package com.sdl.web.oauth.common;

import java.io.UnsupportedEncodingException;
import java.nio.charset.StandardCharsets;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.time.Instant;
import java.util.Base64;
import java.util.LinkedHashMap;
import java.util.Map;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import java.util.stream.Collectors;
import javax.crypto.Mac;
import javax.crypto.SecretKey;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/lib/udp-oauth-common-11.5.0-1067.jar:com/sdl/web/oauth/common/DefaultOAuthToken.class */
public class DefaultOAuthToken implements OAuthToken {
    private static final Logger LOG = LoggerFactory.getLogger((Class<?>) DefaultOAuthToken.class);
    private static final Pattern PARAMETERS_SPLITTER = Pattern.compile("&");
    private static final Pattern ATTR_SPLITTER = Pattern.compile("(?<attr>.+?)=(?<value>.+)");
    private static final String KEY_VALUE_SEPARATOR = "=";
    private static final String SEPARATOR = "&";
    private static final String DIGEST = "digest";
    private final Map<String, String> attributes;
    private String refreshToken;

    public DefaultOAuthToken(SecretKey secretKey, Map<String, String> map, String str) throws OAuthException {
        this.attributes = new LinkedHashMap();
        String str2 = (String) map.entrySet().stream().map(entry -> {
            return ((String) entry.getKey()) + KEY_VALUE_SEPARATOR + ((String) entry.getValue());
        }).collect(Collectors.joining("&"));
        this.attributes.putAll(map);
        this.attributes.put(DIGEST, doCalculateDigest(secretKey, str2));
        this.refreshToken = str == null ? "" : str;
    }

    public DefaultOAuthToken(String str, String str2) throws OAuthException {
        this((SecretKey) null, str, str2);
    }

    public DefaultOAuthToken(SecretKey secretKey, String str, String str2) throws OAuthException {
        this.attributes = new LinkedHashMap();
        String str3 = null;
        StringBuilder sb = new StringBuilder();
        for (String str4 : PARAMETERS_SPLITTER.split(str)) {
            Matcher matcher = ATTR_SPLITTER.matcher(str4);
            if (matcher.find()) {
                String group = matcher.group("attr");
                String group2 = matcher.group("value");
                if (group2 != null && !group2.isEmpty()) {
                    if (group.equals(DIGEST)) {
                        str3 = group2;
                    } else {
                        if (sb.length() > 0) {
                            sb.append("&");
                        }
                        sb.append(str4);
                    }
                    this.attributes.put(group, group2);
                }
            }
        }
        if (secretKey != null && !doCalculateDigest(secretKey, sb.toString()).equals(str3)) {
            LOG.error("Digest is wrong.");
            throw new OAuthException("Digest is wrong.");
        }
        if (!this.attributes.containsKey(OAuthToken.EXPIRES_ON)) {
            LOG.error("Missing expiresOn parameter.");
            throw new OAuthException("Missing expiresOn parameter.");
        }
        if (Instant.now().toEpochMilli() > Long.valueOf(this.attributes.get(OAuthToken.EXPIRES_ON)).longValue()) {
            LOG.info("Token expired.");
            throw new OAuthException("Token expired.");
        }
        this.refreshToken = str2 == null ? "" : str2;
    }

    private static String doCalculateDigest(SecretKey secretKey, String str) throws OAuthException {
        try {
            byte[] bytes = str.getBytes(StandardCharsets.UTF_8.name());
            Mac mac = Mac.getInstance(secretKey.getAlgorithm());
            mac.init(secretKey);
            mac.update(bytes, 0, bytes.length);
            return new String(Base64.getUrlEncoder().encode(mac.doFinal()));
        } catch (UnsupportedEncodingException | InvalidKeyException | NoSuchAlgorithmException e) {
            throw new OAuthException("Unable to calculate digest", e);
        }
    }

    @Override // com.sdl.web.oauth.common.OAuthToken
    public String getClientId() {
        return this.attributes.get(OAuthToken.CLIENT_ID);
    }

    @Override // com.sdl.web.oauth.common.OAuthToken
    public Map<String, String> getAttributes() {
        return this.attributes;
    }

    @Override // com.sdl.web.oauth.common.OAuthToken
    public long getExpiresOn() {
        return Long.valueOf(this.attributes.get(OAuthToken.EXPIRES_ON)).longValue();
    }

    @Override // com.sdl.web.oauth.common.OAuthToken
    public String getToken() {
        return (String) this.attributes.entrySet().stream().map(entry -> {
            return ((String) entry.getKey()) + KEY_VALUE_SEPARATOR + ((String) entry.getValue());
        }).collect(Collectors.joining("&"));
    }

    @Override // com.sdl.web.oauth.common.OAuthToken
    public String getRefreshToken() {
        return this.refreshToken;
    }

    public String toString() {
        return getToken();
    }
}
