package net.raphimc.viaproxy.proxy.packethandler;

import com.mojang.authlib.GameProfile;
import com.mojang.authlib.yggdrasil.ProfileResult;
import com.viaversion.viaversion.api.protocol.version.ProtocolVersion;
import io.netty.channel.ChannelFutureListener;
import io.netty.util.concurrent.Future;
import io.netty.util.concurrent.GenericFutureListener;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.KeyPair;
import java.security.PublicKey;
import java.time.Instant;
import java.util.Arrays;
import java.util.List;
import java.util.Random;
import java.util.concurrent.ExecutionException;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.Executors;
import javax.crypto.SecretKey;
import net.raphimc.netminecraft.constants.ConnectionState;
import net.raphimc.netminecraft.constants.MCPipeline;
import net.raphimc.netminecraft.netty.crypto.AESEncryption;
import net.raphimc.netminecraft.netty.crypto.CryptUtil;
import net.raphimc.netminecraft.packet.Packet;
import net.raphimc.netminecraft.packet.impl.login.C2SLoginHelloPacket;
import net.raphimc.netminecraft.packet.impl.login.C2SLoginKeyPacket;
import net.raphimc.netminecraft.packet.impl.login.S2CLoginGameProfilePacket;
import net.raphimc.netminecraft.packet.impl.login.S2CLoginHelloPacket;
import net.raphimc.vialegacy.api.LegacyProtocolVersion;
import net.raphimc.vialegacy.api.util.UuidUtil;
import net.raphimc.vialegacy.protocol.release.r1_6_4tor1_7_2_5.storage.ProtocolMetadataStorage;
import net.raphimc.viaproxy.ViaProxy;
import net.raphimc.viaproxy.plugins.events.ClientLoggedInEvent;
import net.raphimc.viaproxy.plugins.events.ShouldVerifyOnlineModeEvent;
import net.raphimc.viaproxy.proxy.LoginState;
import net.raphimc.viaproxy.proxy.external_interface.AuthLibServices;
import net.raphimc.viaproxy.proxy.external_interface.ExternalInterface;
import net.raphimc.viaproxy.proxy.session.ProxyConnection;
import net.raphimc.viaproxy.proxy.util.ChannelUtil;
import net.raphimc.viaproxy.proxy.util.CloseAndReturn;
import net.raphimc.viaproxy.util.logging.Logger;

/* loaded from: input_file:net/raphimc/viaproxy/proxy/packethandler/LoginPacketHandler.class */
public class LoginPacketHandler extends PacketHandler {
    private static final KeyPair KEY_PAIR = CryptUtil.generateKeyPair();
    private static final Random RANDOM = new Random();
    private static final ExecutorService HTTP_EXECUTOR = Executors.newWorkStealingPool(4);
    private final byte[] verifyToken;
    private LoginState loginState;

    public LoginPacketHandler(ProxyConnection proxyConnection) {
        super(proxyConnection);
        this.verifyToken = new byte[4];
        this.loginState = LoginState.FIRST_PACKET;
        RANDOM.nextBytes(this.verifyToken);
    }

