package org.daisy.pipeline.webserviceutils;

import java.net.URI;
import java.net.URISyntaxException;
import java.security.SignatureException;
import java.text.ParseException;
import java.text.SimpleDateFormat;
import java.util.Date;
import java.util.Random;
import java.util.TimeZone;
import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;
import org.apache.commons.codec.binary.Base64;
import org.daisy.pipeline.clients.Client;
import org.daisy.pipeline.webserviceutils.requestlog.RequestLog;
import org.daisy.pipeline.webserviceutils.requestlog.impl.SimpleRequestLogEntry;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/daisy/pipeline/webserviceutils/Authenticator.class */
public class Authenticator {
    private static Logger logger = LoggerFactory.getLogger(Authenticator.class.getName());
    private RequestLog requestLog;
    private static final String HMAC_SHA1_ALGORITHM = "HmacSHA1";

    public Authenticator(RequestLog requestLog) {
        this.requestLog = requestLog;
    }

    public boolean authenticate(Client client, String str, String str2, String str3, String str4, long j) {
        int indexOf = str4.indexOf("&sign=", 0);
        if (indexOf <= 1) {
            return false;
        }
        try {
            String calculateRFC2104HMAC = calculateRFC2104HMAC(str4.substring(0, indexOf), client.getSecret());
            SimpleDateFormat simpleDateFormat = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss'Z'");
            simpleDateFormat.setTimeZone(TimeZone.getTimeZone("UTC"));
            Date date = new Date(System.currentTimeMillis());
            try {
                Date parse = simpleDateFormat.parse(str2);
                if (!str.equals(calculateRFC2104HMAC)) {
                    logger.error("Hash values do not match");
                    return false;
                }
                if (date.getTime() - parse.getTime() > j) {
                    logger.error("Request expired");
                    return false;
                }
                if (checkValidNonce(client, str3, str2)) {
                    return true;
                }
                logger.error("Invalid nonce");
                return false;
            } catch (ParseException e) {
                logger.error(String.format("Could not parse timestamp: %s", str2));
                e.printStackTrace();
                return false;
            }
        } catch (SignatureException e2) {
            logger.error("Could not generate hash");
            e2.printStackTrace();
            return false;
        }
    }

    public static URI createUriWithCredentials(String str, Client client) {
        String format = String.format("authid=%s&time=%s&nonce=%s", client.getId(), getCurrentTimestamp(), generateNonce());
        String str2 = str.indexOf("?") == -1 ? str + "?" + format : str + "&" + format;
        URI uri = null;
        try {
            uri = new URI(str2 + "&sign=" + calculateRFC2104HMAC(str2, client.getSecret()));
        } catch (URISyntaxException e) {
            e.printStackTrace();
        } catch (SignatureException e2) {
            e2.printStackTrace();
        }
        return uri;
    }

    private boolean checkValidNonce(Client client, String str, String str2) {
        if (client == null) {
            throw new IllegalArgumentException("Client is null");
        }
        SimpleRequestLogEntry simpleRequestLogEntry = new SimpleRequestLogEntry(client.getId(), str, str2);
        if (this.requestLog.contains(simpleRequestLogEntry)) {
            logger.warn("Duplicate nonce detected.");
            return false;
        }
        this.requestLog.add(simpleRequestLogEntry);
        return true;
    }

    private static String calculateRFC2104HMAC(String str, String str2) throws SignatureException {
        try {
            SecretKeySpec secretKeySpec = new SecretKeySpec(str2.getBytes(), HMAC_SHA1_ALGORITHM);
            Mac mac = Mac.getInstance(HMAC_SHA1_ALGORITHM);
            mac.init(secretKeySpec);
            return Base64.encodeBase64String(mac.doFinal(str.getBytes()));
        } catch (Exception e) {
            throw new SignatureException("Failed to generate HMAC : " + e.getMessage());
        }
    }

    private static String generateNonce() {
        return String.format("%-30d", Long.valueOf((long) (new Random().nextDouble() * ((long) Math.pow(10.0d, 30.0d))))).replace(' ', '0');
    }

    private static String getCurrentTimestamp() {
        SimpleDateFormat simpleDateFormat = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm");
        simpleDateFormat.setTimeZone(TimeZone.getTimeZone("GMT"));
        return simpleDateFormat.format(new Date()) + 'Z';
    }
}
