package io.mosip.authentication.common.service.integration;

import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.ObjectMapper;
import io.mosip.authentication.common.service.factory.RestRequestFactory;
import io.mosip.authentication.common.service.helper.RestHelper;
import io.mosip.authentication.common.service.integration.dto.CryptomanagerRequestDto;
import io.mosip.authentication.common.service.integration.dto.EncryptDataRequestDto;
import io.mosip.authentication.core.constant.IdAuthenticationErrorConstants;
import io.mosip.authentication.core.constant.RestServicesConstants;
import io.mosip.authentication.core.exception.IDDataValidationException;
import io.mosip.authentication.core.exception.IdAuthenticationAppException;
import io.mosip.authentication.core.exception.RestServiceException;
import io.mosip.authentication.core.logger.IdaLogger;
import io.mosip.kernel.core.logger.spi.Logger;
import io.mosip.kernel.core.util.CryptoUtil;
import io.mosip.kernel.core.util.DateUtils;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.Optional;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Component;

@Component
/* loaded from: input_file:io/mosip/authentication/common/service/integration/KeyManager.class */
public class KeyManager {
    private static final String ERROR_CODE = "errorCode";
    private static final String SESSION_KEY = "requestSessionKey";

    @Value("${application.id}")
    private String appId;

    @Value("${partner.reference.id}")
    private String partnerId;

    @Value("${mosip.kernel.data-key-splitter}")
    private String keySplitter;

    @Autowired
    private RestHelper restHelper;

    @Autowired
    private RestRequestFactory restRequestFactory;
    private static Logger logger = IdaLogger.getLogger(KeyManager.class);

    public Map<String, Object> requestData(Map<String, Object> map, ObjectMapper objectMapper, String str) throws IdAuthenticationAppException {
        try {
            return decipherData(objectMapper, (byte[]) map.get("request"), CryptoUtil.decodeBase64((String) map.get(SESSION_KEY)), str);
        } catch (IOException e) {
            logger.error("sessionId", getClass().getSimpleName(), "requestData", e.getMessage());
            throw new IdAuthenticationAppException(IdAuthenticationErrorConstants.UNABLE_TO_PROCESS.getErrorCode(), IdAuthenticationErrorConstants.UNABLE_TO_PROCESS.getErrorMessage(), e);
        }
    }

    private Map<String, Object> decipherData(ObjectMapper objectMapper, byte[] bArr, byte[] bArr2, String str) throws IdAuthenticationAppException, IOException {
        return (Map) objectMapper.readValue(kernelDecryptAndDecode(CryptoUtil.encodeBase64(CryptoUtil.combineByteArray(bArr, bArr2, this.keySplitter)), str), Map.class);
    }

    public String kernelDecryptAndDecode(String str, String str2) throws IdAuthenticationAppException {
        return internalKernelDecryptAndDecode(str, str2, null, null, RestServicesConstants.DECRYPTION_SERVICE, true);
    }

    public String kernelDecrypt(String str, String str2, String str3, String str4) throws IdAuthenticationAppException {
        return internalKernelDecryptAndDecode(str, str2, str3, str4, RestServicesConstants.DECRYPTION_SERVICE, false);
    }

    private String internalKernelDecryptAndDecode(String str, String str2, String str3, String str4, RestServicesConstants restServicesConstants, boolean z) throws IdAuthenticationAppException {
        CryptomanagerRequestDto cryptomanagerRequestDto = new CryptomanagerRequestDto();
        try {
            cryptomanagerRequestDto.setApplicationId(this.appId);
            cryptomanagerRequestDto.setReferenceId(str2);
            cryptomanagerRequestDto.setTimeStamp(DateUtils.getUTCCurrentDateTime());
            cryptomanagerRequestDto.setData(str);
            if (str3 != null && !str3.isEmpty()) {
                cryptomanagerRequestDto.setAad(str3);
            }
            if (str4 != null && !str4.isEmpty()) {
                cryptomanagerRequestDto.setSalt(str4);
            }
            Object obj = ((Map) ((Map) this.restHelper.requestSync(this.restRequestFactory.buildRequest(restServicesConstants, RestRequestFactory.createRequest(cryptomanagerRequestDto), Map.class))).get("response")).get("data");
            return z ? new String(CryptoUtil.decodeBase64((String) obj), StandardCharsets.UTF_8) : (String) obj;
        } catch (IDDataValidationException e) {
            logger.error("sessionId", getClass().getSimpleName(), e.getErrorCode(), e.getErrorText());
            throw new IdAuthenticationAppException(IdAuthenticationErrorConstants.UNABLE_TO_PROCESS, e);
        } catch (RestServiceException e2) {
            logger.error("sessionId", getClass().getSimpleName(), e2.getErrorCode(), e2.getErrorText());
            Optional responseBody = e2.getResponseBody();
            if (responseBody.isPresent()) {
                handleRestError(responseBody.get());
            }
            logger.error("sessionId", getClass().getSimpleName(), e2.getErrorCode(), e2.getErrorText());
            throw new IdAuthenticationAppException(IdAuthenticationErrorConstants.SERVER_ERROR, e2);
        }
    }

