package com.fluidbpm.ws.client.v1.user;

import com.fluidbpm.program.api.util.UtilGlobal;
import com.fluidbpm.program.api.vo.ws.WS;
import com.fluidbpm.program.api.vo.ws.auth.AppRequestToken;
import com.fluidbpm.program.api.vo.ws.auth.AuthEncryptedData;
import com.fluidbpm.program.api.vo.ws.auth.AuthRequest;
import com.fluidbpm.program.api.vo.ws.auth.AuthResponse;
import com.fluidbpm.ws.client.FluidClientException;
import com.fluidbpm.ws.client.v1.ABaseClientWS;
import java.util.Arrays;
import java.util.concurrent.TimeUnit;
import org.json.JSONException;
import org.json.JSONObject;

/* loaded from: input_file:com/fluidbpm/ws/client/v1/user/LoginClient.class */
public class LoginClient extends ABaseClientWS {
    public LoginClient(String str) {
        super(str);
    }

    public AppRequestToken login(String str, String str2) {
        return login(str, str2, Long.valueOf(TimeUnit.HOURS.toSeconds(9L)));
    }

    public AppRequestToken login(String str, String str2, Long l) {
        if (isEmpty(str) || isEmpty(str2)) {
            throw new FluidClientException("Username and Password required.", FluidClientException.ErrorCode.FIELD_VALIDATE);
        }
        AuthRequest authRequest = new AuthRequest();
        authRequest.setUsername(str);
        authRequest.setLifetime(l);
        try {
            AuthResponse authResponse = new AuthResponse(postJson(true, authRequest, WS.Path.User.Version1.userInitSession()));
            AuthEncryptedData initializeSession = initializeSession(str2, authResponse);
            AppRequestToken issueAppRequestToken = issueAppRequestToken(authResponse.getServiceTicketBase64(), str, initializeSession);
            issueAppRequestToken.setRoleString(initializeSession.getRoleListing());
            issueAppRequestToken.setSalt(authResponse.getSalt());
            return issueAppRequestToken;
        } catch (JSONException e) {
            throw new FluidClientException(e.getMessage(), e, FluidClientException.ErrorCode.JSON_PARSING);
        }
    }

    private AuthEncryptedData initializeSession(String str, AuthResponse authResponse) {
        byte[] decodeBase64 = UtilGlobal.decodeBase64(authResponse.getIvBase64());
        byte[] decodeBase642 = UtilGlobal.decodeBase64(authResponse.getSeedBase64());
        byte[] decodeBase643 = UtilGlobal.decodeBase64(authResponse.getEncryptedDataBase64());
        if (!Arrays.equals(UtilGlobal.decodeBase64(authResponse.getEncryptedDataHmacBase64()), AES256Local.generateLocalHMAC(decodeBase643, str, authResponse.getSalt(), decodeBase642))) {
            throw new FluidClientException("Login attempt failure.", FluidClientException.ErrorCode.LOGIN_FAILURE);
        }
        try {
            return new AuthEncryptedData(new JSONObject(new String(AES256Local.decryptInitPacket(decodeBase643, str, authResponse.getSalt(), decodeBase64, decodeBase642))));
        } catch (JSONException e) {
            throw new FluidClientException(e.getMessage(), FluidClientException.ErrorCode.JSON_PARSING);
        }
    }

    private AppRequestToken issueAppRequestToken(String str, String str2, AuthEncryptedData authEncryptedData) {
        byte[] generateRandom = AES256Local.generateRandom(16);
        byte[] generateRandom2 = AES256Local.generateRandom(32);
        byte[] decodeBase64 = UtilGlobal.decodeBase64(authEncryptedData.getSessionKeyBase64());
        byte[] encrypt = AES256Local.encrypt(decodeBase64, str2.getBytes(), generateRandom);
        byte[] generateLocalHMACForReqToken = AES256Local.generateLocalHMACForReqToken(encrypt, decodeBase64, generateRandom2);
        AppRequestToken appRequestToken = new AppRequestToken();
        appRequestToken.setEncryptedDataBase64(UtilGlobal.encodeBase64(encrypt));
        appRequestToken.setEncryptedDataHmacBase64(UtilGlobal.encodeBase64(generateLocalHMACForReqToken));
        appRequestToken.setIvBase64(UtilGlobal.encodeBase64(generateRandom));
        appRequestToken.setSeedBase64(UtilGlobal.encodeBase64(generateRandom2));
        appRequestToken.setServiceTicket(str);
        try {
            return new AppRequestToken(postJson(appRequestToken, WS.Path.User.Version1.userIssueToken()));
        } catch (JSONException e) {
            throw new FluidClientException(e.getMessage(), e, FluidClientException.ErrorCode.JSON_PARSING);
        }
    }
}
