package com.sabegeek.apple;

import com.auth0.jwt.JWT;
import com.auth0.jwt.interfaces.Claim;
import com.auth0.jwt.interfaces.DecodedJWT;
import com.sabegeek.apple.AppleLoginAPIClient;
import java.util.Date;
import java.util.Objects;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;

/* loaded from: input_file:com/sabegeek/apple/AppleLoginUtility.class */
public class AppleLoginUtility {
    private static final Logger log = LogManager.getLogger(AppleLoginUtility.class);
    public static final String ISSUER_CONTENT = "https://appleid.apple.com";
    private final AppleLoginAPIClient appleLoginAPIClient;

    /* loaded from: input_file:com/sabegeek/apple/AppleLoginUtility$AppleLoginPlafromEnum.class */
    public enum AppleLoginPlafromEnum {
        WEB,
        IOS
    }

    /* loaded from: input_file:com/sabegeek/apple/AppleLoginUtility$VerifyUserResult.class */
    public static class VerifyUserResult {
        private String sub;
        private String email;
        private String error;

        /* loaded from: input_file:com/sabegeek/apple/AppleLoginUtility$VerifyUserResult$VerifyUserResultBuilder.class */
        public static class VerifyUserResultBuilder {
            private String sub;
            private String email;
            private String error;

            VerifyUserResultBuilder() {
            }

            public VerifyUserResultBuilder sub(String str) {
                this.sub = str;
                return this;
            }

            public VerifyUserResultBuilder email(String str) {
                this.email = str;
                return this;
            }

            public VerifyUserResultBuilder error(String str) {
                this.error = str;
                return this;
            }

            public VerifyUserResult build() {
                return new VerifyUserResult(this.sub, this.email, this.error);
            }

            public String toString() {
                return "AppleLoginUtility.VerifyUserResult.VerifyUserResultBuilder(sub=" + this.sub + ", email=" + this.email + ", error=" + this.error + ")";
            }
        }

        public static VerifyUserResultBuilder builder() {
            return new VerifyUserResultBuilder();
        }

        public String getSub() {
            return this.sub;
        }

        public String getEmail() {
            return this.email;
        }

        public String getError() {
            return this.error;
        }

        public void setSub(String str) {
            this.sub = str;
        }

        public void setEmail(String str) {
            this.email = str;
        }

        public void setError(String str) {
            this.error = str;
        }

        public boolean equals(Object obj) {
            if (obj == this) {
                return true;
            }
            if (!(obj instanceof VerifyUserResult)) {
                return false;
            }
            VerifyUserResult verifyUserResult = (VerifyUserResult) obj;
            if (!verifyUserResult.canEqual(this)) {
                return false;
            }
            String sub = getSub();
            String sub2 = verifyUserResult.getSub();
            if (sub == null) {
                if (sub2 != null) {
                    return false;
                }
            } else if (!sub.equals(sub2)) {
                return false;
            }
            String email = getEmail();
            String email2 = verifyUserResult.getEmail();
            if (email == null) {
                if (email2 != null) {
                    return false;
                }
            } else if (!email.equals(email2)) {
                return false;
            }
            String error = getError();
            String error2 = verifyUserResult.getError();
            return error == null ? error2 == null : error.equals(error2);
        }

        protected boolean canEqual(Object obj) {
            return obj instanceof VerifyUserResult;
        }

        public int hashCode() {
            String sub = getSub();
            int hashCode = (1 * 59) + (sub == null ? 43 : sub.hashCode());
            String email = getEmail();
            int hashCode2 = (hashCode * 59) + (email == null ? 43 : email.hashCode());
            String error = getError();
            return (hashCode2 * 59) + (error == null ? 43 : error.hashCode());
        }

        public String toString() {
            return "AppleLoginUtility.VerifyUserResult(sub=" + getSub() + ", email=" + getEmail() + ", error=" + getError() + ")";
        }

        public VerifyUserResult() {
        }

        public VerifyUserResult(String str, String str2, String str3) {
            this.sub = str;
            this.email = str2;
            this.error = str3;
        }
    }

    public AppleLoginUtility(AppleLoginAPIClient appleLoginAPIClient) {
        this.appleLoginAPIClient = appleLoginAPIClient;
    }

    public VerifyUserResult verifyUser(String str) {
        try {
            AppleLoginAPIClient.AuthKeys authKeys = this.appleLoginAPIClient.authKeys();
            try {
                AppleLoginAPIClient.TokenResponse authToken = this.appleLoginAPIClient.authToken(str);
                String error = authToken.getError();
                if (Objects.nonNull(error)) {
                    log.fatal("com.sabegeek.apple.AppleLoginUtility.verifyUser [code auth token fail] ");
                    return VerifyUserResult.builder().error(error + " : " + authToken.getError_description()).build();
                }
                DecodedJWT decode = JWT.decode(authToken.getId_token());
                String keyId = decode.getKeyId();
                if (authKeys.getKeys().stream().filter(authKey -> {
                    return Objects.equals(authKey.getKid(), keyId);
                }).findAny().isEmpty()) {
                    log.fatal("com.sabegeek.apple.AppleLoginUtility.verifyUser [verify user id token fail key id not found]");
                    return VerifyUserResult.builder().error("verify user id token fail key id not found").build();
                }
                if (!ISSUER_CONTENT.contains(decode.getIssuer())) {
                    log.fatal("com.sabegeek.apple.AppleLoginUtility.verifyUser [verify user id token fail issuer not contain]");
                    return VerifyUserResult.builder().error("verify user id token fail issuer not contain").build();
                }
                if (!decode.getAudience().contains(this.appleLoginAPIClient.getClientId())) {
                    log.fatal("com.sabegeek.apple.AppleLoginUtility.verifyUser [verify user id token fail client not equal]");
                    return VerifyUserResult.builder().error("verify user id token fail client not equal").build();
                }
                if (new Date().after(decode.getExpiresAt())) {
                    log.fatal("com.sabegeek.apple.AppleLoginUtility.verifyUser [verify user id token fail expired]");
                    return VerifyUserResult.builder().error("verify user id token fail client expired").build();
                }
                String subject = decode.getSubject();
                return VerifyUserResult.builder().sub(subject).email(((Claim) decode.getClaims().get("email")).asString()).build();
            } catch (Throwable th) {
                log.fatal("com.sabegeek.apple.AppleLoginUtility.verifyUser [code auth token fail] ", th);
                return VerifyUserResult.builder().error("code auth token fail").build();
            }
        } catch (Throwable th2) {
            log.fatal("com.sabegeek.apple.AppleLoginUtility.verifyUser [fetch auth keys fail] ", th2);
            return VerifyUserResult.builder().error("fetch auth keys fail").build();
        }
    }
}
