package com.iw.nebula.common.token;

import com.iw.nebula.common.crypto.CryptoException;
import com.iw.nebula.common.crypto.CryptoUtils;
import com.iw.nebula.common.crypto.key.KeyPair;
import com.iw.nebula.common.crypto.random.SRandom;
import com.iw.nebula.common.utils.BytesHelper;
import com.iw.nebula.common.utils.StringHelper;
import com.scalethink.common.slf4j.Logger;
import com.scalethink.common.slf4j.LoggerFactory;
import java.util.Date;

/* loaded from: classes.dex */
public class AccessToken implements IAccessToken {
    private static final int APPID_LENGTH = 16;
    private static final int APPID_RELATIVE_START = 4;
    private static final int ENCODE_BODY_LENGTH = 48;
    private static final int ENCODE_BODY_MD5_LENGTH = 16;
    private static final int ENCODE_BODY_MD5_RELATIVE_START = 8;
    private static final int ENCODE_BODY_MD5_START = 44;
    private static final int ENCODE_BODY_START = 76;
    private static final int ENCODE_HEADER_LENGTH = 40;
    private static final int ENCODE_HEADER_START = 36;
    private static final int EXPIRATION_LENGTH = 8;
    private static final int EXPIRATION_RELATIVE_START = 0;
    private static final int EXPIRATION_START = 36;
    private static final int HMAC_LENGTH = 20;
    private static final int HMAC_START = 16;
    private static final int IV_LENGTH = 16;
    private static final int IV_RELATIVE_START = 24;
    private static final int IV_START = 60;
    private static final int RAW_BODY_LENGTH = 32;
    private static final int TOKEN_CHECK = 19771201;
    private static final int TOKEN_CHECK_LENGTH = 4;
    private static final int TOKEN_CHECK_RELATIVE_START = 28;
    private static final int TOKEN_LENGTH = 124;
    private static final int TYPE_LENGTH = 4;
    private static final int TYPE_RELATIVE_START = 0;
    private static final int UAS_LIST_LENGTH = 4;
    private static final int UAS_LIST_RELATIVE_START = 20;
    private static final int UAS_USER_LENGTH = 4;
    private static final int UAS_USER_RELATIVE_START = 24;
    private static final int UUID_LENGTH = 16;
    private static final int UUID_START = 0;
    private static Logger _log = LoggerFactory.getLogger(AccessToken.class);
    private String _appId;
    private ClientType _clientType;
    private long _expirationTime;
    private byte[] _tokenBytes;
    private String _tokenString;
    private int _uasListKey;
    private int _uasUserKey;

    private AccessToken(ClientType clientType, int i, int i2, String str, long j) {
        this._clientType = clientType;
        this._appId = StringHelper.IsNullOrEmpty(str) ? TokenParams.NONE_APP_ID : str;
        this._uasListKey = i;
        this._uasUserKey = i2;
        this._expirationTime = System.currentTimeMillis() + j;
    }

    private AccessToken(byte[] bArr) {
        this._tokenBytes = bArr;
    }

    public static AccessToken create(ClientType clientType, int i, int i2, String str, long j, KeyPair keyPair) throws CryptoException {
        AccessToken accessToken = new AccessToken(clientType, i, i2, str, j);
        accessToken.encode(keyPair);
        return accessToken;
    }

    public static AccessToken create(byte[] bArr, KeyPair keyPair) throws CryptoException {
        AccessToken accessToken = new AccessToken(bArr);
        if (accessToken.decode(keyPair)) {
            return accessToken;
        }
        _log.error(String.format("Bad token: %s", CryptoUtils.toHexString(bArr)));
        throw new CryptoException("Bad token.");
    }

