package com.adobe.cq.dam.aod.replication.transport_config;

import com.adobe.cq.dam.aod.replication.S7DeliveryAgentConfig;
import com.adobe.granite.crypto.CryptoException;
import com.adobe.granite.crypto.CryptoSupport;
import com.adobe.granite.keystore.KeyStoreService;
import com.day.cq.replication.AgentConfig;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.Signature;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import org.apache.commons.codec.binary.Base64;
import org.apache.sling.api.resource.ResourceResolver;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/adobe/cq/dam/aod/replication/transport_config/TokenProvider.class */
class TokenProvider {
    private static final Logger log = LoggerFactory.getLogger(TokenProvider.class);

    /* loaded from: input_file:com/adobe/cq/dam/aod/replication/transport_config/TokenProvider$KeyStoreConstants.class */
    public enum KeyStoreConstants {
        keystoreAlias,
        keystoreSignature,
        transportPassword
    }

    TokenProvider() {
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static char[] getTransportPassword(AgentConfig agentConfig, CryptoSupport cryptoSupport) {
        try {
            Object obj = agentConfig.getProperties().get(KeyStoreConstants.transportPassword.name());
            if (obj != null) {
                return cryptoSupport.unprotect(obj.toString()).toCharArray();
            }
            throw new SecurityException("Missing '" + KeyStoreConstants.transportPassword.name() + "' property on " + agentConfig.getAgentId());
        } catch (CryptoException e) {
            throw new SecurityException((Throwable) e);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static String getToken(ResourceResolver resourceResolver, KeyStoreService keyStoreService, AgentConfig agentConfig, CryptoSupport cryptoSupport) {
        KeyStore keyStore = keyStoreService.getKeyStore(resourceResolver, agentConfig.getAgentUserId());
        char[] transportPassword = getTransportPassword(agentConfig, cryptoSupport);
        String str = (String) agentConfig.getProperties().get(KeyStoreConstants.keystoreAlias.name(), String.class);
        String str2 = (String) agentConfig.getProperties().get(KeyStoreConstants.keystoreSignature.name(), "SHA256withRSA");
        String str3 = (String) agentConfig.getProperties().get(S7DeliveryAgentConfig.PROP_COMPANY_NAME, String.class);
        try {
            log.debug("Keystore:" + keyStore.getKey(str, transportPassword));
            PrivateKey privateKey = getPrivateKey(keyStore, transportPassword, str);
            StringBuilder sb = new StringBuilder();
            sb.append(toBase64(System.currentTimeMillis()));
            sb.append(".").append(toBase64(str3));
            Signature signature = Signature.getInstance(str2);
            signature.initSign(privateKey);
            signature.update(sb.toString().getBytes("UTF-8"));
            sb.append(".").append(new String(Base64.encodeBase64(signature.sign())));
            return sb.toString();
        } catch (Exception e) {
            log.error("Failed to get Token : " + agentConfig, e);
            return null;
        }
    }

    private static String toBase64(String str) throws UnsupportedEncodingException {
        return new String(Base64.encodeBase64(str.getBytes("UTF-8")));
    }

    private static String toBase64(long j) throws UnsupportedEncodingException {
        return toBase64(String.valueOf(j));
    }

    private static PrivateKey getPrivateKey(KeyStore keyStore, char[] cArr, String str) throws CertificateException, NoSuchAlgorithmException, KeyStoreException, IOException, UnrecoverableKeyException {
        Key key = keyStore.getKey(str, cArr);
        PrivateKey privateKey = null;
        if (key instanceof PrivateKey) {
            privateKey = (PrivateKey) key;
        }
        return privateKey;
    }
}
