package com.github.steveice10.mc.auth.service;

import com.github.steveice10.mc.auth.data.GameProfile;
import com.github.steveice10.mc.auth.exception.request.InvalidCredentialsException;
import com.github.steveice10.mc.auth.exception.request.RequestException;
import com.github.steveice10.mc.auth.exception.request.ServiceUnavailableException;
import com.github.steveice10.mc.auth.exception.request.XboxRequestException;
import com.github.steveice10.mc.auth.util.HTTP;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.OutputStream;
import java.net.HttpURLConnection;
import java.net.URI;
import java.net.URLDecoder;
import java.nio.charset.Charset;
import java.nio.charset.StandardCharsets;
import java.util.Collections;
import java.util.HashMap;
import java.util.Map;
import java.util.UUID;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import org.geysermc.relocate.jackson.annotation.JsonProperty;

/* loaded from: input_file:com/github/steveice10/mc/auth/service/MsaAuthenticationService.class */
public class MsaAuthenticationService extends AuthenticationService {
    private static final URI MS_CODE_ENDPOINT = URI.create("https://login.microsoftonline.com/consumers/oauth2/v2.0/devicecode");
    private static final URI MS_CODE_TOKEN_ENDPOINT = URI.create("https://login.microsoftonline.com/consumers/oauth2/v2.0/token");
    private static final URI MS_LOGIN_ENDPOINT = URI.create("https://login.live.com/oauth20_authorize.srf?redirect_uri=https://login.live.com/oauth20_desktop.srf&scope=service::user.auth.xboxlive.com::MBI_SSL&display=touch&response_type=code&locale=en&client_id=00000000402b5328");
    private static final URI MS_TOKEN_ENDPOINT = URI.create("https://login.live.com/oauth20_token.srf");
    private static final URI XBL_AUTH_ENDPOINT = URI.create("https://user.auth.xboxlive.com/user/authenticate");
    private static final URI XSTS_AUTH_ENDPOINT = URI.create("https://xsts.auth.xboxlive.com/xsts/authorize");
    private static final URI MC_LOGIN_ENDPOINT = URI.create("https://api.minecraftservices.com/authentication/login_with_xbox");
    private static final URI MC_PROFILE_ENDPOINT = URI.create("https://api.minecraftservices.com/minecraft/profile");
    private static final URI EMPTY_URI = URI.create(JsonProperty.USE_DEFAULT_NAME);
    private static final Pattern PPFT_PATTERN = Pattern.compile("sFTTag:[ ]?'.*value=\"(.*)\"/>'");
    private static final Pattern URL_POST_PATTERN = Pattern.compile("urlPost:[ ]?'(.+?(?='))");
    private static final Pattern CODE_PATTERN = Pattern.compile("[?|&]code=([\\w.-]+)");
    private String deviceCode;
    private String clientId;
    private String refreshToken;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/github/steveice10/mc/auth/service/MsaAuthenticationService$McLoginRequest.class */
    public static class McLoginRequest {
        private String identityToken;

        protected McLoginRequest(String str, String str2) {
            this.identityToken = "XBL3.0 x=" + str + ";" + str2;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/github/steveice10/mc/auth/service/MsaAuthenticationService$McLoginResponse.class */
    public static class McLoginResponse {
        public String username;
        public String[] roles;
        public String access_token;
        public String token_type;
        public int expires_in;

        private McLoginResponse() {
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/github/steveice10/mc/auth/service/MsaAuthenticationService$McProfileResponse.class */
    public static class McProfileResponse {
        public UUID id;
        public String name;
        public Skin[] skins;

        /* loaded from: input_file:com/github/steveice10/mc/auth/service/MsaAuthenticationService$McProfileResponse$Skin.class */
        private static class Skin {
            public UUID id;
            public String state;
            public URI url;
            public String variant;
            public String alias;

            private Skin() {
            }
        }

        private McProfileResponse() {
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/github/steveice10/mc/auth/service/MsaAuthenticationService$MsCodeRequest.class */
    public static class MsCodeRequest {
        private final String client_id;
        private final String scope;

