package com.cmcc.sso.apisdk.auth;

import android.content.Context;
import android.os.Bundle;
import android.text.TextUtils;
import com.cmcc.sso.apisdk.common.HostConfig;
import com.cmcc.sso.apisdk.net.BaseSSO;
import com.cmcc.sso.apisdk.net.CheckAppHttp;
import com.cmcc.sso.apisdk.net.CreateKsHttp;
import com.cmcc.sso.apisdk.util.AESUtils;
import com.cmcc.sso.apisdk.util.Base64Utils;
import com.cmcc.sso.apisdk.util.DeviceUtil;
import com.cmcc.sso.apisdk.util.EncUtil;
import com.cmcc.sso.apisdk.util.LogUtil;
import com.cmcc.sso.apisdk.util.Sha256;
import com.cmcc.sso.apisdk.util.SignUtil;
import com.cmcc.sso.apisdk.util.SpUtils;
import com.cmcc.sso.apisdk.util.SsoConstants;
import com.cmcc.sso.apisdk.util.StringUtils;
import com.networkbench.agent.impl.instrumentation.NBSInstrumented;
import com.networkbench.agent.impl.instrumentation.NBSJSONObjectInstrumentation;
import com.tencent.open.SocialConstants;
import java.util.Locale;
import org.json.JSONException;
import org.json.JSONObject;

@NBSInstrumented
/* loaded from: classes2.dex */
public class AuthnHelper {
    /* JADX INFO: Access modifiers changed from: private */
    public boolean checkAppSign(Context context, String str, String str2, String str3) {
        String packageName = context.getPackageName();
        String decrypt = AESUtils.decrypt(str, str2);
        if (!packageName.equals(decrypt)) {
            LogUtil.info("checkAppSign, package is error.");
            return false;
        }
        byte[] sign = SignUtil.getSign(context, decrypt);
        if (sign == null) {
            LogUtil.info("checkAppSign, signByte is null.");
            return false;
        }
        if (AESUtils.encrypt(str, EncUtil.toMd5(sign)).equalsIgnoreCase(str3)) {
            LogUtil.info(" app ckeck ok.");
            return true;
        }
        LogUtil.info("checkAppSign, sign is error.");
        return false;
    }

    private JSONObject getResultJson(boolean z, String str, String str2, String str3, String str4, String str5, String str6, String str7, String str8) {
        JSONObject jSONObject = new JSONObject();
        try {
            jSONObject.put("success", z);
            jSONObject.put("errorCode", str);
            jSONObject.put(SocialConstants.PARAM_APP_DESC, str2);
            jSONObject.put("mobileNumber", str3);
            jSONObject.put("passid", str4);
            jSONObject.put("authToken", str5);
            jSONObject.put("authType", str6);
            jSONObject.put("expiretime", str7);
            jSONObject.put("uId", str8);
        } catch (JSONException e) {
            e.printStackTrace();
        }
        return jSONObject;
    }

    public static byte[] int2bytes(int i) {
        return new byte[]{(byte) (i >> 24), (byte) (i >> 16), (byte) (i >> 8), (byte) i};
    }

    private String kdf(String str, String str2, String str3, String str4) {
        String str5 = String.valueOf(str2) + str3 + str4;
        LogUtil.debug("makeKs data ： " + str5);
        try {
            return Sha256.encryptHMAC(str5, str).substring(0, 32);
        } catch (Exception e) {
            e.printStackTrace();
            return null;
        }
    }

    private static String kdfSignkey(String str, String str2, String str3, String str4, String str5) {
        String str6 = String.valueOf(str2) + str3 + str4 + str5;
        LogUtil.debug("makeKs data ： " + str6);
        try {
            return Sha256.encryptHMAC(str6, str).substring(0, 32);
        } catch (Exception e) {
            e.printStackTrace();
            return null;
        }
    }

