package com.box.sdk;

import com.eclipsesource.json.JsonObject;
import java.io.IOException;
import java.io.StringReader;
import java.net.MalformedURLException;
import java.net.URL;
import java.security.PrivateKey;
import java.security.Security;
import java.text.ParseException;
import java.text.SimpleDateFormat;
import java.util.List;
import org.apache.http.cookie.ClientCookie;
import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.openssl.PEMEncryptedKeyPair;
import org.bouncycastle.openssl.PEMKeyPair;
import org.bouncycastle.openssl.PEMParser;
import org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter;
import org.bouncycastle.openssl.jcajce.JceOpenSSLPKCS8DecryptorProviderBuilder;
import org.bouncycastle.openssl.jcajce.JcePEMDecryptorProviderBuilder;
import org.bouncycastle.operator.OperatorCreationException;
import org.bouncycastle.pkcs.PKCS8EncryptedPrivateKeyInfo;
import org.bouncycastle.pkcs.PKCSException;
import org.jose4j.jwk.JsonWebKey;
import org.jose4j.jws.JsonWebSignature;
import org.jose4j.jwt.JwtClaims;
import org.jose4j.jwt.NumericDate;
import org.jose4j.lang.JoseException;

/* loaded from: input_file:com/box/sdk/BoxDeveloperEditionAPIConnection.class */
public class BoxDeveloperEditionAPIConnection extends BoxAPIConnection {
    private static final String JWT_AUDIENCE = "https://api.box.com/oauth2/token";
    private static final String JWT_GRANT_TYPE = "grant_type=urn:ietf:params:oauth:grant-type:jwt-bearer&client_id=%s&client_secret=%s&assertion=%s";
    private final String entityID;
    private final DeveloperEditionEntityType entityType;
    private final EncryptionAlgorithm encryptionAlgorithm;
    private final String publicKeyID;
    private final String privateKey;
    private final String privateKeyPassword;
    private IAccessTokenCache accessTokenCache;
    static final /* synthetic */ boolean $assertionsDisabled;

    private BoxDeveloperEditionAPIConnection(String str) {
        super(str);
        throw new BoxAPIException("This constructor is not available for BoxDeveloperEditionAPIConnection.");
    }

    private BoxDeveloperEditionAPIConnection(String str, String str2, String str3, String str4) {
        super(str3);
        throw new BoxAPIException("This constructor is not available for BoxDeveloperEditionAPIConnection.");
    }

    private BoxDeveloperEditionAPIConnection(String str, String str2, String str3) {
        super(str, str2, str3);
        throw new BoxAPIException("This constructor is not available for BoxDeveloperEditionAPIConnection.");
    }

    private BoxDeveloperEditionAPIConnection(String str, String str2) {
        super(str, str2);
        throw new BoxAPIException("This constructor is not available for BoxDeveloperEditionAPIConnection.");
    }

    @Deprecated
    public BoxDeveloperEditionAPIConnection(String str, DeveloperEditionEntityType developerEditionEntityType, String str2, String str3, JWTEncryptionPreferences jWTEncryptionPreferences) {
        this(str, developerEditionEntityType, str2, str3, jWTEncryptionPreferences, null);
    }

    public BoxDeveloperEditionAPIConnection(String str, DeveloperEditionEntityType developerEditionEntityType, String str2, String str3, JWTEncryptionPreferences jWTEncryptionPreferences, IAccessTokenCache iAccessTokenCache) {
        super(str2, str3);
        this.entityID = str;
        this.entityType = developerEditionEntityType;
        this.publicKeyID = jWTEncryptionPreferences.getPublicKeyID();
        this.privateKey = jWTEncryptionPreferences.getPrivateKey();
        this.privateKeyPassword = jWTEncryptionPreferences.getPrivateKeyPassword();
        this.encryptionAlgorithm = jWTEncryptionPreferences.getEncryptionAlgorithm();
        this.accessTokenCache = iAccessTokenCache;
    }

    public BoxDeveloperEditionAPIConnection(String str, DeveloperEditionEntityType developerEditionEntityType, BoxConfig boxConfig, IAccessTokenCache iAccessTokenCache) {
        this(str, developerEditionEntityType, boxConfig.getClientId(), boxConfig.getClientSecret(), boxConfig.getJWTEncryptionPreferences(), iAccessTokenCache);
    }

    @Deprecated
    public static BoxDeveloperEditionAPIConnection getAppEnterpriseConnection(String str, String str2, String str3, JWTEncryptionPreferences jWTEncryptionPreferences) {
        BoxDeveloperEditionAPIConnection boxDeveloperEditionAPIConnection = new BoxDeveloperEditionAPIConnection(str, DeveloperEditionEntityType.ENTERPRISE, str2, str3, jWTEncryptionPreferences);
        boxDeveloperEditionAPIConnection.authenticate();
        return boxDeveloperEditionAPIConnection;
    }

