package at.asit.webauthnclient;

import at.asit.webauthnclient.constants.UserVerificationRequirement;
import at.asit.webauthnclient.exceptions.WebAuthNOperationFailed;
import at.asit.webauthnclient.internal.drivers.LibFido2;
import at.asit.webauthnclient.internal.drivers.WindowsHello;
import at.asit.webauthnclient.internal.generic.Origin;
import at.asit.webauthnclient.internal.ux.UXAccessor;
import at.asit.webauthnclient.options.PublicKeyCredentialRpEntity;
import at.asit.webauthnclient.responsefields.AuthenticatorAssertionResponse;
import at.asit.webauthnclient.responsefields.AuthenticatorAttestationResponse;
import at.asit.webauthnclient.ux.WebAuthNUXInterface;
import com.sun.jna.Platform;
import java.security.InvalidParameterException;
import java.util.Objects;
import java.util.concurrent.Callable;
import java.util.concurrent.CompletableFuture;
import java.util.concurrent.ExecutionException;
import java.util.concurrent.Future;
import javax.annotation.Nonnull;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:at/asit/webauthnclient/WebAuthN.class */
public final class WebAuthN {
    private static final Logger log = LoggerFactory.getLogger(WebAuthN.class);
    private static final WebAuthNPlatformInterface PLATFORM_INTERFACE;

    private static WebAuthNPlatformInterface TryDriver(String str, Callable<WebAuthNPlatformInterface> callable) {
        log.debug("Trying to initialize with \"{}\"...", str);
        try {
            WebAuthNPlatformInterface call = callable.call();
            if (call != null) {
                log.debug("Initialization with \"{}\" OK!", str);
            } else {
                log.debug("Initialization with \"{}\" rejected.", str);
            }
            return call;
        } catch (Throwable th) {
            log.warn("Initialization with \"{}\" failed uncontrolled", str, th);
            return null;
        }
    }

    public static boolean isAvailable() {
        return PLATFORM_INTERFACE != null;
    }

    @Nonnull
    public static PublicKeyCredentialCreationOptions buildCreate() {
        return new PublicKeyCredentialCreationOptions();
    }

    @Nonnull
    public static PublicKeyCredentialCreationOptions buildCreateFromJSON(@Nonnull String str) {
        return PublicKeyCredentialCreationOptions.FromJSONString(str);
    }

    @Nonnull
    public static PublicKeyCredentialRequestOptions buildGet() {
        return new PublicKeyCredentialRequestOptions();
    }

