package com.webank.weid.util;

import com.google.common.base.Charsets;
import com.google.common.hash.Hashing;
import com.webank.weid.blockchain.constant.ErrorCode;
import com.webank.weid.blockchain.protocol.response.ResponseData;
import com.webank.weid.protocol.request.timestamp.wesign.GetTimestampRequest;
import com.webank.weid.protocol.request.timestamp.wesign.VerifyTimestampRequest;
import com.webank.weid.protocol.response.timestamp.wesign.AccessTokenResponse;
import com.webank.weid.protocol.response.timestamp.wesign.GetTimestampResponse;
import com.webank.weid.protocol.response.timestamp.wesign.SignTicketResponse;
import com.webank.weid.protocol.response.timestamp.wesign.VerifyTimestampResponse;
import java.text.MessageFormat;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Random;
import org.apache.commons.lang3.StringUtils;
import org.bouncycastle.util.encoders.Hex;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/webank/weid/util/TimestampUtils.class */
public class TimestampUtils {
    private static final Logger logger = LoggerFactory.getLogger(TimestampUtils.class);
    private static String weSignAccessTokenUrl = PropertyUtils.getProperty("wesign.accessTokenUrl");
    private static String weSignTicketUrl = PropertyUtils.getProperty("wesign.signTicketUrl");
    private static String weSignTimestampUrl = PropertyUtils.getProperty("wesign.timestampUrl");
    private static String weSignAppId = PropertyUtils.getProperty("wesign.appId");
    private static String weSignSecret = PropertyUtils.getProperty("wesign.secret");
    private static final String WESIGN_EXTRAVAL_SEPARATOR = ";";
    public static final String WESIGN_AUTHORITY_NAME = "wesign";

    public static ResponseData<HashMap<String, Object>> createWeSignTimestamp(String str) {
        if (StringUtils.isBlank(PropertyUtils.getProperty("wesign.accessTokenUrl"))) {
            logger.error("WeSign configuration not ready.");
            return new ResponseData<>((Object) null, ErrorCode.TIMESTAMP_SERVICE_UNCONFIGURED);
        }
        try {
            String weSignAccessToken = getWeSignAccessToken();
            if (StringUtils.isBlank(weSignAccessToken)) {
                logger.error("Failed to acquire an access token.");
                return new ResponseData<>((Object) null, ErrorCode.TIMESTAMP_SERVICE_WESIGN_ERROR);
            }
            String weSignTicketString = getWeSignTicketString(weSignAccessToken);
            if (StringUtils.isBlank(weSignTicketString)) {
                logger.error("Failed to acquire a sign ticket.");
                return new ResponseData<>((Object) null, ErrorCode.TIMESTAMP_SERVICE_WESIGN_ERROR);
            }
            String str2 = generateNonce(32, 32L).get(0);
            String weSignHash = getWeSignHash(str);
            GetTimestampResponse timestamp = getTimestamp(weSignTicketString, str2, weSignHash);
            if (timestamp.getCode() != 0) {
                logger.error("Failed to acquire a valid timestamp.");
                return new ResponseData<>((Object) null, ErrorCode.TIMESTAMP_SERVICE_WESIGN_ERROR);
            }
            String b64TimeStamp = timestamp.getResult().getData().getB64TimeStamp();
            String weSignParam = getWeSignParam(str2, weSignTicketString);
            VerifyTimestampResponse verifyTimestamp = verifyTimestamp(weSignParam, str2, weSignHash, b64TimeStamp);
            if (verifyTimestamp.getCode() != 0) {
                logger.error("Failed to verify a current timestamp.");
                return new ResponseData<>((Object) null, ErrorCode.TIMESTAMP_SERVICE_WESIGN_ERROR);
            }
            Long valueOf = Long.valueOf(verifyTimestamp.getResult().getData().getSignTime().getTime());
            String str3 = WESIGN_EXTRAVAL_SEPARATOR + weSignParam + WESIGN_EXTRAVAL_SEPARATOR + str2;
            HashMap hashMap = new HashMap();
            hashMap.put("timestampAuthority", WESIGN_AUTHORITY_NAME);
            hashMap.put("claimHash", str);
            hashMap.put("authoritySignature", b64TimeStamp + str3);
            hashMap.put("timestamp", valueOf);
            return new ResponseData<>(hashMap, ErrorCode.SUCCESS);
        } catch (Exception e) {
            logger.error("Error occurred during calling WeSign service: ", e);
            return new ResponseData<>((Object) null, Integer.valueOf(ErrorCode.TIMESTAMP_SERVICE_WESIGN_ERROR.getCode()), e.getMessage());
        }
    }