    public static BoxDeveloperEditionAPIConnection getAppEnterpriseConnection(String str, String str2, String str3, JWTEncryptionPreferences jWTEncryptionPreferences, IAccessTokenCache iAccessTokenCache) {
        BoxDeveloperEditionAPIConnection boxDeveloperEditionAPIConnection = new BoxDeveloperEditionAPIConnection(str, DeveloperEditionEntityType.ENTERPRISE, str2, str3, jWTEncryptionPreferences, iAccessTokenCache);
        boxDeveloperEditionAPIConnection.tryRestoreUsingAccessTokenCache();
        return boxDeveloperEditionAPIConnection;
    }

    public static BoxDeveloperEditionAPIConnection getAppEnterpriseConnection(BoxConfig boxConfig) {
        return getAppEnterpriseConnection(boxConfig.getEnterpriseId(), boxConfig.getClientId(), boxConfig.getClientSecret(), boxConfig.getJWTEncryptionPreferences());
    }

    public static BoxDeveloperEditionAPIConnection getAppEnterpriseConnection(BoxConfig boxConfig, IAccessTokenCache iAccessTokenCache) {
        return getAppEnterpriseConnection(boxConfig.getEnterpriseId(), boxConfig.getClientId(), boxConfig.getClientSecret(), boxConfig.getJWTEncryptionPreferences(), iAccessTokenCache);
    }

    @Deprecated
    public static BoxDeveloperEditionAPIConnection getAppUserConnection(String str, String str2, String str3, JWTEncryptionPreferences jWTEncryptionPreferences) {
        BoxDeveloperEditionAPIConnection boxDeveloperEditionAPIConnection = new BoxDeveloperEditionAPIConnection(str, DeveloperEditionEntityType.USER, str2, str3, jWTEncryptionPreferences);
        boxDeveloperEditionAPIConnection.authenticate();
        return boxDeveloperEditionAPIConnection;
    }

    public static BoxDeveloperEditionAPIConnection getAppUserConnection(String str, String str2, String str3, JWTEncryptionPreferences jWTEncryptionPreferences, IAccessTokenCache iAccessTokenCache) {
        BoxDeveloperEditionAPIConnection boxDeveloperEditionAPIConnection = new BoxDeveloperEditionAPIConnection(str, DeveloperEditionEntityType.USER, str2, str3, jWTEncryptionPreferences, iAccessTokenCache);
        boxDeveloperEditionAPIConnection.tryRestoreUsingAccessTokenCache();
        return boxDeveloperEditionAPIConnection;
    }

    public static BoxDeveloperEditionAPIConnection getAppUserConnection(String str, BoxConfig boxConfig) {
        return getAppUserConnection(str, boxConfig.getClientId(), boxConfig.getClientSecret(), boxConfig.getJWTEncryptionPreferences());
    }

    public static BoxDeveloperEditionAPIConnection getAppUserConnection(String str, BoxConfig boxConfig, IAccessTokenCache iAccessTokenCache) {
        return getAppUserConnection(str, boxConfig.getClientId(), boxConfig.getClientSecret(), boxConfig.getJWTEncryptionPreferences(), iAccessTokenCache);
    }

    @Override // com.box.sdk.BoxAPIConnection
    public void authenticate(String str) {
        throw new BoxAPIException("BoxDeveloperEditionAPIConnection does not allow authenticating with an auth code.");
    }

    public void authenticate() {
        NumericDate now;
        String json;
        try {
            URL url = new URL(getTokenURL());
            String format = String.format(JWT_GRANT_TYPE, getClientID(), getClientSecret(), constructJWTAssertion());
            BoxAPIRequest boxAPIRequest = new BoxAPIRequest(this, url, "POST");
            boxAPIRequest.shouldAuthenticate(false);
            boxAPIRequest.setBody(format);
            try {
                json = ((BoxJSONResponse) boxAPIRequest.send()).getJSON();
            } catch (BoxAPIException e) {
                List<String> list = e.getHeaders().get("Date");
                if (list != null) {
                    try {
                        now = NumericDate.fromMilliseconds(new SimpleDateFormat("EEE, d MMM yyyy HH:mm:ss zzz").parse(list.get(0)).getTime());
                    } catch (ParseException e2) {
                        now = NumericDate.now();
                    }
                } else {
                    now = NumericDate.now();
                }
                String format2 = String.format(JWT_GRANT_TYPE, getClientID(), getClientSecret(), constructJWTAssertion(now));
                BoxAPIRequest boxAPIRequest2 = new BoxAPIRequest(this, url, "POST");
                boxAPIRequest2.shouldAuthenticate(false);
                boxAPIRequest2.setBody(format2);
                json = ((BoxJSONResponse) boxAPIRequest2.send()).getJSON();
            }
            JsonObject readFrom = JsonObject.readFrom(json);
            setAccessToken(readFrom.get("access_token").asString());
            setLastRefresh(System.currentTimeMillis());
            setExpires(readFrom.get("expires_in").asLong() * 1000);
            if (this.accessTokenCache != null) {
                this.accessTokenCache.put(getAccessTokenCacheKey(), new JsonObject().add("accessToken", getAccessToken()).add("lastRefresh", getLastRefresh()).add(ClientCookie.EXPIRES_ATTR, getExpires()).toString());
            }
        } catch (MalformedURLException e3) {
            if (!$assertionsDisabled) {
                throw new AssertionError("An invalid token URL indicates a bug in the SDK.");
            }
            throw new RuntimeException("An invalid token URL indicates a bug in the SDK.", e3);
        }
    }

