package com.xiaomi.accountsdk.account;

import android.text.TextUtils;
import android.util.Base64;
import android.util.Log;
import com.xiaomi.account.data.PassportCAToken;
import com.xiaomi.account.exception.PassportCAException;
import com.xiaomi.accountsdk.account.exception.InvalidCredentialException;
import com.xiaomi.accountsdk.account.exception.InvalidUserNameException;
import com.xiaomi.accountsdk.account.exception.NeedCaptchaException;
import com.xiaomi.accountsdk.account.exception.NeedNotificationException;
import com.xiaomi.accountsdk.account.exception.NeedVerificationException;
import com.xiaomi.accountsdk.request.CipherException;
import com.xiaomi.accountsdk.request.IPUtil;
import com.xiaomi.accountsdk.request.InvalidResponseException;
import com.xiaomi.accountsdk.request.PassportRequestArguments;
import com.xiaomi.accountsdk.request.PassportSimpleRequest;
import com.xiaomi.accountsdk.request.RequestWithIP;
import com.xiaomi.accountsdk.utils.AESWithIVCoder;
import com.xiaomi.accountsdk.utils.EasyMap;
import com.xiaomi.accountsdk.utils.IOUtils;
import com.xiaomi.channel.gamesdk.GameServiceClient;
import java.io.IOException;
import java.io.InputStream;
import java.net.URL;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.cert.CertificateFactory;
import java.util.HashMap;
import java.util.Map;
import java.util.UUID;
import javax.crypto.Cipher;
import org.json.JSONObject;

/* loaded from: classes.dex */
public class PassportCATokenManager {
    private PassportCAExternal passportCAExternal = null;
    private static final String TAG = PassportCATokenManager.class.getSimpleName();
    private static PassportCATokenManager sInstance = new PassportCATokenManager();
    private static final Map<String, String> caUrlMap = new HashMap();

    /* loaded from: classes.dex */
    public class NoCertException extends Exception {
    }

    static {
        caUrlMap.put(XMPassport.URL_LOGIN, XMPassport.URL_LOGIN_PASSPORT_CA);
        caUrlMap.put(XMPassport.URL_LOGIN_AUTH2, XMPassport.URL_LOGIN_AUTH2_PASSPORT_CA);
    }

    PassportCATokenManager() {
    }

    public static PassportCATokenManager getInstance() {
        return sInstance;
    }

    protected byte[] decodeBase64(String str) {
        return Base64.decode(str.getBytes(), 2);
    }

    protected String encodeBase64(byte[] bArr) {
        return Base64.encodeToString(bArr, 2);
    }

    protected String encryptWithServerPublicKey(String str, int i) {
        InputStream inputStream = null;
        try {
            inputStream = this.passportCAExternal.openServerPublicKeyInputStream(i);
        } catch (IOException e) {
            Log.e(TAG, "openServerPublicKeyInputStream", e);
        }
        if (inputStream == null) {
            throw new NoCertException();
        }
        try {
            PublicKey publicKey = CertificateFactory.getInstance("X.509").generateCertificate(inputStream).getPublicKey();
            String algorithm = publicKey.getAlgorithm();
            if ("RSA".equalsIgnoreCase(algorithm)) {
                algorithm = "RSA/ECB/PKCS1Padding";
            }
            Cipher cipher = Cipher.getInstance(algorithm);
            cipher.init(1, publicKey);
            return encodeBase64(cipher.doFinal(decodeBase64(str)));
        } finally {
            IOUtils.closeQuietly(inputStream);
        }
    }

