package net.minestom.server.network.packet.client.login;

import com.google.gson.Gson;
import com.google.gson.JsonObject;
import java.lang.invoke.MethodHandles;
import java.lang.invoke.MethodType;
import java.lang.runtime.ObjectMethods;
import java.math.BigInteger;
import java.net.URI;
import java.net.URLEncoder;
import java.net.http.HttpClient;
import java.net.http.HttpRequest;
import java.net.http.HttpResponse;
import java.nio.charset.StandardCharsets;
import java.util.Arrays;
import java.util.UUID;
import javax.crypto.SecretKey;
import net.minestom.server.MinecraftServer;
import net.minestom.server.crypto.SaltSignaturePair;
import net.minestom.server.crypto.SignatureValidator;
import net.minestom.server.extras.MojangAuth;
import net.minestom.server.extras.mojangAuth.MojangCrypt;
import net.minestom.server.network.NetworkBuffer;
import net.minestom.server.network.packet.client.ClientPreplayPacket;
import net.minestom.server.network.player.PlayerConnection;
import net.minestom.server.network.player.PlayerSocketConnection;
import net.minestom.server.utils.Either;
import net.minestom.server.utils.InterfaceUtils;
import net.minestom.server.utils.async.AsyncUtils;
import net.minestom.server.utils.crypto.KeyUtils;
import org.apache.logging.log4j.core.lookup.StructuredDataLookup;
import org.jetbrains.annotations.NotNull;
import org.jline.builtins.TTop;

/* loaded from: input_file:net/minestom/server/network/packet/client/login/EncryptionResponsePacket.class */
public final class EncryptionResponsePacket extends Record implements ClientPreplayPacket {
    private final byte[] sharedSecret;
    private final Either<byte[], SaltSignaturePair> nonceOrSignature;
    private static final Gson GSON = new Gson();

    public EncryptionResponsePacket(@NotNull NetworkBuffer networkBuffer) {
        this((byte[]) networkBuffer.read(NetworkBuffer.BYTE_ARRAY), networkBuffer.readEither(networkBuffer2 -> {
            return (byte[]) networkBuffer2.read(NetworkBuffer.BYTE_ARRAY);
        }, SaltSignaturePair::new));
    }

    public EncryptionResponsePacket(byte[] bArr, Either<byte[], SaltSignaturePair> either) {
        this.sharedSecret = bArr;
        this.nonceOrSignature = either;
    }

    @Override // net.minestom.server.network.packet.client.ClientPreplayPacket
    public void process(@NotNull PlayerConnection playerConnection) {
        if (playerConnection instanceof PlayerSocketConnection) {
            PlayerSocketConnection playerSocketConnection = (PlayerSocketConnection) playerConnection;
            AsyncUtils.runAsync(() -> {
                String loginUsername = playerSocketConnection.getLoginUsername();
                if (loginUsername == null || loginUsername.isEmpty()) {
                    return;
                }
                boolean z = playerConnection.playerPublicKey() != null;
                if (((Boolean) this.nonceOrSignature.map(bArr -> {
                    return Boolean.valueOf(z || !Arrays.equals(playerSocketConnection.getNonce(), MojangCrypt.decryptUsingKey(MojangAuth.getKeyPair().getPrivate(), bArr)));
                }, saltSignaturePair -> {
                    return Boolean.valueOf((z && SignatureValidator.from(playerConnection.playerPublicKey().publicKey(), KeyUtils.SignatureAlgorithm.SHA256withRSA).validate(networkBuffer -> {
                        networkBuffer.write(NetworkBuffer.RAW_BYTES, playerSocketConnection.getNonce());
                        networkBuffer.write(NetworkBuffer.LONG, Long.valueOf(saltSignaturePair.salt()));
                    }, saltSignaturePair.signature())) ? false : true);
                })).booleanValue()) {
                    MinecraftServer.LOGGER.error("Encryption failed for {}", loginUsername);
                    return;
                }
                byte[] digestData = MojangCrypt.digestData("", MojangAuth.getKeyPair().getPublic(), getSecretKey());
                if (digestData == null) {
                    MinecraftServer.LOGGER.error("Connection {} failed initializing encryption.", playerSocketConnection.getRemoteAddress());
                    playerConnection.disconnect();
                } else {
                    HttpClient.newHttpClient().sendAsync(HttpRequest.newBuilder(URI.create(String.format(MojangAuth.AUTH_URL, URLEncoder.encode(loginUsername, StandardCharsets.UTF_8), new BigInteger(digestData).toString(16)))).GET().build(), HttpResponse.BodyHandlers.ofString()).whenComplete((httpResponse, th) -> {
                        if (th != null) {
                            MinecraftServer.getExceptionManager().handleException(th);
                            return;
                        }
                        try {
                            JsonObject jsonObject = (JsonObject) GSON.fromJson((String) httpResponse.body(), JsonObject.class);
                            if (jsonObject == null) {
                                return;
                            }
                            playerSocketConnection.setEncryptionKey(getSecretKey());
                            UUID fromString = UUID.fromString(jsonObject.get(StructuredDataLookup.ID_KEY).getAsString().replaceFirst("(\\w{8})(\\w{4})(\\w{4})(\\w{4})(\\w{12})", "$1-$2-$3-$4-$5"));
                            String asString = jsonObject.get(TTop.STAT_NAME).getAsString();
                            MinecraftServer.LOGGER.info("UUID of player {} is {}", loginUsername, fromString);
                            CONNECTION_MANAGER.startPlayState(playerConnection, fromString, asString, true);
                        } catch (Exception e) {
                            MinecraftServer.getExceptionManager().handleException(e);
                        }
                    });
                }
            });
        }
    }

