package io.mosip.authentication.common.service.integration;

import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.ObjectMapper;
import io.mosip.authentication.common.service.transaction.manager.IdAuthSecurityManager;
import io.mosip.authentication.core.constant.IdAuthenticationErrorConstants;
import io.mosip.authentication.core.exception.IdAuthenticationAppException;
import io.mosip.authentication.core.exception.IdAuthenticationBusinessException;
import io.mosip.authentication.core.logger.IdaLogger;
import io.mosip.authentication.core.spi.indauth.match.ConsumerWithException;
import io.mosip.kernel.core.logger.spi.Logger;
import io.mosip.kernel.core.util.CryptoUtil;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.util.Map;
import java.util.Objects;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Component;

@Component
/* loaded from: input_file:io/mosip/authentication/common/service/integration/KeyManager.class */
public class KeyManager {
    private static final String SESSION_KEY = "requestSessionKey";

    @Value("${application.id}")
    private String appId;

    @Value("${partner.reference.id}")
    private String partnerId;

    @Value("${mosip.kernel.data-key-splitter}")
    private String keySplitter;

    @Autowired
    private IdAuthSecurityManager securityManager;
    private static Logger logger = IdaLogger.getLogger(KeyManager.class);

    public Map<String, Object> requestData(Map<String, Object> map, ObjectMapper objectMapper, String str, ConsumerWithException<String, IdAuthenticationAppException> consumerWithException) throws IdAuthenticationAppException {
        try {
            return decipherData(objectMapper, (byte[]) map.get("request"), CryptoUtil.decodeBase64((String) map.get(SESSION_KEY)), str, consumerWithException);
        } catch (IOException e) {
            logger.error("sessionId", getClass().getSimpleName(), "requestData", e.getMessage());
            throw new IdAuthenticationAppException(IdAuthenticationErrorConstants.UNABLE_TO_PROCESS.getErrorCode(), IdAuthenticationErrorConstants.UNABLE_TO_PROCESS.getErrorMessage(), e);
        }
    }

    private Map<String, Object> decipherData(ObjectMapper objectMapper, byte[] bArr, byte[] bArr2, String str, ConsumerWithException<String, IdAuthenticationAppException> consumerWithException) throws IdAuthenticationAppException, IOException {
        String kernelDecryptAndDecode = kernelDecryptAndDecode(CryptoUtil.encodeBase64(CryptoUtil.combineByteArray(bArr, bArr2, this.keySplitter)), str);
        if (consumerWithException != null) {
            consumerWithException.accept(kernelDecryptAndDecode);
        }
        return (Map) objectMapper.readValue(kernelDecryptAndDecode, Map.class);
    }

    public String kernelDecryptAndDecode(String str, String str2) throws IdAuthenticationAppException {
        return internalKernelDecryptAndDecode(str, str2, null, null, true);
    }

    public String kernelDecrypt(String str, String str2, String str3, String str4) throws IdAuthenticationAppException {
        return internalKernelDecryptAndDecode(str, str2, str3, str4, false);
    }

    private String internalKernelDecryptAndDecode(String str, String str2, String str3, String str4, boolean z) throws IdAuthenticationAppException {
        try {
            String encodeBase64 = CryptoUtil.encodeBase64(this.securityManager.decrypt(str, str2, str3, str4));
            return z ? new String(CryptoUtil.decodeBase64(encodeBase64), StandardCharsets.UTF_8) : encodeBase64;
        } catch (IdAuthenticationBusinessException e) {
            logger.error("sessionId", getClass().getSimpleName(), e.getErrorCode(), e.getErrorText());
            if (e.getErrorCode().contentEquals(IdAuthenticationErrorConstants.PUBLICKEY_EXPIRED.getErrorCode())) {
                throw new IdAuthenticationAppException(IdAuthenticationErrorConstants.PUBLICKEY_EXPIRED, e);
            }
            throw new IdAuthenticationAppException(IdAuthenticationErrorConstants.INVALID_ENCRYPTION, e);
        }
    }

    public String encryptData(Map<String, Object> map, ObjectMapper objectMapper) throws IdAuthenticationAppException {
        Map map2 = map.get("identity") instanceof Map ? (Map) map.get("identity") : null;
        if (!Objects.nonNull(map2)) {
            return null;
        }
        try {
            return CryptoUtil.encodeBase64(this.securityManager.encrypt(CryptoUtil.encodeBase64(toJsonString(map2, objectMapper).getBytes(StandardCharsets.UTF_8)), this.partnerId, null, null));
        } catch (IdAuthenticationBusinessException e) {
            logger.error("sessionId", getClass().getSimpleName(), e.getErrorCode(), e.getErrorText());
            if (e.getErrorCode().contentEquals(IdAuthenticationErrorConstants.PUBLICKEY_EXPIRED.getErrorCode())) {
                throw new IdAuthenticationAppException(IdAuthenticationErrorConstants.PUBLICKEY_EXPIRED, e);
            }
            throw new IdAuthenticationAppException(IdAuthenticationErrorConstants.FAILED_TO_ENCRYPT, e);
        }
    }

    private String toJsonString(Object obj, ObjectMapper objectMapper) throws IdAuthenticationAppException {
        try {
            return objectMapper.writerFor(Map.class).writeValueAsString(obj);
        } catch (JsonProcessingException e) {
            throw new IdAuthenticationAppException(IdAuthenticationErrorConstants.UNABLE_TO_PROCESS, e);
        }
    }

    public String signResponse(String str) throws IdAuthenticationAppException {
        return this.securityManager.sign(str);
    }
}
