package de.superx.servlet;

import com.google.common.base.Joiner;
import de.memtext.db.NichtAngemeldetException;
import de.superx.saiku.SuperxSaikuConnectionManager;
import java.io.UnsupportedEncodingException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.ArrayList;
import java.util.Date;
import java.util.List;
import java.util.StringTokenizer;
import org.apache.log4j.Logger;

/* loaded from: input_file:de/superx/servlet/TokenChecker.class */
public class TokenChecker {
    private String token;
    private List<String> tokenParts;
    Logger logger = Logger.getLogger(SuperXmlAnmeldung.class);

    public static void main(String[] strArr) {
        String str = "1.0/1319735296/superx/admin/bi_admin/1/RIGHT_CS_BIA_STANDARDREPORTS_ADMIN/1/3/45ae5984bf81f73f7d320d8fc4190689";
        SuperXManager.sharedSecret = "rdfS3Y4Cx5Pb9gVxTOoZUT2TvnaOEKRNu";
        while (str.indexOf("//") > -1) {
            str = str.replace("//", "/ /");
        }
        System.out.println(str);
        StringTokenizer stringTokenizer = new StringTokenizer(str, "/");
        int i = 0;
        while (stringTokenizer.hasMoreTokens()) {
            i++;
            System.out.println(i + ":" + stringTokenizer.nextToken());
        }
        try {
            new TokenChecker(str).testAll();
        } catch (NichtAngemeldetException e) {
            e.printStackTrace();
        }
    }

    public TokenChecker(String str) {
        this.token = null;
        this.tokenParts = null;
        this.token = str;
        this.tokenParts = initTokenParts(str);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String getTokenString() {
        return this.token;
    }

    private List<String> initTokenParts(String str) {
        ArrayList arrayList = new ArrayList(15);
        if (str != null) {
            int length = str.length();
            StringBuffer stringBuffer = new StringBuffer();
            boolean z = false;
            for (int i = 0; i < length; i++) {
                char charAt = str.charAt(i);
                if (charAt == '[') {
                    z = true;
                    stringBuffer.append(charAt);
                } else if (charAt == ']') {
                    z = false;
                    stringBuffer.append(charAt);
                } else if (charAt != '/' || z) {
                    stringBuffer.append(charAt);
                } else {
                    arrayList.add(stringBuffer.toString());
                    stringBuffer = new StringBuffer();
                }
            }
            arrayList.add(stringBuffer.toString());
        }
        return arrayList;
    }

    private boolean isNumberTokenPartsOK() {
        return this.tokenParts.size() >= 10;
    }

    private boolean isTokenVersionOK() {
        return this.token.startsWith("1.0") || this.token.startsWith("2.0");
    }

    public void testAll() throws NichtAngemeldetException {
        this.logger.debug("Running TokenChecker.testAll()");
        if (this.tokenParts == null) {
            this.logger.error("Kein Token gefunden");
            throw new NichtAngemeldetException("Kein Token gefunden");
        }
        if (!isTokenVersionOK()) {
            this.logger.error("Falsche Tokenversion");
            throw new NichtAngemeldetException("Falsche Tokenversion");
        }
        if (!isNumberTokenPartsOK()) {
            this.logger.error("Fehlerhaftes Token  DETAILS:- moeglicherweise ein Wert leer , im Token //");
            throw new IllegalArgumentException("Fehlerhaftes Token  DETAILS:- moeglicherweise ein Wert leer , im Token //");
        }
        testTime();
        testApp();
        testHash();
    }

    void testTime() throws NichtAngemeldetException {
        if (!isTokentimestampParseable()) {
            this.logger.error("Unpassender Tokentimestamp");
            throw new NichtAngemeldetException("Unpassender Tokentimestamp");
        }
        if (isTimeOK()) {
            return;
        }
        this.logger.error("Tokentimestamp ungültig: Zeit auf den tomcats/apache abgleichen!");
        throw new NichtAngemeldetException("Tokentimestamp ungültig: Zeit auf den tomcats/apache abgleichen!");
    }

    boolean isTimeOK() {
        boolean z = false;
        try {
            long parseLong = Long.parseLong(this.tokenParts.get(1).toString()) * 1000;
            long time = new Date().getTime() - 60000;
            long time2 = new Date().getTime() + 60000;
            if (parseLong >= time && parseLong <= time2) {
                z = true;
            }
        } catch (Exception e) {
        }
        return z;
    }

    private boolean isTokentimestampParseable() {
        boolean z = false;
        try {
            long parseLong = Long.parseLong(this.tokenParts.get(1).toString()) * 1000;
            z = true;
        } catch (Exception e) {
        }
        return z;
    }

    void testApp() throws NichtAngemeldetException {
        if (this.tokenParts.size() < 3 || this.tokenParts.get(2) == null || !this.tokenParts.get(2).toString().equalsIgnoreCase(SuperxSaikuConnectionManager.SECURITY_TYPE_SUPERX)) {
            this.logger.error("falsche Webapp im Token");
            throw new NichtAngemeldetException("falsche Webapp im Token");
        }
        this.logger.debug("Webapp im Token: " + this.tokenParts.get(2).toString());
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String getKennung() throws NichtAngemeldetException {
        if (this.tokenParts.size() < 4) {
            throw new NichtAngemeldetException("Fehlerhaftes Token");
        }
        return this.tokenParts.get(3).toString();
    }

