package com.github.dbadia.sqrl.server;

import com.github.dbadia.sqrl.server.backchannel.SqrlClientOpt;
import com.github.dbadia.sqrl.server.backchannel.SqrlClientReply;
import com.github.dbadia.sqrl.server.backchannel.SqrlClientRequest;
import com.github.dbadia.sqrl.server.backchannel.SqrlLoggingUtil;
import com.github.dbadia.sqrl.server.backchannel.SqrlNutToken;
import com.github.dbadia.sqrl.server.backchannel.SqrlNutTokenUtil;
import com.github.dbadia.sqrl.server.backchannel.SqrlTif;
import com.github.dbadia.sqrl.server.data.SqrlAutoCloseablePersistence;
import com.github.dbadia.sqrl.server.data.SqrlCorrelator;
import com.github.dbadia.sqrl.server.data.SqrlIdentity;
import com.github.dbadia.sqrl.server.data.SqrlPersistenceCleanupTask;
import com.github.dbadia.sqrl.server.exception.SqrlDisabledUserException;
import com.github.dbadia.sqrl.server.exception.SqrlInvalidRequestException;
import com.github.dbadia.sqrl.server.exception.SqrlPersistenceException;
import com.github.dbadia.sqrl.server.util.SqrlConstants;
import com.github.dbadia.sqrl.server.util.SqrlException;
import com.github.dbadia.sqrl.server.util.SqrlServiceExecutor;
import com.github.dbadia.sqrl.server.util.SqrlUtil;
import com.google.zxing.BarcodeFormat;
import com.google.zxing.EncodeHintType;
import com.google.zxing.WriterException;
import com.google.zxing.common.BitMatrix;
import com.google.zxing.qrcode.QRCodeWriter;
import com.google.zxing.qrcode.decoder.ErrorCorrectionLevel;
import java.awt.Color;
import java.awt.Graphics2D;
import java.awt.image.BufferedImage;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.PrintWriter;
import java.lang.reflect.Constructor;
import java.net.InetAddress;
import java.net.URI;
import java.net.URISyntaxException;
import java.net.UnknownHostException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.Collections;
import java.util.Date;
import java.util.EnumMap;
import java.util.Map;
import java.util.Set;
import java.util.TreeMap;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.atomic.AtomicInteger;
import javax.imageio.ImageIO;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/github/dbadia/sqrl/server/SqrlServerOperations.class */
public class SqrlServerOperations {
    private static final String COMMAND_QUERY = "query";
    private static final String COMMAND_IDENT = "ident";
    private static final String COMMAND_DISABLE = "disable";
    private static final String COMMAND_ENABLE = "enable";
    private static final String COMMAND_REMOVE = "remove";
    private static SqrlServiceExecutor sqrlServiceExecutor;
    private final SqrlPersistenceFactory persistenceFactory;
    private final SqrlConfigOperations configOperations;
    private final SqrlConfig config;
    private final SqrlAuthStateMonitor authStateMonitor;
    private static final Logger logger = LoggerFactory.getLogger(SqrlServerOperations.class);
    private static final AtomicInteger COUNTER = new AtomicInteger(0);
    static final long MAX_TIMESTAMP = Integer.toUnsignedLong(-1) * 1000;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: com.github.dbadia.sqrl.server.SqrlServerOperations$1, reason: invalid class name */
    /* loaded from: input_file:com/github/dbadia/sqrl/server/SqrlServerOperations$1.class */
    public static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$com$github$dbadia$sqrl$server$backchannel$SqrlClientOpt = new int[SqrlClientOpt.values().length];

        static {
            try {
                $SwitchMap$com$github$dbadia$sqrl$server$backchannel$SqrlClientOpt[SqrlClientOpt.suk.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$com$github$dbadia$sqrl$server$backchannel$SqrlClientOpt[SqrlClientOpt.cps.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$com$github$dbadia$sqrl$server$backchannel$SqrlClientOpt[SqrlClientOpt.hardlock.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
            try {
                $SwitchMap$com$github$dbadia$sqrl$server$backchannel$SqrlClientOpt[SqrlClientOpt.sqrlonly.ordinal()] = 4;
            } catch (NoSuchFieldError e4) {
            }
        }
    }

