package com.duosecurity;

import com.auth0.jwt.JWT;
import com.auth0.jwt.algorithms.Algorithm;
import com.auth0.jwt.interfaces.DecodedJWT;
import com.duosecurity.exception.DuoException;
import com.duosecurity.model.AccessDevice;
import com.duosecurity.model.Application;
import com.duosecurity.model.AuthContext;
import com.duosecurity.model.AuthDevice;
import com.duosecurity.model.AuthResult;
import com.duosecurity.model.Location;
import com.duosecurity.model.Token;
import com.duosecurity.model.User;
import com.evolveum.midpoint.init.interpol.HostnameLookup;
import com.evolveum.midpoint.schema.result.OperationResult;
import java.io.UnsupportedEncodingException;
import java.net.MalformedURLException;
import java.net.URL;
import java.security.SecureRandom;
import java.util.Collections;
import java.util.Date;
import java.util.Map;
import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames;
import org.springframework.security.oauth2.core.oidc.OidcScopes;
import org.springframework.security.oauth2.jose.jws.JwsAlgorithms;

/* loaded from: input_file:BOOT-INF/lib/duo-universal-sdk-1.1.3.jar:com/duosecurity/Utils.class */
public class Utils {
    private static final int ONE_HOUR_IN_MILLISECONDS = 3600000;
    private static final String HTTPS = "https";
    private static final Map<String, Object> HEADERS = Collections.singletonMap("alg", JwsAlgorithms.HS512);

    /* JADX INFO: Access modifiers changed from: package-private */
    public static String createJwt(String str, String str2, String str3) throws DuoException {
        Date date = new Date();
        date.setTime(date.getTime() + 3600000);
        try {
            return JWT.create().withHeader(HEADERS).withIssuer(str).withSubject(str).withAudience(str3).withExpiresAt(date).withJWTId(generateJwtId(32)).sign(Algorithm.HMAC512(str2));
        } catch (UnsupportedEncodingException e) {
            throw new DuoException(e.getMessage(), e);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static String createJwtForAuthUrl(String str, String str2, String str3, String str4, String str5, Boolean bool) throws DuoException {
        Date date = new Date();
        date.setTime(date.getTime() + 3600000);
        try {
            return JWT.create().withHeader(HEADERS).withExpiresAt(date).withClaim("scope", OidcScopes.OPENID).withClaim("client_id", str).withClaim(OAuth2ParameterNames.REDIRECT_URI, str3).withClaim("state", str4).withClaim("duo_uname", str5).withClaim(OAuth2ParameterNames.RESPONSE_TYPE, "code").withClaim("use_duo_code_attribute", bool).sign(Algorithm.HMAC512(str2));
        } catch (UnsupportedEncodingException e) {
            throw new DuoException(e.getMessage(), e);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static Token transformDecodedJwtToToken(DecodedJWT decodedJWT) {
        Token token = new Token();
        token.setIat(decodedJWT.getClaim("iat").asDouble());
        token.setIss(decodedJWT.getClaim("iss").asString());
        token.setAud(decodedJWT.getClaim("aud").asString());
        token.setPreferred_username(decodedJWT.getClaim("preferred_username").asString());
        Map<String, Object> asMap = decodedJWT.getClaim("auth_context").asMap();
        token.setAuth_context(asMap != null ? getAuthContext(asMap) : null);
        Map<String, Object> asMap2 = decodedJWT.getClaim("auth_result").asMap();
        token.setAuth_result(asMap2 != null ? getAuthResult(asMap2) : null);
        token.setAuth_time(decodedJWT.getClaim("auth_time").asInt());
        token.setExp(decodedJWT.getClaim("exp").asInt());
        token.setSub(decodedJWT.getClaim("sub").asString());
        return token;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static boolean validateCaCert(String[] strArr) {
        return (strArr == null || strArr.length == 0) ? false : true;
    }

    public static void validateHost(String str) throws DuoException {
        if (str == null || str.isEmpty()) {
            throw new DuoException(String.format("Invalid host: %s", str));
        }
    }

    public static URL getAndValidateUrl(String str, String str2) throws DuoException {
        try {
            validateHost(str);
            return new URL("https", str, str2);
        } catch (MalformedURLException e) {
            throw new DuoException(e.getMessage(), e);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static String generateJwtId(Integer num) {
        SecureRandom secureRandom = new SecureRandom();
        StringBuilder sb = new StringBuilder();
        while (sb.length() < num.intValue()) {
            sb.append(Integer.toHexString(secureRandom.nextInt()));
        }
        return sb.substring(0, num.intValue());
    }