    public static byte[] long2bytes(long j) {
        byte[] bArr = new byte[8];
        for (int i = 0; i < 8; i++) {
            bArr[i] = (byte) (j >> (56 - (i * 8)));
        }
        return bArr;
    }

    private String makeKs(String str, String str2, String str3) {
        String lowerCase = str.toLowerCase(new Locale("utf-8"));
        LogUtil.debug("makeKs key ： " + lowerCase);
        return kdf(lowerCase, "PW_GBA_Ks", str2, str3);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void renwalToken(final Context context, final String str, final String str2, final BaseCallback baseCallback) {
        new Thread(new Runnable() { // from class: com.cmcc.sso.apisdk.auth.AuthnHelper.2
            @Override // java.lang.Runnable
            public void run() {
                CreateKsHttp createKsHttp = new CreateKsHttp(context, str, str2);
                final BaseCallback baseCallback2 = baseCallback;
                final Context context2 = context;
                final String str3 = str;
                final String str4 = str2;
                createKsHttp.doRequest(new BaseSSO.Callback() { // from class: com.cmcc.sso.apisdk.auth.AuthnHelper.2.1
                    @Override // com.cmcc.sso.apisdk.net.BaseSSO.Callback
                    public void callback(Bundle bundle) {
                        int i = bundle.getInt("resultCode");
                        LogUtil.debug("CreateKsHttp ERRORCODE: " + i);
                        if (i != 103000) {
                            baseCallback2.onCallback(false, "1", AuthnConstants.getResultString(1), null, null, null, null, null, null);
                        } else {
                            AuthnHelper.this.getAuthToken(context2, str3, str4, baseCallback2);
                        }
                    }
                });
            }
        }).start();
    }

    private static String signToken(String str, String str2, long j, String str3, String str4) {
        byte[] bytes = "1".getBytes();
        byte[] bytes2 = str2.getBytes();
        byte[] long2bytes = long2bytes(j);
        byte[] bytes3 = str3.substring(0, 1).getBytes();
        byte[] bArr = new byte[2 + bytes.length + 3 + bytes2.length + 3 + long2bytes.length + 3 + bytes3.length + 3 + 35];
        bArr[0] = -124;
        bArr[1] = -124;
        bArr[2] = 1;
        int length = bytes.length;
        bArr[3] = (byte) ((65280 & length) >> 1);
        bArr[4] = (byte) (length & 255);
        int i = 5;
        for (byte b2 : bytes) {
            bArr[i] = b2;
            i++;
        }
        bArr[i] = 2;
        int i2 = i + 1;
        bArr[i2] = (byte) ((bytes2.length & 65280) >> 1);
        bArr[i2 + 1] = (byte) (bytes2.length & 255);
        int i3 = i2 + 2;
        for (byte b3 : bytes2) {
            bArr[i3] = b3;
            i3++;
        }
        bArr[i3] = 3;
        int i4 = i3 + 1;
        bArr[i4] = 0;
        bArr[i4 + 1] = 8;
        int i5 = i4 + 2;
        for (byte b4 : long2bytes) {
            bArr[i5] = b4;
            i5++;
        }
        bArr[i5] = 4;
        int i6 = i5 + 1;
        bArr[i6] = (byte) ((bytes3.length & 65280) >> 1);
        bArr[i6 + 1] = (byte) (bytes3.length & 255);
        int i7 = i6 + 2;
        for (byte b5 : bytes3) {
            bArr[i7] = b5;
            i7++;
        }
        bArr[i7] = -1;
        int i8 = i7 + 1;
        bArr[i8] = 0;
        bArr[i8 + 1] = 32;
        int i9 = i8 + 2;
        byte[] bArr2 = new byte[i9 - 2];
        for (int i10 = 2; i10 < i9; i10++) {
            bArr2[i10 - 2] = bArr[i10];
        }
        LogUtil.debug("MAC DATA : " + StringUtils.bytesToString(bArr2));
        try {
            for (byte b6 : StringUtils.hex2Bytes(Sha256.encryptHMAC(kdfSignkey(str, "gba-me", str2.split("@")[0], str4, str3.substring(0, 1)), StringUtils.bytesToString(bArr2)))) {
                bArr[i9] = b6;
                i9++;
            }
            return StringUtils.bytesToString(bArr);
        } catch (Exception e) {
            e.printStackTrace();
            return null;
        }
    }