    public SqrlServerOperations(SqrlConfig sqrlConfig) {
        if (sqrlConfig == null) {
            throw new IllegalArgumentException("SqrlConfig object must not be null", null);
        }
        this.configOperations = new SqrlConfigOperations(sqrlConfig);
        this.persistenceFactory = this.configOperations.getSqrlPersistenceFactory();
        this.config = sqrlConfig;
        String clientAuthStateUpdaterClass = sqrlConfig.getClientAuthStateUpdaterClass();
        if (sqrlConfig.getClientAuthStateUpdaterClass() == null) {
            logger.warn("No ClientAuthStateUpdaterClass is set, auto client status refresh is disabled");
            this.authStateMonitor = null;
        } else {
            try {
                logger.info("Instantiating ClientAuthStateUpdater class of {}", clientAuthStateUpdaterClass);
                Constructor<?> constructor = Class.forName(clientAuthStateUpdaterClass).getConstructor(new Class[0]);
                if (constructor == null) {
                    throw new IllegalStateException("SQRL AuthStateUpdaterClass of " + clientAuthStateUpdaterClass + " must have a no-arg constructor, but does not");
                }
                Object newInstance = constructor.newInstance(new Object[0]);
                if (!(newInstance instanceof SqrlClientAuthStateUpdater)) {
                    throw new IllegalStateException("SQRL AuthStateUpdaterClass of " + clientAuthStateUpdaterClass + " was not an instance of ClientAuthStateUpdater");
                }
                SqrlClientAuthStateUpdater sqrlClientAuthStateUpdater = (SqrlClientAuthStateUpdater) newInstance;
                this.authStateMonitor = new SqrlAuthStateMonitor(sqrlConfig, this, sqrlClientAuthStateUpdater);
                sqrlClientAuthStateUpdater.initSqrl(sqrlConfig, this.authStateMonitor);
                long authSyncCheckInMillis = sqrlConfig.getAuthSyncCheckInMillis();
                logger.info("Client auth state task scheduled to run every {} ms", Long.valueOf(authSyncCheckInMillis));
                sqrlServiceExecutor.scheduleAtFixedRate(this.authStateMonitor, authSyncCheckInMillis, authSyncCheckInMillis, TimeUnit.MILLISECONDS);
            } catch (ReflectiveOperationException e) {
                throw new IllegalStateException("SQRL: Error instantiating ClientAuthStateUpdaterClass of " + clientAuthStateUpdaterClass, e);
            }
        }
        int cleanupTaskExecInMinutes = sqrlConfig.getCleanupTaskExecInMinutes();
        if (cleanupTaskExecInMinutes == -1) {
            logger.warn("Auto cleanup is disabled since config.getCleanupTaskExecInMinutes() == -1");
        } else {
            if (cleanupTaskExecInMinutes <= 0) {
                throw new IllegalArgumentException("config.getCleanupTaskExecInMinutes() must be -1 or > 0");
            }
            logger.info("Persistence cleanup task registered to run every {} minutes", Integer.valueOf(cleanupTaskExecInMinutes));
            sqrlServiceExecutor.scheduleAtFixedRate(new SqrlPersistenceCleanupTask(this.persistenceFactory), cleanupTaskExecInMinutes, cleanupTaskExecInMinutes, TimeUnit.MINUTES);
        }
    }

    public static void setExecutor(SqrlServiceExecutor sqrlServiceExecutor2) {
        sqrlServiceExecutor = sqrlServiceExecutor2;
    }