    @Nonnull
    public static PublicKeyCredentialRequestOptions buildGetFromJSON(@Nonnull String str) {
        return PublicKeyCredentialRequestOptions.FromJSONString(str);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Nonnull
    public static Future<PublicKeyCredential<AuthenticatorAttestationResponse>> asyncCreate(@Nonnull PublicKeyCredentialCreationOptions publicKeyCredentialCreationOptions, @Nonnull String str) {
        try {
            if (!isAvailable()) {
                throw new IllegalStateException("WebAuthN is not available on this platform");
            }
            if (publicKeyCredentialCreationOptions == null) {
                throw new IllegalArgumentException("options must not be null");
            }
            if (str == null) {
                throw new IllegalArgumentException("currentOrigin must not be null");
            }
            if (publicKeyCredentialCreationOptions.rp.name == null) {
                throw new IllegalArgumentException("Relying party must be specified using setRelyingParty()");
            }
            if (publicKeyCredentialCreationOptions.user.id == null || publicKeyCredentialCreationOptions.user.name == null || publicKeyCredentialCreationOptions.user.displayName == null) {
                throw new IllegalArgumentException("User information must be specified using setUserInfo()");
            }
            if (publicKeyCredentialCreationOptions.user.id.length == 0) {
                throw new IllegalArgumentException("User identifier must be nonempty");
            }
            if (publicKeyCredentialCreationOptions.challenge == null) {
                throw new IllegalArgumentException("Server challenge must be specified using setChallenge()");
            }
            if (publicKeyCredentialCreationOptions.pubKeyCredParams.isEmpty()) {
                publicKeyCredentialCreationOptions.addSupportedAlgorithms(-7L, -257L);
            }
            boolean z = !UserVerificationRequirement.DISCOURAGED.equals(publicKeyCredentialCreationOptions.authenticatorSelection.userVerification);
            long clamp = clamp(((Long) Objects.requireNonNullElse(publicKeyCredentialCreationOptions.timeout, Long.valueOf(z ? 300000L : 120000L))).longValue(), 30000L, z ? 600000L : 180000L);
            PublicKeyCredentialRpEntity publicKeyCredentialRpEntity = publicKeyCredentialCreationOptions.rp;
            Origin origin = null;
            try {
                origin = new Origin(str);
                if (publicKeyCredentialCreationOptions.rp.id == null) {
                    publicKeyCredentialRpEntity = new PublicKeyCredentialRpEntity();
                    publicKeyCredentialRpEntity.id = origin.host;
                    publicKeyCredentialRpEntity.name = publicKeyCredentialCreationOptions.rp.name;
                }
            } catch (InvalidParameterException e) {
                if (publicKeyCredentialCreationOptions.rp.id == null) {
                    throw new IllegalArgumentException("Could not auto-detect rpId. The origin you specified is invalid. An example of a valid origin is <i>https://example.org</i>.", e);
                }
                if (!publicKeyCredentialCreationOptions.disableOriginValidation) {
                    log.warn("The origin you passed does not appear to be a valid origin. An example of a valid origin is <i>https://example.org</i>", e);
                }
            }
            if (publicKeyCredentialCreationOptions.disableOriginValidation || origin == null || origin.isRpIdCompatible(publicKeyCredentialRpEntity.id)) {
                return PLATFORM_INTERFACE.create(publicKeyCredentialRpEntity, publicKeyCredentialCreationOptions.user, publicKeyCredentialCreationOptions.challenge, publicKeyCredentialCreationOptions.pubKeyCredParams, clamp, publicKeyCredentialCreationOptions.excludeCredentials, publicKeyCredentialCreationOptions.authenticatorSelection, publicKeyCredentialCreationOptions.attestation, str);
            }
            log.error("The specified rpId (\"{}\") is incompatible with the provided origin (\"{}\"). The rpId must match the origin's effective domain, or be a registrable superdomain of it.", publicKeyCredentialRpEntity.id, origin.toString());
            throw new WebAuthNOperationFailed("SecurityError", "Invalid rpId for origin");
        } catch (Throwable th) {
            th = th;
            if (!(th instanceof WebAuthNOperationFailed)) {
                th = new WebAuthNOperationFailed(th);
            }
            return CompletableFuture.failedFuture(th);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Nonnull
    public static Future<PublicKeyCredential<AuthenticatorAssertionResponse>> asyncGet(@Nonnull PublicKeyCredentialRequestOptions publicKeyCredentialRequestOptions, @Nonnull String str) {
        try {
            if (!isAvailable()) {
                throw new IllegalStateException("WebAuthN is not available on this platform");
            }
            if (publicKeyCredentialRequestOptions == null) {
                throw new IllegalArgumentException("options must not be null");
            }
            if (str == null) {
                throw new IllegalArgumentException("currentOrigin must not be null");
            }
            if (publicKeyCredentialRequestOptions.challenge == null) {
                throw new IllegalArgumentException("Server challenge must be specified using setChallenge()");
            }
