package com.dmm.android.lib.auth.service;

import android.util.Base64;
import android.util.Log;
import com.dmm.android.lib.auth.model.IDToken;
import com.dmm.android.lib.auth.service.CertificateResult;
import com.facebook.appevents.integrity.IntegrityManager;
import com.youzu.analysis.internal.Constants;
import java.nio.charset.Charset;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.util.List;
import java.util.Map;
import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;
import kotlin.Metadata;
import kotlin.jvm.internal.DefaultConstructorMarker;
import kotlin.jvm.internal.Intrinsics;
import kotlin.jvm.internal.Reflection;
import kotlin.reflect.KTypeProjection;
import kotlin.text.Charsets;
import kotlin.text.StringsKt;
import kotlinx.serialization.DeserializationStrategy;
import kotlinx.serialization.SerializersKt;
import kotlinx.serialization.StringFormat;
import kotlinx.serialization.json.Json;
import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;

/* compiled from: JWTServiceImpl.kt */
@Metadata(bv = {1, 0, 3}, d1 = {"\u00000\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0000\n\u0002\u0010\u000e\n\u0002\b\u0005\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0003\b\u0000\u0018\u0000 \u00132\u00020\u0001:\u0002\u0012\u0013B\u0005¢\u0006\u0002\u0010\u0002J\u001a\u0010\u0003\u001a\u00020\u00042\b\u0010\u0005\u001a\u0004\u0018\u00010\u00062\u0006\u0010\u0007\u001a\u00020\u0006H\u0016J\u0010\u0010\b\u001a\u00020\u00062\u0006\u0010\t\u001a\u00020\u0006H\u0002J\u0018\u0010\n\u001a\u00020\u00062\u0006\u0010\t\u001a\u00020\u00062\u0006\u0010\u000b\u001a\u00020\fH\u0002J \u0010\r\u001a\u00020\u00062\u0006\u0010\u000e\u001a\u00020\u000f2\u0006\u0010\u0007\u001a\u00020\u00062\u0006\u0010\t\u001a\u00020\u0006H\u0002J\u0010\u0010\u0010\u001a\u00020\u00112\u0006\u0010\u0005\u001a\u00020\u0006H\u0016¨\u0006\u0014"}, d2 = {"Lcom/dmm/android/lib/auth/service/JWTServiceImpl;", "Lcom/dmm/android/lib/auth/service/JWTService;", "()V", "certificate", "Lcom/dmm/android/lib/auth/service/CertificateResult;", "jwt", "", "key", "decodeBase64", "str", "encodeBase64", Constants.KEY_MAC, "Ljavax/crypto/Mac;", "encodeHmac", "alg", "Lcom/dmm/android/lib/auth/service/JWTServiceImpl$Algorithm;", "parseIdToken", "Lcom/dmm/android/lib/auth/model/IDToken;", "Algorithm", "Companion", "app_prodRelease"}, k = 1, mv = {1, 4, 1})
/* loaded from: classes2.dex */
public final class JWTServiceImpl implements JWTService {

    @NotNull
    public static final String FAIL_TO_CERTIFICATE = "認証に失敗しました";

    @NotNull
    public static final String INVALID_HEADER_JSON = "ヘッダーのJSONが不正な形式です";

    @NotNull
    public static final String NOT_ASSIGNED_JWT = "JWT文字列が未指定です";

    @NotNull
    public static final String NOT_JWT_TYPE = "文字列の形式がJWTではありません";

    @NotNull
    public static final String NO_HEADER_ALGORITHM = "ヘッダーにアルゴリズムがありません";
    private static final String TAG = "JWTServiceImpl";

    @NotNull
    public static final String UNKNOWN_ALGORITHM = "不明なアルゴリズムです";

    /* JADX INFO: Access modifiers changed from: private */
    /* compiled from: JWTServiceImpl.kt */
    @Metadata(bv = {1, 0, 3}, d1 = {"\u0000\u0012\n\u0002\u0018\u0002\n\u0002\u0010\u0010\n\u0000\n\u0002\u0010\u000e\n\u0002\b\n\b\u0082\u0001\u0018\u0000 \f2\b\u0012\u0004\u0012\u00020\u00000\u0001:\u0001\fB\u001b\b\u0002\u0012\b\u0010\u0002\u001a\u0004\u0018\u00010\u0003\u0012\b\u0010\u0004\u001a\u0004\u0018\u00010\u0003¢\u0006\u0002\u0010\u0005R\u0013\u0010\u0004\u001a\u0004\u0018\u00010\u0003¢\u0006\b\n\u0000\u001a\u0004\b\u0006\u0010\u0007R\u0013\u0010\u0002\u001a\u0004\u0018\u00010\u0003¢\u0006\b\n\u0000\u001a\u0004\b\b\u0010\u0007j\u0002\b\tj\u0002\b\nj\u0002\b\u000b¨\u0006\r"}, d2 = {"Lcom/dmm/android/lib/auth/service/JWTServiceImpl$Algorithm;", "", "jwtName", "", "javaName", "(Ljava/lang/String;ILjava/lang/String;Ljava/lang/String;)V", "getJavaName", "()Ljava/lang/String;", "getJwtName", "HMAC_SHA512", "NONE", "OTHER", "Companion", "app_prodRelease"}, k = 1, mv = {1, 4, 1})
    /* loaded from: classes2.dex */
    public enum Algorithm {
        HMAC_SHA512("HS512", "HmacSHA512"),
        NONE(IntegrityManager.INTEGRITY_TYPE_NONE, null),
        OTHER(null, null);


