package org.apache.cxf.rs.security.oauth2.tokens.hawk;

import java.security.SecureRandom;
import java.util.Map;
import org.apache.cxf.common.util.Base64Utility;
import org.apache.cxf.common.util.StringUtils;
import org.apache.cxf.rs.security.oauth2.client.HttpRequestProperties;
import org.apache.cxf.rs.security.oauth2.common.AccessToken;
import org.apache.cxf.rs.security.oauth2.utils.OAuthConstants;
import org.apache.cxf.rt.security.crypto.HmacUtils;

/* loaded from: input_file:org/apache/cxf/rs/security/oauth2/tokens/hawk/HawkAuthorizationScheme.class */
public class HawkAuthorizationScheme {
    private static final String SEPARATOR = "\n";
    private HttpRequestProperties props;
    private String macKey;
    private String timestamp;
    private String nonce;

    public HawkAuthorizationScheme(HttpRequestProperties httpRequestProperties, AccessToken accessToken) {
        this.props = httpRequestProperties;
        this.macKey = accessToken.getTokenKey();
        this.timestamp = Long.toString(System.currentTimeMillis());
        this.nonce = generateNonce();
    }

    public HawkAuthorizationScheme(HttpRequestProperties httpRequestProperties, Map<String, String> map) {
        this.props = httpRequestProperties;
        this.macKey = map.get("id");
        this.timestamp = map.get(OAuthConstants.HAWK_TOKEN_TIMESTAMP);
        this.nonce = map.get(OAuthConstants.HAWK_TOKEN_NONCE);
    }

    public String getMacKey() {
        return this.macKey;
    }

    public String getTimestamp() {
        return this.timestamp;
    }

    public String getNonce() {
        return this.nonce;
    }

    public String toAuthorizationHeader(String str, String str2) {
        String encodeHmacString = HmacUtils.encodeHmacString(str2, HmacAlgorithm.toHmacAlgorithm(str).getJavaName(), getNormalizedRequestString());
        StringBuilder sb = new StringBuilder();
        sb.append(OAuthConstants.HAWK_AUTHORIZATION_SCHEME).append(" ");
        addParameter(sb, "id", this.macKey, false);
        addParameter(sb, OAuthConstants.HAWK_TOKEN_TIMESTAMP, this.timestamp, false);
        addParameter(sb, OAuthConstants.HAWK_TOKEN_NONCE, this.nonce, false);
        addParameter(sb, OAuthConstants.HAWK_TOKEN_SIGNATURE, encodeHmacString, true);
        return sb.toString();
    }

    private static void addParameter(StringBuilder sb, String str, String str2, boolean z) {
        sb.append(str).append('=').append('\"').append(str2).append('\"');
        if (z) {
            return;
        }
        sb.append(',');
    }

    public String getNormalizedRequestString() {
        String requestPath = this.props.getRequestPath();
        if (!StringUtils.isEmpty(this.props.getRequestQuery())) {
            requestPath = requestPath + "?" + normalizeQuery(this.props.getRequestQuery());
        }
        return this.timestamp + "\n" + this.nonce + "\n" + this.props.getHttpMethod().toUpperCase() + "\n" + requestPath + "\n" + this.props.getHostName() + "\n" + this.props.getPort() + "\n\n\n";
    }

    private static String normalizeQuery(String str) {
        return str;
    }

    private static String generateNonce() {
        byte[] bArr = new byte[20];
        new SecureRandom().nextBytes(bArr);
        return Base64Utility.encode(bArr);
    }
}
