package dev.katsute.mal4j;

import com.sun.net.httpserver.HttpExchange;
import com.sun.net.httpserver.HttpHandler;
import com.sun.net.httpserver.HttpServer;
import dev.katsute.mal4j.APIStruct;
import dev.katsute.mal4j.Json;
import dev.katsute.mal4j.Logging;
import dev.katsute.mal4j.exception.HttpException;
import dev.katsute.mal4j.exception.InvalidTokenException;
import dev.katsute.mal4j.exception.UnauthorizedAccessException;
import java.awt.Desktop;
import java.io.IOException;
import java.net.InetSocketAddress;
import java.net.URI;
import java.net.URISyntaxException;
import java.nio.charset.StandardCharsets;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.util.Base64;
import java.util.HashMap;
import java.util.Map;
import java.util.Objects;
import java.util.concurrent.CountDownLatch;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.Executors;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.atomic.AtomicReference;
import java.util.function.Consumer;
import java.util.zip.GZIPOutputStream;

/* loaded from: input_file:dev/katsute/mal4j/MyAnimeListAuthenticator.class */
public final class MyAnimeListAuthenticator {
    private static final String authUrl = "https://myanimelist.net/v1/oauth2/authorize?response_type=code&client_id=%s&code_challenge=%s&code_challenge_method=plain";
    private static final String authState = "&state=%s";
    private static final String redirectURI = "&redirect_uri=%s";
    private final MyAnimeListAuthenticationService authService;
    private final Authorization authorization;
    private AccessToken token;
    private static final AuthResponseHandler defaultHandler = new AuthResponseHandler() { // from class: dev.katsute.mal4j.MyAnimeListAuthenticator.1
        private static final String HTML = "<!DOCTYPE html><html><head><title>MyAnimeList Authenticator</title><style>html,body{width:100%;height:100%;-webkit-user-select: none;-ms-user-select: none;user-select: none;}body{display:flex;align-items:center;justify-content:center;background-color:#2E51A2;margin:0px;*{width:100%}}*{font-family:Helvetica,Arial,sans-serif;color:white;text-align:center}</style></head><body><div><h1>Authentication {{ state }}</h1><p title=\"{{ hint }}\">{{ message }}</p></div></body></html>";
        private static final String OK = "&#10004;&#65039;";
        private static final String FAIL = "&#10060;";

        @Override // dev.katsute.mal4j.AuthResponseHandler
        public final String getResponse(String str, String str2, String str3, String str4) {
            String str5;
            String str6 = str == null ? "Failed &#10060;" : "Completed &#10004;&#65039;";
            String str7 = str2 == null ? "" : str2;
            if (str == null) {
                str5 = "<b>" + str7.substring(0, 1).toUpperCase() + str7.substring(1).replace('_', ' ') + "</b>: " + (str3 == null ? "" : str3);
            } else {
                str5 = "You may now close the window.";
            }
            return HTML.replace("{{ state }}", str6).replace("{{ hint }}", str4 != null ? str4 : "").replace("{{ message }}", str5);
        }
    };

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:dev/katsute/mal4j/MyAnimeListAuthenticator$AuthHandler.class */
    public static final class AuthHandler implements HttpHandler {
        private final CountDownLatch latch;
        private final AuthResponseHandler handler;
        private final transient AtomicReference<String> auth;
        private final transient AtomicReference<String> state;

        private Map<String, String> parseWwwFormEnc(String str) {
            HashMap hashMap = new HashMap();
            for (String str2 : str.split("&")) {
                if (str2.contains("=")) {
                    String[] split = str2.split("=");
                    hashMap.put(APICall.decodeUTF8(split[0]), split.length == 2 ? APICall.decodeUTF8(split[1]) : null);
                }
            }
            return hashMap;
        }

        private AuthHandler(CountDownLatch countDownLatch) {
            this(countDownLatch, MyAnimeListAuthenticator.defaultHandler);
        }

        private AuthHandler(CountDownLatch countDownLatch, AuthResponseHandler authResponseHandler) {
            this.auth = new AtomicReference<>();
            this.state = new AtomicReference<>();
            this.latch = countDownLatch;
            this.handler = authResponseHandler == null ? MyAnimeListAuthenticator.defaultHandler : authResponseHandler;
        }

        public final void handle(HttpExchange httpExchange) throws IOException {
            Map<String, String> parseWwwFormEnc = parseWwwFormEnc(httpExchange.getRequestURI().getRawQuery());
            this.state.set(parseWwwFormEnc.get("state"));
            this.auth.set(parseWwwFormEnc.get("code"));
            httpExchange.getResponseHeaders().set("Accept-Encoding", "gzip");
            httpExchange.getResponseHeaders().set("Content-Encoding", "gzip");
            httpExchange.getResponseHeaders().set("Connection", "keep-alive");
            httpExchange.sendResponseHeaders(200, 0L);
            GZIPOutputStream gZIPOutputStream = new GZIPOutputStream(httpExchange.getResponseBody());
            try {
                gZIPOutputStream.write(this.handler.getResponse(parseWwwFormEnc.get("code"), parseWwwFormEnc.get("error"), parseWwwFormEnc.get("message"), parseWwwFormEnc.get("hint")).getBytes(StandardCharsets.UTF_8));
                gZIPOutputStream.finish();
                gZIPOutputStream.flush();
                gZIPOutputStream.close();
                this.latch.countDown();
            } catch (Throwable th) {
                try {
                    gZIPOutputStream.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
                throw th;
            }
        }

        public final String getAuth() {
            return this.auth.get();
        }

        public final String getState() {
            return this.state.get();
        }
    }

