package org.wso2.carbon.auth.oauth;

import com.nimbusds.oauth2.sdk.Scope;
import java.io.FileInputStream;
import java.io.IOException;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.util.Collections;
import java.util.List;
import org.apache.commons.codec.digest.DigestUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.wso2.carbon.auth.core.configuration.models.KeyManagerConfiguration;
import org.wso2.carbon.auth.core.exception.AuthException;
import org.wso2.carbon.auth.oauth.dto.AccessTokenDTO;
import org.wso2.carbon.auth.oauth.internal.ServiceReferenceHolder;

/* loaded from: input_file:org/wso2/carbon/auth/oauth/OAuthUtils.class */
public class OAuthUtils {
    private static final Logger log = LoggerFactory.getLogger(OAuthUtils.class);

    public static boolean isAccessTokenExpired(AccessTokenDTO accessTokenDTO) {
        if (accessTokenDTO.getValidityPeriod() < 0) {
            if (!log.isDebugEnabled()) {
                return false;
            }
            log.debug("Access Token has infinite lifetime");
            return false;
        }
        if (getAccessTokenExpireMillis(accessTokenDTO) != 0) {
            return false;
        }
        if (!log.isDebugEnabled()) {
            return true;
        }
        log.debug("Access Token has expired");
        return true;
    }

    public static long getAccessTokenExpireMillis(AccessTokenDTO accessTokenDTO) {
        long calculateValidityInMillis = calculateValidityInMillis(accessTokenDTO.getTimeCreated(), accessTokenDTO.getValidityPeriod() * 1000);
        if (calculateValidityInMillis > 1000) {
            return calculateValidityInMillis;
        }
        return 0L;
    }

    public static long calculateValidityInMillis(long j, long j2) {
        return (j + j2) - (System.currentTimeMillis() - 5000);
    }

    public static String hashScopes(Scope scope) {
        List stringList = scope.toStringList();
        Collections.sort(stringList);
        return DigestUtils.md5Hex(String.join(" ", stringList));
    }

    public static PrivateKey extractPrivateKeyFromCertificate() throws AuthException {
        KeyManagerConfiguration keyManagerConfigs = ServiceReferenceHolder.getInstance().getAuthConfiguration().getKeyManagerConfigs();
        try {
            FileInputStream fileInputStream = new FileInputStream(keyManagerConfigs.getKeyStoreLocation());
            Throwable th = null;
            try {
                try {
                    KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
                    keyStore.load(fileInputStream, keyManagerConfigs.getKeyStorePassword().toCharArray());
                    Key key = keyStore.getKey(keyManagerConfigs.getKeyStoreAlias(), keyManagerConfigs.getKeyPassword().toCharArray());
                    if (fileInputStream != null) {
                        if (0 != 0) {
                            try {
                                fileInputStream.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            fileInputStream.close();
                        }
                    }
                    if (key instanceof PrivateKey) {
                        return (PrivateKey) key;
                    }
                    throw new AuthException("Error while retrieving private key from certificate");
                } finally {
                }
            } finally {
            }
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException | CertificateException e) {
            throw new AuthException("Error while retrieving private key from certificate", e);
        }
    }

    public static Certificate extractPublicKeyFromCertificate() throws AuthException {
        KeyManagerConfiguration keyManagerConfigs = ServiceReferenceHolder.getInstance().getAuthConfiguration().getKeyManagerConfigs();
        try {
            FileInputStream fileInputStream = new FileInputStream(keyManagerConfigs.getKeyStoreLocation());
            Throwable th = null;
            try {
                KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
                keyStore.load(fileInputStream, keyManagerConfigs.getKeyStorePassword().toCharArray());
                Certificate certificate = keyStore.getCertificate(keyManagerConfigs.getKeyStoreAlias());
                if (fileInputStream != null) {
                    if (0 != 0) {
                        try {
                            fileInputStream.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        fileInputStream.close();
                    }
                }
                return certificate;
            } catch (Throwable th3) {
                if (fileInputStream != null) {
                    if (0 != 0) {
                        try {
                            fileInputStream.close();
                        } catch (Throwable th4) {
                            th.addSuppressed(th4);
                        }
                    } else {
                        fileInputStream.close();
                    }
                }
                throw th3;
            }
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
            throw new AuthException("Error while retrieving public key from certificate", e);
        }
    }
}
