package io.github.shroompye.mongoauth.util;

import com.mojang.authlib.GameProfile;
import io.github.shroompye.mongoauth.MongoAuth;
import io.github.shroompye.mongoauth.config.MongoAuthConfig;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Signature;
import java.security.SignatureException;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.X509EncodedKeySpec;
import java.util.Locale;
import net.fabricmc.fabric.api.networking.v1.PacketByteBufs;
import net.fabricmc.fabric.api.networking.v1.ServerLoginNetworking;
import net.fabricmc.fabric.impl.networking.server.ServerNetworkingImpl;
import net.minecraft.class_2540;
import net.minecraft.class_2585;
import net.minecraft.class_2960;
import net.minecraft.class_3248;
import org.bson.internal.Base64;

/* loaded from: input_file:io/github/shroompye/mongoauth/util/KeysAuthHandler.class */
public class KeysAuthHandler {
    private static final class_2960 MONGO_LOGIN_PACKET_IDENTIFIER = new class_2960(MongoAuth.modid, "login");
    public final class_3248 networkHandler;
    public final GameProfile profile;
    private final byte[] payload = createPayload();

    public KeysAuthHandler(class_3248 class_3248Var, GameProfile gameProfile) {
        this.networkHandler = class_3248Var;
        this.profile = gameProfile;
    }

    public static void registerGlobalReciver() {
        ServerLoginNetworking.registerGlobalReceiver(MONGO_LOGIN_PACKET_IDENTIFIER, (minecraftServer, class_3248Var, z, class_2540Var, loginSynchronizer, packetSender) -> {
            KeysAuthHandler keysAuthHandler = MongoAuth.AUTH_HANDLERS.get(class_3248Var.field_14158);
            if (z && class_2540Var.readBoolean() && keysAuthHandler != null) {
                keysAuthHandler.recivePacket(class_2540Var.readBoolean(), class_2540Var.method_10795());
            } else if (keysAuthHandler != null) {
                keysAuthHandler.networkHandler.setState(class_3248.class_3249.field_14168);
            }
        });
    }

    public void sendPacket() {
        class_2540 create = PacketByteBufs.create();
        if (!(MongoAuth.databaseAccess.authDataExists(this.profile.getId(), true) && MongoAuth.databaseAccess.getOrCreateAuthData(this.profile.getId()).registered())) {
            create.method_10814("none");
        } else if (MongoAuth.databaseAccess.getOrCreateAuthData(this.profile.getId()).getAuthenticationMethod() == AuthMethod.KEYS) {
            create.method_10814("keypair");
            create.method_10813(this.payload);
        } else {
            create.method_10814("password");
        }
        ServerNetworkingImpl.getAddon(this.networkHandler).sendPacket(MONGO_LOGIN_PACKET_IDENTIFIER, create);
    }

    public void recivePacket(boolean z, byte[] bArr) {
        GameProfile mongoauth_getGameProfile = this.networkHandler.mongoauth_getGameProfile();
        if (!z) {
            if (MongoAuth.databaseAccess.authDataExists(mongoauth_getGameProfile.getId(), true) && MongoAuth.databaseAccess.getOrCreateAuthData(mongoauth_getGameProfile.getId()).registered()) {
                if (MongoAuth.databaseAccess.getOrCreateAuthData(mongoauth_getGameProfile.getId()).getAuthenticationMethod() == AuthMethod.KEYS) {
                    this.networkHandler.method_14380(new class_2585(MongoAuthConfig.config.language.userAlredyExists));
                    return;
                } else {
                    MongoAuth.playersWithMongoAuthKeys.removeIf(str -> {
                        return str.equals(mongoauth_getGameProfile.getName().toLowerCase(Locale.ROOT));
                    });
                    return;
                }
            }
            if (!isKeyValid(bArr)) {
                this.networkHandler.method_14380(new class_2585(MongoAuthConfig.config.language.registrationInvalidkey));
            }
            MongoAuth.databaseAccess.getOrCreateAuthData(mongoauth_getGameProfile.getId()).setPaswordHash(encodeKey(bArr));
            this.networkHandler.setState(class_3248.class_3249.field_14168);
            if (MongoAuthConfig.config.debug.logRegistration) {
                MongoAuth.logNamed(mongoauth_getGameProfile.getName() + " registered with key");
                return;
            }
            return;
        }
        PublicKey publicKey = getPublicKey(MongoAuth.databaseAccess.getOrCreateAuthData(mongoauth_getGameProfile.getId()));
        try {
            Signature signature = Signature.getInstance("SHA256WithRSA");
            signature.initVerify(publicKey);
            signature.update(this.payload);
            if (signature.verify(bArr)) {
                this.networkHandler.setState(class_3248.class_3249.field_14168);
                if (MongoAuthConfig.config.debug.announceAuthConsole) {
                    MongoAuth.logNamed(mongoauth_getGameProfile.getName() + " authenticated with key");
                    return;
                }
                return;
            }
            this.networkHandler.method_14380(new class_2585(MongoAuthConfig.config.language.invalidKey));
            if (MongoAuthConfig.config.debug.announceAuthConsole) {
                MongoAuth.logNamed(mongoauth_getGameProfile.getName() + " failed to authenticate with key");
            }
        } catch (InvalidKeyException | NoSuchAlgorithmException | SignatureException e) {
            MongoAuth.logNamedError("Error verifying key", e);
            this.networkHandler.method_14380(new class_2585(MongoAuthConfig.config.language.errorVerifyingKey));
        }
    }

    private boolean isKeyValid(byte[] bArr) {
        try {
            KeyFactory.getInstance("RSA").generatePublic(new X509EncodedKeySpec(bArr));
            return true;
        } catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
            return false;
        }
    }

    private static PublicKey getPublicKey(AuthData authData) {
        if (!authData.registered() || !authData.getPaswordHash().startsWith("key")) {
            return null;
        }
        try {
            return KeyFactory.getInstance("RSA").generatePublic(new X509EncodedKeySpec(Base64.decode(authData.getPaswordHash().substring(3))));
        } catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
            MongoAuth.logNamedError("Error decoding key", e);
            return null;
        }
    }

    private static String encodeKey(byte[] bArr) {
        return "key" + Base64.encode(bArr);
    }

    private static byte[] createPayload() {
        byte[] bArr = new byte[2048];
        new SecureRandom().nextBytes(bArr);
        return bArr;
    }
}