    String getKennungRoleInst() throws NichtAngemeldetException {
        if (this.tokenParts.size() < 4) {
            throw new NichtAngemeldetException("Fehlerhaftes Token");
        }
        return this.tokenParts.get(3).toString();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String getRole() throws NichtAngemeldetException {
        if (this.tokenParts.size() < 5) {
            throw new NichtAngemeldetException("Fehlerhaftes Token");
        }
        return "ROLE_" + this.tokenParts.get(4).toString().trim().toUpperCase();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Integer getOrgunitLid() throws NichtAngemeldetException {
        if (this.tokenParts.size() < 6) {
            throw new NichtAngemeldetException("Fehlerhaftes Token");
        }
        return Integer.valueOf(this.tokenParts.get(5).trim());
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String getRights() throws NichtAngemeldetException {
        if (this.tokenParts.size() < 7) {
            throw new NichtAngemeldetException("Fehlerhaftes Token");
        }
        return this.tokenParts.get(6).toString().trim();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String getExternAccountID() throws NichtAngemeldetException {
        if (this.tokenParts.size() < 8) {
            throw new NichtAngemeldetException("Fehlerhaftes Token");
        }
        return this.tokenParts.get(7).toString().trim();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String getExternPersonID() throws NichtAngemeldetException {
        if (this.tokenParts.size() < 9) {
            throw new NichtAngemeldetException("Fehlerhaftes Token");
        }
        return this.tokenParts.get(8).toString().trim();
    }

    private String getHash() throws NichtAngemeldetException {
        if (isNumberTokenPartsOK()) {
            this.logger.debug("Toks: " + this.tokenParts.toString());
            return this.tokenParts.get(this.tokenParts.size() - 1).toString().trim();
        }
        this.logger.error("Token < 10 Zeichen.");
        throw new NichtAngemeldetException("Fehlerhaftes Token");
    }

    void testHash() throws NichtAngemeldetException {
        if (SuperXManager.sharedSecret == null || SuperXManager.sharedSecret.trim().equals("")) {
            this.logger.error("Kein Shared secret hinterlegt");
            throw new NichtAngemeldetException("Kein Shared secret hinterlegt");
        }
        if (checkHash(this.tokenParts.get(0), getHash(), Joiner.on('/').join(this.tokenParts.subList(0, this.tokenParts.size() - 1)), SuperXManager.sharedSecret)) {
            return;
        }
        this.logger.error("Token ungueltig");
        throw new NichtAngemeldetException("Token ungueltig");
    }

    boolean checkHash(String str, String str2, String str3, String str4) {
        String hex;
        if (str4 == null || str4.trim().equals("")) {
            this.logger.error("shared-secret ist nicht definiert");
            return false;
        }
        String str5 = str3 + "/" + str4;
        try {
            if (str.startsWith("1.0")) {
                hex = getHex(MessageDigest.getInstance("MD5").digest(str5.getBytes("UTF-8")));
            } else {
                MessageDigest messageDigest = MessageDigest.getInstance("SHA-512");
                messageDigest.update(str5.getBytes("UTF-8"));
                hex = getHex(messageDigest.digest());
            }
            boolean equals = hex.equals(str2);
            if (!equals) {
                this.logger.warn("Ungueltiges Auth-Token: Angegebener Hashwert und berechneter Hashwert stimmen nicht ueberein: " + str2 + " (berechnet: " + hex + ")");
                this.logger.warn("Token was: " + str3);
                this.logger.warn("Shared secret was: " + str4);
            }
            return equals;
        } catch (UnsupportedEncodingException e) {
            this.logger.error(e, e);
            return false;
        } catch (NoSuchAlgorithmException e2) {
            this.logger.error(e2, e2);
            return false;
        }
    }

    public static String getHex(byte[] bArr) {
        StringBuffer stringBuffer = new StringBuffer(bArr.length * 2);
        for (int i = 0; i < bArr.length; i++) {
            if ((bArr[i] & 255) < 16) {
                stringBuffer.append("0");
            }
            stringBuffer.append(Long.toString(bArr[i] & 255, 16));
        }
        return stringBuffer.toString();
    }
}
