package com.threerings.facebook;

import com.google.common.base.Charsets;
import com.google.common.base.Preconditions;
import com.google.common.base.Splitter;
import com.google.common.collect.Lists;
import com.threerings.servlet.util.Parameters;
import java.security.GeneralSecurityException;
import java.util.ArrayList;
import java.util.Arrays;
import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;
import org.apache.commons.codec.binary.Base64;
import org.json.JSONException;
import org.json.JSONObject;

/* loaded from: input_file:com/threerings/facebook/SignedRequest.class */
public class SignedRequest {
    protected final boolean _present;
    protected final String _token;
    protected final String _userId;
    protected static final int ONE_HOUR = 3600;
    protected static final Splitter PERIOD_SPLITTER = Splitter.on('.');

    public SignedRequest(Parameters parameters, String str) {
        this._present = parameters.has("signed_request");
        if (!this._present) {
            this._token = null;
            this._userId = null;
            return;
        }
        String str2 = parameters.get("signed_request");
        ArrayList newArrayList = Lists.newArrayList(PERIOD_SPLITTER.split(str2));
        Preconditions.checkArgument(newArrayList.size() == 2, "Not properly period delimited [req=%s]", new Object[]{str2});
        String str3 = (String) newArrayList.get(1);
        String str4 = new String(new Base64(true).decode(str3), Charsets.UTF_8);
        try {
            JSONObject jSONObject = new JSONObject(str4);
            checkArg("HMAC-SHA256".equals(jSONObject.optString("algorithm")), "Improper algorithm in json", str2, str4);
            checkArg((System.currentTimeMillis() / 1000) - 3600 < jSONObject.optLong("issued_at"), "More than an hour old", str2, str4);
            SecretKeySpec secretKeySpec = new SecretKeySpec(str.getBytes(Charsets.UTF_8), "HMACSHA256");
            try {
                Mac mac = Mac.getInstance("HMACSHA256");
                mac.init(secretKeySpec);
                checkArg(Arrays.equals(new Base64(true).decode((String) newArrayList.get(0)), mac.doFinal(str3.getBytes(Charsets.UTF_8))), "Invalid signature", str2, str4);
                this._token = jSONObject.optString("oauth_token", null);
                this._userId = jSONObject.optString("user_id", null);
            } catch (GeneralSecurityException e) {
                throw new RuntimeException("Unable to initialize HMACSHA256. JVM busted?", e);
            }
        } catch (JSONException e2) {
            throw new RuntimeException("Invalid json [json=" + str4 + ", req=" + str2 + "]", e2);
        }
    }

    public String getUserId() {
        if (isAuthorized()) {
            return this._userId;
        }
        throw new RuntimeException("No userId. Call isAuthorized before calling getUserId");
    }

    public String getToken() {
        if (isAuthorized()) {
            return this._token;
        }
        throw new RuntimeException("No token. Call isAuthorized before calling getToken");
    }

    public boolean isAuthorized() {
        return this._token != null;
    }

    public boolean isPresent() {
        return this._present;
    }

    protected void checkArg(boolean z, String str, String str2, String str3) {
        Preconditions.checkArgument(z, str + " [req=%s, json=%s]", new Object[]{str2, str3});
    }
}