        @Deprecated
        protected MsCodeRequest(String str) {
            this(str, false);
        }

        protected MsCodeRequest(String str, boolean z) {
            this.client_id = str;
            this.scope = "XboxLive.signin" + (z ? " offline_access" : JsonProperty.USE_DEFAULT_NAME);
        }

        public Map<String, String> toMap() {
            HashMap hashMap = new HashMap();
            hashMap.put("client_id", this.client_id);
            hashMap.put("scope", this.scope);
            return hashMap;
        }
    }

    /* loaded from: input_file:com/github/steveice10/mc/auth/service/MsaAuthenticationService$MsCodeResponse.class */
    public static class MsCodeResponse {
        public String user_code;
        public String device_code;
        public URI verification_uri;
        public int expires_in;
        public int interval;
        public String message;
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/github/steveice10/mc/auth/service/MsaAuthenticationService$MsCodeTokenRequest.class */
    public static class MsCodeTokenRequest {
        private String grant_type = "urn:ietf:params:oauth:grant-type:device_code";
        private String client_id;
        private String device_code;

        protected MsCodeTokenRequest(String str, String str2) {
            this.client_id = str;
            this.device_code = str2;
        }

        public Map<String, String> toMap() {
            HashMap hashMap = new HashMap();
            hashMap.put("grant_type", this.grant_type);
            hashMap.put("client_id", this.client_id);
            hashMap.put("device_code", this.device_code);
            return hashMap;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/github/steveice10/mc/auth/service/MsaAuthenticationService$MsRefreshRequest.class */
    public static class MsRefreshRequest {
        private String client_id;
        private String refresh_token;
        private String grant_type = "refresh_token";

        protected MsRefreshRequest(String str, String str2) {
            this.client_id = str;
            this.refresh_token = str2;
        }

        public Map<String, String> toMap() {
            HashMap hashMap = new HashMap();
            hashMap.put("client_id", this.client_id);
            hashMap.put("refresh_token", this.refresh_token);
            hashMap.put("grant_type", this.grant_type);
            return hashMap;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/github/steveice10/mc/auth/service/MsaAuthenticationService$MsTokenRequest.class */
    public static class MsTokenRequest {
        private String client_id;
        private String code;
        private String grant_type = "authorization_code";
        private String redirect_uri = "https://login.live.com/oauth20_desktop.srf";
        private String scope = "service::user.auth.xboxlive.com::MBI_SSL";

        protected MsTokenRequest(String str, String str2) {
            this.client_id = str;
            this.code = str2;
        }

        public Map<String, String> toMap() {
            HashMap hashMap = new HashMap();
            hashMap.put("client_id", this.client_id);
            hashMap.put("code", this.code);
            hashMap.put("grant_type", this.grant_type);
            hashMap.put("redirect_uri", this.redirect_uri);
            hashMap.put("scope", this.scope);
            return hashMap;
        }
    }

    /* loaded from: input_file:com/github/steveice10/mc/auth/service/MsaAuthenticationService$MsTokenResponse.class */
    public static class MsTokenResponse {
        public String token_type;
        public String scope;
        public int expires_in;
        public String access_token;
        public String refresh_token;
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/github/steveice10/mc/auth/service/MsaAuthenticationService$XblAuthRequest.class */
    public static class XblAuthRequest {
        private String RelyingParty = "http://auth.xboxlive.com";
        private String TokenType = "JWT";
        private Properties Properties;

        /* loaded from: input_file:com/github/steveice10/mc/auth/service/MsaAuthenticationService$XblAuthRequest$Properties.class */
        private static class Properties {
            private String AuthMethod = "RPS";
            private String SiteName = "user.auth.xboxlive.com";
            private String RpsTicket;

            protected Properties(String str) {
                this.RpsTicket = str;
            }
        }

        protected XblAuthRequest(String str) {
            this.Properties = new Properties(str);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/github/steveice10/mc/auth/service/MsaAuthenticationService$XblAuthResponse.class */
    public static class XblAuthResponse {
        public String Identity;
        public long XErr;
        public String Message;
        public String Redirect;
        public String IssueInstant;
        public String NotAfter;
        public String Token;
        public DisplayClaims DisplayClaims;

