package io.getlime.security.powerauth.rest.api.spring.service.v3;

import io.getlime.core.rest.model.base.response.Response;
import io.getlime.powerauth.soap.v3.StartUpgradeResponse;
import io.getlime.security.powerauth.crypto.lib.enums.PowerAuthSignatureTypes;
import io.getlime.security.powerauth.http.PowerAuthEncryptionHttpHeader;
import io.getlime.security.powerauth.rest.api.base.authentication.PowerAuthApiAuthentication;
import io.getlime.security.powerauth.rest.api.base.exception.PowerAuthAuthenticationException;
import io.getlime.security.powerauth.rest.api.base.exception.PowerAuthUpgradeException;
import io.getlime.security.powerauth.rest.api.model.request.v3.EciesEncryptedRequest;
import io.getlime.security.powerauth.rest.api.model.response.v3.EciesEncryptedResponse;
import io.getlime.security.powerauth.rest.api.spring.provider.PowerAuthAuthenticationProvider;
import io.getlime.security.powerauth.soap.spring.client.PowerAuthServiceClient;
import java.util.Collections;
import javax.servlet.http.HttpServletRequest;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;

@Service("upgradeServiceV3")
/* loaded from: input_file:io/getlime/security/powerauth/rest/api/spring/service/v3/UpgradeService.class */
public class UpgradeService {
    private static final Logger logger = LoggerFactory.getLogger(UpgradeService.class);
    private PowerAuthServiceClient powerAuthClient;
    private PowerAuthAuthenticationProvider authenticationProvider;

    @Autowired
    public void setPowerAuthClient(PowerAuthServiceClient powerAuthServiceClient) {
        this.powerAuthClient = powerAuthServiceClient;
    }

    @Autowired
    public void setAuthenticationProvider(PowerAuthAuthenticationProvider powerAuthAuthenticationProvider) {
        this.authenticationProvider = powerAuthAuthenticationProvider;
    }

    public EciesEncryptedResponse upgradeStart(EciesEncryptedRequest eciesEncryptedRequest, PowerAuthEncryptionHttpHeader powerAuthEncryptionHttpHeader) throws PowerAuthUpgradeException {
        try {
            String ephemeralPublicKey = eciesEncryptedRequest.getEphemeralPublicKey();
            String encryptedData = eciesEncryptedRequest.getEncryptedData();
            String mac = eciesEncryptedRequest.getMac();
            String nonce = eciesEncryptedRequest.getNonce();
            StartUpgradeResponse startUpgrade = this.powerAuthClient.startUpgrade(powerAuthEncryptionHttpHeader.getActivationId(), powerAuthEncryptionHttpHeader.getApplicationKey(), ephemeralPublicKey, encryptedData, mac, nonce);
            EciesEncryptedResponse eciesEncryptedResponse = new EciesEncryptedResponse();
            eciesEncryptedResponse.setMac(startUpgrade.getMac());
            eciesEncryptedResponse.setEncryptedData(startUpgrade.getEncryptedData());
            return eciesEncryptedResponse;
        } catch (Exception e) {
            logger.warn("PowerAuth upgrade start failed", e);
            throw new PowerAuthUpgradeException();
        }
    }

    public Response upgradeCommit(String str, HttpServletRequest httpServletRequest) throws PowerAuthAuthenticationException, PowerAuthUpgradeException {
        try {
            byte[] extractRequestBodyBytes = this.authenticationProvider.extractRequestBodyBytes(httpServletRequest);
            if (extractRequestBodyBytes == null || extractRequestBodyBytes.length == 0) {
                throw new PowerAuthAuthenticationException();
            }
            PowerAuthApiAuthentication validateRequestSignature = this.authenticationProvider.validateRequestSignature("POST", extractRequestBodyBytes, "/pa/upgrade/commit", str, Collections.singletonList(PowerAuthSignatureTypes.POSSESSION), 3);
            if (validateRequestSignature == null || validateRequestSignature.getActivationId() == null) {
                throw new PowerAuthAuthenticationException();
            }
            if (this.powerAuthClient.commitUpgrade(validateRequestSignature.getActivationId(), validateRequestSignature.getHttpHeader().getApplicationKey()).isCommitted()) {
                return new Response();
            }
            throw new PowerAuthUpgradeException();
        } catch (PowerAuthAuthenticationException e) {
            throw e;
        } catch (Exception e2) {
            logger.warn("PowerAuth upgrade commit failed", e2);
            throw new PowerAuthUpgradeException();
        }
    }
}