    /* loaded from: input_file:dev/katsute/mal4j/MyAnimeListAuthenticator$LocalServerBuilder.class */
    public static final class LocalServerBuilder {
        private final String client_id;
        private final String client_secret;
        private final int port;
        private boolean openBrowser;
        private long timeout;
        private String redirect_URI;
        private AuthResponseHandler responseHandler;
        private Consumer<String> urlCallback;

        public LocalServerBuilder(String str, int i) {
            this(str, null, i);
        }

        public LocalServerBuilder(String str, String str2, int i) {
            this.openBrowser = false;
            this.timeout = 180L;
            this.redirect_URI = null;
            this.responseHandler = null;
            this.urlCallback = null;
            Objects.requireNonNull(str, "Client ID must not be null");
            this.client_id = str;
            this.client_secret = str2;
            this.port = i;
        }

        public final LocalServerBuilder openBrowser() {
            return openBrowser(true);
        }

        public final LocalServerBuilder openBrowser(boolean z) {
            if (!MyAnimeListAuthenticator.canOpenBrowser()) {
                Logging.getLogger().warning("System does not support openBrowser()");
            }
            this.openBrowser = z;
            return this;
        }

        public final LocalServerBuilder setTimeout(int i) {
            this.timeout = i;
            return this;
        }

        public final LocalServerBuilder setRedirectURI(String str) {
            this.redirect_URI = str;
            return this;
        }

        public final LocalServerBuilder setResponseHandler(AuthResponseHandler authResponseHandler) {
            this.responseHandler = authResponseHandler;
            return this;
        }

        public final LocalServerBuilder setURLCallback(Consumer<String> consumer) {
            this.urlCallback = consumer;
            return this;
        }

        public final MyAnimeListAuthenticator build() throws IOException {
            return new MyAnimeListAuthenticator(this.client_id, this.client_secret, this.port, this.responseHandler, this.urlCallback, this.openBrowser, this.timeout, this.redirect_URI);
        }

        public final String toString() {
            return "MyAnimeListAuthenticator.LocalServerBuilder{port=" + this.port + ", openBrowser=" + this.openBrowser + ", timeout=" + this.timeout + ", redirect_URI='" + this.redirect_URI + "', responseHandler=" + this.responseHandler + '}';
        }
    }

    private MyAnimeListAuthenticator(String str, String str2, int i, AuthResponseHandler authResponseHandler, Consumer<String> consumer, boolean z, long j, String str3) throws IOException {
        this.authService = MyAnimeListAuthenticationService.create();
        String[] authenticateWithLocalServer = authenticateWithLocalServer(str, i, authResponseHandler, consumer, z, j, str3);
        this.authorization = new Authorization(str, str2, authenticateWithLocalServer[0], authenticateWithLocalServer[1], str3);
        this.token = parseToken(this.authService.getToken(str, str2, "authorization_code", authenticateWithLocalServer[0], authenticateWithLocalServer[1], str3));
    }

    public MyAnimeListAuthenticator(Authorization authorization) {
        this(authorization, null);
    }

    public MyAnimeListAuthenticator(Authorization authorization, AccessToken accessToken) {
        this.authService = MyAnimeListAuthenticationService.create();
        Objects.requireNonNull(authorization, "Authorization must not be null");
        this.authorization = authorization;
        if (accessToken != null) {
            Objects.requireNonNull(accessToken);
            Logging.addMask((Logging.ThrowingSupplier<String>) accessToken::getToken);
            Objects.requireNonNull(accessToken);
            Logging.addMask((Logging.ThrowingSupplier<String>) accessToken::getRefreshToken);
        }
        this.token = accessToken != null ? accessToken : parseToken(this.authService.getToken(authorization.getClientID(), authorization.getClientSecret(), "authorization_code", authorization.getAuthorizationCode(), authorization.getPKCE(), authorization.getRedirectURI()));
    }

    public final Authorization getAuthorization() {
        return this.authorization;
    }

    public final AccessToken getAccessToken() {
        return this.token;
    }

    public final AccessToken refreshAccessToken() {
        this.token = parseToken(this.authService.refreshToken(this.authorization.getClientID(), this.authorization.getClientSecret(), "refresh_token", this.authorization.getAuthorizationCode(), this.authorization.getPKCE(), this.token.getRefreshToken()));
        AccessToken accessToken = this.token;
        Objects.requireNonNull(accessToken);
        Logging.addMask((Logging.ThrowingSupplier<String>) accessToken::getToken);
        AccessToken accessToken2 = this.token;
        Objects.requireNonNull(accessToken2);
        Logging.addMask((Logging.ThrowingSupplier<String>) accessToken2::getRefreshToken);
        return this.token;
    }