    public SqrlAuthPageData prepareSqrlAuthPageData(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, InetAddress inetAddress, int i) throws SqrlException {
        URI backchannelRequestUrl = this.configOperations.getBackchannelRequestUrl(httpServletRequest);
        StringBuilder sb = new StringBuilder(backchannelRequestUrl.toString());
        SqrlNutToken buildNut = buildNut(backchannelRequestUrl, inetAddress);
        sb.append("?nut=").append(buildNut.asSqrlBase64EncryptedNut());
        String serverFriendlyName = this.config.getServerFriendlyName();
        if (serverFriendlyName == null) {
            serverFriendlyName = SqrlUtil.computeSfnFromUrl(httpServletRequest);
            this.config.setServerFriendlyName(serverFriendlyName);
        }
        sb.append("&sfn=").append(SqrlUtil.sqrlBase64UrlEncode(serverFriendlyName));
        try {
            SqrlAutoCloseablePersistence createSqrlPersistence = createSqrlPersistence();
            Throwable th = null;
            try {
                try {
                    String sqrlBase64UrlEncode = SqrlUtil.sqrlBase64UrlEncode(MessageDigest.getInstance("SHA-256").digest(buildNut.asSqrlBase64EncryptedNut().getBytes()));
                    sb.append("&").append(SqrlConstants.CLIENT_PARAM_CORRELATOR).append("=").append(sqrlBase64UrlEncode);
                    String sb2 = sb.toString();
                    ByteArrayOutputStream generateQrCode = generateQrCode(this.config, sb2, i);
                    createSqrlPersistence.createCorrelator(sqrlBase64UrlEncode, new Date(System.currentTimeMillis() + (1000 * this.config.getNutValidityInSeconds()))).getTransientAuthDataTable().put(SqrlConstants.TRANSIENT_NAME_SERVER_PARROT, SqrlUtil.sqrlBase64UrlEncode(sb2));
                    createSqrlPersistence.closeCommit();
                    String computeCookieDomain = SqrlUtil.computeCookieDomain(httpServletRequest, this.config);
                    httpServletResponse.addCookie(SqrlUtil.createOrUpdateCookie(httpServletRequest, computeCookieDomain, this.config.getCorrelatorCookieName(), sqrlBase64UrlEncode, this.config.getNutValidityInSeconds() + 120, this.config));
                    httpServletResponse.addCookie(SqrlUtil.createOrUpdateCookie(httpServletRequest, computeCookieDomain, this.config.getFirstNutCookieName(), buildNut.asSqrlBase64EncryptedNut(), this.config.getNutValidityInSeconds(), this.config));
                    SqrlAuthPageData sqrlAuthPageData = new SqrlAuthPageData(sb2, generateQrCode, buildNut, sqrlBase64UrlEncode);
                    if (createSqrlPersistence != null) {
                        if (0 != 0) {
                            try {
                                createSqrlPersistence.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            createSqrlPersistence.close();
                        }
                    }
                    return sqrlAuthPageData;
                } finally {
                }
            } finally {
            }
        } catch (NoSuchAlgorithmException e) {
            throw new SqrlException(SqrlLoggingUtil.getLogHeader() + "Caught exception during correlator create", e);
        }
    }

    private SqrlNutToken buildNut(URI uri, InetAddress inetAddress) throws SqrlException {
        int inetAddressToInt = SqrlNutTokenUtil.inetAddressToInt(uri, inetAddress, this.config);
        int nextInt = this.config.getSecureRandom().nextInt();
        return new SqrlNutToken(inetAddressToInt, this.configOperations, COUNTER.getAndIncrement(), this.config.getCurrentTimeMs(), nextInt);
    }

