package io.phasetwo.keycloak.events;

import com.github.xgp.util.BackOff;
import com.github.xgp.util.ExponentialBackOff;
import io.phasetwo.keycloak.events.SenderEventListenerProvider;
import java.io.IOException;
import java.security.SignatureException;
import java.util.Optional;
import java.util.concurrent.ScheduledExecutorService;
import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;
import org.jboss.logging.Logger;
import org.keycloak.broker.provider.util.SimpleHttp;
import org.keycloak.models.KeycloakSession;
import org.keycloak.util.JsonSerialization;

/* loaded from: input_file:io/phasetwo/keycloak/events/HttpSenderEventListenerProvider.class */
public class HttpSenderEventListenerProvider extends SenderEventListenerProvider {
    private static final Logger log = Logger.getLogger(HttpSenderEventListenerProvider.class);
    protected static final String TARGET_URI = "targetUri";
    protected static final String RETRY = "retry";
    protected static final String SHARED_SECRET = "sharedSecret";
    protected static final String HMAC_ALGORITHM = "hmacAlgorithm";
    protected static final String BACKOFF_INITIAL_INTERVAL = "backoffInitialInterval";
    protected static final String BACKOFF_MAX_ELAPSED_TIME = "backoffMaxElapsedTime";
    protected static final String BACKOFF_MAX_INTERVAL = "backoffMaxInterval";
    protected static final String BACKOFF_MULTIPLIER = "backoffMultiplier";
    protected static final String BACKOFF_RANDOMIZATION_FACTOR = "backoffRandomizationFactor";
    private static final String HMAC_SHA1_ALGORITHM = "HmacSHA1";
    private static final String HMAC_SHA256_ALGORITHM = "HmacSHA256";

    public HttpSenderEventListenerProvider(KeycloakSession keycloakSession, ScheduledExecutorService scheduledExecutorService) {
        super(keycloakSession, scheduledExecutorService);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // io.phasetwo.keycloak.events.SenderEventListenerProvider
    public BackOff getBackOff() {
        boolean booleanOr = getBooleanOr(this.config, RETRY, true);
        log.debugf("Retry is %b %s", Boolean.valueOf(booleanOr), getOr(this.config, RETRY, "[empty]"));
        return !booleanOr ? BackOff.STOP_BACKOFF : new ExponentialBackOff.Builder().setInitialIntervalMillis(getIntOr(this.config, BACKOFF_INITIAL_INTERVAL, ExponentialBackOff.DEFAULT_INITIAL_INTERVAL_MILLIS)).setMaxElapsedTimeMillis(getIntOr(this.config, BACKOFF_MAX_ELAPSED_TIME, ExponentialBackOff.DEFAULT_MAX_ELAPSED_TIME_MILLIS)).setMaxIntervalMillis(getIntOr(this.config, BACKOFF_MAX_INTERVAL, ExponentialBackOff.DEFAULT_MAX_INTERVAL_MILLIS)).setMultiplier(getDoubleOr(this.config, BACKOFF_MULTIPLIER, 1.5d)).setRandomizationFactor(getDoubleOr(this.config, BACKOFF_RANDOMIZATION_FACTOR, 0.5d)).build();
    }

    String getTargetUri() {
        return this.config.get(TARGET_URI).toString();
    }

    Optional<String> getSharedSecret() {
        return Optional.ofNullable(this.config.get(SHARED_SECRET)).map((v0) -> {
            return v0.toString();
        });
    }

    Optional<String> getHmacAlgorithm() {
        return Optional.ofNullable(this.config.get(HMAC_ALGORITHM)).map((v0) -> {
            return v0.toString();
        });
    }

    @Override // io.phasetwo.keycloak.events.SenderEventListenerProvider
    void send(SenderEventListenerProvider.SenderTask senderTask) throws SenderEventListenerProvider.SenderException, IOException {
        send(senderTask, getTargetUri(), getSharedSecret(), getHmacAlgorithm());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void send(SenderEventListenerProvider.SenderTask senderTask, String str, Optional<String> optional, Optional<String> optional2) throws SenderEventListenerProvider.SenderException, IOException {
        log.debugf("attempting send to %s", str);
        try {
            SimpleHttp json = SimpleHttp.doPost(str, this.session).json(senderTask.getEvent());
            optional.ifPresent(str2 -> {
                json.header("X-Keycloak-Signature", hmacFor(senderTask.getEvent(), str2, (String) optional2.orElse(HMAC_SHA256_ALGORITHM)));
            });
            int status = json.asResponse().getStatus();
            log.debugf("sent to %s (%d)", str, Integer.valueOf(status));
            if (status < 200 || status >= 300) {
                log.warnf("Sending failure (Server response:%d)", Integer.valueOf(status));
                throw new SenderEventListenerProvider.SenderException(true);
            }
        } catch (SenderEventListenerProvider.SenderException e) {
            throw e;
        } catch (Exception e2) {
            log.warnf(e2, "Sending exception to %s", str);
            throw new SenderEventListenerProvider.SenderException(false, e2);
        }
    }

    protected String hmacFor(Object obj, String str, String str2) {
        try {
            return calculateHmacSha(JsonSerialization.writeValueAsString(obj), str, str2);
        } catch (Exception e) {
            log.warn("Unable to sign data", e);
            return "";
        }
    }

    public static String calculateHmacSha(String str, String str2, String str3) throws SignatureException {
        try {
            SecretKeySpec secretKeySpec = new SecretKeySpec(str2.getBytes(), str3);
            Mac mac = Mac.getInstance(str3);
            mac.init(secretKeySpec);
            byte[] doFinal = mac.doFinal(str.getBytes());
            StringBuilder sb = new StringBuilder(doFinal.length * 2);
            for (byte b : doFinal) {
                String hexString = Integer.toHexString(255 & b);
                if (hexString.length() == 1) {
                    sb.append('0');
                }
                sb.append(hexString);
            }
            return sb.toString();
        } catch (Exception e) {
            throw new SignatureException("Failed to generate HMAC : " + e.getMessage());
        }
    }
}
