package ru.quadcom.commons.identity;

import com.dyuproject.protostuff.LinkedBuffer;
import com.dyuproject.protostuff.ProtostuffIOUtil;
import com.dyuproject.protostuff.Schema;
import com.dyuproject.protostuff.runtime.RuntimeSchema;
import java.util.Arrays;
import java.util.Date;
import org.joda.time.DateTime;
import ru.quadcom.commons.exceptions.UnauthorizedException;
import ru.quadcom.commons.identity.codec.Base16Coder;
import ru.quadcom.commons.identity.codec.Crypt;
import ru.quadcom.commons.identity.codec.Hash;
import ru.quadcom.commons.identity.service.to.service.ServicesSecrets;

/* loaded from: input_file:ru/quadcom/commons/identity/ServiceToServiceToken.class */
public class ServiceToServiceToken {
    private static final int CURRENT_VERSION = 1;
    public static final int ACCESS_TOKEN_EXPIRATION = 600;
    private String serviceName;
    private Date creationTime;
    private Date expirationTime;

    public ServiceToServiceToken() {
    }

    private ServiceToServiceToken(byte[] bArr) {
        ServiceToServiceToken serviceToServiceToken = new ServiceToServiceToken();
        ProtostuffIOUtil.mergeFrom(bArr, serviceToServiceToken, RuntimeSchema.getSchema(ServiceToServiceToken.class));
        this.serviceName = serviceToServiceToken.serviceName;
        this.creationTime = serviceToServiceToken.creationTime;
        this.expirationTime = serviceToServiceToken.expirationTime;
    }

    private ServiceToServiceToken(String str) {
        this.serviceName = str;
        this.creationTime = DateTime.now().toDate();
        this.expirationTime = new DateTime(this.creationTime).plusSeconds(600).toDate();
    }

    public static ServiceToServiceToken createAccessToken(ServicesSecrets servicesSecrets) {
        return new ServiceToServiceToken(servicesSecrets.serviceName());
    }

    public static ServiceToServiceToken decode(String str, ServicesSecrets servicesSecrets) {
        if (str == null || str.isEmpty()) {
            throw new UnauthorizedException("Empty or null Access Token", null);
        }
        try {
            return new ServiceToServiceToken(verifyAndRemoveSignature(new Crypt("YAy9GYHrbnRCVbdddXEJLYqWX4Mnf6dDVbwEBKerZgQAYSzCRFHsfC3PWnyCJXSERAYqc9cLyTb2jvhGnxEXFZWEc26XrUeyMscJHccKYgZ5vLz3rVnmaTyp", servicesSecrets.serviceSecret()).decrypt(symmetricScramble(Base16Coder.decodeBytes(str)))));
        } catch (Exception e) {
            throw new UnauthorizedException("Decode access token failed", e, null);
        }
    }

    private static byte[] symmetricScramble(byte[] bArr) {
        for (int i = 0; i < bArr.length; i += CURRENT_VERSION) {
            bArr[i] = (byte) (bArr[i] ^ ((79 + (i * 12)) & 255));
        }
        return bArr;
    }

    private static byte[] verifyAndRemoveSignature(byte[] bArr) {
        byte[] bArr2 = new byte[16];
        int length = bArr.length;
        for (int i = 0; i < 8; i += CURRENT_VERSION) {
            bArr2[i] = bArr[(length - i) - CURRENT_VERSION];
            bArr2[i + 8] = bArr[i];
        }
        byte[] copyOfRange = Arrays.copyOfRange(bArr, 8, length - 8);
        byte[] hash = Hash.sha1.hash(copyOfRange);
        for (int i2 = 0; i2 < 16; i2 += CURRENT_VERSION) {
            if (bArr2[i2] != hash[i2]) {
                throw new UnauthorizedException("Failed to deserialize service to service token, attempted tampering.", null);
            }
        }
        return copyOfRange;
    }

    public String encode(ServicesSecrets servicesSecrets) {
        Schema schema = RuntimeSchema.getSchema(ServiceToServiceToken.class);
        LinkedBuffer allocate = LinkedBuffer.allocate(512);
        try {
            String encodeBytes = Base16Coder.encodeBytes(symmetricScramble(new Crypt("YAy9GYHrbnRCVbdddXEJLYqWX4Mnf6dDVbwEBKerZgQAYSzCRFHsfC3PWnyCJXSERAYqc9cLyTb2jvhGnxEXFZWEc26XrUeyMscJHccKYgZ5vLz3rVnmaTyp", servicesSecrets.serviceSecret()).encrypt(signAndAddSignature(ProtostuffIOUtil.toByteArray(this, schema, allocate)))));
            allocate.clear();
            return encodeBytes;
        } catch (Throwable th) {
            allocate.clear();
            throw th;
        }
    }

    private static byte[] signAndAddSignature(byte[] bArr) {
        byte[] bArr2 = new byte[bArr.length + 16];
        byte[] hash = Hash.sha1.hash(bArr);
        int length = bArr2.length;
        for (int i = 0; i < 8; i += CURRENT_VERSION) {
            bArr2[(length - i) - CURRENT_VERSION] = hash[i];
            bArr2[i] = hash[i + 8];
        }
        System.arraycopy(bArr, 0, bArr2, 8, bArr.length);
        return bArr2;
    }

    public boolean isExpired() {
        return new DateTime(this.expirationTime).isBefore(DateTime.now());
    }

    public int getExpiresIn() {
        return (int) ((new DateTime(this.expirationTime).getMillis() - new DateTime(this.creationTime).getMillis()) / 1000);
    }

    public String getServiceName() {
        return this.serviceName;
    }

    public DateTime getCreationTime() {
        return new DateTime(this.creationTime);
    }

    public DateTime getExpirationTime() {
        return new DateTime(this.expirationTime);
    }
}
