package com.atlassian.security.auth.trustedapps;

import java.math.BigInteger;
import java.security.PublicKey;
import javax.servlet.http.HttpServletRequest;

/* loaded from: input_file:com/atlassian/security/auth/trustedapps/DefaultTrustedApplication.class */
public class DefaultTrustedApplication implements TrustedApplication {
    private final String name;
    protected final String id;
    protected final PublicKey publicKey;
    protected final RequestConditions requestConditions;
    protected final RequestValidator requestValidator;
    protected final EncryptionProvider encryptionProvider;

    /* JADX INFO: Access modifiers changed from: package-private */
    public static ApplicationCertificate checkCertificateExpiry(ApplicationCertificate applicationCertificate, long j) throws InvalidCertificateException {
        if (j != 0) {
            BigInteger valueOf = BigInteger.valueOf(applicationCertificate.getCreationTime().getTime());
            BigInteger valueOf2 = BigInteger.valueOf(j);
            if (valueOf.add(valueOf2).compareTo(BigInteger.valueOf(System.currentTimeMillis())) < 0) {
                throw new CertificateTooOldException(applicationCertificate, j);
            }
        }
        return applicationCertificate;
    }

    public DefaultTrustedApplication(EncryptionProvider encryptionProvider, PublicKey publicKey, String str, String str2, RequestConditions requestConditions) {
        Null.not("encryptionProvider", encryptionProvider);
        Null.not("publicKey", publicKey);
        Null.not("id", str);
        Null.not("requestConditions", requestConditions);
        this.encryptionProvider = encryptionProvider;
        this.publicKey = publicKey;
        this.id = str;
        this.name = str2;
        this.requestConditions = requestConditions;
        this.requestValidator = new DefaultRequestValidator(requestConditions.getIPMatcher(), requestConditions.getURLMatcher());
    }

    public DefaultTrustedApplication(EncryptionProvider encryptionProvider, PublicKey publicKey, String str, RequestConditions requestConditions) {
        this(encryptionProvider, publicKey, str, null, requestConditions);
    }

    public DefaultTrustedApplication(PublicKey publicKey, String str, RequestConditions requestConditions) {
        this(new BouncyCastleEncryptionProvider(), publicKey, str, null, requestConditions);
    }

    public DefaultTrustedApplication(PublicKey publicKey, String str, String str2, RequestConditions requestConditions) {
        this(new BouncyCastleEncryptionProvider(), publicKey, str, str2, requestConditions);
    }

    @Override // com.atlassian.security.auth.trustedapps.TrustedApplication
    public ApplicationCertificate decode(EncryptedCertificate encryptedCertificate, HttpServletRequest httpServletRequest) throws InvalidCertificateException {
        ApplicationCertificate decodeEncryptedCertificate = this.encryptionProvider.decodeEncryptedCertificate(encryptedCertificate, this.publicKey, getID());
        checkCertificateExpiry(decodeEncryptedCertificate, this.requestConditions.getCertificateTimeout());
        checkRequest(httpServletRequest);
        return decodeEncryptedCertificate;
    }

    @Override // com.atlassian.security.auth.trustedapps.TrustedApplication
    public RequestConditions getRequestConditions() {
        return this.requestConditions;
    }

    @Override // com.atlassian.security.auth.trustedapps.TrustedApplication
    public String getName() {
        return this.name;
    }

    @Override // com.atlassian.security.auth.trustedapps.Application
    public String getID() {
        return this.id;
    }

    @Override // com.atlassian.security.auth.trustedapps.Application
    public PublicKey getPublicKey() {
        return this.publicKey;
    }

    protected void checkRequest(HttpServletRequest httpServletRequest) throws InvalidCertificateException {
        try {
            this.requestValidator.validate(httpServletRequest);
        } catch (InvalidRequestException e) {
            throw new InvalidCertificateException(e);
        }
    }
}