        /* renamed from: Companion, reason: from kotlin metadata */
        @NotNull
        public static final Companion INSTANCE = new Companion(null);

        @Nullable
        private final String javaName;

        @Nullable
        private final String jwtName;

        /* compiled from: JWTServiceImpl.kt */
        @Metadata(bv = {1, 0, 3}, d1 = {"\u0000\u0018\n\u0002\u0018\u0002\n\u0002\u0010\u0000\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0000\n\u0002\u0010\u000e\n\u0000\b\u0086\u0003\u0018\u00002\u00020\u0001B\u0007\b\u0002¢\u0006\u0002\u0010\u0002J\u000e\u0010\u0003\u001a\u00020\u00042\u0006\u0010\u0005\u001a\u00020\u0006¨\u0006\u0007"}, d2 = {"Lcom/dmm/android/lib/auth/service/JWTServiceImpl$Algorithm$Companion;", "", "()V", "getType", "Lcom/dmm/android/lib/auth/service/JWTServiceImpl$Algorithm;", "jwtName", "", "app_prodRelease"}, k = 1, mv = {1, 4, 1})
        /* loaded from: classes2.dex */
        public static final class Companion {
            private Companion() {
            }

            public /* synthetic */ Companion(DefaultConstructorMarker defaultConstructorMarker) {
                this();
            }

            @NotNull
            public final Algorithm getType(@NotNull String jwtName) {
                Algorithm algorithm;
                Intrinsics.checkNotNullParameter(jwtName, "jwtName");
                Algorithm[] values = Algorithm.values();
                int length = values.length;
                int i = 0;
                while (true) {
                    if (i >= length) {
                        algorithm = null;
                        break;
                    }
                    algorithm = values[i];
                    if (Intrinsics.areEqual(algorithm.getJwtName(), jwtName)) {
                        break;
                    }
                    i++;
                }
                return algorithm != null ? algorithm : Algorithm.OTHER;
            }
        }

        Algorithm(String str, String str2) {
            this.jwtName = str;
            this.javaName = str2;
        }

        @Nullable
        public final String getJavaName() {
            return this.javaName;
        }

        @Nullable
        public final String getJwtName() {
            return this.jwtName;
        }
    }

    static {
        Intrinsics.checkNotNullExpressionValue(JWTServiceImpl.class.getSimpleName(), "JWTServiceImpl::class.java.simpleName");
    }

    private final String decodeBase64(String str) {
        Charset charset = Charsets.UTF_8;
        if (str == null) {
            throw new NullPointerException("null cannot be cast to non-null type java.lang.String");
        }
        byte[] bytes = str.getBytes(charset);
        Intrinsics.checkNotNullExpressionValue(bytes, "(this as java.lang.String).getBytes(charset)");
        byte[] decode = Base64.decode(bytes, 11);
        Intrinsics.checkNotNullExpressionValue(decode, "Base64.decode(\n        b…or Base64.NO_WRAP\n      )");
        return new String(decode, Charsets.UTF_8);
    }

    private final String encodeBase64(String str, Mac mac) {
        Charset charset = Charsets.UTF_8;
        if (str == null) {
            throw new NullPointerException("null cannot be cast to non-null type java.lang.String");
        }
        byte[] bytes = str.getBytes(charset);
        Intrinsics.checkNotNullExpressionValue(bytes, "(this as java.lang.String).getBytes(charset)");
        byte[] encode = Base64.encode(mac.doFinal(bytes), 11);
        Intrinsics.checkNotNullExpressionValue(encode, "Base64.encode(\n        b…or Base64.NO_WRAP\n      )");
        return new String(encode, Charsets.UTF_8);
    }

