package com.zollsoft.eRezeptServices;

import com.google.gson.JsonObject;
import com.google.gson.JsonParser;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.net.URISyntaxException;
import java.net.URLDecoder;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.Security;
import java.security.cert.CertificateException;
import java.util.ArrayList;
import java.util.Base64;
import java.util.LinkedHashMap;
import javax.crypto.BadPaddingException;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import org.apache.http.Consts;
import org.apache.http.Header;
import org.apache.http.HttpEntity;
import org.apache.http.ParseException;
import org.apache.http.client.entity.UrlEncodedFormEntity;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.entity.mime.MultipartEntityBuilder;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.message.BasicNameValuePair;
import org.apache.http.util.EntityUtils;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.jose4j.jwe.ContentEncryptionAlgorithmIdentifiers;
import org.jose4j.jwe.JsonWebEncryption;
import org.jose4j.jwe.KeyManagementAlgorithmIdentifiers;
import org.jose4j.jwk.JsonWebKey;
import org.jose4j.jwt.ReservedClaimNames;
import org.jose4j.jwx.HeaderParameterNames;
import org.jose4j.lang.JoseException;
import org.jose4j.lang.StringUtil;

/* loaded from: input_file:com/zollsoft/eRezeptServices/ERezeptTIAuthentifizierungExt.class */
public class ERezeptTIAuthentifizierungExt {
    private static final CloseableHttpClient httpClient = HttpClients.createDefault();

    public static String authenticate(String str, String str2, String str3, String str4, String str5, String str6, String str7, String str8) throws URISyntaxException, InvalidKeyException, NoSuchAlgorithmException, InvalidAlgorithmParameterException, IllegalBlockSizeException, BadPaddingException, NoSuchPaddingException, ParseException, IOException, CertificateException, JoseException {
        JsonWebKey jsonWebKey = get_puk_idp_enc(str8);
        HttpPost encryptSignedChallengeTokenIntoHttpPost = encryptSignedChallengeTokenIntoHttpPost(str4, jsonWebKey, str5, str6);
        System.out.println("Schritt 7 verschlüsselte Challenge Response zusammen mit dem verschlüsselten Challenge Token mittels Multiparts HTTP Post verschicken im Austausch für ein Authorisation-Code");
        String sendChallengeResponseForAuthorizationCode = sendChallengeResponseForAuthorizationCode(encryptSignedChallengeTokenIntoHttpPost);
        System.out.println("Schritt 8 Token ID und CodeChallange verschlüsset zurückschicken");
        return sendCodeChallangeForAccessToken(encryptCodeChallangeIntoHttpPost(str2, jsonWebKey, sendChallengeResponseForAuthorizationCode, str7, str));
    }

    private static HttpPost encryptSignedChallengeTokenIntoHttpPost(String str, JsonWebKey jsonWebKey, String str2, String str3) throws InvalidKeyException, NoSuchAlgorithmException, InvalidAlgorithmParameterException, IllegalBlockSizeException, BadPaddingException, NoSuchPaddingException, UnsupportedEncodingException {
        JsonWebEncryption jsonWebEncryption = new JsonWebEncryption();
        jsonWebEncryption.setPayload("{\"njwt\":\"" + str + "\"}");
        jsonWebEncryption.setAlgorithmHeaderValue(KeyManagementAlgorithmIdentifiers.ECDH_ES);
        jsonWebEncryption.setEncryptionMethodHeaderParameter(ContentEncryptionAlgorithmIdentifiers.AES_256_GCM);
        jsonWebEncryption.setKey(jsonWebKey.getKey());
        jsonWebEncryption.setHeader(HeaderParameterNames.CONTENT_TYPE, "NJWT");
        try {
            jsonWebEncryption.getHeaders().setObjectHeaderValue(ReservedClaimNames.EXPIRATION_TIME, Long.valueOf(new JsonParser().parse(new String(Base64.getDecoder().decode(str2.split("\\.")[1]))).getAsJsonObject().get(ReservedClaimNames.EXPIRATION_TIME).getAsLong()));
            String str4 = "";
            try {
                str4 = jsonWebEncryption.getCompactSerialization();
            } catch (JoseException e) {
                e.printStackTrace();
            }
            System.out.println("FINAL signedEncryptedChallange: " + str4);
            HttpEntity build = MultipartEntityBuilder.create().addBinaryBody("signed_challenge", str4.getBytes()).build();
            HttpPost httpPost = new HttpPost(str3);
            httpPost.setEntity(build);
            return httpPost;
        } catch (Exception e2) {
            e2.printStackTrace();
            return null;
        }
    }