    @Override // com.box.sdk.BoxAPIConnection
    public boolean canRefresh() {
        return true;
    }

    @Override // com.box.sdk.BoxAPIConnection
    public void refresh() {
        getRefreshLock().writeLock().lock();
        try {
            authenticate();
            notifyRefresh();
            getRefreshLock().writeLock().unlock();
        } catch (BoxAPIException e) {
            notifyError(e);
            getRefreshLock().writeLock().unlock();
            throw e;
        }
    }

    private String getAccessTokenCacheKey() {
        return String.format("/%s/%s/%s/%s", getUserAgent(), getClientID(), this.entityType.toString(), this.entityID);
    }

    private void tryRestoreUsingAccessTokenCache() {
        if (this.accessTokenCache == null) {
            authenticate();
            return;
        }
        String str = this.accessTokenCache.get(getAccessTokenCacheKey());
        if (str == null) {
            authenticate();
            return;
        }
        JsonObject readFrom = JsonObject.readFrom(str);
        setAccessToken(readFrom.get("accessToken").asString());
        setLastRefresh(readFrom.get("lastRefresh").asLong());
        setExpires(readFrom.get(ClientCookie.EXPIRES_ATTR).asLong());
    }

    private String constructJWTAssertion() {
        return constructJWTAssertion(null);
    }

    private String constructJWTAssertion(NumericDate numericDate) {
        JwtClaims jwtClaims = new JwtClaims();
        jwtClaims.setIssuer(getClientID());
        jwtClaims.setAudience(JWT_AUDIENCE);
        if (numericDate == null) {
            jwtClaims.setExpirationTimeMinutesInTheFuture(0.5f);
        } else {
            numericDate.addSeconds(30L);
            jwtClaims.setExpirationTime(numericDate);
        }
        jwtClaims.setSubject(this.entityID);
        jwtClaims.setClaim("box_sub_type", this.entityType.toString());
        jwtClaims.setGeneratedJwtId(64);
        JsonWebSignature jsonWebSignature = new JsonWebSignature();
        jsonWebSignature.setPayload(jwtClaims.toJson());
        jsonWebSignature.setKey(decryptPrivateKey());
        jsonWebSignature.setAlgorithmHeaderValue(getAlgorithmIdentifier());
        jsonWebSignature.setHeader("typ", "JWT");
        if (this.publicKeyID != null && !this.publicKeyID.isEmpty()) {
            jsonWebSignature.setHeader(JsonWebKey.KEY_ID_PARAMETER, this.publicKeyID);
        }
        try {
            return jsonWebSignature.getCompactSerialization();
        } catch (JoseException e) {
            throw new BoxAPIException("Error serializing JSON Web Token assertion.", e);
        }
    }

    private String getAlgorithmIdentifier() {
        String str = "RS256";
        switch (this.encryptionAlgorithm) {
            case RSA_SHA_384:
                str = "RS384";
                break;
            case RSA_SHA_512:
                str = "RS512";
                break;
        }
        return str;
    }

    private PrivateKey decryptPrivateKey() {
        PrivateKey privateKey;
        try {
            PEMParser pEMParser = new PEMParser(new StringReader(this.privateKey));
            Object readObject = pEMParser.readObject();
            pEMParser.close();
            if (readObject instanceof PrivateKeyInfo) {
                privateKey = new JcaPEMKeyConverter().getPrivateKey((PrivateKeyInfo) readObject);
            } else if (readObject instanceof PEMEncryptedKeyPair) {
                privateKey = new JcaPEMKeyConverter().getPrivateKey(((PEMEncryptedKeyPair) readObject).decryptKeyPair(new JcePEMDecryptorProviderBuilder().build(this.privateKeyPassword.toCharArray())).getPrivateKeyInfo());
            } else if (readObject instanceof PKCS8EncryptedPrivateKeyInfo) {
                privateKey = new JcaPEMKeyConverter().getPrivateKey(((PKCS8EncryptedPrivateKeyInfo) readObject).decryptPrivateKeyInfo(new JceOpenSSLPKCS8DecryptorProviderBuilder().setProvider("BC").build(this.privateKeyPassword.toCharArray())));
            } else {
                privateKey = new JcaPEMKeyConverter().getPrivateKey(((PEMKeyPair) readObject).getPrivateKeyInfo());
            }
            return privateKey;
        } catch (IOException e) {
            throw new BoxAPIException("Error parsing private key for Box Developer Edition.", e);
        } catch (OperatorCreationException e2) {
            throw new BoxAPIException("Error parsing PKCS#8 private key for Box Developer Edition.", e2);
        } catch (PKCSException e3) {
            throw new BoxAPIException("Error parsing PKCS private key for Box Developer Edition.", e3);
        }
    }

    static {
        $assertionsDisabled = !BoxDeveloperEditionAPIConnection.class.desiredAssertionStatus();
        Security.addProvider(new BouncyCastleProvider());
    }
}