    protected PassportCAToken getCATokenOnline(String str, int i) {
        String makeLocalKey = makeLocalKey();
        String encryptWithServerPublicKey = encryptWithServerPublicKey(makeLocalKey, i);
        EasyMap easyMap = new EasyMap();
        easyMap.put("keyIndex", String.valueOf(i));
        easyMap.put("csecurity", encryptWithServerPublicKey);
        easyMap.put("_ver", PassportCAConstants.IMPL_VERSION);
        EasyMap easyMap2 = new EasyMap();
        easyMap2.easyPut("x-mistats-header", UUID.randomUUID().toString());
        String format = String.format("http://%s/ca/getToken", str);
        PassportRequestArguments passportRequestArguments = new PassportRequestArguments();
        passportRequestArguments.setUrl(format);
        passportRequestArguments.putAllParams(easyMap);
        passportRequestArguments.putAllHeaders(easyMap2);
        passportRequestArguments.setReadBody(true);
        try {
            JSONObject jSONObject = new JSONObject(XMPassport.removeSafePrefixAndGetRealBody(new RequestWithIP(new PassportSimpleRequest.GetAsString(passportRequestArguments), new IPUtil()).executeEx()));
            int i2 = jSONObject.getInt(GameServiceClient.RESULT_CODE);
            if (i2 != 0) {
                if (i2 == 10008) {
                    throw new PassportCAException("when getting Token server returns code: " + i2);
                }
                if (i2 != 81002) {
                    throw new InvalidResponseException("error result");
                }
                int i3 = jSONObject.getInt("info");
                this.passportCAExternal.saveServerPublicKeyIndex(i3);
                return getCATokenOnline(str, i3);
            }
            JSONObject jSONObject2 = jSONObject.getJSONObject(GameServiceClient.RESULT_DATA);
            String string = jSONObject2.getString("passport_ca_token");
            String string2 = jSONObject2.getString("casecurity");
            String optString = jSONObject2.optString("connectivity_ips");
            AESWithIVCoder aESWithIVCoder = new AESWithIVCoder(makeLocalKey);
            String decrypt = aESWithIVCoder.decrypt(string);
            String decrypt2 = aESWithIVCoder.decrypt(string2);
            if (!TextUtils.isEmpty(optString)) {
                try {
                    IPUtil.onGetServerIPList(aESWithIVCoder.decrypt(optString), str);
                } catch (CipherException e) {
                }
            }
            this.passportCAExternal.saveServerPublicKeyIndex(i);
            return new PassportCAToken(decrypt, decrypt2);
        } catch (InvalidCredentialException e2) {
            throw new IllegalStateException(e2);
        } catch (InvalidUserNameException e3) {
            throw new IllegalStateException(e3);
        } catch (NeedCaptchaException e4) {
            throw new IllegalStateException(e4);
        } catch (NeedNotificationException e5) {
            throw new IllegalStateException(e5);
        } catch (NeedVerificationException e6) {
            throw new IllegalStateException(e6);
        }
    }

    public String getCaUrl(String str) {
        return caUrlMap.get(str);
    }

    public PassportCAToken getPassportCAToken(String str, int i) {
        if (this.passportCAExternal == null) {
            throw new IllegalStateException("passportCATokenExternal is null");
        }
        PassportCAToken loadCAToken = this.passportCAExternal.loadCAToken();
        if (loadCAToken == null) {
            loadCAToken = getCATokenOnline(new URL(str).getHost(), this.passportCAExternal.loadServerPublicKeyIndex(i));
            if (loadCAToken != null) {
                this.passportCAExternal.saveCAToken(loadCAToken);
            }
        }
        return loadCAToken;
    }

    public void invalidateAllCAToken() {
        if (this.passportCAExternal == null) {
            throw new IllegalStateException("passportCATokenExternal is null");
        }
        this.passportCAExternal.saveCAToken(PassportCAToken.INVALID_INSTANCE);
    }

    public boolean isReady() {
        if (this.passportCAExternal == null) {
            return false;
        }
        return System.currentTimeMillis() >= this.passportCAExternal.loadNextCAEnabledTime(0L);
    }

    protected String makeLocalKey() {
        byte[] bArr = new byte[16];
        new SecureRandom().nextBytes(bArr);
        return encodeBase64(bArr);
    }

    public void onCADisabledForSeconds(Long l) {
        if (this.passportCAExternal != null) {
            if (l == null) {
                l = 86400L;
            } else if (l.longValue() > 604800) {
                l = 604800L;
            }
            this.passportCAExternal.saveNextCAEnabledTime(System.currentTimeMillis() + (l.longValue() * 1000));
        }
    }
}
