package io.mapsmessaging.security.identity.impl.auth0;

import com.auth0.exception.Auth0Exception;
import com.auth0.json.auth.TokenHolder;
import com.auth0.jwk.JwkException;
import com.auth0.jwk.JwkProvider;
import com.auth0.jwk.UrlJwkProvider;
import com.auth0.net.Response;
import io.mapsmessaging.logging.Logger;
import io.mapsmessaging.logging.LoggerFactory;
import io.mapsmessaging.security.identity.JwtHelper;
import io.mapsmessaging.security.identity.impl.external.JwtPasswordHasher;
import io.mapsmessaging.security.identity.impl.external.JwtValidator;
import io.mapsmessaging.security.identity.impl.external.TokenProvider;
import io.mapsmessaging.security.logging.AuthLogMessages;
import java.util.Arrays;

/* loaded from: input_file:io/mapsmessaging/security/identity/impl/auth0/Auth0PasswordHasher.class */
public class Auth0PasswordHasher extends JwtPasswordHasher implements TokenProvider {
    private static final Logger logger = LoggerFactory.getLogger(Auth0PasswordHasher.class);
    private final Auth0Auth auth;
    private final Auth0IdentityEntry identityEntry;
    private final String username;

    public Auth0PasswordHasher() {
        this.auth = null;
        this.username = "";
        this.identityEntry = null;
    }

    public Auth0PasswordHasher(String str, Auth0Auth auth0Auth, Auth0IdentityEntry auth0IdentityEntry) {
        this.auth = auth0Auth;
        this.username = str;
        this.identityEntry = auth0IdentityEntry;
    }

    @Override // io.mapsmessaging.security.passwords.PasswordHandler
    public String getName() {
        return "auth0";
    }

    @Override // io.mapsmessaging.security.passwords.PasswordHandler
    public byte[] transformPassword(byte[] bArr, byte[] bArr2, int i) {
        if (this.auth == null) {
            return new byte[0];
        }
        String str = new String(bArr);
        if (JwtHelper.isJwt(str)) {
            try {
                this.jwt = new JwtValidator(this).validateJwt(this.username, str);
                if (this.jwt != null) {
                    this.computedPassword = bArr;
                    success();
                    return this.computedPassword;
                }
            } catch (JwkException e) {
                logger.log(AuthLogMessages.AUTH0_JWT_FAILURE, e, new Object[0]);
            }
            return new byte[0];
        }
        try {
            Response execute = this.auth.getAuthAPI().login(this.username, str.toCharArray()).setScope("openid profile email").execute();
            if (execute.getStatusCode() == 200) {
                this.jwt = new JwtValidator(this).validateJwt(this.username, ((TokenHolder) execute.getBody()).getIdToken());
                this.computedPassword = bArr;
                success();
                return this.computedPassword;
            }
        } catch (Auth0Exception | JwkException e2) {
            this.computedPassword = new byte[12];
            Arrays.fill(this.computedPassword, (byte) -1);
            logger.log(AuthLogMessages.AUTH0_JWT_FAILURE, e2, new Object[0]);
        }
        return new byte[0];
    }

    private void success() {
        if (this.auth != null) {
            this.auth.authorised(this.identityEntry);
        }
    }

    @Override // io.mapsmessaging.security.identity.impl.external.TokenProvider
    public JwkProvider getJwkProvider(String str) {
        return new UrlJwkProvider("https://" + this.auth.getAuth0Domain() + "/");
    }
}