        /* JADX INFO: Access modifiers changed from: private */
        /* loaded from: input_file:com/github/steveice10/mc/auth/service/MsaAuthenticationService$XblAuthResponse$DisplayClaims.class */
        public static class DisplayClaims {
            public Xui[] xui;

            private DisplayClaims() {
            }
        }

        /* JADX INFO: Access modifiers changed from: private */
        /* loaded from: input_file:com/github/steveice10/mc/auth/service/MsaAuthenticationService$XblAuthResponse$Xui.class */
        public static class Xui {
            public String uhs;

            private Xui() {
            }
        }

        private XblAuthResponse() {
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/github/steveice10/mc/auth/service/MsaAuthenticationService$XstsAuthRequest.class */
    public static class XstsAuthRequest {
        private String RelyingParty = "rp://api.minecraftservices.com/";
        private String TokenType = "JWT";
        private Properties Properties;

        /* loaded from: input_file:com/github/steveice10/mc/auth/service/MsaAuthenticationService$XstsAuthRequest$Properties.class */
        private static class Properties {
            private String[] UserTokens;
            private String SandboxId = "RETAIL";

            protected Properties(String str) {
                this.UserTokens = new String[]{str};
            }
        }

        protected XstsAuthRequest(String str) {
            this.Properties = new Properties(str);
        }
    }

    public MsaAuthenticationService(String str) {
        this(str, null);
    }

    public MsaAuthenticationService(String str, String str2) {
        super(EMPTY_URI);
        if (str == null) {
            throw new IllegalArgumentException("ClientId cannot be null.");
        }
        this.clientId = str;
        this.deviceCode = str2;
    }

    public String getRefreshToken() {
        return this.refreshToken;
    }

    public void setRefreshToken(String str) {
        this.refreshToken = str;
    }

    public MsCodeResponse getAuthCode() throws RequestException {
        return getAuthCode(false);
    }

    public MsCodeResponse getAuthCode(boolean z) throws RequestException {
        if (this.clientId == null) {
            throw new InvalidCredentialsException("Invalid client id.");
        }
        MsCodeResponse msCodeResponse = (MsCodeResponse) HTTP.makeRequestForm(getProxy(), MS_CODE_ENDPOINT, new MsCodeRequest(this.clientId, z).toMap(), MsCodeResponse.class);
        this.deviceCode = msCodeResponse.device_code;
        return msCodeResponse;
    }

    private McLoginResponse getLoginResponseFromCode() throws RequestException {
        if (this.deviceCode == null) {
            throw new InvalidCredentialsException("Invalid device code.");
        }
        MsTokenResponse msTokenResponse = (MsTokenResponse) HTTP.makeRequestForm(getProxy(), MS_CODE_TOKEN_ENDPOINT, new MsCodeTokenRequest(this.clientId, this.deviceCode).toMap(), MsTokenResponse.class);
        this.refreshToken = msTokenResponse.refresh_token;
        return getLoginResponseFromToken("d=" + msTokenResponse.access_token);
    }

