package cz.smarteon.loxone;

import cz.smarteon.loxone.CommandResponseListener;
import cz.smarteon.loxone.message.ApiInfo;
import cz.smarteon.loxone.message.EncryptedCommand;
import cz.smarteon.loxone.message.Hashing;
import cz.smarteon.loxone.message.LoxoneMessage;
import cz.smarteon.loxone.message.LoxoneMessageCommand;
import cz.smarteon.loxone.message.PubKeyInfo;
import cz.smarteon.loxone.message.Token;
import cz.smarteon.loxone.message.TokenPermissionType;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.util.Collections;
import java.util.LinkedList;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.concurrent.ScheduledExecutorService;
import java.util.concurrent.ScheduledFuture;
import java.util.concurrent.TimeUnit;
import java.util.function.Supplier;
import javax.crypto.SecretKey;
import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:cz/smarteon/loxone/LoxoneAuth.class */
public class LoxoneAuth implements CommandResponseListener<LoxoneMessage<?>> {
    public static final String CLIENT_UUID = "5231fc55-a384-41b4-b0ae10b7f774add1";
    public static final String DEFAULT_CLIENT_INFO = "loxoneJava";
    private static final Logger log = LoggerFactory.getLogger(LoxoneAuth.class);
    private static final int MAX_SALT_USAGE = 20;
    private final LoxoneHttp loxoneHttp;
    private final String loxoneUser;
    private final String loxonePass;
    private final String loxoneVisPass;
    private final LoxoneMessageCommand<Hashing> getKeyCommand;
    private final LoxoneMessageCommand<Hashing> getVisuHashCommand;
    private ApiInfo apiInfo;
    private PublicKey publicKey;
    private SecretKey sharedKey;
    private SecureRandom sha1PRNG;
    private byte[] sharedKeyIv;
    private String sharedSalt;
    private Hashing visuHashing;
    private Token token;
    private EncryptedCommand<Token> lastTokenCommand;
    private CommandSender commandSender;
    private ScheduledExecutorService autoRefreshScheduler;
    private ScheduledFuture autoRefreshFuture;
    private int saltUsageCount = 0;
    private String clientInfo = DEFAULT_CLIENT_INFO;
    private TokenPermissionType tokenPermissionType = TokenPermissionType.WEB;
    private boolean autoRefreshToken = false;
    private final List<AuthListener> authListeners = new LinkedList();

    public LoxoneAuth(@NotNull LoxoneHttp loxoneHttp, @NotNull String str, @NotNull String str2, @Nullable String str3) {
        this.loxoneHttp = (LoxoneHttp) Objects.requireNonNull(loxoneHttp, "loxoneHttp shouldn't be null");
        this.loxoneUser = (String) Objects.requireNonNull(str, "loxoneUser shouldn't be null");
        this.loxonePass = (String) Objects.requireNonNull(str2, "loxonePass shouldn't be null");
        this.loxoneVisPass = str3;
        this.getKeyCommand = LoxoneMessageCommand.getKey(str);
        this.getVisuHashCommand = LoxoneMessageCommand.getVisuHash(str);
    }

    public ApiInfo getApiInfo() {
        return this.apiInfo;
    }

    public String getUser() {
        return this.loxoneUser;
    }

    public String getUuid() {
        return CLIENT_UUID;
    }

    public String getClientInfo() {
        return this.clientInfo;
    }

    public void setClientInfo(String str) {
        this.clientInfo = str;
    }

    public TokenPermissionType getTokenPermissionType() {
        return this.tokenPermissionType;
    }

    public void setTokenPermissionType(TokenPermissionType tokenPermissionType) {
        this.tokenPermissionType = tokenPermissionType;
    }

    public void setCommandSender(CommandSender commandSender) {
        this.commandSender = (CommandSender) Objects.requireNonNull(commandSender, "commandSender can't be null");
    }

    public boolean isAutoRefreshToken() {
        return this.autoRefreshToken;
    }

    public void setAutoRefreshToken(boolean z) {
        this.autoRefreshToken = z;
    }

    public void setAutoRefreshScheduler(@NotNull ScheduledExecutorService scheduledExecutorService) {
        this.autoRefreshScheduler = (ScheduledExecutorService) Objects.requireNonNull(scheduledExecutorService, "autoRefreshScheduler can't be null");
    }

