package cn.shaunwill.umemore.util.j5.c.b;

import android.text.TextUtils;
import android.util.Base64;
import android.util.Log;
import cn.shaunwill.umemore.util.huawei.verification.beans.HeaderEntity;
import cn.shaunwill.umemore.util.huawei.verification.beans.PayloadEntity;
import com.alipay.sdk.encrypt.d;
import com.auth0.jwk.InvalidPublicKeyException;
import com.auth0.jwk.Jwk;
import com.google.gson.Gson;
import com.google.gson.JsonSyntaxException;
import com.taobao.aranger.constant.Constants;
import io.jsonwebtoken.ExpiredJwtException;
import io.jsonwebtoken.Jwts;
import java.io.IOException;
import java.math.BigInteger;
import java.nio.charset.StandardCharsets;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.PublicKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.RSAPublicKeySpec;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import okhttp3.Call;
import okhttp3.Callback;
import okhttp3.OkHttpClient;
import okhttp3.Request;
import okhttp3.Response;
import org.json.JSONArray;
import org.json.JSONException;
import org.json.JSONObject;

/* compiled from: IdTokenUtils.java */
/* loaded from: classes2.dex */
public class a {

    /* renamed from: a, reason: collision with root package name */
    private JSONArray f10691a;

    /* renamed from: b, reason: collision with root package name */
    private Map<String, RSAPublicKey> f10692b = new HashMap();

    /* JADX INFO: Access modifiers changed from: package-private */
    /* compiled from: IdTokenUtils.java */
    /* renamed from: cn.shaunwill.umemore.util.j5.c.b.a$a, reason: collision with other inner class name */
    /* loaded from: classes2.dex */
    public class C0041a implements cn.shaunwill.umemore.util.j5.c.a.a {

        /* renamed from: a, reason: collision with root package name */
        final /* synthetic */ cn.shaunwill.umemore.util.huawei.verification.beans.a f10693a;

        /* renamed from: b, reason: collision with root package name */
        final /* synthetic */ String f10694b;

        /* renamed from: c, reason: collision with root package name */
        final /* synthetic */ cn.shaunwill.umemore.util.j5.c.a.a f10695c;

        /* renamed from: d, reason: collision with root package name */
        final /* synthetic */ String f10696d;

        /* renamed from: e, reason: collision with root package name */
        final /* synthetic */ String f10697e;

        C0041a(cn.shaunwill.umemore.util.huawei.verification.beans.a aVar, String str, cn.shaunwill.umemore.util.j5.c.a.a aVar2, String str2, String str3) {
            this.f10693a = aVar;
            this.f10694b = str;
            this.f10695c = aVar2;
            this.f10696d = str2;
            this.f10697e = str3;
        }

        @Override // cn.shaunwill.umemore.util.j5.c.a.a
        public void a(String str) {
            this.f10695c.a("getJwks error,errorMsg:" + str);
        }

        @Override // cn.shaunwill.umemore.util.j5.c.a.a
        public void onSuccess() {
            cn.shaunwill.umemore.util.huawei.verification.beans.b i2 = a.this.i(this.f10693a.a().a(), this.f10694b);
            if (!i2.b()) {
                this.f10695c.a("verifyRSAPublicKey error," + i2.a());
                return;
            }
            String b2 = this.f10693a.b().b();
            if (!(!TextUtils.isEmpty(b2) && b2.equals("https://accounts.huawei.com"))) {
                this.f10695c.a("verifyIss error");
                return;
            }
            String a2 = this.f10693a.b().a();
            if (!(!TextUtils.isEmpty(a2) && a2.equals(this.f10696d))) {
                this.f10695c.a("verifyAud error");
                return;
            }
            String c2 = this.f10693a.b().c();
            if (!TextUtils.isEmpty(c2) && c2.equals(this.f10697e)) {
                this.f10695c.onSuccess();
            } else {
                this.f10695c.a("verifySub error");
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* compiled from: IdTokenUtils.java */
    /* loaded from: classes2.dex */
    public class b implements Callback {

        /* renamed from: a, reason: collision with root package name */
        final /* synthetic */ cn.shaunwill.umemore.util.j5.c.a.a f10699a;

        b(cn.shaunwill.umemore.util.j5.c.a.a aVar) {
            this.f10699a = aVar;
        }

        @Override // okhttp3.Callback
        public void onFailure(Call call, IOException iOException) {
            Log.i("IdTokenUtils", "Get ID Token failed.");
            this.f10699a.a("getJwks onFailure Get ID Token failed." + iOException.getMessage());
        }

        @Override // okhttp3.Callback
        public void onResponse(Call call, Response response) {
            if (!response.isSuccessful()) {
                this.f10699a.a("getJwks onResponse failed." + response.message() + "code:" + response.code());
                return;
            }
            try {
                a.this.f10691a = new JSONObject(response.body().string()).getJSONArray(Constants.PARAM_KEYS);
                if (a.this.f10691a == null) {
                    this.f10699a.a("getJwks JsonArray is null failed.");
                } else {
                    this.f10699a.onSuccess();
                }
            } catch (IOException | NullPointerException | JSONException e2) {
                Log.i("IdTokenUtils", "parse JsonArray failed." + e2.getMessage());
                this.f10699a.a("getJwks parse JsonArray failed.");
            }
        }
    }

    private void e(cn.shaunwill.umemore.util.j5.c.a.a aVar) {
        try {
            new OkHttpClient().newCall(new Request.Builder().url("https://oauth-login.cloud.huawei.com/oauth2/v3/certs").build()).enqueue(new b(aVar));
        } catch (Exception e2) {
            e2.printStackTrace();
            aVar.a("getJwks Exception error e:" + e2.getMessage());
        }
    }

    private RSAPublicKey g(JSONObject jSONObject) throws InvalidPublicKeyException, JSONException {
        HashMap hashMap = new HashMap();
        hashMap.put("n", jSONObject.getString("n"));
        hashMap.put("e", jSONObject.getString("e"));
        return (RSAPublicKey) f(new Jwk(jSONObject.getString("kid"), jSONObject.getString("kty"), jSONObject.getString("alg"), jSONObject.getString("use"), new ArrayList(), (String) null, (List) null, (String) null, hashMap));
    }