    private McLoginResponse getLoginResponseFromCreds(String str, String str2) throws RequestException {
        try {
            HttpURLConnection createUrlConnection = HTTP.createUrlConnection(getProxy(), MS_LOGIN_ENDPOINT);
            createUrlConnection.setDoInput(true);
            InputStream inputStream = createUrlConnection.getResponseCode() == 200 ? createUrlConnection.getInputStream() : createUrlConnection.getErrorStream();
            Throwable th = null;
            try {
                String headerField = createUrlConnection.getHeaderField("set-cookie");
                String inputStreamToString = inputStreamToString(inputStream);
                Matcher matcher = PPFT_PATTERN.matcher(inputStreamToString);
                if (!matcher.find()) {
                    throw new ServiceUnavailableException("Could not parse response of '" + MS_LOGIN_ENDPOINT + "'.");
                }
                String group = matcher.group(1);
                Matcher matcher2 = URL_POST_PATTERN.matcher(inputStreamToString);
                if (!matcher2.find()) {
                    throw new ServiceUnavailableException("Could not parse response of '" + MS_LOGIN_ENDPOINT + "'.");
                }
                String group2 = matcher2.group(1);
                if (inputStream != null) {
                    if (0 != 0) {
                        try {
                            inputStream.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        inputStream.close();
                    }
                }
                if (headerField.isEmpty() || group.isEmpty() || group2.isEmpty()) {
                    throw new RequestException("Invalid response from '" + MS_LOGIN_ENDPOINT + "' missing one or more of cookie, PPFT or urlPost");
                }
                HashMap hashMap = new HashMap();
                hashMap.put("login", this.username);
                hashMap.put("loginfmt", this.username);
                hashMap.put("passwd", this.password);
                hashMap.put("PPFT", group);
                try {
                    byte[] bytes = HTTP.formMapToString(hashMap).getBytes(StandardCharsets.UTF_8);
                    HttpURLConnection createUrlConnection2 = HTTP.createUrlConnection(getProxy(), URI.create(group2));
                    createUrlConnection2.setRequestProperty("Content-Type", "application/x-www-form-urlencoded; charset=utf-8");
                    createUrlConnection2.setRequestProperty("Content-Length", String.valueOf(bytes.length));
                    createUrlConnection2.setRequestProperty("Cookie", headerField);
                    createUrlConnection2.setDoInput(true);
                    createUrlConnection2.setDoOutput(true);
                    OutputStream outputStream = createUrlConnection2.getOutputStream();
                    Throwable th3 = null;
                    try {
                        try {
                            outputStream.write(bytes);
                            if (outputStream != null) {
                                if (0 != 0) {
                                    try {
                                        outputStream.close();
                                    } catch (Throwable th4) {
                                        th3.addSuppressed(th4);
                                    }
                                } else {
                                    outputStream.close();
                                }
                            }
                            if (createUrlConnection2.getResponseCode() != 200 || createUrlConnection2.getURL().toString().equals(group2)) {
                                throw new InvalidCredentialsException("Invalid username and/or password");
                            }
                            Matcher matcher3 = CODE_PATTERN.matcher(URLDecoder.decode(createUrlConnection2.getURL().toString(), StandardCharsets.UTF_8.name()));
                            if (!matcher3.find()) {
                                throw new ServiceUnavailableException("Could not parse response of '" + group2 + "'.");
                            }
                            MsTokenResponse msTokenResponse = (MsTokenResponse) HTTP.makeRequestForm(getProxy(), MS_TOKEN_ENDPOINT, new MsTokenRequest(this.clientId, matcher3.group(1)).toMap(), MsTokenResponse.class);
                            this.refreshToken = msTokenResponse.refresh_token;
                            return getLoginResponseFromToken(msTokenResponse.access_token);
                        } finally {
                        }
                    } finally {
                    }
                } catch (IOException e) {
                    throw new ServiceUnavailableException("Could not make request to '" + group2 + "'.", e);
                }
            } finally {
            }
        } catch (IOException e2) {
            throw new ServiceUnavailableException("Could not make request to '" + MS_LOGIN_ENDPOINT + "'.", e2);
        }
    }

    private String inputStreamToString(InputStream inputStream) throws IOException {
        StringBuilder sb = new StringBuilder();
        BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(inputStream, Charset.forName(StandardCharsets.UTF_8.name())));
        Throwable th = null;
        while (true) {
            try {
                try {
                    int read = bufferedReader.read();
                    if (read == -1) {
                        break;
                    }
                    sb.append((char) read);
                } finally {
                }
            } catch (Throwable th2) {
                if (bufferedReader != null) {
                    if (th != null) {
                        try {
                            bufferedReader.close();
                        } catch (Throwable th3) {
                            th.addSuppressed(th3);
                        }
                    } else {
                        bufferedReader.close();
                    }
                }
                throw th2;
            }
        }
        if (bufferedReader != null) {
            if (0 != 0) {
                try {
                    bufferedReader.close();
                } catch (Throwable th4) {
                    th.addSuppressed(th4);
                }
            } else {
                bufferedReader.close();
            }
        }
        return sb.toString();
    }

    public MsTokenResponse refreshToken() throws RequestException {
        if (this.refreshToken == null) {
            throw new InvalidCredentialsException("Invalid refresh token.");
        }
        MsTokenResponse msTokenResponse = (MsTokenResponse) HTTP.makeRequestForm(getProxy(), MS_TOKEN_ENDPOINT, new MsRefreshRequest(this.clientId, this.refreshToken).toMap(), MsTokenResponse.class);
        this.accessToken = msTokenResponse.access_token;
        this.refreshToken = msTokenResponse.refresh_token;
        return msTokenResponse;
    }

