package com.cybersource.authsdk.jwt;

import com.cybersource.authsdk.cache.Cache;
import com.cybersource.authsdk.core.ConfigException;
import com.cybersource.authsdk.core.MerchantConfig;
import com.cybersource.authsdk.core.TokenGenerator;
import com.cybersource.authsdk.jwtsecurity.JWTCryptoProcessorImpl;
import com.cybersource.authsdk.log.Log4j;
import com.cybersource.authsdk.util.Base64;
import com.cybersource.authsdk.util.GlobalLabelParameters;
import com.cybersource.authsdk.util.Utility;
import java.security.MessageDigest;
import java.security.cert.X509Certificate;
import java.security.interfaces.RSAPrivateKey;
import java.util.Calendar;
import java.util.HashMap;
import java.util.TimeZone;
import org.apache.logging.log4j.Level;
import org.apache.logging.log4j.Logger;

/* loaded from: input_file:com/cybersource/authsdk/jwt/JwtSignatureToken.class */
public class JwtSignatureToken implements TokenGenerator {
    private MerchantConfig merchantConfig;
    private String requestBody;
    private String jwtMethod;
    private Logger logger;
    private Cache cache;
    private RSAPrivateKey rsaPrivateKey = null;
    private X509Certificate x509Certificate = null;
    private String signature;

    public JwtSignatureToken(MerchantConfig merchantConfig, String str) {
        this.merchantConfig = merchantConfig;
        this.requestBody = str;
        this.jwtMethod = merchantConfig.getRequestType();
        this.logger = Log4j.getInstance(merchantConfig);
        this.cache = new Cache(this.merchantConfig);
    }

    @Override // com.cybersource.authsdk.core.TokenGenerator
    public String getToken() {
        try {
            this.signature = generateSignature();
        } catch (Exception e) {
            this.signature = null;
        }
        return this.signature;
    }

    public String generateSignature() throws Exception {
        try {
        } catch (Exception e) {
            Utility.log(this.logger, GlobalLabelParameters.JWT_SIG_FAILED, "", Level.FATAL);
            Utility.log(this.logger, e);
            this.signature = null;
        }
        if (this.merchantConfig == null || this.merchantConfig.getKeyType() == null) {
            throw new ConfigException("merchant config fields missing: keyType, key type");
        }
        if (Cache.isCache) {
            this.rsaPrivateKey = KeyCertificateGenerator.initializePrivateKey(this.merchantConfig);
            this.x509Certificate = KeyCertificateGenerator.initializeCertificate(this.merchantConfig);
            Utility.log(this.logger, GlobalLabelParameters.CACHE_BEGIN, "", Level.INFO);
            setUpCache();
            Cache.isCache = false;
        } else if (this.cache.isLastModifiedTimeP12()) {
            Utility.log(this.logger, GlobalLabelParameters.CACHE_EXTRACT, "", Level.INFO);
            this.cache.retriveP12DataFromCache();
            this.rsaPrivateKey = this.cache.getRsaPrivateKey();
            this.x509Certificate = this.cache.getX509Certificate();
        } else {
            Utility.log(this.logger, GlobalLabelParameters.CACHE_EXTEND, "", Level.INFO);
            this.rsaPrivateKey = KeyCertificateGenerator.initializePrivateKey(this.merchantConfig);
            this.x509Certificate = KeyCertificateGenerator.initializeCertificate(this.merchantConfig);
            setUpCache();
        }
        String str = "";
        if (this.requestBody != null && !this.requestBody.isEmpty()) {
            str = Base64.getEncoder().encodeToString(MessageDigest.getInstance(GlobalLabelParameters.SHA_256).digest(this.requestBody.getBytes()));
        }
        String str2 = null;
        String str3 = this.jwtMethod;
        if (str3.equalsIgnoreCase(GlobalLabelParameters.GET) || str3.equalsIgnoreCase(GlobalLabelParameters.DELETE)) {
            str2 = "{\n            \"iat\":\"" + String.format("%tFT%<tRZ", Calendar.getInstance(TimeZone.getTimeZone("Z"))) + "\"\n} \n\n";
        } else if (str3.equalsIgnoreCase(GlobalLabelParameters.POST) || str3.equalsIgnoreCase(GlobalLabelParameters.PUT) || str3.equalsIgnoreCase(GlobalLabelParameters.PATCH)) {
            str2 = "{\n            \"digest\":\"" + str + "\",\n            \"digestAlgorithm\":\"SHA-256\",\n            \"iat\":\"" + String.format("%tFT%<tRZ", Calendar.getInstance(TimeZone.getTimeZone("Z"))) + "\"\n} \n\n";
        }
        HashMap hashMap = new HashMap();
        if (this.merchantConfig.getMerchantID() != null) {
            hashMap.put(JWTCryptoProcessorImpl.MERCHANT_ID, this.merchantConfig.getMerchantID());
        }
        if (this.merchantConfig.getMerchantID() != null) {
            hashMap.put("v-c-partner-id", this.merchantConfig.getMerchantID());
        }
        String trim = this.merchantConfig.getAuthenticationType().trim();
        JWTCryptoProcessorImpl jWTCryptoProcessorImpl = new JWTCryptoProcessorImpl();
        if (GlobalLabelParameters.JWT.equalsIgnoreCase(trim)) {
            this.signature = jWTCryptoProcessorImpl.sign(str2, this.rsaPrivateKey, this.x509Certificate, hashMap);
        } else {
            if (!GlobalLabelParameters.JWE.equalsIgnoreCase(trim)) {
                throw new ConfigException("merchant config field is invalid: authType");
            }
            this.signature = jWTCryptoProcessorImpl.signAndEncrypt(str2, this.rsaPrivateKey, this.x509Certificate, KeyCertificateGenerator.initializeRecipientCertificate(this.merchantConfig), hashMap);
        }
        return this.signature;
    }

    private void setUpCache() throws ConfigException {
        this.cache.setX509Certificate(this.x509Certificate);
        this.cache.setRsaPrivateKey(this.rsaPrivateKey);
        this.cache.setP12FileDetailsInCache();
    }
}