    @Override // net.raphimc.viaproxy.proxy.packethandler.PacketHandler
    public boolean handleC2P(Packet packet, List<ChannelFutureListener> list) throws GeneralSecurityException {
        if (packet instanceof C2SLoginHelloPacket) {
            C2SLoginHelloPacket c2SLoginHelloPacket = (C2SLoginHelloPacket) packet;
            if (this.loginState != LoginState.FIRST_PACKET) {
                throw CloseAndReturn.INSTANCE;
            }
            this.loginState = LoginState.SENT_HELLO;
            if (c2SLoginHelloPacket.expiresAt != null && c2SLoginHelloPacket.expiresAt.isBefore(Instant.now())) {
                throw new IllegalStateException("Expired public key");
            }
            this.proxyConnection.setLoginHelloPacket(c2SLoginHelloPacket);
            if (c2SLoginHelloPacket.uuid != null) {
                this.proxyConnection.setGameProfile(new GameProfile(c2SLoginHelloPacket.uuid, c2SLoginHelloPacket.name));
            } else {
                this.proxyConnection.setGameProfile(new GameProfile(UuidUtil.createOfflinePlayerUuid(c2SLoginHelloPacket.name), c2SLoginHelloPacket.name));
            }
            if (ViaProxy.getConfig().isProxyOnlineMode() && !((ShouldVerifyOnlineModeEvent) ViaProxy.EVENT_MANAGER.call(new ShouldVerifyOnlineModeEvent(this.proxyConnection))).isCancelled()) {
                this.proxyConnection.getC2P().writeAndFlush(new S2CLoginHelloPacket("", KEY_PAIR.getPublic().getEncoded(), this.verifyToken, true)).addListener2((GenericFutureListener<? extends Future<? super Void>>) ChannelFutureListener.FIRE_EXCEPTION_ON_FAILURE);
                return false;
            }
            ViaProxy.EVENT_MANAGER.call(new ClientLoggedInEvent(this.proxyConnection));
            ExternalInterface.fillPlayerData(this.proxyConnection);
            this.proxyConnection.getChannel().writeAndFlush(this.proxyConnection.getLoginHelloPacket()).addListener2((GenericFutureListener<? extends Future<? super Void>>) ChannelFutureListener.FIRE_EXCEPTION_ON_FAILURE);
            return false;
        }
        if (!(packet instanceof C2SLoginKeyPacket)) {
            return true;
        }
        C2SLoginKeyPacket c2SLoginKeyPacket = (C2SLoginKeyPacket) packet;
        if (this.loginState != LoginState.SENT_HELLO) {
            throw CloseAndReturn.INSTANCE;
        }
        this.loginState = LoginState.SENT_KEY;
        if (c2SLoginKeyPacket.encryptedNonce == null) {
            C2SLoginHelloPacket loginHelloPacket = this.proxyConnection.getLoginHelloPacket();
            if (loginHelloPacket.key == null || !CryptUtil.verifySignedNonce(loginHelloPacket.key, this.verifyToken, c2SLoginKeyPacket.salt.longValue(), c2SLoginKeyPacket.signature)) {
                Logger.u_err("auth", this.proxyConnection, "Invalid verify token");
                this.proxyConnection.kickClient("§cInvalid verify token!");
            }
        } else if (!Arrays.equals(this.verifyToken, CryptUtil.decryptData(KEY_PAIR.getPrivate(), c2SLoginKeyPacket.encryptedNonce))) {
            Logger.u_err("auth", this.proxyConnection, "Invalid verify token");
            this.proxyConnection.kickClient("§cInvalid verify token!");
        }
        SecretKey decryptSecretKey = CryptUtil.decryptSecretKey(KEY_PAIR.getPrivate(), c2SLoginKeyPacket.encryptedSecretKey);
        this.proxyConnection.getC2P().attr(MCPipeline.ENCRYPTION_ATTRIBUTE_KEY).set(new AESEncryption(decryptSecretKey));
        HTTP_EXECUTOR.submit(() -> {
            String name = this.proxyConnection.getGameProfile().getName();
            try {
                ProfileResult hasJoinedServer = AuthLibServices.SESSION_SERVICE.hasJoinedServer(name, new BigInteger(CryptUtil.computeServerIdHash("", KEY_PAIR.getPublic(), decryptSecretKey)).toString(16), null);
                if (hasJoinedServer == null) {
                    Logger.u_err("auth", this.proxyConnection, "Invalid session");
                    this.proxyConnection.kickClient("§cInvalid session! Please restart minecraft (and the launcher) and try again.");
                } else {
                    this.proxyConnection.setGameProfile(hasJoinedServer.profile());
                }
                Logger.u_info("auth", this.proxyConnection, "Authenticated as " + this.proxyConnection.getGameProfile().getId().toString());
            } catch (CloseAndReturn e) {
            } catch (Throwable th) {
                Logger.LOGGER.error("Failed to make session request for user '" + name + "'!", th);
                try {
                    this.proxyConnection.kickClient("§cFailed to authenticate with Mojang servers! Please try again later.");
                } catch (Throwable th2) {
                }
            }
            this.proxyConnection.getC2P().eventLoop().execute(() -> {
                ViaProxy.EVENT_MANAGER.call(new ClientLoggedInEvent(this.proxyConnection));
                ExternalInterface.fillPlayerData(this.proxyConnection);
                this.proxyConnection.getChannel().writeAndFlush(this.proxyConnection.getLoginHelloPacket()).addListener2((GenericFutureListener<? extends Future<? super Void>>) ChannelFutureListener.FIRE_EXCEPTION_ON_FAILURE);
            });
        });
        return false;
    }