    public void handleSqrlClientRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        SqrlLoggingUtil.initLoggingHeader(httpServletRequest);
        if (logger.isInfoEnabled()) {
            logger.info(SqrlUtil.buildLogMessageForSqrlClientRequest(httpServletRequest).toString());
        }
        String str = "unknown";
        SqrlTif.TifBuilder tifBuilder = new SqrlTif.TifBuilder();
        boolean z = false;
        Object obj = "invalid";
        try {
            String str2 = "";
            SqrlClientRequest sqrlClientRequest = null;
            SqrlAutoCloseablePersistence createSqrlPersistence = createSqrlPersistence();
            SqrlException sqrlException = null;
            try {
                str = SqrlClientRequest.parseCorrelatorOnly(httpServletRequest);
                sqrlClientRequest = new SqrlClientRequest(httpServletRequest, createSqrlPersistence, this.configOperations);
                str2 = SqrlLoggingUtil.updateLogHeader(str + " " + sqrlClientRequest.getClientCommand() + ":: ");
                if (checkIfIpsMatch(sqrlClientRequest.getNut(), httpServletRequest)) {
                    tifBuilder.addFlag(4);
                }
                SqrlNutToken nut = sqrlClientRequest.getNut();
                SqrlNutTokenUtil.validateNut(str, nut, this.config, createSqrlPersistence, tifBuilder);
                z = processClientCommand(sqrlClientRequest, nut, tifBuilder, str);
                httpServletResponse.setStatus(200);
                obj = "OK";
                createSqrlPersistence.closeCommit();
            } catch (SqrlException e) {
                sqrlException = e;
                createSqrlPersistence.closeRollback();
                tifBuilder.clearAllFlags().addFlag(64);
                if (e instanceof SqrlInvalidRequestException) {
                    tifBuilder.addFlag(SqrlTif.TIF_CLIENT_FAILURE);
                    logger.error("{}Received invalid SQRL request: {} of {}", new Object[]{SqrlLoggingUtil.getLogHeader(), e.getMessage(), SqrlUtil.buildLogMessageForSqrlClientRequest(httpServletRequest), e});
                } else {
                    logger.error("{}Generate exception processing SQRL request: {} of {}", new Object[]{SqrlLoggingUtil.getLogHeader(), e.getMessage(), SqrlUtil.buildLogMessageForSqrlClientRequest(httpServletRequest), e});
                }
                httpServletResponse.setStatus(500);
            }
            String str3 = "";
            SqrlPersistence createSqrlPersistence2 = this.persistenceFactory.createSqrlPersistence();
            try {
                SqrlTif createTif = tifBuilder.createTif();
                boolean z2 = sqrlException != null;
                str3 = buildReply(z2, httpServletRequest, sqrlClientRequest, z, createTif, str);
                SqrlCorrelator fetchSqrlCorrelatorRequired = createSqrlPersistence2.fetchSqrlCorrelatorRequired(str);
                if (z2) {
                    SqrlAuthenticationStatus sqrlAuthenticationStatus = SqrlAuthenticationStatus.ERROR_SQRL_INTERNAL;
                    if (sqrlException instanceof SqrlInvalidRequestException) {
                        sqrlAuthenticationStatus = SqrlAuthenticationStatus.ERROR_BAD_REQUEST;
                    } else if (sqrlException instanceof SqrlDisabledUserException) {
                        sqrlAuthenticationStatus = SqrlAuthenticationStatus.ERROR_SQRL_USER_DISABLED;
                    }
                    fetchSqrlCorrelatorRequired.setAuthenticationStatus(sqrlAuthenticationStatus);
                } else {
                    fetchSqrlCorrelatorRequired.getTransientAuthDataTable().put(SqrlConstants.TRANSIENT_NAME_SERVER_PARROT, str3);
                }
                createSqrlPersistence2.closeCommit();
                transmitReplyToSqrlClient(httpServletResponse, str3);
                logger.info("{}Processed sqrl client request replying with tif {}", str2, createTif);
            } catch (SqrlException e2) {
                createSqrlPersistence2.closeRollback();
                logger.error("{}Error sending SQRL reply with param: {}", new Object[]{str2, obj, SqrlUtil.base64UrlDecodeToStringOrErrorMessage(str3), e2});
                logger.debug("{}Request {}, responded with   B64: {}", new Object[]{str2, obj, str3});
            }
        } finally {
            SqrlLoggingUtil.clearLogHeader();
        }
    }