            boolean z = !UserVerificationRequirement.DISCOURAGED.equals(publicKeyCredentialRequestOptions.userVerification);
            long clamp = clamp(((Long) Objects.requireNonNullElse(publicKeyCredentialRequestOptions.timeout, Long.valueOf(z ? 300000L : 120000L))).longValue(), 30000L, z ? 600000L : 180000L);
            String str2 = publicKeyCredentialRequestOptions.rpId;
            Origin origin = null;
            try {
                origin = new Origin(str);
                if (publicKeyCredentialRequestOptions.rpId == null) {
                    str2 = origin.host;
                }
            } catch (InvalidParameterException e) {
                if (publicKeyCredentialRequestOptions.rpId == null) {
                    throw new IllegalArgumentException("Could not auto-detect rpId. The origin you specified is invalid. An example of a valid origin is <i>https://example.org</i>.", e);
                }
                if (!publicKeyCredentialRequestOptions.disableOriginValidation) {
                    log.warn("The origin you passed does not appear to be a valid origin. An example of a valid origin is <i>https://example.org</i>.", e);
                }
            }
            if (publicKeyCredentialRequestOptions.disableOriginValidation || origin == null || origin.isRpIdCompatible(str2)) {
                return PLATFORM_INTERFACE.get(publicKeyCredentialRequestOptions.challenge, clamp, str2, publicKeyCredentialRequestOptions.allowCredentials, publicKeyCredentialRequestOptions.userVerification, str);
            }
            log.error("The specified rpId (\"{}\") is incompatible with the provided origin (\"{}\"). The rpId must match the origin's effective domain, or be a registrable superdomain of it.", str2, origin.toString());
            throw new WebAuthNOperationFailed("SecurityError", "Invalid rpId for origin");
        } catch (Throwable th) {
            th = th;
            if (!(th instanceof WebAuthNOperationFailed)) {
                th = new WebAuthNOperationFailed(th);
            }
            return CompletableFuture.failedFuture(th);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Nonnull
    public static PublicKeyCredential<AuthenticatorAttestationResponse> create(@Nonnull PublicKeyCredentialCreationOptions publicKeyCredentialCreationOptions, @Nonnull String str) throws WebAuthNOperationFailed, InterruptedException {
        Future<PublicKeyCredential<AuthenticatorAttestationResponse>> asyncCreate = asyncCreate(publicKeyCredentialCreationOptions, str);
        try {
            try {
                PublicKeyCredential<AuthenticatorAttestationResponse> publicKeyCredential = asyncCreate.get();
                if (!asyncCreate.isDone()) {
                    asyncCreate.cancel(true);
                }
                return publicKeyCredential;
            } catch (ExecutionException e) {
                Throwable cause = e.getCause();
                try {
                    throw ((WebAuthNOperationFailed) cause);
                } catch (ClassCastException e2) {
                    throw new WebAuthNOperationFailed(cause);
                }
            }
        } catch (Throwable th) {
            if (!asyncCreate.isDone()) {
                asyncCreate.cancel(true);
            }
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Nonnull
    public static PublicKeyCredential<AuthenticatorAssertionResponse> get(@Nonnull PublicKeyCredentialRequestOptions publicKeyCredentialRequestOptions, @Nonnull String str) throws WebAuthNOperationFailed, InterruptedException {
        Future<PublicKeyCredential<AuthenticatorAssertionResponse>> asyncGet = asyncGet(publicKeyCredentialRequestOptions, str);
        try {
            try {
                PublicKeyCredential<AuthenticatorAssertionResponse> publicKeyCredential = asyncGet.get();
                if (!asyncGet.isDone()) {
                    asyncGet.cancel(true);
                }
                return publicKeyCredential;
            } catch (ExecutionException e) {
                Throwable cause = e.getCause();
                try {
                    throw ((WebAuthNOperationFailed) cause);
                } catch (ClassCastException e2) {
                    throw new WebAuthNOperationFailed(cause);
                }
            }
        } catch (Throwable th) {
            if (!asyncGet.isDone()) {
                asyncGet.cancel(true);
            }
            throw th;
        }
    }

    private static long clamp(long j, long j2, long j3) {
        return j < j2 ? j2 : j > j3 ? j3 : j;
    }

    public static void setUXInterface(@Nonnull WebAuthNUXInterface webAuthNUXInterface) {
        UXAccessor.set(webAuthNUXInterface);
    }

    static {
        WebAuthNPlatformInterface webAuthNPlatformInterface = null;
        if (0 == 0) {
            try {
                webAuthNPlatformInterface = TryDriver("WindowsHello", () -> {
                    if (Platform.isWindows()) {
                        return WindowsHello.PLATFORM_INTERFACE;
                    }
                    return null;
                });
            } catch (Throwable th) {
                log.error("Driver initialization threw unexpectedly", th);
                webAuthNPlatformInterface = null;
            }
        }
        if (webAuthNPlatformInterface == null) {
            webAuthNPlatformInterface = TryDriver("LibFido2", () -> {
                return LibFido2.PLATFORM_INTERFACE;
            });
        }
        PLATFORM_INTERFACE = webAuthNPlatformInterface;
    }
}