    private void handleRestError(Object obj) throws IdAuthenticationAppException {
        Map emptyMap = obj instanceof Map ? (Map) obj : Collections.emptyMap();
        if (emptyMap.containsKey("errors")) {
            List list = (List) emptyMap.get("errors");
            String str = "KER-KMS-003";
            if (!list.isEmpty() && list.stream().anyMatch(map -> {
                return map.containsKey(ERROR_CODE) && ((String) map.get(ERROR_CODE)).equalsIgnoreCase(str);
            })) {
                throw new IdAuthenticationAppException(IdAuthenticationErrorConstants.PUBLICKEY_EXPIRED);
            }
            if (!list.isEmpty() && list.stream().anyMatch(map2 -> {
                return map2.containsKey(ERROR_CODE) && ((String) map2.get(ERROR_CODE)).equalsIgnoreCase("KER-FSE-003");
            })) {
                throw new IdAuthenticationAppException(IdAuthenticationErrorConstants.INVALID_ENCRYPTION);
            }
            throw new IdAuthenticationAppException(IdAuthenticationErrorConstants.UNABLE_TO_PROCESS);
        }
    }

    public String encryptData(Map<String, Object> map, ObjectMapper objectMapper) throws IdAuthenticationAppException {
        Map map2 = map.get("identity") instanceof Map ? (Map) map.get("identity") : null;
        if (!Objects.nonNull(map2)) {
            return null;
        }
        EncryptDataRequestDto encryptDataRequestDto = new EncryptDataRequestDto();
        encryptDataRequestDto.setApplicationId(this.appId);
        encryptDataRequestDto.setReferenceId(this.partnerId);
        encryptDataRequestDto.setTimeStamp(DateUtils.getUTCCurrentDateTime());
        encryptDataRequestDto.setData(CryptoUtil.encodeBase64(toJsonString(map2, objectMapper).getBytes()));
        try {
            return (String) ((Map) ((Map) this.restHelper.requestSync(this.restRequestFactory.buildRequest(RestServicesConstants.ENCRYPTION_SERVICE, RestRequestFactory.createRequest(encryptDataRequestDto), Map.class))).get("response")).get("data");
        } catch (IDDataValidationException | RestServiceException e) {
            logger.error("sessionId", getClass().getSimpleName(), e.getErrorCode(), e.getErrorText());
            throw new IdAuthenticationAppException(IdAuthenticationErrorConstants.UNABLE_TO_PROCESS, e);
        }
    }

    private String toJsonString(Object obj, ObjectMapper objectMapper) throws IdAuthenticationAppException {
        try {
            return objectMapper.writerFor(Map.class).writeValueAsString(obj);
        } catch (JsonProcessingException e) {
            throw new IdAuthenticationAppException(IdAuthenticationErrorConstants.UNABLE_TO_PROCESS, e);
        }
    }

    public String signResponse(String str) throws IdAuthenticationAppException {
        HashMap hashMap = new HashMap();
        hashMap.put("data", str);
        try {
            Map map = (Map) this.restHelper.requestSync(this.restRequestFactory.buildRequest(RestServicesConstants.DIGITAL_SIGNATURE_SIGN_SERVICE, RestRequestFactory.createRequest(hashMap), Map.class));
            if (map.containsKey("response") && Objects.nonNull(map.get("response"))) {
                return (String) ((Map) map.get("response")).get("signature");
            }
            throw new IdAuthenticationAppException(IdAuthenticationErrorConstants.UNABLE_TO_PROCESS);
        } catch (IDDataValidationException | RestServiceException e) {
            logger.error("sessionId", getClass().getSimpleName(), e.getErrorCode(), e.getErrorText());
            throw new IdAuthenticationAppException(IdAuthenticationErrorConstants.UNABLE_TO_PROCESS, e);
        }
    }
}