    private final String encodeHmac(Algorithm alg, String key, String str) {
        Charset charset = Charsets.UTF_8;
        if (key == null) {
            throw new NullPointerException("null cannot be cast to non-null type java.lang.String");
        }
        byte[] bytes = key.getBytes(charset);
        Intrinsics.checkNotNullExpressionValue(bytes, "(this as java.lang.String).getBytes(charset)");
        SecretKeySpec secretKeySpec = new SecretKeySpec(bytes, alg.getJavaName());
        try {
            Mac mac = Mac.getInstance(alg.getJavaName());
            Intrinsics.checkNotNullExpressionValue(mac, "Mac.getInstance(alg.javaName)");
            mac.init(secretKeySpec);
            return encodeBase64(str, mac);
        } catch (InvalidKeyException e) {
            String str2 = TAG;
            String message = e.getMessage();
            InvalidKeyException invalidKeyException = e;
            Log.e(str2, message, invalidKeyException);
            throw invalidKeyException;
        } catch (NoSuchAlgorithmException e2) {
            String str3 = TAG;
            String message2 = e2.getMessage();
            NoSuchAlgorithmException noSuchAlgorithmException = e2;
            Log.e(str3, message2, noSuchAlgorithmException);
            throw noSuchAlgorithmException;
        }
    }

    @Override // com.dmm.android.lib.auth.service.JWTService
    @NotNull
    public CertificateResult certificate(@Nullable String jwt, @NotNull String key) {
        Intrinsics.checkNotNullParameter(key, "key");
        String str = jwt;
        if (str == null || StringsKt.isBlank(str)) {
            return new CertificateResult.Failure(new CertificateException(NOT_ASSIGNED_JWT));
        }
        List split$default = StringsKt.split$default((CharSequence) str, new String[]{"."}, false, 0, 6, (Object) null);
        if (split$default.size() < 2) {
            return new CertificateResult.Failure(new CertificateException(NOT_JWT_TYPE));
        }
        String str2 = (String) split$default.get(0);
        String str3 = (String) split$default.get(1);
        String str4 = split$default.size() >= 3 ? (String) split$default.get(2) : null;
        String decodeBase64 = decodeBase64(str2);
        try {
            StringFormat stringFormat = Json.Default;
            DeserializationStrategy serializer = SerializersKt.serializer(stringFormat.getSerializersModule(), Reflection.typeOf(Map.class, KTypeProjection.INSTANCE.invariant(Reflection.typeOf(String.class)), KTypeProjection.INSTANCE.invariant(Reflection.typeOf(String.class))));
            if (serializer == null) {
                throw new NullPointerException("null cannot be cast to non-null type kotlinx.serialization.KSerializer<T>");
            }
            String str5 = (String) ((Map) stringFormat.decodeFromString(serializer, decodeBase64)).get("alg");
            String str6 = str5;
            if (str6 == null || StringsKt.isBlank(str6)) {
                return new CertificateResult.Failure(new CertificateException(NO_HEADER_ALGORITHM));
            }
            Algorithm type = Algorithm.INSTANCE.getType(str5);
            switch (type) {
                case HMAC_SHA512:
                    String str7 = str4;
                    if (str7 == null || str7.length() == 0) {
                        return new CertificateResult.Failure(new CertificateException(FAIL_TO_CERTIFICATE));
                    }
                    try {
                        StringBuilder sb = new StringBuilder();
                        sb.append(str2);
                        sb.append('.');
                        sb.append(str3);
                        return Intrinsics.areEqual(str4, encodeHmac(type, key, sb.toString())) ^ true ? new CertificateResult.Failure(new CertificateException(FAIL_TO_CERTIFICATE)) : CertificateResult.Success.INSTANCE;
                    } catch (Exception e) {
                        return new CertificateResult.Failure(new CertificateException(FAIL_TO_CERTIFICATE, e));
                    }
                case NONE:
                    return CertificateResult.Success.INSTANCE;
                default:
                    return new CertificateResult.Failure(new CertificateException("不明なアルゴリズムです:" + str5));
            }
        } catch (Exception e2) {
            return new CertificateResult.Failure(new CertificateException(INVALID_HEADER_JSON, e2));
        }
    }

    @Override // com.dmm.android.lib.auth.service.JWTService
    @NotNull
    public IDToken parseIdToken(@NotNull String jwt) {
        Intrinsics.checkNotNullParameter(jwt, "jwt");
        String decodeBase64 = decodeBase64((String) StringsKt.split$default((CharSequence) jwt, new String[]{"."}, false, 0, 6, (Object) null).get(1));
        StringFormat stringFormat = Json.Default;
        DeserializationStrategy serializer = SerializersKt.serializer(stringFormat.getSerializersModule(), Reflection.typeOf(IDToken.class));
        if (serializer == null) {
            throw new NullPointerException("null cannot be cast to non-null type kotlinx.serialization.KSerializer<T>");
        }
        return (IDToken) stringFormat.decodeFromString(serializer, decodeBase64);
    }
}