    protected boolean processClientCommand(SqrlClientRequest sqrlClientRequest, SqrlNutToken sqrlNutToken, SqrlTif.TifBuilder tifBuilder, String str) throws SqrlException {
        String logHeader = SqrlLoggingUtil.getLogHeader();
        String clientCommand = sqrlClientRequest.getClientCommand();
        logger.debug("{}Processing {} command for nut {}", new Object[]{logHeader, clientCommand, sqrlNutToken});
        String idk = sqrlClientRequest.getIdk();
        SqrlAutoCloseablePersistence createSqrlPersistence = createSqrlPersistence();
        try {
            boolean doesSqrlIdentityExistByIdk = createSqrlPersistence.doesSqrlIdentityExistByIdk(idk);
            if (doesSqrlIdentityExistByIdk) {
                tifBuilder.addFlag(1);
            } else if (sqrlClientRequest.hasPidk() && createSqrlPersistence.fetchSqrlIdentityDataItem(idk, sqrlClientRequest.getPidk()) == null) {
                createSqrlPersistence.updateIdkForSqrlIdentity(sqrlClientRequest.getPidk(), idk);
                tifBuilder.addFlag(2);
            }
            processNonSukOptions(sqrlClientRequest, tifBuilder, logHeader);
            if (!COMMAND_QUERY.equals(clientCommand)) {
                if (COMMAND_ENABLE.equals(clientCommand)) {
                    Boolean fetchSqrlFlagForIdentity = createSqrlPersistence.fetchSqrlFlagForIdentity(idk, SqrlFlag.SQRL_AUTH_ENABLED);
                    if (fetchSqrlFlagForIdentity != null && fetchSqrlFlagForIdentity.booleanValue()) {
                        logger.warn("{}Received request to ENABLE but it already is");
                    } else {
                        if (!sqrlClientRequest.containsUrs()) {
                            throw new SqrlInvalidRequestException(SqrlLoggingUtil.getLogHeader() + "Request was to enable SQRL but didn't contain urs signature");
                        }
                        createSqrlPersistence.setSqrlFlagForIdentity(idk, SqrlFlag.SQRL_AUTH_ENABLED, true);
                    }
                } else if (COMMAND_REMOVE.equals(clientCommand)) {
                    if (!sqrlClientRequest.containsUrs()) {
                        throw new SqrlInvalidRequestException(SqrlLoggingUtil.getLogHeader() + "Request was to enable SQRL but didn't contain urs signature");
                    }
                    createSqrlPersistence.deleteSqrlIdentity(idk);
                } else if (COMMAND_DISABLE.equals(clientCommand)) {
                    createSqrlPersistence.setSqrlFlagForIdentity(idk, SqrlFlag.SQRL_AUTH_ENABLED, false);
                } else {
                    if (!COMMAND_IDENT.equals(clientCommand)) {
                        tifBuilder.addFlag(16);
                        tifBuilder.addFlag(64);
                        throw new SqrlException(SqrlLoggingUtil.getLogHeader() + "Unsupported client command " + clientCommand, null);
                    }
                    if (!doesSqrlIdentityExistByIdk) {
                        createSqrlPersistence.createAndEnableSqrlIdentity(idk, Collections.emptyMap());
                    }
                    boolean equals = Boolean.TRUE.equals(createSqrlPersistence.fetchSqrlFlagForIdentity(idk, SqrlFlag.SQRL_AUTH_ENABLED));
                    if (doesSqrlIdentityExistByIdk && !equals) {
                        tifBuilder.addFlag(8);
                        tifBuilder.addFlag(64);
                        throw new SqrlDisabledUserException(SqrlLoggingUtil.getLogHeader() + "SQRL is disabled for this user");
                    }
                    createSqrlPersistence.storeSqrlDataForSqrlIdentity(idk, sqrlClientRequest.getKeysToBeStored());
                    doesSqrlIdentityExistByIdk = true;
                    logger.info("{}User SQRL authenticated idk={}", logHeader, idk);
                    createSqrlPersistence.userAuthenticatedViaSqrl(idk, str);
                }
            }
            createSqrlPersistence.closeCommit();
            return doesSqrlIdentityExistByIdk;
        } catch (SqrlException e) {
            createSqrlPersistence.closeRollback();
            throw e;
        }
    }

    private void processNonSukOptions(SqrlClientRequest sqrlClientRequest, SqrlTif.TifBuilder tifBuilder, String str) {
        for (SqrlClientOpt sqrlClientOpt : sqrlClientRequest.getOptList()) {
            switch (AnonymousClass1.$SwitchMap$com$github$dbadia$sqrl$server$backchannel$SqrlClientOpt[sqrlClientOpt.ordinal()]) {
                case SqrlTif.TIF_CURRENT_ID_MATCH /* 1 */:
                    break;
                case SqrlTif.TIF_PREVIOUS_ID_MATCH /* 2 */:
                case 3:
                case SqrlTif.TIF_IPS_MATCHED /* 4 */:
                    logger.warn("{}The SQRL client option {} is not yet supported", str, sqrlClientOpt);
                    if (!sqrlClientOpt.isNonQueryOnly() || !COMMAND_QUERY.equals(sqrlClientRequest.getClientCommand())) {
                        tifBuilder.addFlag(16);
                        break;
                    } else {
                        break;
                    }
                default:
                    logger.error("{}Don't know how to reply to SQRL client opt {}", str, sqrlClientOpt);
                    tifBuilder.addFlag(16);
                    break;
            }
        }
    }

