package com.xfinity.cloudtvr.authentication.xacsa.authentication;

import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.google.common.io.BaseEncoding;
import com.xfinity.cloudtvr.authentication.AdobeDrmLicenseClient;
import com.xfinity.cloudtvr.authentication.AuthChallengeClient;
import com.xfinity.cloudtvr.authentication.AuthChallengeResponse;
import com.xfinity.cloudtvr.authentication.AuthMetadata;
import com.xfinity.cloudtvr.authentication.ChallengeToken;
import com.xfinity.cloudtvr.authentication.ConcatKeyDerivationFunction;
import com.xfinity.cloudtvr.authentication.SamlToken;
import com.xfinity.cloudtvr.authentication.diffiehellman.DHKeyPair;
import com.xfinity.cloudtvr.authentication.diffiehellman.DHKeyPairFactory;
import io.jsonwebtoken.Claims;
import io.jsonwebtoken.JwtParser;
import io.jsonwebtoken.Jwts;
import java.io.UnsupportedEncodingException;
import java.util.Locale;
import kotlin.jvm.internal.IntCompanionObject;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: classes.dex */
public class XacsaAuthenticationClient {
    private static final Logger LOG = LoggerFactory.getLogger(XacsaAuthenticationClient.class);
    private final AdobeDrmLicenseClient adobeDrmLicenseClient;
    private final AuthChallengeClient authChallengeClient;
    private final ClientAuthenticationResponseTokenFactory cartFactory;
    private final ConcatKeyDerivationFunction kdf = new ConcatKeyDerivationFunction();
    private final DHKeyPairFactory keyPairFactory;
    private final ClientAuthenticationMessageFactory messageFactory;
    private final ObjectMapper objectMapper;

    public XacsaAuthenticationClient(AdobeDrmLicenseClient adobeDrmLicenseClient, ClientAuthenticationResponseTokenFactory clientAuthenticationResponseTokenFactory, ObjectMapper objectMapper, AuthChallengeClient authChallengeClient, DHKeyPairFactory dHKeyPairFactory, ClientAuthenticationMessageFactory clientAuthenticationMessageFactory) {
        this.adobeDrmLicenseClient = adobeDrmLicenseClient;
        this.cartFactory = clientAuthenticationResponseTokenFactory;
        this.objectMapper = objectMapper;
        this.authChallengeClient = authChallengeClient;
        this.keyPairFactory = dHKeyPairFactory;
        this.messageFactory = clientAuthenticationMessageFactory;
    }

    private XacsaClientAuthenticationResult executeRequest(SamlToken samlToken, AmtToken amtToken, String str) {
        DHKeyPair createDHKeyPair = this.keyPairFactory.createDHKeyPair();
        AuthChallengeResponse authChallengeResponse = this.authChallengeClient.getAuthChallengeResponse();
        ChallengeToken token = authChallengeResponse.getToken();
        AuthMetadata metadata = authChallengeResponse.getMetadata();
        ClientAuthenticationMessage createClientAuthenticationMessage = this.messageFactory.createClientAuthenticationMessage(token, samlToken, amtToken, str, createDHKeyPair.getPublicKey());
        try {
            ClientAuthenticationResponseMessage fromDrmLicenseProperties = ClientAuthenticationResponseMessage.fromDrmLicenseProperties(this.adobeDrmLicenseClient.acquireDrmLicense(metadata.toBytes(), toJsonBytes(createClientAuthenticationMessage)).getCustomProperties());
            LOG.debug("CART response is {}", fromDrmLicenseProperties);
            String nonce = createClientAuthenticationMessage.getNonce();
            String nonce2 = fromDrmLicenseProperties.getNonce();
            if (!nonce.equals(nonce2)) {
                throw new RuntimeException(String.format(Locale.US, "CAT nonce %s doesn't match CART nonce %s", nonce, nonce2));
            }
            SessionMacKey sessionMacKey = new SessionMacKey(this.kdf.deriveKey(createDHKeyPair.generateSharedSecret(fromDrmLicenseProperties.getServerPublicKey()), toUtf8Bytes(fromDrmLicenseProperties.getMacAlgorithm()), toUtf8Bytes(fromDrmLicenseProperties.getProviderDeviceId()), toUtf8Bytes(BaseEncoding.base16().encode(BaseEncoding.base64().decode(nonce))), toUtf8Bytes("default")));
            JwtParser parser = Jwts.parser();
            parser.setSigningKey(sessionMacKey.getKeyAsBase64());
            parser.setAllowedClockSkewInSeconds(IntCompanionObject.MAX_VALUE);
            ClientAuthenticationResponseToken createCartFromJwtProperties = this.cartFactory.createCartFromJwtProperties((Claims) parser.parse(fromDrmLicenseProperties.getJwt()).getBody());
            LOG.debug("CART is {}", createCartFromJwtProperties);
            return new XacsaClientAuthenticationResult(createCartFromJwtProperties.getXactToken(), new AmtToken(createCartFromJwtProperties.getAmtTokenValue(), sessionMacKey), createCartFromJwtProperties.getResultType());
        } catch (Exception e) {
            LOG.error("Failed to acquire license for CAT " + createClientAuthenticationMessage, (Throwable) e);
            throw e;
        }
    }

    private byte[] toJsonBytes(Object obj) {
        try {
            return this.objectMapper.writeValueAsBytes(obj);
        } catch (JsonProcessingException e) {
            throw new RuntimeException(e);
        }
    }

    private byte[] toUtf8Bytes(String str) {
        try {
            return str.getBytes("UTF-8");
        } catch (UnsupportedEncodingException e) {
            throw new RuntimeException(e);
        }
    }

    public XacsaClientAuthenticationResult executeGenerateRequest(SamlToken samlToken, AmtToken amtToken) {
        return executeRequest(samlToken, amtToken, null);
    }

    public XacsaClientAuthenticationResult executeMigrateRequest(String str) {
        return executeRequest(null, null, str);
    }

    public XacsaClientAuthenticationResult executeRenewRequest(AmtToken amtToken) {
        return executeRequest(null, amtToken, null);
    }
}
