package org.wso2.carbon.identity.oidc.session;

import java.nio.charset.StandardCharsets;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.util.UUID;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.codec.binary.Base64;
import org.wso2.carbon.core.SameSiteCookie;
import org.wso2.carbon.core.ServletCookie;
import org.wso2.carbon.identity.oidc.session.util.OIDCSessionManagementUtil;

/* loaded from: input_file:org/wso2/carbon/identity/oidc/session/DefaultOIDCSessionStateManager.class */
public class DefaultOIDCSessionStateManager implements OIDCSessionStateManager {
    private static final String RANDOM_ALG_SHA1 = "SHA1PRNG";
    private static final String DIGEST_ALG_SHA256 = "SHA-256";

    @Override // org.wso2.carbon.identity.oidc.session.OIDCSessionStateManager
    public String getSessionStateParam(String str, String str2, String str3) {
        try {
            String generateSaltValue = generateSaltValue();
            String str4 = str + " " + OIDCSessionManagementUtil.getOrigin(str2) + " " + str3 + " " + generateSaltValue;
            MessageDigest messageDigest = MessageDigest.getInstance(DIGEST_ALG_SHA256);
            messageDigest.update(str4.getBytes(StandardCharsets.UTF_8));
            return bytesToHex(messageDigest.digest()) + "." + generateSaltValue;
        } catch (NoSuchAlgorithmException e) {
            throw new RuntimeException("Error while calculating session state.", e);
        }
    }

    @Override // org.wso2.carbon.identity.oidc.session.OIDCSessionStateManager
    public Cookie addOPBrowserStateCookie(HttpServletResponse httpServletResponse) {
        ServletCookie servletCookie = new ServletCookie(OIDCSessionConstants.OPBS_COOKIE_ID, UUID.randomUUID().toString());
        servletCookie.setSecure(true);
        servletCookie.setPath("/");
        servletCookie.setSameSite(SameSiteCookie.NONE);
        httpServletResponse.addCookie(servletCookie);
        return servletCookie;
    }

    private static String generateSaltValue() throws NoSuchAlgorithmException {
        byte[] bArr = new byte[16];
        SecureRandom.getInstance(RANDOM_ALG_SHA1).nextBytes(bArr);
        return Base64.encodeBase64URLSafeString(bArr);
    }

    private static String bytesToHex(byte[] bArr) {
        StringBuilder sb = new StringBuilder();
        for (byte b : bArr) {
            sb.append(Integer.toString((b & 255) + 256, 16).substring(1));
        }
        return sb.toString();
    }
}