    private String buildReply(boolean z, HttpServletRequest httpServletRequest, SqrlClientRequest sqrlClientRequest, boolean z2, SqrlTif sqrlTif, String str) throws SqrlException {
        SqrlClientReply sqrlClientReply;
        String logHeader = SqrlLoggingUtil.getLogHeader();
        SqrlAutoCloseablePersistence createSqrlPersistence = createSqrlPersistence();
        try {
            URI uri = new URI(httpServletRequest.getRequestURL().toString());
            String subsequentRequestPath = this.configOperations.getSubsequentRequestPath(httpServletRequest);
            if (z) {
                sqrlClientReply = new SqrlClientReply(SqrlConstants.ERROR, sqrlTif, subsequentRequestPath, SqrlConstants.ERROR, Collections.emptyMap());
            } else {
                sqrlClientReply = new SqrlClientReply(buildNut(uri, determineClientIpAddress(httpServletRequest, this.config)).asSqrlBase64EncryptedNut(), sqrlTif, subsequentRequestPath, str, buildReplyAdditionalDataTable(sqrlClientRequest, z2, createSqrlPersistence));
            }
            String base64 = sqrlClientReply.toBase64();
            logger.debug("{}Build serverReplyString: {}", logHeader, base64);
            createSqrlPersistence.closeCommit();
            return base64;
        } catch (URISyntaxException e) {
            createSqrlPersistence.closeRollback();
            throw new SqrlException(SqrlLoggingUtil.getLogHeader() + "Error converting servletRequest.getRequestURL() to URI.  servletRequest.getRequestURL()=" + ((Object) httpServletRequest.getRequestURL()), e);
        }
    }

    private Map<String, String> buildReplyAdditionalDataTable(SqrlClientRequest sqrlClientRequest, boolean z, SqrlPersistence sqrlPersistence) {
        String sqrlClientOpt;
        String fetchSqrlIdentityDataItem;
        TreeMap treeMap = new TreeMap();
        if (sqrlClientRequest != null && z && sqrlClientRequest.getOptList().contains(SqrlClientOpt.suk) && (fetchSqrlIdentityDataItem = sqrlPersistence.fetchSqrlIdentityDataItem(sqrlClientRequest.getIdk(), (sqrlClientOpt = SqrlClientOpt.suk.toString()))) != null) {
            treeMap.put(sqrlClientOpt, fetchSqrlIdentityDataItem);
        }
        return treeMap;
    }

    static InetAddress determineClientIpAddress(HttpServletRequest httpServletRequest, SqrlConfig sqrlConfig) throws SqrlException {
        String[] ipForwardedForHeaders = sqrlConfig.getIpForwardedForHeaders();
        String str = null;
        if (ipForwardedForHeaders != null) {
            for (String str2 : ipForwardedForHeaders) {
                str = httpServletRequest.getHeader(str2);
                if (SqrlUtil.isNotBlank(str)) {
                    break;
                }
            }
        }
        if (SqrlUtil.isBlank(str)) {
            str = httpServletRequest.getRemoteAddr();
        }
        try {
            return InetAddress.getByName(str);
        } catch (UnknownHostException e) {
            throw new SqrlException("Caught exception trying to determine clients IP address", e);
        }
    }

    private void transmitReplyToSqrlClient(HttpServletResponse httpServletResponse, String str) throws IOException {
        httpServletResponse.setContentType("text/html;charset=utf-8");
        httpServletResponse.setContentLength(str.length());
        PrintWriter writer = httpServletResponse.getWriter();
        Throwable th = null;
        try {
            try {
                writer.write(str);
                writer.flush();
                writer.close();
                if (writer != null) {
                    if (0 == 0) {
                        writer.close();
                        return;
                    }
                    try {
                        writer.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                }
            } catch (Throwable th3) {
                th = th3;
                throw th3;
            }
        } catch (Throwable th4) {
            if (writer != null) {
                if (th != null) {
                    try {
                        writer.close();
                    } catch (Throwable th5) {
                        th.addSuppressed(th5);
                    }
                } else {
                    writer.close();
                }
            }
            throw th4;
        }
    }

    private boolean checkIfIpsMatch(SqrlNutToken sqrlNutToken, HttpServletRequest httpServletRequest) throws SqrlException {
        if (SqrlUtil.isBlank(httpServletRequest.getRemoteAddr())) {
            throw new SqrlException(SqrlLoggingUtil.getLogHeader() + "No ip address found in sqrl request");
        }
        return SqrlNutTokenUtil.validateInetAddress(SqrlUtil.ipStringToInetAddresss(httpServletRequest.getRemoteAddr()), sqrlNutToken.getInetInt(), this.config);
    }