    public void init() {
        log.trace("LoxoneAuth init start");
        fetchApiInfo();
        fetchPublicKey();
        this.sha1PRNG = LoxoneCrypto.getSecureRandom();
        if (this.sharedKey == null) {
            this.sharedKey = LoxoneCrypto.createSharedKey();
        }
        this.sharedKeyIv = LoxoneCrypto.createSharedKeyIv(this.sha1PRNG);
        log.trace("LoxoneAuth init finish");
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean isInitialized() {
        return (this.publicKey == null || this.sharedKey == null || this.sharedKeyIv == null || this.sha1PRNG == null) ? false : true;
    }

    public Map<String, String> authHeaders() {
        return Collections.singletonMap("Authorization", "Basic " + Codec.bytesToBase64(Codec.concatToBytes(this.loxoneUser, this.loxonePass)));
    }

    private String getSessionKey() {
        checkInitialized();
        return LoxoneCrypto.createSessionKey(this.sharedKey, this.sharedKeyIv, this.publicKey);
    }

    public String getVisuHash() {
        return (String) onVisuPassSet("compute visu hash", () -> {
            return LoxoneCrypto.loxoneHashing(this.loxoneVisPass, null, this.visuHashing, "secured command");
        });
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean isUsable() {
        return new TokenState(this.token).isUsable();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void startAuthentication() {
        sendCommand(Command.keyExchange(getSessionKey()));
        sendCommand(this.getKeyCommand);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void startVisuAuthentication() {
        onVisuPassSet("start visual authentication", () -> {
            sendCommand(this.getVisuHashCommand);
            return null;
        });
    }

    /* JADX WARN: Type inference failed for: r1v33, types: [cz.smarteon.loxone.message.LoxoneValue] */
    /* JADX WARN: Type inference failed for: r2v1, types: [cz.smarteon.loxone.message.LoxoneValue] */
    /* JADX WARN: Type inference failed for: r2v20, types: [cz.smarteon.loxone.message.LoxoneValue] */
    @Override // cz.smarteon.loxone.CommandResponseListener
    @NotNull
    public CommandResponseListener.State onCommand(@NotNull Command<? extends LoxoneMessage<?>> command, @NotNull LoxoneMessage<?> loxoneMessage) {
        if (this.getKeyCommand.equals(command)) {
            Hashing ensureValue = this.getKeyCommand.ensureValue(loxoneMessage.getValue());
            TokenState tokenState = new TokenState(this.token);
            if (tokenState.isExpired()) {
                this.lastTokenCommand = EncryptedCommand.getToken(LoxoneCrypto.loxoneHashing(this.loxonePass, this.loxoneUser, ensureValue, "gettoken"), this.loxoneUser, this.tokenPermissionType, CLIENT_UUID, this.clientInfo, this::encryptCommand);
            } else if (tokenState.needsRefresh()) {
                this.lastTokenCommand = EncryptedCommand.refreshToken(LoxoneCrypto.loxoneHashing(this.token.getToken(), this.loxoneUser, ensureValue, "refreshtoken"), this.loxoneUser, this::encryptCommand);
            } else {
                this.lastTokenCommand = EncryptedCommand.getToken(LoxoneCrypto.loxoneHashing(this.loxonePass, this.loxoneUser, ensureValue, "gettoken"), this.loxoneUser, this.tokenPermissionType, CLIENT_UUID, this.clientInfo, this::encryptCommand);
            }
            sendCommand(this.lastTokenCommand);
            return CommandResponseListener.State.CONSUMED;
        }
        if (this.getVisuHashCommand.equals(command)) {
            this.visuHashing = this.getVisuHashCommand.ensureValue(loxoneMessage.getValue());
            this.authListeners.forEach((v0) -> {
                v0.visuAuthCompleted();
            });
            return CommandResponseListener.State.CONSUMED;
        }
        if (this.lastTokenCommand == null || !this.lastTokenCommand.equals(command)) {
            return CommandResponseListener.State.IGNORED;
        }
        this.token = this.lastTokenCommand.ensureValue(loxoneMessage.getValue());
        log.info("Got loxone token, valid until: " + this.token.getValidUntilDateTime() + ", seconds to expire: " + this.token.getSecondsToExpire());
        if (this.autoRefreshToken) {
            long secondsToRefresh = new TokenState(this.token).secondsToRefresh();
            if (secondsToRefresh <= 0) {
                log.warn("Can't schedule token auto refresh, token expires too early or is already expired");
            } else if (this.autoRefreshScheduler != null) {
                log.info("Scheduling token auto refresh in " + secondsToRefresh + " seconds");
                this.autoRefreshFuture = this.autoRefreshScheduler.schedule(this::startAuthentication, secondsToRefresh, TimeUnit.SECONDS);
            } else {
                log.warn("autoRefreshScheduler not set, can't schedule token refresh");
            }
        }
        this.authListeners.forEach((v0) -> {
            v0.authCompleted();
        });
        this.lastTokenCommand = null;
        return CommandResponseListener.State.CONSUMED;
    }

