package pro.gravit.launchserver.socket.response.auth;

import io.netty.channel.ChannelHandlerContext;
import java.security.SecureRandom;
import java.util.Random;
import java.util.UUID;
import javax.crypto.BadPaddingException;
import javax.crypto.IllegalBlockSizeException;
import pro.gravit.launcher.events.request.AuthRequestEvent;
import pro.gravit.launcher.hwid.HWID;
import pro.gravit.launcher.profiles.ClientProfile;
import pro.gravit.launcher.request.auth.AuthRequest;
import pro.gravit.launcher.request.auth.password.AuthPlainPassword;
import pro.gravit.launcher.request.auth.password.AuthRSAPassword;
import pro.gravit.launchserver.auth.AuthException;
import pro.gravit.launchserver.auth.AuthProviderPair;
import pro.gravit.launchserver.auth.hwid.HWIDException;
import pro.gravit.launchserver.auth.provider.AuthProvider;
import pro.gravit.launchserver.auth.provider.AuthProviderResult;
import pro.gravit.launchserver.socket.Client;
import pro.gravit.launchserver.socket.response.SimpleResponse;
import pro.gravit.launchserver.socket.response.profile.ProfileByUUIDResponse;
import pro.gravit.utils.HookException;
import pro.gravit.utils.helper.IOHelper;
import pro.gravit.utils.helper.LogHelper;
import pro.gravit.utils.helper.SecurityHelper;
import pro.gravit.utils.helper.VerifyHelper;

/* loaded from: input_file:pro/gravit/launchserver/socket/response/auth/AuthResponse.class */
public class AuthResponse extends SimpleResponse {
    public static transient Random random = new SecureRandom();
    public String login;
    public String client;
    public String customText;
    public boolean getSession;
    public AuthRequest.AuthPasswordInterface password;
    public String auth_id;
    public ConnectTypes authType;
    public HWID hwid;

    /* loaded from: input_file:pro/gravit/launchserver/socket/response/auth/AuthResponse$AuthContext.class */
    public static class AuthContext {
        public String login;

        @Deprecated
        public int password_length;
        public String profileName;
        public HWID hwid;
        public String customText;
        public String ip;
        public ConnectTypes authType;
        public Client client;

        public AuthContext(Client client, String str, String str2, String str3, HWID hwid, String str4, ConnectTypes connectTypes) {
            this.client = client;
            this.login = str;
            this.customText = str2;
            this.profileName = str3;
            this.hwid = hwid;
            this.ip = str4;
            this.authType = connectTypes;
        }
    }

    /* loaded from: input_file:pro/gravit/launchserver/socket/response/auth/AuthResponse$ConnectTypes.class */
    public enum ConnectTypes {
        SERVER,
        CLIENT,
        API
    }

    @Override // pro.gravit.launchserver.socket.response.WebSocketServerResponse
    public String getType() {
        return "auth";
    }

    @Override // pro.gravit.launchserver.socket.response.WebSocketServerResponse
    public void execute(ChannelHandlerContext channelHandlerContext, Client client) throws Exception {
        try {
            AuthRequestEvent authRequestEvent = new AuthRequestEvent();
            if ((this.authType == null || this.authType == ConnectTypes.CLIENT) && (client == null || !client.checkSign)) {
                AuthProvider.authError("Don't skip Launcher Update");
                return;
            }
            if (this.password instanceof AuthRSAPassword) {
                try {
                    this.password = new AuthPlainPassword(IOHelper.decode(SecurityHelper.newRSADecryptCipher(this.server.privateKey).doFinal(this.password.password)));
                } catch (BadPaddingException | IllegalBlockSizeException e) {
                    throw new AuthException("Password decryption error");
                }
            }
            AuthProviderPair authProviderPair = this.auth_id.isEmpty() ? this.server.config.getAuthProviderPair() : this.server.config.getAuthProviderPair(this.auth_id);
            AuthContext authContext = new AuthContext(client, this.login, this.customText, this.client, this.hwid, this.ip, this.authType);
            AuthProvider authProvider = authProviderPair.provider;
            this.server.authHookManager.preHook.hook(authContext, client);
            authProvider.preAuth(this.login, this.password, this.customText, this.ip);
            AuthProviderResult auth = authProvider.auth(this.login, this.password, this.ip);
            if (!VerifyHelper.isValidUsername(auth.username)) {
                AuthProvider.authError(String.format("Illegal result: '%s'", auth.username));
                return;
            }
            for (ClientProfile clientProfile : this.server.getProfiles()) {
                if (clientProfile.getTitle().equals(this.client)) {
                    if (!clientProfile.isWhitelistContains(this.login)) {
                        throw new AuthException(this.server.config.whitelistRejectString);
                    }
                    client.profile = clientProfile;
                }
            }
            if (this.authType == ConnectTypes.CLIENT) {
                this.server.config.hwidHandler.check(this.hwid, auth.username);
            }
            this.server.authHookManager.postHook.hook(authContext, client);
            client.isAuth = true;
            client.permissions = auth.permissions;
            client.auth_id = this.auth_id;
            client.updateAuth(this.server);
            if (authRequestEvent.playerProfile != null) {
                client.username = authRequestEvent.playerProfile.username;
            } else {
                client.username = this.login;
            }
            authRequestEvent.accessToken = auth.accessToken;
            authRequestEvent.permissions = client.permissions;
            if (this.authType == ConnectTypes.SERVER && !client.permissions.canServer) {
                AuthProvider.authError("authType: SERVER not allowed for this account");
                return;
            }
            if (this.getSession) {
                if (client.session == 0) {
                    client.session = random.nextLong();
                    this.server.sessionManager.addClient(client);
                }
                authRequestEvent.session = client.session;
            }
            if (this.authType != ConnectTypes.API && this.server.config.protectHandler.allowGetAccessToken(authContext)) {
                UUID auth2 = authProviderPair.handler.auth(auth);
                authRequestEvent.playerProfile = ProfileByUUIDResponse.getProfile(auth2, auth.username, this.client, client.auth.textureProvider);
                if (LogHelper.isDebugEnabled()) {
                    LogHelper.debug("Auth: %s accessToken %s uuid: %s", new Object[]{this.login, authRequestEvent.accessToken, auth2.toString()});
                }
            }
            sendResult(authRequestEvent);
        } catch (AuthException | HWIDException | HookException e2) {
            sendError(e2.getMessage());
        }
    }
}
