTH_SIGNATURE_INVALID_VALUE");
        }
        return authenticate;
    }
}