    private ByteArrayOutputStream generateQrCode(SqrlConfig sqrlConfig, String str, int i) throws SqrlException {
        try {
            EnumMap enumMap = new EnumMap(EncodeHintType.class);
            enumMap.put((EnumMap) EncodeHintType.CHARACTER_SET, (EncodeHintType) SqrlConstants.UTF8);
            enumMap.put((EnumMap) EncodeHintType.MARGIN, (EncodeHintType) 1);
            enumMap.put((EnumMap) EncodeHintType.ERROR_CORRECTION, (EncodeHintType) ErrorCorrectionLevel.L);
            BitMatrix encode = new QRCodeWriter().encode(str, BarcodeFormat.QR_CODE, i, i, enumMap);
            int width = encode.getWidth();
            BufferedImage bufferedImage = new BufferedImage(width, width, 1);
            bufferedImage.createGraphics();
            Graphics2D graphics = bufferedImage.getGraphics();
            graphics.setColor(Color.WHITE);
            graphics.fillRect(0, 0, width, width);
            graphics.setColor(Color.BLACK);
            for (int i2 = 0; i2 < width; i2++) {
                for (int i3 = 0; i3 < width; i3++) {
                    if (encode.get(i2, i3)) {
                        graphics.fillRect(i2, i3, 1, 1);
                    }
                }
            }
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            ImageIO.write(bufferedImage, sqrlConfig.getQrCodeFileType().toString().toLowerCase(), byteArrayOutputStream);
            return byteArrayOutputStream;
        } catch (IOException | WriterException e) {
            throw new SqrlException("Caught exception during QR code generation", e);
        }
    }

    private SqrlAutoCloseablePersistence createSqrlPersistence() {
        return new SqrlAutoCloseablePersistence(this.persistenceFactory.createSqrlPersistence());
    }

    public void deleteSqrlAuthCookies(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        SqrlUtil.deleteCookies(httpServletRequest, httpServletResponse, this.config, this.config.getCorrelatorCookieName(), this.config.getFirstNutCookieName());
    }

    public long determineNutExpiry(HttpServletRequest httpServletRequest) throws SqrlException {
        String findCookieValue = SqrlUtil.findCookieValue(httpServletRequest, this.config.getFirstNutCookieName());
        if (findCookieValue == null) {
            throw new SqrlException("firstNutCookie with name " + this.config.getFirstNutCookieName() + " was not found on http request");
        }
        return SqrlNutTokenUtil.computeNutExpiresAt(new SqrlNutToken(this.configOperations, findCookieValue), this.config);
    }

    public void updateNativeUserXref(SqrlIdentity sqrlIdentity, String str) {
        SqrlAutoCloseablePersistence createSqrlPersistence = createSqrlPersistence();
        Throwable th = null;
        try {
            createSqrlPersistence.updateNativeUserXref(sqrlIdentity.getId(), str);
            createSqrlPersistence.closeCommit();
            if (createSqrlPersistence != null) {
                if (0 == 0) {
                    createSqrlPersistence.close();
                    return;
                }
                try {
                    createSqrlPersistence.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
        } catch (Throwable th3) {
            if (createSqrlPersistence != null) {
                if (0 != 0) {
                    try {
                        createSqrlPersistence.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    createSqrlPersistence.close();
                }
            }
            throw th3;
        }
    }

    public String extractSqrlCorrelatorStringFromRequestCookie(HttpServletRequest httpServletRequest) {
        return SqrlUtil.findCookieValue(httpServletRequest, this.config.getCorrelatorCookieName());
    }

    public SqrlCorrelator fetchSqrlCorrelator(HttpServletRequest httpServletRequest) {
        String extractSqrlCorrelatorStringFromRequestCookie = extractSqrlCorrelatorStringFromRequestCookie(httpServletRequest);
        if (extractSqrlCorrelatorStringFromRequestCookie == null) {
            return null;
        }
        return fetchSqrlCorrelator(extractSqrlCorrelatorStringFromRequestCookie);
    }

    public SqrlCorrelator fetchSqrlCorrelator(String str) {
        if (SqrlUtil.isBlank(str)) {
            throw new SqrlPersistenceException("Correlator cookie not found on request");
        }
        SqrlAutoCloseablePersistence createSqrlPersistence = createSqrlPersistence();
        Throwable th = null;
        try {
            SqrlCorrelator fetchSqrlCorrelator = createSqrlPersistence.fetchSqrlCorrelator(str);
            createSqrlPersistence.closeCommit();
            if (createSqrlPersistence != null) {
                if (0 != 0) {
                    try {
                        createSqrlPersistence.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                } else {
                    createSqrlPersistence.close();
                }
            }
            return fetchSqrlCorrelator;
        } catch (Throwable th3) {
            if (createSqrlPersistence != null) {
                if (0 != 0) {
                    try {
                        createSqrlPersistence.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    createSqrlPersistence.close();
                }
            }
            throw th3;
        }
    }