    /* JADX INFO: Access modifiers changed from: private */
    public cn.shaunwill.umemore.util.huawei.verification.beans.b i(String str, String str2) {
        RSAPublicKey rSAPublicKey;
        Log.d("IdTokenUtils", "verifyRSAPublicKey keyId:" + str);
        try {
            if (this.f10692b.get(str) != null) {
                rSAPublicKey = this.f10692b.get(str);
            } else {
                if (this.f10692b.size() > 4) {
                    this.f10692b.clear();
                }
                Log.d("IdTokenUtils", "mJsonArray:" + this.f10691a.toString());
                for (int i2 = 0; i2 < this.f10691a.length(); i2++) {
                    String string = this.f10691a.getJSONObject(i2).getString("kid");
                    Log.d("IdTokenUtils", "mJsonArray kid:" + string);
                    this.f10692b.put(string, g(this.f10691a.getJSONObject(i2)));
                }
                Log.d("IdTokenUtils", "keyId2PublicKey:" + this.f10692b.toString());
                rSAPublicKey = this.f10692b.get(str);
            }
            if (rSAPublicKey == null) {
                return new cn.shaunwill.umemore.util.huawei.verification.beans.b(false, "mRSAPublicKey is null");
            }
            Jwts.parser().setSigningKey(rSAPublicKey).parse(str2);
            return new cn.shaunwill.umemore.util.huawei.verification.beans.b(true);
        } catch (Exception e2) {
            if (e2 instanceof ExpiredJwtException) {
                return new cn.shaunwill.umemore.util.huawei.verification.beans.b(false, "verify exp error:" + e2.getMessage());
            }
            return new cn.shaunwill.umemore.util.huawei.verification.beans.b(false, "e:" + e2.getClass().getSimpleName() + ", msg:" + e2.getMessage());
        }
    }

    public cn.shaunwill.umemore.util.huawei.verification.beans.a d(String str) {
        cn.shaunwill.umemore.util.huawei.verification.beans.a aVar = null;
        try {
            if (TextUtils.isEmpty(str)) {
                Log.w("IdTokenUtils", "idToken is Empty");
                return null;
            }
            String[] split = str.split("\\.");
            if (split.length < 3) {
                Log.e("IdTokenUtils", "\nThe idToken is malformed");
                return null;
            }
            Log.i("IdTokenUtils", "idToken header: " + split[0]);
            Log.i("IdTokenUtils", "idToken payload: " + split[1]);
            byte[] decode = Base64.decode(split[0], 8);
            byte[] decode2 = Base64.decode(split[1], 8);
            if (decode != null && decode2 != null) {
                Gson gson = new Gson();
                String str2 = new String(decode, StandardCharsets.UTF_8);
                Log.i("IdTokenUtils", "headerJson: " + str2);
                String str3 = new String(decode2, StandardCharsets.UTF_8);
                Log.i("IdTokenUtils", "payloadJson: " + str3);
                HeaderEntity headerEntity = (HeaderEntity) gson.fromJson(str2, HeaderEntity.class);
                PayloadEntity payloadEntity = (PayloadEntity) gson.fromJson(str3, PayloadEntity.class);
                cn.shaunwill.umemore.util.huawei.verification.beans.a aVar2 = new cn.shaunwill.umemore.util.huawei.verification.beans.a();
                try {
                    aVar2.d(str2);
                    aVar2.f(str3);
                    aVar2.c(headerEntity);
                    aVar2.e(payloadEntity);
                    return aVar2;
                } catch (JsonSyntaxException e2) {
                    e = e2;
                    aVar = aVar2;
                    e.printStackTrace();
                    Log.e("IdTokenUtils", "decodeJsonStringFromIdtoken JsonSyntaxException e:" + e.getMessage());
                    return aVar;
                }
            }
            Log.e("IdTokenUtils", "The idToken decode failed");
            return null;
        } catch (JsonSyntaxException e3) {
            e = e3;
        }
    }

    public PublicKey f(Jwk jwk) throws InvalidPublicKeyException {
        if (!d.f11622a.equalsIgnoreCase(jwk.getType())) {
            throw new InvalidPublicKeyException("The key is not of type RSA", (Throwable) null);
        }
        try {
            return KeyFactory.getInstance(d.f11622a).generatePublic(new RSAPublicKeySpec(new BigInteger(1, Base64.decode((String) jwk.getAdditionalAttributes().get("n"), 8)), new BigInteger(1, Base64.decode((String) jwk.getAdditionalAttributes().get("e"), 8))));
        } catch (NoSuchAlgorithmException e2) {
            throw new InvalidPublicKeyException("Invalid algorithm to generate key", e2);
        } catch (InvalidKeySpecException e3) {
            throw new InvalidPublicKeyException("Invalid public key", e3);
        }
    }

    public void h(String str, String str2, String str3, cn.shaunwill.umemore.util.huawei.verification.beans.a aVar, cn.shaunwill.umemore.util.j5.c.a.a aVar2) {
        e(new C0041a(aVar, str2, aVar2, str3, str));
    }
}