    public String getAuthToken(Context context, String str, String str2) {
        String mD5String = EncUtil.getMD5String(str2);
        LogUtil.debug("key ： " + mD5String);
        String str3 = SpUtils.get4Sp(context, mD5String, (String) null);
        if (TextUtils.isEmpty(str3)) {
            JSONObject resultJson = getResultJson(false, "1", AuthnConstants.getResultString(1), null, null, null, null, null, null);
            return !(resultJson instanceof JSONObject) ? resultJson.toString() : NBSJSONObjectInstrumentation.toString(resultJson);
        }
        try {
            JSONObject init = NBSJSONObjectInstrumentation.init(str3);
            String str4 = new String(Base64Utils.decode(init.optString(SsoConstants.VALUES_KEY_NONCE)));
            LogUtil.debug("nonce ： " + str4);
            String str5 = new String(Base64Utils.decode(init.optString(AuthnConstants.REQ_PARAMS_KEY_CNONCE)));
            LogUtil.debug("cnonce ： " + str5);
            String str6 = new String(Base64Utils.decode(init.optString("btid")));
            LogUtil.debug("btid ： " + str6);
            String str7 = new String(Base64Utils.decode(init.optString("expiretime")));
            LogUtil.debug("expiretime ： " + str7);
            long longValue = Long.valueOf(new String(Base64Utils.decode(init.optString("sqn")))).longValue();
            LogUtil.debug("sqn ： " + longValue);
            LogUtil.debug("cert ： " + new String(Base64Utils.decode(init.optString("cert"))));
            String str8 = new String(Base64Utils.decode(init.optString("msisdn")));
            LogUtil.debug("msisdn ： " + str8);
            String str9 = new String(Base64Utils.decode(init.optString("passid")));
            LogUtil.debug("passid ： " + str9);
            String str10 = new String(Base64Utils.decode(init.optString("authtype")));
            LogUtil.debug("authType ： " + str10);
            String str11 = new String(Base64Utils.decode(init.optString("uid")));
            LogUtil.debug("uId ： " + str11);
            String makeKs = makeKs(mD5String, str4, str5);
            LogUtil.debug("ks ： " + makeKs);
            long j = 1 + longValue;
            try {
                init.put("sqn", Base64Utils.encode(new StringBuilder().append(j).toString().getBytes()));
                String signToken = signToken(makeKs, str6, j, "010002", str8);
                if (TextUtils.isEmpty(signToken)) {
                    SpUtils.save2Sp(context, mD5String, "");
                    JSONObject resultJson2 = getResultJson(false, "1", AuthnConstants.getResultString(1), null, null, null, null, null, null);
                    return !(resultJson2 instanceof JSONObject) ? resultJson2.toString() : NBSJSONObjectInstrumentation.toString(resultJson2);
                }
                SpUtils.save2Sp(context, mD5String, !(init instanceof JSONObject) ? init.toString() : NBSJSONObjectInstrumentation.toString(init));
                JSONObject resultJson3 = getResultJson(true, "0", AuthnConstants.getResultString(0), str8, str9, signToken, str10, str7, str11);
                return !(resultJson3 instanceof JSONObject) ? resultJson3.toString() : NBSJSONObjectInstrumentation.toString(resultJson3);
            } catch (JSONException e) {
                e.printStackTrace();
                JSONObject resultJson4 = getResultJson(false, "1", AuthnConstants.getResultString(1), null, null, null, null, null, null);
                return !(resultJson4 instanceof JSONObject) ? resultJson4.toString() : NBSJSONObjectInstrumentation.toString(resultJson4);
            }
        } catch (JSONException e2) {
            e2.printStackTrace();
            JSONObject resultJson5 = getResultJson(false, "1", AuthnConstants.getResultString(1), null, null, null, null, null, null);
            return !(resultJson5 instanceof JSONObject) ? resultJson5.toString() : NBSJSONObjectInstrumentation.toString(resultJson5);
        }
    }