    private McLoginResponse getLoginResponseFromRefreshToken() throws RequestException {
        return getLoginResponseFromToken("d=".concat(refreshToken().access_token));
    }

    private McLoginResponse getLoginResponseFromToken(String str) throws RequestException {
        XblAuthResponse xblAuthResponse = (XblAuthResponse) HTTP.makeRequest(getProxy(), XSTS_AUTH_ENDPOINT, new XstsAuthRequest(((XblAuthResponse) HTTP.makeRequest(getProxy(), XBL_AUTH_ENDPOINT, new XblAuthRequest(str), XblAuthResponse.class)).Token), XblAuthResponse.class);
        if (xblAuthResponse.XErr == 0) {
            return (McLoginResponse) HTTP.makeRequest(getProxy(), MC_LOGIN_ENDPOINT, new McLoginRequest(xblAuthResponse.DisplayClaims.xui[0].uhs, xblAuthResponse.Token), McLoginResponse.class);
        }
        if (xblAuthResponse.XErr == 2148916233L) {
            throw new XboxRequestException("Microsoft account does not have an Xbox Live account attached!");
        }
        if (xblAuthResponse.XErr == 2148916235L) {
            throw new XboxRequestException("Xbox Live is not available in your country!");
        }
        if (xblAuthResponse.XErr == 2148916238L) {
            throw new XboxRequestException("This account is a child account! Please add it to a family in order to log in.");
        }
        throw new XboxRequestException("Error occurred while authenticating to Xbox Live! Error ID: " + xblAuthResponse.XErr);
    }

    private void getProfile() throws RequestException {
        HashMap hashMap = new HashMap();
        hashMap.put("Authorization", "Bearer " + this.accessToken);
        McProfileResponse mcProfileResponse = (McProfileResponse) HTTP.makeRequest(getProxy(), MC_PROFILE_ENDPOINT, null, McProfileResponse.class, hashMap);
        this.selectedProfile = new GameProfile(mcProfileResponse.id, mcProfileResponse.name);
        this.profiles = Collections.singletonList(this.selectedProfile);
        this.username = mcProfileResponse.name;
    }

    @Override // com.github.steveice10.mc.auth.service.AuthenticationService
    public void login() throws RequestException {
        boolean z = (this.clientId == null || this.clientId.isEmpty()) ? false : true;
        boolean z2 = (this.deviceCode == null || this.deviceCode.isEmpty()) ? false : true;
        boolean z3 = (this.password == null || this.password.isEmpty()) ? false : true;
        boolean z4 = (this.refreshToken == null || this.refreshToken.isEmpty()) ? false : true;
        if (!z && !z3 && !z4) {
            throw new InvalidCredentialsException("Invalid password or access token.");
        }
        if (z3 && (this.username == null || this.username.isEmpty())) {
            throw new InvalidCredentialsException("Invalid username.");
        }
        McLoginResponse mcLoginResponse = null;
        if (z3) {
            mcLoginResponse = getLoginResponseFromCreds(this.username, this.password);
        } else if (z4) {
            mcLoginResponse = getLoginResponseFromRefreshToken();
        } else if (!z2) {
            this.deviceCode = getAuthCode().device_code;
        }
        if (!z3 && !z4) {
            mcLoginResponse = getLoginResponseFromCode();
        }
        if (mcLoginResponse == null) {
            throw new RequestException("Invalid response received.");
        }
        this.accessToken = mcLoginResponse.access_token;
        try {
            getProfile();
        } catch (RequestException e) {
            if (this.username == null || this.username.isEmpty()) {
                this.username = mcLoginResponse.username;
            }
        }
        this.loggedIn = true;
    }

    @Override // com.github.steveice10.mc.auth.service.AuthenticationService
    public void logout() throws RequestException {
        super.logout();
        this.clientId = null;
    }

    public String toString() {
        return "MsaAuthenticationService{deviceCode='" + this.deviceCode + "', clientId='" + this.clientId + "', accessToken='" + this.accessToken + "', loggedIn=" + this.loggedIn + ", username='" + this.username + "', password='" + this.password + "', selectedProfile=" + this.selectedProfile + ", properties=" + this.properties + ", profiles=" + this.profiles + '}';
    }
}