    private static AuthContext getAuthContext(Map<String, Object> map) {
        AuthContext authContext = new AuthContext();
        authContext.setResult((!map.containsKey("result") || map.get("result") == null) ? null : map.get("result").toString());
        authContext.setTimestamp((!map.containsKey("timestamp") || map.get("timestamp") == null) ? null : (Integer) map.get("timestamp"));
        authContext.setAuth_device(getAuthDevice(map));
        authContext.setTxid((!map.containsKey("txid") || map.get("txid") == null) ? null : map.get("txid").toString());
        authContext.setEvent_type((!map.containsKey("event_type") || map.get("event_type") == null) ? null : map.get("event_type").toString());
        authContext.setReason((!map.containsKey(OperationResult.CONTEXT_REASON) || map.get(OperationResult.CONTEXT_REASON) == null) ? null : map.get(OperationResult.CONTEXT_REASON).toString());
        authContext.setAccess_device(getAccessDevice(map));
        authContext.setApplication(getApplication(map));
        authContext.setFactor((!map.containsKey("factor") || map.get("factor") == null) ? null : map.get("factor").toString());
        authContext.setUser(getUser(map));
        return authContext;
    }

    private static AuthResult getAuthResult(Map<String, Object> map) {
        AuthResult authResult = new AuthResult();
        authResult.setStatus_msg((!map.containsKey("status_msg") || map.get("status_msg") == null) ? null : map.get("status_msg").toString());
        authResult.setStatus((!map.containsKey("status") || map.get("status") == null) ? null : map.get("status").toString());
        authResult.setResult((!map.containsKey("result") || map.get("result") == null) ? null : map.get("result").toString());
        return authResult;
    }

    private static User getUser(Map<String, Object> map) {
        User user = new User();
        Map map2 = (!map.containsKey("user") || map.get("user") == null) ? null : (Map) map.get("user");
        if (map2 != null) {
            user.setKey((!map2.containsKey("key") || map2.get("key") == null) ? null : map2.get("key").toString());
            user.setName((!map2.containsKey("name") || map2.get("name") == null) ? null : map2.get("name").toString());
        }
        return user;
    }

    private static Application getApplication(Map<String, Object> map) {
        Application application = new Application();
        Map map2 = (!map.containsKey("application") || map.get("application") == null) ? null : (Map) map.get("application");
        if (map2 != null) {
            application.setKey((!map2.containsKey("key") || map2.get("key") == null) ? null : map2.get("key").toString());
            application.setName((!map2.containsKey("name") || map2.get("name") == null) ? null : map2.get("name").toString());
        }
        return application;
    }

    private static AccessDevice getAccessDevice(Map<String, Object> map) {
        AccessDevice accessDevice = new AccessDevice();
        Map map2 = (!map.containsKey("access_device") || map.get("access_device") == null) ? null : (Map) map.get("access_device");
        if (map2 != null) {
            accessDevice.setIp((!map2.containsKey("ip") || map2.get("ip") == null) ? null : map2.get("ip").toString());
            accessDevice.setHostname((!map2.containsKey(HostnameLookup.PREFIX) || map2.get(HostnameLookup.PREFIX) == null) ? null : map2.get(HostnameLookup.PREFIX).toString());
            if (map2.containsKey("location") && map2.get("location") != null) {
                Map map3 = (Map) map2.get("location");
                Location location = new Location();
                location.setCity((!map3.containsKey("city") || map3.get("city") == null) ? null : map3.get("city").toString());
                location.setState((!map3.containsKey("state") || map3.get("state") == null) ? null : map3.get("state").toString());
                location.setCountry((!map3.containsKey("country") || map3.get("country") == null) ? null : map3.get("country").toString());
                accessDevice.setLocation(location);
            }
        }
        return accessDevice;
    }

    private static AuthDevice getAuthDevice(Map<String, Object> map) {
        AuthDevice authDevice = new AuthDevice();
        Map map2 = (!map.containsKey("auth_device") || map.get("auth_device") == null) ? null : (Map) map.get("auth_device");
        if (map2 != null) {
            authDevice.setIp((!map2.containsKey("ip") || map2.get("ip") == null) ? null : map2.get("ip").toString());
            authDevice.setName((!map2.containsKey("name") || map2.get("name") == null) ? null : map2.get("name").toString());
            if (map2.containsKey("location") && map2.get("location") != null) {
                Map map3 = (Map) map2.get("location");
                Location location = new Location();
                location.setCity((!map3.containsKey("city") || map3.get("city") == null) ? null : map3.get("city").toString());
                location.setState((!map3.containsKey("state") || map3.get("state") == null) ? null : map3.get("state").toString());
                location.setCountry((!map3.containsKey("country") || map3.get("country") == null) ? null : map3.get("country").toString());
                authDevice.setLocation(location);
            }
        }
        return authDevice;
    }
}
