package de.authada.eid.core.authentication;

import Bm.b;
import Bm.d;
import Ni.c;
import Ni.f;
import de.authada.eid.card.api.ImmutableByteArray;
import de.authada.eid.core.authentication.ImmutableTCTokenContext;
import de.authada.eid.core.authentication.ValidateTCTokenStep;
import de.authada.eid.core.authentication.tctoken.TCToken;
import de.authada.eid.core.authentication.tctoken.UnvalidatedTCToken;
import de.authada.eid.core.http.URLUtils;
import de.authada.eid.core.support.Consumer;
import de.authada.eid.core.support.Function;
import de.authada.eid.core.support.Optional;
import de.authada.eid.core.utils.StringUtils;
import de.authada.org.bouncycastle.util.encoders.Hex;
import java.net.URL;
import java.util.Objects;

/* loaded from: classes2.dex */
public class ValidateTCTokenStep {
    private static final String BINDING_VALUE = "urn:liberty:paos:2006-08";
    private static final b LOGGER = d.b(ValidateTCTokenStep.class);
    private static final String PROTOCOL_VALUE = "urn:ietf:rfc:4279";

    private boolean isHttpURL(Optional<URL> optional, Consumer<URL> consumer) {
        return ((Boolean) optional.map(new f(consumer)).orElse(Boolean.FALSE)).booleanValue();
    }

    private boolean isHttpsURL(Optional<URL> optional, Consumer<URL> consumer) {
        return ((Boolean) optional.map(new c(consumer)).orElse(Boolean.FALSE)).booleanValue();
    }

    private boolean isValid(UnvalidatedTCToken unvalidatedTCToken, final TCToken tCToken) {
        Optional<URL> url = URLUtils.toURL(unvalidatedTCToken.getServerAddress());
        Objects.requireNonNull(tCToken);
        return isHttpsURL(url, new Consumer() { // from class: Ni.g
            @Override // de.authada.eid.core.support.Consumer
            public final void accept(Object obj) {
                TCToken.this.setServerAddress((URL) obj);
            }
        }) && isHttpsURL(URLUtils.toURL(unvalidatedTCToken.getRefreshAddress()), new Consumer() { // from class: Ni.h
            @Override // de.authada.eid.core.support.Consumer
            public final void accept(Object obj) {
                TCToken.this.setRefreshAddress((URL) obj);
            }
        }) && isValidBinding(unvalidatedTCToken.getBinding()) && validateProtocol(unvalidatedTCToken, tCToken) && validateSessionIdentifier(unvalidatedTCToken.getSessionIdentifier(), new Consumer() { // from class: Ni.i
            @Override // de.authada.eid.core.support.Consumer
            public final void accept(Object obj) {
                TCToken.this.setSessionIdentifier((String) obj);
            }
        }) && validateCommErrorAddress(unvalidatedTCToken, tCToken);
    }

    private boolean isValidBinding(String str) {
        return BINDING_VALUE.equalsIgnoreCase(str);
    }

    public static /* synthetic */ Boolean lambda$isHttpURL$2(Consumer consumer, URL url) {
        if (URLUtils.isHttpURL(url)) {
            consumer.accept(url);
            return Boolean.TRUE;
        }
        LOGGER.v(url, "Is not a http url {}");
        return Boolean.FALSE;
    }

    public static /* synthetic */ Boolean lambda$isHttpsURL$3(Consumer consumer, URL url) {
        if (URLUtils.isHttpsURL(url)) {
            consumer.accept(url);
            return Boolean.TRUE;
        }
        LOGGER.v(url, "is not a https url {}");
        return Boolean.FALSE;
    }

    public /* synthetic */ Boolean lambda$validateCommErrorAddress$0(Optional optional, final TCToken tCToken, URL url) {
        Objects.requireNonNull(tCToken);
        return Boolean.valueOf(isHttpURL(optional, new Consumer() { // from class: Ni.d
            @Override // de.authada.eid.core.support.Consumer
            public final void accept(Object obj) {
                TCToken.this.setCommunicationErrorAddress((URL) obj);
            }
        }) || isHttpsURL(optional, new Consumer() { // from class: Ni.d
            @Override // de.authada.eid.core.support.Consumer
            public final void accept(Object obj) {
                TCToken.this.setCommunicationErrorAddress((URL) obj);
            }
        }));
    }

    public static /* synthetic */ Boolean lambda$validateCommErrorAddress$1() {
        LOGGER.r("Invalid ComErrorAddress");
        return Boolean.FALSE;
    }

    private boolean validateCommErrorAddress(UnvalidatedTCToken unvalidatedTCToken, final TCToken tCToken) {
        if (unvalidatedTCToken.getCommunicationErrorAddress() == null) {
            return true;
        }
        final Optional<URL> url = URLUtils.toURL(unvalidatedTCToken.getCommunicationErrorAddress());
        return ((Boolean) url.map(new Function() { // from class: Ni.e
            @Override // de.authada.eid.core.support.Function
            /* renamed from: apply */
            public final Object mo21apply(Object obj) {
                Boolean lambda$validateCommErrorAddress$0;
                lambda$validateCommErrorAddress$0 = ValidateTCTokenStep.this.lambda$validateCommErrorAddress$0(url, tCToken, (URL) obj);
                return lambda$validateCommErrorAddress$0;
            }
        }).orElseGet(new Object())).booleanValue();
    }

    private boolean validateProtocol(UnvalidatedTCToken unvalidatedTCToken, TCToken tCToken) {
        String protocol = unvalidatedTCToken.getProtocol();
        boolean hasParameters = unvalidatedTCToken.getHasParameters();
        String psk = unvalidatedTCToken.getPsk();
        boolean isNullOrEmpty = StringUtils.isNullOrEmpty(protocol);
        boolean isNullOrEmpty2 = StringUtils.isNullOrEmpty(psk);
        boolean z10 = isNullOrEmpty ? isNullOrEmpty2 : PROTOCOL_VALUE.equalsIgnoreCase(protocol) && hasParameters;
        if (z10) {
            if (isNullOrEmpty2) {
                tCToken.setAttached(true);
                LOGGER.r("TCToken represents attached mode");
            } else {
                try {
                    tCToken.setPsk(ImmutableByteArray.of(Hex.decode(psk)));
                } catch (RuntimeException e10) {
                    LOGGER.w("PSK parsing failed", e10);
                    return false;
                }
            }
        }
        return z10;
    }

    private boolean validateSessionIdentifier(String str, Consumer<String> consumer) {
        if (StringUtils.isNullOrEmpty(str)) {
            LOGGER.r("Missing session identifier");
            return false;
        }
        consumer.accept(str);
        return true;
    }

    public ImmutableTCTokenContext process(UnvalidatedTCTokenContext unvalidatedTCTokenContext) {
        ImmutableTCTokenContext.Builder builder = ImmutableTCTokenContext.builder();
        TCToken tCToken = new TCToken();
        if (isValid(unvalidatedTCTokenContext.getUnvalidatedTCToken(), tCToken)) {
            builder.tCToken(Optional.of(tCToken));
        } else {
            builder.tCToken(Optional.empty());
        }
        builder.addAllCertificates(unvalidatedTCTokenContext.getCertificates());
        if (tCToken.isAttached()) {
            builder.eserviceConnection(Optional.of(unvalidatedTCTokenContext.getEserviceConnection()));
        } else {
            builder.eserviceConnection(Optional.empty());
        }
        return builder.build();
    }
}