    @Override // net.raphimc.viaproxy.proxy.packethandler.PacketHandler
    public boolean handleP2S(Packet packet, List<ChannelFutureListener> list) throws GeneralSecurityException, ExecutionException, InterruptedException {
        if (!(packet instanceof S2CLoginHelloPacket)) {
            if (!(packet instanceof S2CLoginGameProfilePacket)) {
                return true;
            }
            S2CLoginGameProfilePacket s2CLoginGameProfilePacket = (S2CLoginGameProfilePacket) packet;
            ConnectionState connectionState = this.proxyConnection.getClientVersion().newerThanOrEqualTo(ProtocolVersion.v1_20_2) ? ConnectionState.CONFIGURATION : ConnectionState.PLAY;
            this.proxyConnection.setGameProfile(new GameProfile(s2CLoginGameProfilePacket.uuid, s2CLoginGameProfilePacket.name));
            Logger.u_info("session", this.proxyConnection, "Connected successfully! Switching to " + String.valueOf(connectionState) + " state");
            ChannelUtil.disableAutoRead(this.proxyConnection.getChannel());
            list.add(channelFuture -> {
                if (!channelFuture.isSuccess() || connectionState == ConnectionState.CONFIGURATION) {
                    return;
                }
                this.proxyConnection.setC2pConnectionState(connectionState);
                this.proxyConnection.setP2sConnectionState(connectionState);
                ChannelUtil.restoreAutoRead(this.proxyConnection.getChannel());
            });
            return true;
        }
        S2CLoginHelloPacket s2CLoginHelloPacket = (S2CLoginHelloPacket) packet;
        PublicKey decodeRsaPublicKey = CryptUtil.decodeRsaPublicKey(s2CLoginHelloPacket.publicKey);
        SecretKey generateSecretKey = CryptUtil.generateSecretKey();
        String bigInteger = new BigInteger(CryptUtil.computeServerIdHash(s2CLoginHelloPacket.serverId, decodeRsaPublicKey, generateSecretKey)).toString(16);
        boolean z = this.proxyConnection.getClientVersion().olderThan(ProtocolVersion.v1_20_5) || s2CLoginHelloPacket.authenticate;
        if (z && this.proxyConnection.getServerVersion().olderThanOrEqualTo(LegacyProtocolVersion.r1_6_4)) {
            z = ((ProtocolMetadataStorage) this.proxyConnection.getUserConnection().get(ProtocolMetadataStorage.class)).authenticate;
        }
        if (z) {
            ExternalInterface.joinServer(bigInteger, this.proxyConnection);
        }
        C2SLoginKeyPacket c2SLoginKeyPacket = new C2SLoginKeyPacket(CryptUtil.encryptData(decodeRsaPublicKey, generateSecretKey.getEncoded()), CryptUtil.encryptData(decodeRsaPublicKey, s2CLoginHelloPacket.nonce));
        if (this.proxyConnection.getServerVersion().betweenInclusive(ProtocolVersion.v1_19, ProtocolVersion.v1_19_1) && this.proxyConnection.getLoginHelloPacket().key != null) {
            ExternalInterface.signNonce(s2CLoginHelloPacket.nonce, c2SLoginKeyPacket, this.proxyConnection);
        }
        this.proxyConnection.getChannel().writeAndFlush(c2SLoginKeyPacket).addListener2((GenericFutureListener<? extends Future<? super Void>>) ChannelFutureListener.FIRE_EXCEPTION_ON_FAILURE);
        if (this.proxyConnection.getServerVersion().newerThanOrEqualTo(ProtocolVersion.v1_7_2)) {
            this.proxyConnection.getChannel().attr(MCPipeline.ENCRYPTION_ATTRIBUTE_KEY).set(new AESEncryption(generateSecretKey));
            return false;
        }
        this.proxyConnection.setKeyForPreNettyEncryption(generateSecretKey);
        return false;
    }
}