    public static String getAuthorizationURL(String str, String str2) {
        return getAuthorizationURL(str, str2, null, null);
    }

    public static String getAuthorizationURL(String str, String str2, String str3) {
        return getAuthorizationURL(str, str2, str3, null);
    }

    public static String getAuthorizationURL(String str, String str2, String str3, String str4) {
        Objects.requireNonNull(str, "Client ID must not be null");
        Objects.requireNonNull(str2, "PKCE must not be null");
        return String.format(authUrl, str, str2) + (str3 != null ? String.format(redirectURI, APICall.encodeUTF8(str3)) : "") + (str4 != null ? String.format(authState, str4) : "");
    }

    public static boolean canOpenBrowser() {
        return Desktop.isDesktopSupported() && Desktop.getDesktop().isSupported(Desktop.Action.BROWSE);
    }

    private static String[] authenticateWithLocalServer(String str, int i, AuthResponseHandler authResponseHandler, Consumer<String> consumer, boolean z, long j, String str2) throws IOException {
        Objects.requireNonNull(str, "Client ID must not be null");
        String generatePKCE = generatePKCE(128);
        String generateSHA256 = generateSHA256(str + '&' + generatePKCE);
        String authorizationURL = getAuthorizationURL(str, generatePKCE, str2, generateSHA256);
        if (consumer != null) {
            new Thread(() -> {
                consumer.accept(authorizationURL);
            }).start();
        }
        ExecutorService newSingleThreadExecutor = Executors.newSingleThreadExecutor();
        CountDownLatch countDownLatch = new CountDownLatch(1);
        HttpServer create = HttpServer.create(new InetSocketAddress(i), 0);
        create.setExecutor(newSingleThreadExecutor);
        AuthHandler authHandler = new AuthHandler(countDownLatch, authResponseHandler);
        create.createContext("/", authHandler);
        create.start();
        if (z) {
            if (canOpenBrowser()) {
                try {
                    Desktop.getDesktop().browse(new URI(authorizationURL));
                } catch (URISyntaxException e) {
                    newSingleThreadExecutor.shutdownNow();
                    create.stop(0);
                    throw new IllegalArgumentException("URL syntax was invalid (most likely the client id or redirect URI wasn't encoded correctly)");
                }
            } else {
                Logging.getLogger().severe("Desktop is not supported on this operating system. Please go to this URL manually: '" + authorizationURL + "' or use a URL callback");
            }
        }
        try {
            countDownLatch.await(j, TimeUnit.SECONDS);
        } catch (InterruptedException e2) {
        }
        newSingleThreadExecutor.shutdownNow();
        create.stop(0);
        if (authHandler.getAuth() == null) {
            throw new NullPointerException("Failed to authorize request (server was closed before a response could be received)");
        }
        if (generateSHA256.equals(authHandler.getState())) {
            return new String[]{authHandler.getAuth(), generatePKCE};
        }
        throw new UnauthorizedAccessException("Failed to authorize request (packet was intercepted by an unauthorized source)");
    }

    private AccessToken parseToken(APIStruct.Response<Json.JsonObject> response) {
        Json.JsonObject body = response.body();
        if (response.code() == 200) {
            return new AccessToken(body.getString("token_type"), body.getString("access_token"), body.getString("refresh_token"), Long.valueOf((System.currentTimeMillis() / 1000) + body.getLong("expires_in")));
        }
        if (response.code() == 401) {
            throw new InvalidTokenException("The OAuth token provided is either invalid or expired");
        }
        String string = body.getString("error");
        throw new HttpException(response.URL(), response.code(), string != null ? string.trim() : response.raw());
    }

    public static String generatePKCE(int i) {
        byte[] bArr = new byte[i];
        new SecureRandom().nextBytes(bArr);
        return Base64.getUrlEncoder().withoutPadding().encodeToString(bArr).substring(0, i);
    }

    private static String generateSHA256(String str) {
        try {
            byte[] digest = MessageDigest.getInstance("SHA-256").digest(str.getBytes(StandardCharsets.UTF_8));
            StringBuilder sb = new StringBuilder(2 * digest.length);
            for (byte b : digest) {
                String hexString = Integer.toHexString(255 & b);
                sb.append(hexString.length() == 1 ? '0' : hexString);
            }
            return sb.toString();
        } catch (NoSuchAlgorithmException e) {
            throw new RuntimeException("An exception that should not have been thrown has been thrown, please report this to the maintainers of Mal4J", e);
        }
    }

    public final String toString() {
        return "MyAnimeListAuthenticator{authorization=" + this.authorization + ", token=" + this.token + '}';
    }
}