    @Override // cz.smarteon.loxone.CommandResponseListener
    public boolean accepts(@NotNull Class cls) {
        return LoxoneMessage.class.isAssignableFrom(cls);
    }

    public void registerAuthListener(AuthListener authListener) {
        this.authListeners.add(authListener);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void wsClosed() {
        if (this.autoRefreshFuture != null) {
            this.autoRefreshFuture.cancel(true);
        }
    }

    private void sendCommand(Command command) {
        if (this.commandSender == null) {
            throw new IllegalStateException("CommandSender not set, authentication cannot work correctly");
        }
        this.commandSender.send(command);
    }

    private String encryptCommand(String str) {
        if (this.sharedSalt == null) {
            this.sharedSalt = LoxoneCrypto.generateSalt(this.sha1PRNG);
        }
        String str2 = "salt/" + this.sharedSalt;
        if (isNewSaltNeeded()) {
            log.trace("changing the salt");
            String str3 = "nextSalt/" + this.sharedSalt + "/";
            this.sharedSalt = LoxoneCrypto.generateSalt(this.sha1PRNG);
            str2 = str3 + this.sharedSalt;
        }
        return encryptWithSharedKey(str2 + "/" + str);
    }

    private void checkInitialized() {
        if (!isInitialized()) {
            throw new IllegalStateException("LoxoneAuth has not been initialized - call init() first");
        }
    }

    private void fetchApiInfo() {
        log.trace("Fetching ApiInfo start");
        try {
            LoxoneMessage loxoneMessage = (LoxoneMessage) this.loxoneHttp.get(LoxoneMessageCommand.DEV_CFG_API);
            if (loxoneMessage.getValue() == null) {
                throw new LoxoneException("Got empty apiInfo");
            }
            this.apiInfo = (ApiInfo) loxoneMessage.getValue();
            log.trace("Fetching ApiInfo finish");
        } catch (Throwable th) {
            log.trace("Fetching ApiInfo finish");
            throw th;
        }
    }

    private void fetchPublicKey() {
        log.trace("Fetching PublicKey start");
        try {
            LoxoneMessage loxoneMessage = (LoxoneMessage) this.loxoneHttp.get(LoxoneMessageCommand.DEV_SYS_GETPUBLICKEY);
            if (loxoneMessage.getValue() == null) {
                throw new LoxoneException("Got empty pubKeyInfo");
            }
            this.publicKey = ((PubKeyInfo) loxoneMessage.getValue()).asPublicKey();
            log.trace("Fetching PublicKey finish");
        } catch (Throwable th) {
            log.trace("Fetching PublicKey finish");
            throw th;
        }
    }

    private String encryptWithSharedKey(String str) {
        checkInitialized();
        return LoxoneCrypto.encrypt(str, this.sharedKey, this.sharedKeyIv);
    }

    private boolean isNewSaltNeeded() {
        if (this.saltUsageCount <= 0) {
        }
        this.saltUsageCount++;
        if (this.saltUsageCount < MAX_SALT_USAGE) {
            return false;
        }
        this.saltUsageCount = 0;
        return true;
    }

    private <T> T onVisuPassSet(String str, Supplier<T> supplier) {
        if (this.loxoneVisPass != null) {
            return supplier.get();
        }
        throw new IllegalStateException("Can't " + str + " when visualization password not set.");
    }
}
