package com.wealdtech.hawk;

import com.fasterxml.jackson.annotation.JsonCreator;
import com.fasterxml.jackson.annotation.JsonValue;
import com.google.common.base.Strings;
import com.google.common.io.BaseEncoding;
import com.rsa.securidlib.android.TokenImportDataParser;
import com.wealdtech.DataError;
import com.wealdtech.Preconditions;
import com.wealdtech.ServerError;
import com.wealdtech.hawk.HawkCredentials;
import io.fabric.sdk.android.services.events.EventsFilesManager;
import java.io.UnsupportedEncodingException;
import java.net.URI;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.util.Locale;
import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;
import org.apache.commons.io.IOUtils;

/* loaded from: classes2.dex */
public class Hawk {
    private static final int DEFAULT_HTTPS_PORT = 443;
    private static final int DEFAULT_HTTP_PORT = 80;
    public static final String HAWKVERSION = "1";
    protected static final long MILLISECONDS_IN_SECONDS = 1000;

    /* loaded from: classes2.dex */
    public enum AuthType {
        HEADER,
        BEWIT;

        @JsonCreator
        public static AuthType parse(String str) {
            try {
                return valueOf(str.toUpperCase(Locale.ENGLISH));
            } catch (IllegalArgumentException unused) {
                throw new DataError.Bad("Hawk authentication type \"" + str + "\" is invalid");
            }
        }

        @Override // java.lang.Enum
        @JsonValue
        public String toString() {
            return super.toString().toLowerCase(Locale.ENGLISH);
        }
    }

    /* loaded from: classes2.dex */
    public enum PayloadValidation {
        NEVER,
        IFPRESENT,
        MANDATORY;

        @JsonCreator
        public static PayloadValidation parse(String str) {
            try {
                return valueOf(str.toUpperCase(Locale.ENGLISH).replaceAll("-", EventsFilesManager.ROLL_OVER_FILE_NAME_SEPARATOR));
            } catch (IllegalArgumentException unused) {
                throw new DataError.Bad("Hawk algorithm \"" + str + "\" is invalid");
            }
        }

        @Override // java.lang.Enum
        @JsonValue
        public String toString() {
            return super.toString().toLowerCase(Locale.ENGLISH).replaceAll(EventsFilesManager.ROLL_OVER_FILE_NAME_SEPARATOR, "-");
        }
    }

    public static String calculateBodyMac(HawkCredentials hawkCredentials, String str, String str2) {
        Preconditions.checkNotNull(str, "Content type is required but not supplied");
        Preconditions.checkNotNull(str2, "Body is required but not supplied");
        StringBuilder sb = new StringBuilder(1024);
        sb.append("hawk.");
        sb.append(HAWKVERSION);
        sb.append(".payload\n");
        if (str.indexOf(59) != -1) {
            sb.append(str.substring(0, str.indexOf(59)).toLowerCase(Locale.ENGLISH));
        } else {
            sb.append(str.toLowerCase(Locale.ENGLISH));
        }
        sb.append('\n');
        sb.append(str2);
        sb.append('\n');
        return calculateMac(hawkCredentials, sb.toString());
    }