    public static ResponseData<Boolean> verifyWeSignTimestamp(String str, String str2, Long l) {
        if (StringUtils.isBlank(PropertyUtils.getProperty("wesign.accessTokenUrl"))) {
            logger.error("WeSign configuration not ready.");
            return new ResponseData<>(false, ErrorCode.TIMESTAMP_SERVICE_UNCONFIGURED);
        }
        try {
            String weSignHash = getWeSignHash(str);
            String[] split = str2.split(WESIGN_EXTRAVAL_SEPARATOR);
            VerifyTimestampResponse verifyTimestamp = verifyTimestamp(split[1], split[2], weSignHash, split[0]);
            if (verifyTimestamp.getCode() == 0 && Long.valueOf(verifyTimestamp.getResult().getData().getSignTime().getTime()).equals(l)) {
                return new ResponseData<>(true, ErrorCode.SUCCESS);
            }
            return new ResponseData<>(false, ErrorCode.TIMESTAMP_VERIFICATION_FAILED);
        } catch (Exception e) {
            logger.error("Error occurred during processing authority signature: ", e);
            return new ResponseData<>(false, ErrorCode.TIMESTAMP_SERVICE_BASE_ERROR);
        }
    }

    public static String getWeSignAccessToken() throws Exception {
        AccessTokenResponse weSignAccessTokenUrl2 = getWeSignAccessTokenUrl();
        int code = weSignAccessTokenUrl2.getCode();
        String msg = weSignAccessTokenUrl2.getMsg();
        if (0 == code) {
            return weSignAccessTokenUrl2.getAccess_token();
        }
        logger.error("Error occurred during getting access token. code: " + code + ", msg: " + msg);
        return null;
    }

    private static AccessTokenResponse getWeSignAccessTokenUrl() throws Exception {
        return getWeSignAccessTokenUrl(weSignAccessTokenUrl + "?app_id={0}&secret={1}&grant_type=client_credential&version=1.0.0", weSignAppId, weSignSecret);
    }

    private static AccessTokenResponse getWeSignAccessTokenUrl(String str, String str2, String str3) throws Exception {
        logger.info("request arg::urlExp: {}, appId:: {}, secret: {}", new Object[]{str, str2, str3});
        if (StringUtils.isBlank(str) || StringUtils.isBlank(str2) || StringUtils.isBlank(str3)) {
            return null;
        }
        try {
            String format = MessageFormat.format(str, str2, str3);
            logger.debug("[getWeSignAccessTokenUrl]:{}", format);
            String doGet = HttpClient.doGet(format, true);
            logger.debug("[getWeSignAccessTokenUrl]: response: {}", doGet);
            if (null == doGet) {
                return null;
            }
            return (AccessTokenResponse) DataToolUtils.deserialize(doGet, AccessTokenResponse.class);
        } catch (Exception e) {
            logger.error("Error occurred during getting access token: " + e.getMessage());
            throw e;
        }
    }

    public static String getWeSignTicketString(String str) throws Exception {
        SignTicketResponse signTicket = getSignTicket(str);
        int code = signTicket.getCode();
        String msg = signTicket.getMsg();
        if (0 == code) {
            return signTicket.getTickets().get(0).getValue();
        }
        logger.error("Error occurred during getting sign ticket. code: " + code + ", msg: " + msg);
        return null;
    }

    private static SignTicketResponse getSignTicket(String str) throws Exception {
        return getSignTicket(weSignTicketUrl + "?app_id={0}&access_token={1}&type=SIGN&version=1.0.0", weSignAppId, str);
    }

    private static SignTicketResponse getSignTicket(String str, String str2, String str3) throws Exception {
        logger.info("request arg::urlExp: {}, appId:: {}, accessToken: {}", new Object[]{str, str2, str3});
        if (StringUtils.isBlank(str) || StringUtils.isBlank(str2) || StringUtils.isBlank(str3)) {
            return null;
        }
        try {
            String format = MessageFormat.format(str, str2, str3);
            logger.debug("[getSignTicket]:{}", format);
            String doGet = HttpClient.doGet(format, true);
            logger.info("[getSignTicket]: response: {}", doGet);
            if (StringUtils.isBlank(doGet)) {
                return null;
            }
            return (SignTicketResponse) DataToolUtils.deserialize(doGet, SignTicketResponse.class);
        } catch (Exception e) {
            logger.error("Error occurred during getting sign ticket: " + e.getMessage());
            throw e;
        }
    }