    private boolean decode(KeyPair keyPair) throws CryptoException {
        if (!keyPair.hmacVerify(BytesHelper.getBytes(this._tokenBytes, 36, 40), BytesHelper.getBytes(this._tokenBytes, 16, 20))) {
            _log.info("Token hmac verify error.");
            return false;
        }
        long j = BytesHelper.getLong(this._tokenBytes, 36);
        if (j < System.currentTimeMillis()) {
            _log.info("Token expiration error.");
            return false;
        }
        byte[] bytes = BytesHelper.getBytes(this._tokenBytes, ENCODE_BODY_MD5_START, 16);
        byte[] bytes2 = BytesHelper.getBytes(this._tokenBytes, ENCODE_BODY_START, ENCODE_BODY_LENGTH);
        if (!keyPair.hashVerify(bytes2, bytes)) {
            _log.info("Token hash verify error.");
            return false;
        }
        byte[] decrypt = keyPair.decrypt(bytes2, BytesHelper.getBytes(this._tokenBytes, 60, 16));
        if (BytesHelper.getInt(decrypt, 28) != TOKEN_CHECK) {
            _log.info("Token check error.");
            return false;
        }
        this._clientType = ClientType.values()[BytesHelper.getInt(decrypt, 0)];
        this._appId = CryptoUtils.toHexString(BytesHelper.getBytes(decrypt, 4, 16));
        this._uasListKey = BytesHelper.getInt(decrypt, 20);
        this._uasUserKey = BytesHelper.getInt(decrypt, 24);
        this._expirationTime = j;
        return true;
    }

    private byte[] encode(KeyPair keyPair) throws CryptoException {
        byte[] bArr = new byte[32];
        BytesHelper.setInt(bArr, 0, this._clientType.ordinal());
        BytesHelper.setBytes(bArr, 4, CryptoUtils.fromHexBytes(this._appId));
        BytesHelper.setInt(bArr, 20, this._uasListKey);
        BytesHelper.setInt(bArr, 24, this._uasUserKey);
        BytesHelper.setInt(bArr, 28, TOKEN_CHECK);
        byte[] nextBytes = new SRandom().nextBytes(16);
        byte[] encrypt = keyPair.encrypt(bArr, nextBytes);
        byte[] bArr2 = new byte[40];
        byte[] hash = keyPair.hash(encrypt);
        BytesHelper.setLong(bArr2, 0, Long.valueOf(this._expirationTime));
        BytesHelper.setBytes(bArr2, 8, hash);
        BytesHelper.setBytes(bArr2, 24, nextBytes);
        byte[] hmac = keyPair.hmac(bArr2);
        this._tokenBytes = new byte[TOKEN_LENGTH];
        BytesHelper.setBytes(this._tokenBytes, 0, keyPair.getUUID());
        BytesHelper.setBytes(this._tokenBytes, 16, hmac);
        BytesHelper.setBytes(this._tokenBytes, 36, bArr2);
        BytesHelper.setBytes(this._tokenBytes, ENCODE_BODY_START, encrypt);
        return this._tokenBytes;
    }

    public static byte[] getKeyPairId(byte[] bArr) {
        return BytesHelper.getBytes(bArr, 0, 16);
    }

    public static boolean match(byte[] bArr) {
        return bArr != null && bArr.length == TOKEN_LENGTH;
    }

    @Override // com.iw.nebula.common.token.IAccessToken
    public String getAppId() {
        return this._appId;
    }

    @Override // com.iw.nebula.common.token.IAccessToken
    public ClientType getClientType() {
        return this._clientType;
    }

    @Override // com.iw.nebula.common.token.IAccessToken
    public String getDeviceId() {
        return null;
    }

    @Override // com.iw.nebula.common.token.IAccessToken
    public byte[] getEncodeBytes() {
        return this._tokenBytes;
    }

    @Override // com.iw.nebula.common.token.IAccessToken
    public String getEncodeString() {
        if (this._tokenString == null) {
            this._tokenString = CryptoUtils.toHexString(this._tokenBytes);
        }
        return this._tokenString;
    }

    @Override // com.iw.nebula.common.token.IAccessToken
    public long getExpirationTime() {
        return this._expirationTime;
    }

    @Override // com.iw.nebula.common.token.IAccessToken
    public int getUasListKey() {
        return this._uasListKey;
    }

    @Override // com.iw.nebula.common.token.IAccessToken
    public int getUasUserKey() {
        return this._uasUserKey;
    }

    @Override // com.iw.nebula.common.token.IAccessToken
    public String getUserId() {
        if (this._uasListKey <= 0) {
            return null;
        }
        return this._uasListKey + "." + this._uasUserKey;
    }

    public String toString() {
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append("Token: ");
        stringBuffer.append("<clientType = " + this._clientType + ">, ");
        stringBuffer.append("<appId = " + this._appId + ">, ");
        stringBuffer.append("<userId = " + getUserId() + ">, ");
        stringBuffer.append("<expirationTime = " + new Date(this._expirationTime) + ">");
        return stringBuffer.toString();
    }
}
