package org.springframework.social.facebook.web;

import com.fasterxml.jackson.databind.ObjectMapper;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.security.crypto.codec.Hex;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestHeader;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;

@RequestMapping({"/realtime/facebook"})
@Controller
/* loaded from: input_file:org/springframework/social/facebook/web/RealTimeUpdateController.class */
public class RealTimeUpdateController {
    private Map<String, String> tokens;
    private List<UpdateHandler> updateHandlers;
    private String applicationSecret;
    private static final String HMAC_SHA1_ALGORITHM = "HmacSHA1";
    private static final String X_HUB_SIGNATURE = "X-Hub-Signature";
    private static final Log logger = LogFactory.getLog(RealTimeUpdateController.class);

    public RealTimeUpdateController(Map<String, String> map, List<UpdateHandler> list, String str) {
        this.tokens = map;
        this.updateHandlers = list;
        this.applicationSecret = str;
    }

    @RequestMapping(value = {"/{subscription}"}, method = {RequestMethod.GET}, params = {"hub.mode=subscribe"})
    @ResponseBody
    public String verifySubscription(@PathVariable("subscription") String str, @RequestParam("hub.challenge") String str2, @RequestParam("hub.verify_token") String str3) {
        logger.debug("Received subscription verification request for '" + str + "'.");
        return (this.tokens.containsKey(str) && this.tokens.get(str).equals(str3)) ? str2 : "";
    }

    @RequestMapping(value = {"/{subscription}"}, method = {RequestMethod.POST})
    @ResponseBody
    public String receiveUpdate(@PathVariable("subscription") String str, @RequestBody String str2, @RequestHeader("X-Hub-Signature") String str3) throws Exception {
        RealTimeUpdate realTimeUpdate = (RealTimeUpdate) new ObjectMapper().readValue(str2, RealTimeUpdate.class);
        if (!verifySignature(str2, str3)) {
            logger.warn("Received an update, but signature was invalid. Not delegating to handlers.");
            return "";
        }
        logger.debug("Received " + realTimeUpdate.getObject() + " update for '" + str + "'.");
        Iterator<UpdateHandler> it = this.updateHandlers.iterator();
        while (it.hasNext()) {
            it.next().handleUpdate(str, realTimeUpdate);
        }
        return "";
    }

    private boolean verifySignature(String str, String str2) throws Exception {
        if (!str2.startsWith("sha1=")) {
            return false;
        }
        String substring = str2.substring(5);
        Mac mac = Mac.getInstance(HMAC_SHA1_ALGORITHM);
        mac.init(new SecretKeySpec(this.applicationSecret.getBytes(), HMAC_SHA1_ALGORITHM));
        return substring.equals(new String(Hex.encode(mac.doFinal(str.getBytes()))));
    }
}