    public SqrlIdentity fetchSqrlIdentityByUserXref(String str) {
        SqrlAutoCloseablePersistence createSqrlPersistence = createSqrlPersistence();
        Throwable th = null;
        try {
            try {
                SqrlIdentity fetchSqrlIdentityByUserXref = createSqrlPersistence.fetchSqrlIdentityByUserXref(str);
                createSqrlPersistence.closeCommit();
                if (createSqrlPersistence != null) {
                    if (0 != 0) {
                        try {
                            createSqrlPersistence.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        createSqrlPersistence.close();
                    }
                }
                return fetchSqrlIdentityByUserXref;
            } finally {
            }
        } catch (Throwable th3) {
            if (createSqrlPersistence != null) {
                if (th != null) {
                    try {
                        createSqrlPersistence.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    createSqrlPersistence.close();
                }
            }
            throw th3;
        }
    }

    public Map<String, SqrlCorrelator> fetchSqrlCorrelatorsDetached(Set<String> set) {
        SqrlAutoCloseablePersistence createSqrlPersistence = createSqrlPersistence();
        Throwable th = null;
        try {
            try {
                Map<String, SqrlCorrelator> fetchSqrlCorrelatorsDetached = createSqrlPersistence.fetchSqrlCorrelatorsDetached(set);
                createSqrlPersistence.closeCommit();
                if (createSqrlPersistence != null) {
                    if (0 != 0) {
                        try {
                            createSqrlPersistence.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        createSqrlPersistence.close();
                    }
                }
                return fetchSqrlCorrelatorsDetached;
            } finally {
            }
        } catch (Throwable th3) {
            if (createSqrlPersistence != null) {
                if (th != null) {
                    try {
                        createSqrlPersistence.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    createSqrlPersistence.close();
                }
            }
            throw th3;
        }
    }

    public Map<String, SqrlAuthenticationStatus> fetchSqrlCorrelatorStatusUpdates(Map<String, SqrlAuthenticationStatus> map) {
        SqrlAutoCloseablePersistence createSqrlPersistence = createSqrlPersistence();
        Throwable th = null;
        try {
            try {
                Map<String, SqrlAuthenticationStatus> fetchSqrlCorrelatorStatusUpdates = createSqrlPersistence.fetchSqrlCorrelatorStatusUpdates(map);
                createSqrlPersistence.closeCommit();
                if (createSqrlPersistence != null) {
                    if (0 != 0) {
                        try {
                            createSqrlPersistence.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        createSqrlPersistence.close();
                    }
                }
                return fetchSqrlCorrelatorStatusUpdates;
            } finally {
            }
        } catch (Throwable th3) {
            if (createSqrlPersistence != null) {
                if (th != null) {
                    try {
                        createSqrlPersistence.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    createSqrlPersistence.close();
                }
            }
            throw th3;
        }
    }

    public void deleteSqrlCorrelator(SqrlCorrelator sqrlCorrelator) {
        SqrlAutoCloseablePersistence createSqrlPersistence = createSqrlPersistence();
        Throwable th = null;
        try {
            try {
                createSqrlPersistence.deleteSqrlCorrelator(sqrlCorrelator);
                createSqrlPersistence.closeCommit();
                if (createSqrlPersistence != null) {
                    if (0 == 0) {
                        createSqrlPersistence.close();
                        return;
                    }
                    try {
                        createSqrlPersistence.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                }
            } catch (Throwable th3) {
                th = th3;
                throw th3;
            }
        } catch (Throwable th4) {
            if (createSqrlPersistence != null) {
                if (th != null) {
                    try {
                        createSqrlPersistence.close();
                    } catch (Throwable th5) {
                        th.addSuppressed(th5);
                    }
                } else {
                    createSqrlPersistence.close();
                }
            }
            throw th4;
        }
    }

    public void cleanSqrlAuthData(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        SqrlCorrelator fetchSqrlCorrelator = fetchSqrlCorrelator(httpServletRequest);
        deleteSqrlAuthCookies(httpServletRequest, httpServletResponse);
        deleteSqrlCorrelator(fetchSqrlCorrelator);
    }
}
