package jp.co.yahoo.yconnect.core.oidc.idtoken;

import android.util.Base64;
import java.io.IOException;
import java.security.InvalidKeyException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PublicKey;
import java.security.Signature;
import java.security.SignatureException;
import jp.co.yahoo.yconnect.core.api.ApiClientException;
import jp.co.yahoo.yconnect.core.oidc.PublicKeysException;
import jp.co.yahoo.yconnect.f.a.g;
import org.json.JSONException;
import org.json.JSONObject;

/* loaded from: classes3.dex */
public class b {
    private static final String a = "b";
    private static long b;

    private static String a(String str) {
        try {
            MessageDigest messageDigest = MessageDigest.getInstance("SHA256");
            messageDigest.update(str.getBytes());
            byte[] digest = messageDigest.digest();
            byte[] bArr = new byte[digest.length / 2];
            System.arraycopy(digest, 0, bArr, 0, digest.length / 2);
            return Base64.encodeToString(bArr, 8);
        } catch (NoSuchAlgorithmException e2) {
            throw new IdTokenException("Failed to verification.", e2.getMessage());
        }
    }

    private static boolean a(String str, String str2, String str3) {
        if (d(str3)) {
            return b(str, str2, str3);
        }
        g.b(a, "Invalid Signature.");
        return false;
    }

    public static boolean a(String str, String str2, String str3, String str4, String str5, String str6) {
        try {
            if (!a(str2, str3, str)) {
                return false;
            }
            a c = c(str);
            if (str4 != null && !b(str4, c)) {
                return false;
            }
            if (str5 != null && !a(str5, c)) {
                return false;
            }
            if (str6 != null) {
                return a(c, Long.parseLong(str6));
            }
            return true;
        } catch (IdTokenException e2) {
            g.b(a, "Invalid ID Token.");
            g.b(a, "error=" + e2.a() + " error_description=" + e2.b());
            return false;
        }
    }

    private static boolean a(String str, a aVar) {
        if (a(str).startsWith(aVar.b())) {
            return true;
        }
        g.b(a, "Not match Access Token.");
        return false;
    }

    private static boolean a(a aVar, long j2) {
        long d = aVar.d();
        if (b - d > j2) {
            g.b(a, "Over acceptable auth time.");
            return false;
        }
        g.a(a, "Current time - authTime = " + (b - d) + " sec");
        g.a(a, "Issued time: " + d + "(Current Time: " + b + ")");
        return true;
    }

    private static boolean b(String str, String str2, String str3) {
        a c = c(str3);
        String i2 = c.i();
        String c2 = c.c();
        String j2 = c.j();
        if (!i2.equals("https://yjapp.auth.login.yahoo.co.jp/yconnect/v2")) {
            g.b(a, "Invalid issuer");
            return false;
        }
        if (!str.equals(c2)) {
            g.b(a, "Invalid audience.");
            return false;
        }
        if (!str2.equals(j2)) {
            g.b(a, "Not match nonce.");
            return false;
        }
        long f2 = c.f();
        long g2 = c.g();
        if (f2 < b) {
            g.b(a, "Expired ID Token.");
            return false;
        }
        g.a(a, "Expiration: " + f2 + "(Current Time: " + b + ")");
        if (b - g2 > 600) {
            g.b(a, "Over acceptable range.");
            return false;
        }
        g.a(a, "Current time - iat = " + (b - g2) + " sec");
        g.a(a, "Issued time: " + g2 + "(Current Time: " + b + ")");
        return true;
    }

    private static boolean b(String str, a aVar) {
        if (a(str).startsWith(aVar.e())) {
            return true;
        }
        g.b(a, "Not match Authorization Code.");
        return false;
    }

    private static String[] b(String str) {
        String[] split = str.split("\\.", 0);
        if (split.length == 3) {
            return split;
        }
        throw new IdTokenException("Invalid ID Token.", "");
    }

    private static a c(String str) {
        return new a(str);
    }

    private static boolean d(String str) {
        String[] b2 = b(str);
        String str2 = b2[0] + "." + b2[1];
        byte[] decode = Base64.decode(b2[2], 8);
        try {
            String optString = new JSONObject(new String(Base64.decode(b2[0], 8))).optString("kid");
            try {
                jp.co.yahoo.yconnect.core.oidc.a aVar = new jp.co.yahoo.yconnect.core.oidc.a();
                aVar.a();
                b = aVar.b();
                PublicKey a2 = aVar.a(optString);
                if (a2 == null) {
                    g.b(a, "There is no public key for the kid.");
                    return false;
                }
                try {
                    Signature signature = Signature.getInstance("SHA256withRSA");
                    signature.initVerify(a2);
                    signature.update(str2.getBytes());
                    return signature.verify(decode);
                } catch (InvalidKeyException | NoSuchAlgorithmException | SignatureException e2) {
                    g.b(a, e2.getMessage());
                    return false;
                }
            } catch (IOException | ApiClientException | PublicKeysException e3) {
                g.b(a, e3.getMessage());
                return false;
            }
        } catch (JSONException unused) {
            g.b(a, "Invalid ID Token.");
            return false;
        }
    }
}