    public static GetTimestampResponse getTimestamp(String str, String str2, String str3) throws Exception {
        return getTimestamp(weSignTimestampUrl, weSignAppId, str2, getWeSignParam(str2, str), str3);
    }

    private static GetTimestampResponse getTimestamp(String str, String str2, String str3, String str4, String str5) throws Exception {
        if (StringUtils.isBlank(str) || StringUtils.isBlank(str2) || StringUtils.isBlank(str5) || StringUtils.isBlank(str3) || StringUtils.isBlank(str4)) {
            return null;
        }
        try {
            GetTimestampRequest getTimestampRequest = new GetTimestampRequest();
            getTimestampRequest.setNonce(str3);
            getTimestampRequest.setPlainHash(str5);
            getTimestampRequest.setWebankAppId(str2);
            getTimestampRequest.setSign(str4);
            String doPost = HttpClient.doPost(str, getTimestampRequest, true);
            logger.info("[getTimestamp]: response: {}", doPost);
            if (StringUtils.isBlank(doPost)) {
                return null;
            }
            return (GetTimestampResponse) DataToolUtils.deserialize(doPost, GetTimestampResponse.class);
        } catch (Exception e) {
            logger.error("Error occurred during getting sign ticket: " + e.getMessage());
            throw e;
        }
    }

    public static VerifyTimestampResponse verifyTimestamp(String str, String str2, String str3, String str4) throws Exception {
        return verifyTimestamp(weSignTimestampUrl, weSignAppId, str2, str, str3, str4);
    }

    private static VerifyTimestampResponse verifyTimestamp(String str, String str2, String str3, String str4, String str5, String str6) throws Exception {
        if (StringUtils.isBlank(str) || StringUtils.isBlank(str2) || StringUtils.isBlank(str5) || StringUtils.isBlank(str3) || StringUtils.isBlank(str4)) {
            return null;
        }
        try {
            VerifyTimestampRequest verifyTimestampRequest = new VerifyTimestampRequest();
            verifyTimestampRequest.setNonce(str3);
            verifyTimestampRequest.setPlainHash(str5);
            verifyTimestampRequest.setWebankAppId(str2);
            verifyTimestampRequest.setSign(str4);
            verifyTimestampRequest.setB64TimeStamp(str6);
            String doPost = HttpClient.doPost(str, verifyTimestampRequest, true);
            logger.info("[getSignTicket]: response: {}", doPost);
            if (StringUtils.isBlank(doPost)) {
                return null;
            }
            return (VerifyTimestampResponse) DataToolUtils.deserialize(doPost, VerifyTimestampResponse.class);
        } catch (Exception e) {
            logger.error("Error occurred during getting sign ticket: " + e.getMessage());
            throw e;
        }
    }

    public static List<String> generateNonce(int i, long j) {
        ArrayList arrayList = new ArrayList();
        for (int i2 = 0; i2 < j; i2++) {
            String str = "";
            Random random = new Random();
            for (int i3 = 0; i3 < i; i3++) {
                String str2 = random.nextInt(2) % 2 == 0 ? "char" : "num";
                if ("char".equalsIgnoreCase(str2)) {
                    str = str + ((char) ((random.nextInt(2) % 2 == 0 ? 65 : 97) + random.nextInt(26)));
                } else if ("num".equalsIgnoreCase(str2)) {
                    str = str + String.valueOf(random.nextInt(10));
                }
            }
            String lowerCase = str.toLowerCase();
            if (!arrayList.contains(lowerCase)) {
                arrayList.add(lowerCase);
            }
        }
        return arrayList;
    }

    private static String sha1Sign(List<String> list, String str) {
        if (list == null) {
            return "";
        }
        list.removeAll(Collections.singleton(null));
        list.add(str);
        Collections.sort(list);
        StringBuilder sb = new StringBuilder();
        Iterator<String> it = list.iterator();
        while (it.hasNext()) {
            sb.append(it.next());
        }
        return Hashing.sha1().hashString(sb, Charsets.UTF_8).toString().toUpperCase();
    }

    public static String getWeSignParam(String str, String str2) {
        ArrayList arrayList = new ArrayList();
        arrayList.add(weSignAppId);
        arrayList.add(str);
        arrayList.add("1.0.0");
        return sha1Sign(arrayList, str2);
    }

    public static String getWeSignHash(String str) {
        return Hex.toHexString(Hashing.sha1().hashString(str, Charsets.UTF_8).asBytes());
    }
}