    private static String sendChallengeResponseForAuthorizationCode(HttpPost httpPost) throws ParseException, IOException {
        httpPost.getEntity().writeTo(new ByteArrayOutputStream());
        try {
            Header[] headers = httpClient.execute(httpPost).getHeaders("Location");
            String str = headers.length == 1 ? headers[0].getValue().split("\\?")[1] : "";
            LinkedHashMap linkedHashMap = new LinkedHashMap();
            for (String str2 : str.split("&")) {
                int indexOf = str2.indexOf("=");
                linkedHashMap.put(URLDecoder.decode(str2.substring(0, indexOf), StringUtil.UTF_8), URLDecoder.decode(str2.substring(indexOf + 1), StringUtil.UTF_8));
            }
            return (String) linkedHashMap.get("code");
        } catch (IOException e) {
            e.printStackTrace();
            return null;
        }
    }

    private static JsonWebKey get_puk_idp_enc(String str) {
        HttpGet httpGet = new HttpGet(str);
        httpGet.addHeader("User-Agent", " <Hersteller-ID>\n<Produktkürzel>/<Produktversion>");
        try {
            CloseableHttpResponse execute = httpClient.execute(httpGet);
            Throwable th = null;
            try {
                try {
                    HttpEntity entity = execute.getEntity();
                    if (entity == null) {
                        if (execute != null) {
                            if (0 != 0) {
                                try {
                                    execute.close();
                                } catch (Throwable th2) {
                                    th.addSuppressed(th2);
                                }
                            } else {
                                execute.close();
                            }
                        }
                        return null;
                    }
                    String entityUtils = EntityUtils.toString(entity);
                    Security.addProvider(new BouncyCastleProvider());
                    JsonWebKey newJwk = JsonWebKey.Factory.newJwk(entityUtils);
                    if (execute != null) {
                        if (0 != 0) {
                            try {
                                execute.close();
                            } catch (Throwable th3) {
                                th.addSuppressed(th3);
                            }
                        } else {
                            execute.close();
                        }
                    }
                    return newJwk;
                } catch (Throwable th4) {
                    th = th4;
                    throw th4;
                }
            } finally {
            }
        } catch (IOException | JoseException e) {
            e.printStackTrace();
            return null;
        }
    }

    private static HttpPost encryptCodeChallangeIntoHttpPost(String str, JsonWebKey jsonWebKey, String str2, String str3, String str4) {
        JsonWebEncryption jsonWebEncryption = new JsonWebEncryption();
        JsonObject jsonObject = new JsonObject();
        jsonObject.addProperty("token_key", str4);
        jsonObject.addProperty("code_verifier", str);
        jsonWebEncryption.setPayload(jsonObject.toString());
        jsonWebEncryption.setAlgorithmHeaderValue(KeyManagementAlgorithmIdentifiers.ECDH_ES);
        jsonWebEncryption.setEncryptionMethodHeaderParameter(ContentEncryptionAlgorithmIdentifiers.AES_256_GCM);
        jsonWebEncryption.setKey(jsonWebKey.getKey());
        jsonWebEncryption.setHeader(HeaderParameterNames.CONTENT_TYPE, "JSON");
        String str5 = "";
        try {
            str5 = jsonWebEncryption.getCompactSerialization();
        } catch (JoseException e) {
            e.printStackTrace();
        }
        HttpPost httpPost = new HttpPost(str3);
        ArrayList arrayList = new ArrayList();
        arrayList.add(new BasicNameValuePair("key_verifier", str5));
        arrayList.add(new BasicNameValuePair("code", str2));
        arrayList.add(new BasicNameValuePair("grant_type", "authorization_code"));
        arrayList.add(new BasicNameValuePair("redirect_uri", "http://test-ps.gematik.de/erezept"));
        arrayList.add(new BasicNameValuePair("client_id", "gematikTestPs"));
        httpPost.setEntity(new UrlEncodedFormEntity(arrayList, Consts.UTF_8));
        httpPost.addHeader("Accept", "application/json");
        httpPost.addHeader("User-Agent", "Tomedo/1.103");
        return httpPost;
    }

    private static String sendCodeChallangeForAccessToken(HttpPost httpPost) throws IOException {
        httpPost.getEntity().writeTo(new ByteArrayOutputStream());
        System.out.println(httpPost.toString());
        for (Header header : httpPost.getAllHeaders()) {
            System.out.println("Header " + header.getName() + ", value: " + header.getValue());
        }
        try {
            return new JsonParser().parse(EntityUtils.toString(httpClient.execute(httpPost).getEntity())).getAsJsonObject().get("access_token").getAsString();
        } catch (IOException e) {
            e.printStackTrace();
            return "";
        }
    }

    public static void main(String[] strArr) throws Exception {
        System.out.println(authenticate(strArr[0], strArr[1], strArr[2], strArr[3], strArr[4], strArr[5], strArr[6], strArr[7]));
    }
}