    @Override // net.minestom.server.network.NetworkBuffer.Writer
    public void write(@NotNull NetworkBuffer networkBuffer) {
        networkBuffer.write(NetworkBuffer.BYTE_ARRAY, this.sharedSecret);
        networkBuffer.writeEither(this.nonceOrSignature, (networkBuffer2, bArr) -> {
            networkBuffer2.write(NetworkBuffer.BYTE_ARRAY, bArr);
        }, InterfaceUtils.flipBiConsumer((v0, v1) -> {
            v0.write(v1);
        }));
    }

    private SecretKey getSecretKey() {
        return MojangCrypt.decryptByteToSecretKey(MojangAuth.getKeyPair().getPrivate(), this.sharedSecret);
    }

    @Override // java.lang.Record
    public final String toString() {
        return (String) ObjectMethods.bootstrap(MethodHandles.lookup(), "toString", MethodType.methodType(String.class, EncryptionResponsePacket.class), EncryptionResponsePacket.class, "sharedSecret;nonceOrSignature", "FIELD:Lnet/minestom/server/network/packet/client/login/EncryptionResponsePacket;->sharedSecret:[B", "FIELD:Lnet/minestom/server/network/packet/client/login/EncryptionResponsePacket;->nonceOrSignature:Lnet/minestom/server/utils/Either;").dynamicInvoker().invoke(this) /* invoke-custom */;
    }

    @Override // java.lang.Record
    public final int hashCode() {
        return (int) ObjectMethods.bootstrap(MethodHandles.lookup(), "hashCode", MethodType.methodType(Integer.TYPE, EncryptionResponsePacket.class), EncryptionResponsePacket.class, "sharedSecret;nonceOrSignature", "FIELD:Lnet/minestom/server/network/packet/client/login/EncryptionResponsePacket;->sharedSecret:[B", "FIELD:Lnet/minestom/server/network/packet/client/login/EncryptionResponsePacket;->nonceOrSignature:Lnet/minestom/server/utils/Either;").dynamicInvoker().invoke(this) /* invoke-custom */;
    }

    @Override // java.lang.Record
    public final boolean equals(Object obj) {
        return (boolean) ObjectMethods.bootstrap(MethodHandles.lookup(), "equals", MethodType.methodType(Boolean.TYPE, EncryptionResponsePacket.class, Object.class), EncryptionResponsePacket.class, "sharedSecret;nonceOrSignature", "FIELD:Lnet/minestom/server/network/packet/client/login/EncryptionResponsePacket;->sharedSecret:[B", "FIELD:Lnet/minestom/server/network/packet/client/login/EncryptionResponsePacket;->nonceOrSignature:Lnet/minestom/server/utils/Either;").dynamicInvoker().invoke(this, obj) /* invoke-custom */;
    }

    public byte[] sharedSecret() {
        return this.sharedSecret;
    }

    public Either<byte[], SaltSignaturePair> nonceOrSignature() {
        return this.nonceOrSignature;
    }
}
