package com.lengine.sdk.core.ssousedsecuremethods;

import com.lengine.sdk.core.AsymmetricCryptor;
import com.lengine.sdk.core.RandomKey;
import com.lengine.sdk.core.SymmetricCryptor;
import com.lengine.sdk.core.entity.UserToken;
import com.lengine.sdk.core.entity.UserTokens;
import com.lengine.sdk.core.oxm.SerializerUtility;
import com.lengine.sdk.core.tools.Base64;

/* loaded from: classes.dex */
public class SecureUtility {
    private static String sUAASPublicKey = "BgIAAAAiAABEU1MxAAQAAL8MmGBt1BGisLDDlw59L7vFS87ftc5nQ68niM/JrQkwppz3Jx575mVs4AF2DH5EEgQWheoOQokcxWh6PeZT0a5M7k/JV9XrnK3f0/dMN/pWhVLCry9t1q9SH2pgNVAhNcys7GSpaNhQ7FkhhublEMDobkFn5HGX6dFQLJda5IL393+LEQ3o1e8Kix0F9e49awrNLqdd8lzq64mZqXttSMRp14PIc+RMeqC8JzUhfgsYyLUY+dX0ecvUIu9hoiZQLt73WLkoofmwC5z5hJC4T0zB4RUGM5P9rtdy2X4zqmp1qtSXpZREZkCjXrZhn4g+6rYP0NTl2YPc08UAwJbH7Su7uRiqifIA70SjbOACKVbUGDZcPt/pNsb0g+xW+P4w2qTLEP0sSRTTrx7+bqMFKfOCrnDBzlYDk883acv4e8AfamHVtfWfyRRwru6X4bwJTzOPt+pe5UPFh36aGVUWqhDUJrZ18QkBoXl25+DFcNjBIQjh+cAVZNjOpcFTKg+XukAtRTFpFF6fsuqnMAzLMDLRzVujQQQAAAJSY8kkY1OZTYUH3b0PU55zWK8B";

    public static OnceOnlyUserToken buildOnceOnlyUserToken(byte[] bArr, byte[] bArr2) throws Exception {
        RandomKey randomKey = new RandomKey();
        SymmetricCryptor symmetricCryptor = new SymmetricCryptor(new String(randomKey.Key, "UTF-8"));
        OnceOnlyUserToken onceOnlyUserToken = new OnceOnlyUserToken();
        byte[] encrypt = AsymmetricCryptor.encrypt(randomKey.ToByteArray());
        onceOnlyUserToken.setEncryptToken(Base64.encode(symmetricCryptor.encrypt(bArr)));
        onceOnlyUserToken.setSignature(Base64.encode(bArr2));
        onceOnlyUserToken.setEncryptRandomKey(Base64.encode(encrypt));
        return onceOnlyUserToken;
    }

    public static UserToken getUserToken(SecureUserToken secureUserToken, String str) throws Exception {
        return getUserTokens(secureUserToken, str).getUserToken();
    }

    public static UserTokens getUserTokens(SecureUserToken secureUserToken, String str) throws Exception {
        UserToken userToken = null;
        byte[] bArr = null;
        byte[] bArr2 = null;
        if (secureUserToken != null) {
            bArr = new SymmetricCryptor(str).decrypt(Base64.decode(secureUserToken.getToken()));
            bArr2 = Base64.decode(secureUserToken.getSignature());
            if (!verifyTokenData(bArr, bArr2).booleanValue()) {
                throw new Exception("认证错误：无效的登录凭据");
            }
            try {
                userToken = (UserToken) SerializerUtility.read(UserToken.class, new String(bArr, "UTF-8"));
            } catch (Exception e2) {
                e2.printStackTrace();
                bArr = null;
            }
        }
        if (userToken == null || "".equals(userToken.getUserId()) || userToken.getRoleIds() == null || userToken.getRoleIds().length < 1) {
            throw new Exception("认证错误：无效的登录凭据！");
        }
        return new UserTokens(userToken, bArr, bArr2);
    }

    public static Boolean verifyTokenData(byte[] bArr, byte[] bArr2) throws Exception {
        return AsymmetricCryptor.verifyData(bArr, Base64.decode(sUAASPublicKey), bArr2);
    }
}
