package co.codewizards.cloudstore.rest.server.service;

import co.codewizards.cloudstore.core.auth.AuthTokenIO;
import co.codewizards.cloudstore.core.auth.AuthTokenSigner;
import co.codewizards.cloudstore.core.auth.EncryptedSignedAuthToken;
import co.codewizards.cloudstore.core.auth.SignedAuthTokenEncrypter;
import co.codewizards.cloudstore.core.auth.SignedAuthTokenIO;
import co.codewizards.cloudstore.core.repo.local.LocalRepoManager;
import co.codewizards.cloudstore.core.repo.local.LocalRepoManagerFactory;
import co.codewizards.cloudstore.core.repo.local.LocalRepoRegistry;
import co.codewizards.cloudstore.core.util.Util;
import co.codewizards.cloudstore.rest.server.auth.TransientRepoPasswordManager;
import java.util.UUID;
import javax.ws.rs.Consumes;
import javax.ws.rs.GET;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Produces({"application/xml"})
@Path("_EncryptedSignedAuthToken/{repositoryName}")
@Consumes({"application/xml"})
/* loaded from: input_file:co/codewizards/cloudstore/rest/server/service/EncryptedSignedAuthTokenService.class */
public class EncryptedSignedAuthTokenService {
    private static final Logger logger = LoggerFactory.getLogger(EncryptedSignedAuthTokenService.class);

    @PathParam("repositoryName")
    private String repositoryName;

    public EncryptedSignedAuthTokenService() {
        logger.debug("<init>: created new instance");
    }

    @GET
    @Path("{clientRepositoryId}")
    public EncryptedSignedAuthToken getEncryptedSignedAuthToken(@PathParam("clientRepositoryId") UUID uuid) {
        Util.assertNotNull("repositoryName", this.repositoryName);
        Util.assertNotNull("clientRepositoryId", uuid);
        LocalRepoManager createLocalRepoManagerForExistingRepository = LocalRepoManagerFactory.Helper.getInstance().createLocalRepoManagerForExistingRepository(LocalRepoRegistry.getInstance().getLocalRootForRepositoryNameOrFail(this.repositoryName));
        try {
            EncryptedSignedAuthToken encryptedSignedAuthToken = getEncryptedSignedAuthToken(createLocalRepoManagerForExistingRepository.getRepositoryId(), uuid, createLocalRepoManagerForExistingRepository.getPrivateKey(), createLocalRepoManagerForExistingRepository.getRemoteRepositoryPublicKeyOrFail(uuid));
            createLocalRepoManagerForExistingRepository.close();
            return encryptedSignedAuthToken;
        } catch (Throwable th) {
            createLocalRepoManagerForExistingRepository.close();
            throw th;
        }
    }

    protected EncryptedSignedAuthToken getEncryptedSignedAuthToken(UUID uuid, UUID uuid2, byte[] bArr, byte[] bArr2) {
        return new SignedAuthTokenEncrypter(bArr2).encrypt(new SignedAuthTokenIO().serialise(new AuthTokenSigner(bArr).sign(new AuthTokenIO().serialise(TransientRepoPasswordManager.getInstance().getCurrentAuthRepoPassword(uuid, uuid2).getAuthToken()))));
    }
}
