package com.toopher.api;

import java.io.UnsupportedEncodingException;
import java.net.URLEncoder;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.util.ArrayList;
import java.util.Date;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.TreeSet;
import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;
import oauth.signpost.basic.DefaultOAuthConsumer;
import oauth.signpost.exception.OAuthException;
import org.apache.commons.codec.binary.Base64;
import org.apache.http.NameValuePair;
import org.apache.http.client.utils.URLEncodedUtils;
import org.apache.http.cookie.ClientCookie;
import org.apache.http.message.BasicNameValuePair;
import org.apache.log4j.spi.LocationInfo;
import org.jasig.services.persondir.support.AttributeNamedPersonImpl;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/lib/cas-mfa-toopher-1.0.0-RC7.jar:com/toopher/api/ToopherIframe.class */
public final class ToopherIframe {
    private static final String IFRAME_VERSION = "2";
    private static Logger logger = LoggerFactory.getLogger(ToopherIframe.class);

    public static final String pairIframeUrl(String str, String str2, long j, String str3, String str4, String str5) {
        ArrayList arrayList = new ArrayList(4);
        arrayList.add(new BasicNameValuePair("v", "2"));
        arrayList.add(new BasicNameValuePair(AttributeNamedPersonImpl.DEFAULT_USER_NAME_ATTRIBUTE, str));
        arrayList.add(new BasicNameValuePair("reset_email", str2));
        arrayList.add(new BasicNameValuePair(ClientCookie.EXPIRES_ATTR, String.valueOf((new Date().getTime() / 1000) + j)));
        return getOAuthUrl(String.valueOf(str3) + "web/pair", arrayList, str4, str5);
    }

    public static final String authIframeUrl(String str, String str2, String str3, boolean z, boolean z2, String str4, String str5, long j, String str6, String str7, String str8) {
        ArrayList arrayList = new ArrayList(9);
        arrayList.add(new BasicNameValuePair("v", "2"));
        arrayList.add(new BasicNameValuePair(AttributeNamedPersonImpl.DEFAULT_USER_NAME_ATTRIBUTE, str));
        arrayList.add(new BasicNameValuePair("action_name", str3));
        arrayList.add(new BasicNameValuePair("automation_allowed", z ? "True" : "False"));
        arrayList.add(new BasicNameValuePair("challenge_required", z2 ? "True" : "False"));
        arrayList.add(new BasicNameValuePair("reset_email", str2));
        arrayList.add(new BasicNameValuePair("session_token", str4));
        arrayList.add(new BasicNameValuePair("requester_metadata", str5));
        arrayList.add(new BasicNameValuePair(ClientCookie.EXPIRES_ATTR, String.valueOf((new Date().getTime() / 1000) + j)));
        return getOAuthUrl(String.valueOf(str6) + "web/auth", arrayList, str7, str8);
    }

    public static final Map<String, String> validate(String str, Map<String, String> map, long j) {
        boolean z;
        try {
            logger.debug("ToopherIframe.validate()");
            ArrayList arrayList = new ArrayList();
            if (!map.containsKey("toopher_sig")) {
                arrayList.add("toopher_sig");
            }
            if (!map.containsKey("timestamp")) {
                arrayList.add("timestamp");
            }
            if (arrayList.size() > 0) {
                Iterator it = arrayList.iterator();
                while (it.hasNext()) {
                    logger.debug("Missing required key: " + ((String) it.next()));
                }
                return null;
            }
            String str2 = map.get("toopher_sig");
            map.remove("toopher_sig");
            try {
                String signature = signature(str, map);
                z = signature.equals(str2);
                logger.debug("submitted = " + str2);
                logger.debug("computed  = " + signature);
            } catch (Exception e) {
                logger.debug("error while calculating signature", (Throwable) e);
                z = false;
            }
            boolean z2 = (new Date().getTime() / 1000) - j < Long.parseLong(map.get("timestamp"));
            logger.debug("ttlValid is " + z2);
            if (z && z2) {
                return map;
            }
            return null;
        } catch (Exception e2) {
            logger.debug("Exception while validating toopher signature", (Throwable) e2);
            return null;
        }
    }

    private static String signature(String str, Map<String, String> map) throws NoSuchAlgorithmException, InvalidKeyException {
        TreeSet treeSet = new TreeSet(map.keySet());
        ArrayList arrayList = new ArrayList(map.size());
        Iterator it = treeSet.iterator();
        while (it.hasNext()) {
            String str2 = (String) it.next();
            arrayList.add(new BasicNameValuePair(str2, map.get(str2)));
        }
        String format = URLEncodedUtils.format(arrayList, "UTF-8");
        logger.debug("signing string: " + format);
        logger.debug("signing key: " + str);
        SecretKeySpec secretKeySpec = new SecretKeySpec(str.getBytes(), "HmacSHA1");
        Mac mac = Mac.getInstance("HmacSHA1");
        mac.init(secretKeySpec);
        return Base64.encodeBase64String(mac.doFinal(format.getBytes())).trim();
    }

    private static final String getOAuthUrl(String str, List<NameValuePair> list, String str2, String str3) {
        try {
            return new DefaultOAuthConsumer(str2, str3).sign(String.valueOf(str) + LocationInfo.NA + URLEncodedUtils.format(list, "UTF-8"));
        } catch (OAuthException e) {
            try {
                return String.valueOf(str) + "web/error.html?message=" + URLEncoder.encode(e.getMessage(), "UTF-8");
            } catch (UnsupportedEncodingException unused) {
                return String.valueOf(str) + "web/error.html?message=Unknown%20Error";
            }
        }
    }
}
