package com.predic8.membrane.core.interceptor.oauth2client.rf;

import com.predic8.membrane.core.interceptor.session.Session;
import com.predic8.membrane.core.interceptor.session.SessionManager;
import java.nio.charset.StandardCharsets;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.util.Base64;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/predic8/membrane/core/interceptor/oauth2client/rf/PKCEVerifier.class */
public class PKCEVerifier {
    public static final String SESSION_PARAMETER_VERIFIER = "verifier";
    private static final String VERIFIER_CHARACTERS = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789-._~";
    final String verifier = generateNewVerifier();
    private static final Logger log = LoggerFactory.getLogger(PKCEVerifier.class);
    private static final SecureRandom secureRandom = new SecureRandom();

    public String getId() {
        return this.verifier.substring(0, 4);
    }

    public static String getVerifier(StateManager stateManager, Session session) {
        String str = (String) session.get(SESSION_PARAMETER_VERIFIER);
        if (str == null) {
            log.warn("No verifier found in session.");
            return null;
        }
        for (String str2 : str.split(SessionManager.SESSION_VALUE_SEPARATOR)) {
            if (stateManager.getVerifierId().isPresent() && str2.startsWith(stateManager.getVerifierId().get())) {
                return str2;
            }
        }
        log.warn("No verifier found in session ({}) with id {}.", str, stateManager.getVerifierId().orElse(null));
        return null;
    }

    private static String computeChallenge(String str) {
        try {
            MessageDigest messageDigest = MessageDigest.getInstance("SHA256");
            messageDigest.update(str.getBytes(StandardCharsets.US_ASCII));
            return Base64.getUrlEncoder().withoutPadding().encodeToString(messageDigest.digest());
        } catch (NoSuchAlgorithmException e) {
            throw new RuntimeException(e);
        }
    }

    private static String generateNewVerifier() {
        StringBuilder sb = new StringBuilder();
        for (int i = 0; i < 80; i++) {
            sb.append(VERIFIER_CHARACTERS.charAt(secureRandom.nextInt(VERIFIER_CHARACTERS.length())));
        }
        return sb.toString();
    }

    public void saveToSession(Session session) {
        String str = this.verifier;
        if (session.get().containsKey(SESSION_PARAMETER_VERIFIER)) {
            str = String.valueOf(session.get(SESSION_PARAMETER_VERIFIER)) + "," + str;
        }
        session.put(SESSION_PARAMETER_VERIFIER, str);
    }

    public String getUrlParams() {
        return "&code_challenge=" + computeChallenge(this.verifier) + "&code_challenge_method=S256";
    }
}