    public static String calculateMAC(HawkCredentials hawkCredentials, AuthType authType, Long l, URI uri, String str, String str2, String str3, String str4, String str5, String str6) {
        Preconditions.checkNotNull(hawkCredentials, "Credentials are required but not supplied");
        Preconditions.checkNotNull(l, "Timestamp is required but not supplied");
        Preconditions.checkNotNull(uri, "URI is required but not supplied");
        Preconditions.checkNotNull(authType, "Authentication type is required but not supplied");
        if (authType.equals(AuthType.HEADER)) {
            Preconditions.checkNotNull(str, "Nonce is required but not supplied");
            Preconditions.checkNotNull(str2, "Method is required but not supplied");
        }
        StringBuilder sb = new StringBuilder(1024);
        sb.append("hawk.");
        sb.append(HAWKVERSION);
        sb.append('.');
        sb.append(authType.toString());
        sb.append('\n');
        sb.append(l);
        sb.append('\n');
        if (authType.equals(AuthType.HEADER)) {
            sb.append(str);
        }
        sb.append('\n');
        if (authType.equals(AuthType.BEWIT)) {
            sb.append("GET");
        } else {
            sb.append(str2.toUpperCase(Locale.ENGLISH));
        }
        sb.append('\n');
        sb.append(uri.getRawPath());
        if (uri.getQuery() != null) {
            sb.append('?');
            sb.append(uri.getRawQuery());
        }
        sb.append('\n');
        sb.append(uri.getHost().toLowerCase(Locale.ENGLISH));
        sb.append('\n');
        sb.append(getPort(uri));
        sb.append('\n');
        if (authType.equals(AuthType.HEADER) && str3 != null) {
            sb.append(str3);
        }
        sb.append('\n');
        sb.append(Strings.nullToEmpty(str4).replace("\\", "\\\\").replace(IOUtils.LINE_SEPARATOR_UNIX, "\\n"));
        sb.append('\n');
        if (str5 != null) {
            sb.append(str5);
            sb.append('\n');
            sb.append(Strings.nullToEmpty(str6));
            sb.append('\n');
        }
        return calculateMac(hawkCredentials, sb.toString());
    }

    public static String calculateMac(HawkCredentials hawkCredentials, String str) {
        try {
            Mac mac = Mac.getInstance(hawkCredentials.getJavaAlgorithm());
            try {
                try {
                    mac.init(new SecretKeySpec(hawkCredentials.getKey().getBytes("UTF-8"), hawkCredentials.getJavaAlgorithm()));
                    return BaseEncoding.base64().encode(mac.doFinal(str.getBytes("UTF-8")));
                } catch (InvalidKeyException e) {
                    throw new DataError.Bad("Invalid key", e);
                }
            } catch (UnsupportedEncodingException e2) {
                throw new ServerError("Unable to encode with UTF-8", e2);
            }
        } catch (NoSuchAlgorithmException e3) {
            throw new DataError.Bad("Unknown encryption algorithm", e3);
        }
    }

    public static String calculateTSMac(long j) {
        return calculateMac(new HawkCredentials.Builder().keyId("dummy").key("dummy").algorithm(HawkCredentials.Algorithm.SHA256).build(), String.valueOf(j));
    }

    public static String generateBewit(HawkCredentials hawkCredentials, URI uri, Long l, String str) {
        Preconditions.checkNotNull(hawkCredentials, "Credentials are required but not supplied");
        Preconditions.checkNotNull(uri, "URI is required but not supplied");
        Preconditions.checkNotNull(l, "TTL is required but not supplied");
        Preconditions.checkState(l.longValue() > 0, "TTL must be a positive value");
        Long valueOf = Long.valueOf((System.currentTimeMillis() / 1000) + l.longValue());
        String calculateMAC = calculateMAC(hawkCredentials, AuthType.BEWIT, valueOf, uri, null, null, null, str, null, null);
        StringBuffer stringBuffer = new StringBuffer(256);
        stringBuffer.append(hawkCredentials.getKeyId());
        stringBuffer.append('\\');
        stringBuffer.append(String.valueOf(valueOf));
        stringBuffer.append('\\');
        stringBuffer.append(calculateMAC);
        stringBuffer.append('\\');
        if (str != null) {
            stringBuffer.append(str);
        }
        return BaseEncoding.base64().encode(stringBuffer.toString().getBytes());
    }

    private static int getPort(URI uri) {
        int port = uri.getPort();
        if (port != -1) {
            return port;
        }
        if ("http".equals(uri.getScheme())) {
            return 80;
        }
        if (TokenImportDataParser.HTTPS.equals(uri.getScheme())) {
            return DEFAULT_HTTPS_PORT;
        }
        throw new DataError.Bad("Unknown URI scheme \"" + uri.getScheme() + "\"");
    }
}