    public void getAuthToken(Context context, String str, String str2, BaseCallback baseCallback) {
        try {
            JSONObject init = NBSJSONObjectInstrumentation.init(getAuthToken(context, str, str2));
            Boolean valueOf = Boolean.valueOf(init.optBoolean("success", false));
            baseCallback.onCallback(valueOf.booleanValue(), init.optString("errorCode", null), init.optString(SocialConstants.PARAM_APP_DESC, null), init.optString("mobileNumber", null), init.optString("passid", null), init.optString("authToken", null), init.optString("authType", null), init.optString("expiretime", null), init.optString("uId", null));
        } catch (JSONException e) {
            e.printStackTrace();
            baseCallback.onCallback(false, "1", AuthnConstants.getResultString(1), null, null, null, null, null, null);
        }
    }

    public synchronized boolean logout(Context context, String str) {
        if (TextUtils.isEmpty(str)) {
            SpUtils.clearAll(context);
        } else {
            SpUtils.save2Sp(context, EncUtil.getMD5String(str), (String) null);
        }
        return true;
    }

    public synchronized void renewalAuthToken(final Context context, final String str, final String str2, final String str3, final String str4, final BaseCallback baseCallback) {
        String[] appInfo = SignUtil.getAppInfo(context, str);
        if (appInfo != null && appInfo.length == 2) {
            LogUtil.info("procAppSignCheck, not first login.");
            if (checkAppSign(context, str2, appInfo[0], appInfo[1])) {
                renwalToken(context, str3, str4, baseCallback);
            } else {
                LogUtil.info("procAppSignCheck, loacl app check sign failed, go network check.");
            }
        }
        LogUtil.info("procAppSignCheck, first login.");
        if (DeviceUtil.hasNetwork(context)) {
            new Thread(new Runnable() { // from class: com.cmcc.sso.apisdk.auth.AuthnHelper.1
                @Override // java.lang.Runnable
                public void run() {
                    CheckAppHttp checkAppHttp = new CheckAppHttp(context, str);
                    final Context context2 = context;
                    final String str5 = str2;
                    final String str6 = str;
                    final String str7 = str3;
                    final String str8 = str4;
                    final BaseCallback baseCallback2 = baseCallback;
                    checkAppHttp.doRequest(new BaseSSO.Callback() { // from class: com.cmcc.sso.apisdk.auth.AuthnHelper.1.1
                        @Override // com.cmcc.sso.apisdk.net.BaseSSO.Callback
                        public void callback(Bundle bundle) {
                            if (103000 == bundle.getInt("resultCode")) {
                                String string = bundle.getString("epackage");
                                String string2 = bundle.getString("esign");
                                if (AuthnHelper.this.checkAppSign(context2, str5, string, string2)) {
                                    SignUtil.setAppInfo(context2, str6, string, string2);
                                    LogUtil.info("SSO online sign check success");
                                    AuthnHelper.this.renwalToken(context2, str7, str8, baseCallback2);
                                    return;
                                }
                            }
                            baseCallback2.onCallback(false, "1", AuthnConstants.getResultString(1), null, null, null, null, null, null);
                        }
                    });
                }
            }).start();
        } else {
            LogUtil.info("procAppSignCheck, network unavailable.");
            baseCallback.onCallback(false, "1", AuthnConstants.getResultString(1), null, null, null, null, null, null);
        }
    }

    public void setEnv(int i) {
        HostConfig.setEnv(i);
    }
}
