package io.wondrous.sns.oauth;

import com.google.gson.Gson;
import com.meetme.util.Objects;
import com.meetme.util.Strings;
import io.reactivex.Observable;
import io.reactivex.functions.Function;
import io.reactivex.subjects.BehaviorSubject;
import io.wondrous.sns.oauth.TmgOAuthStatus;
import java.io.IOException;
import javax.inject.Inject;
import javax.inject.Singleton;
import okhttp3.FormBody;
import okhttp3.HttpUrl;
import okhttp3.Interceptor;
import okhttp3.Request;
import okhttp3.Response;

@Singleton
/* loaded from: classes.dex */
public class OAuthInterceptor implements Interceptor {
    private static final String TAG = OAuthInterceptor.class.getSimpleName();
    private final OAuthConfig mConfig;
    private final Gson mGson;
    private Observable<TmgOAuthStatus> mOAuthObservable;
    private BehaviorSubject<TmgOAuthStatus> mOAuthSubject;
    private final OAuthSessionProvider mSessionProvider;

    @Inject
    public OAuthInterceptor(OAuthConfig oAuthConfig, OAuthSessionProvider oAuthSessionProvider) {
        BehaviorSubject<TmgOAuthStatus> createDefault = BehaviorSubject.createDefault(TmgOAuthStatus.Unknown.INSTANCE);
        this.mOAuthSubject = createDefault;
        this.mOAuthObservable = createDefault.distinctUntilChanged();
        this.mConfig = oAuthConfig;
        this.mSessionProvider = oAuthSessionProvider;
        this.mGson = new Gson();
    }

    private boolean isUnauthorized(int i) {
        return i == 403 || i == 401;
    }

    private synchronized void refreshOAuthToken(final Interceptor.Chain chain, String str) {
        if (Objects.equals(str, getToken())) {
            try {
                requestOAuthToken(new Function() { // from class: io.wondrous.sns.oauth.-$$Lambda$OAuthInterceptor$X55M6qNmrfBjQiywvN3QrLGu018
                    @Override // io.reactivex.functions.Function
                    public final Object apply(Object obj) {
                        Response proceed;
                        proceed = Interceptor.Chain.this.proceed((Request) obj);
                        return proceed;
                    }
                });
            } catch (Exception unused) {
            }
        }
    }

    private synchronized void requestOAuthToken(Function<Request, Response> function) throws Exception {
        Response apply = function.apply(createRequestBuilder().build());
        String string = apply.body().string();
        if (apply.isSuccessful()) {
            this.mOAuthSubject.onNext(TmgOAuthStatus.loggedIn((OAuthResponse) this.mGson.fromJson(string, OAuthResponse.class)));
        } else {
            OAuthErrorResponse oAuthErrorResponse = (OAuthErrorResponse) this.mGson.fromJson(string, OAuthErrorResponse.class);
            int code = apply.code();
            if (code == 400 && "invalid_grant".equals(oAuthErrorResponse.getError())) {
                this.mSessionProvider.invalidateSessionToken();
                Response apply2 = function.apply(createRequestBuilder().build());
                if (apply2.isSuccessful()) {
                    this.mOAuthSubject.onNext(TmgOAuthStatus.loggedIn((OAuthResponse) this.mGson.fromJson(apply2.body().string(), OAuthResponse.class)));
                } else {
                    this.mOAuthSubject.onNext(TmgOAuthStatus.error(code, oAuthErrorResponse));
                }
            } else {
                this.mOAuthSubject.onNext(TmgOAuthStatus.error(code, oAuthErrorResponse));
            }
        }
    }

    private Request signRequest(Request request) {
        return request.newBuilder().addHeader("Authorization", "Bearer " + getToken()).build();
    }

    protected Request.Builder createRequestBuilder() throws NullPointerException {
        HttpUrl parse = HttpUrl.parse(this.mConfig.getOAuthBaseUrl());
        if (parse == null) {
            throw new NullPointerException("baseUrl is null, cannot parse: " + this.mConfig.getOAuthBaseUrl());
        }
        Request.Builder url = new Request.Builder().header("Authorization", "Basic " + this.mConfig.getOAuthSecret()).post(new FormBody.Builder().addEncoded("subject_token", (String) Objects.requireNonNull(this.mSessionProvider.getSession())).addEncoded("subject_token_type", "urn:ietf:params:oauth:token-type:session").addEncoded("grant_type", "urn:ietf:params:oauth:grant-type:token-exchange").build()).url(parse.newBuilder().addPathSegments("oauth/token").build());
        url.tag(OAuthInterceptor.class, this);
        return url;
    }

    public Observable<TmgOAuthStatus> getOAuthStatus() {
        return this.mOAuthObservable;
    }

    public String getSub() {
        TmgOAuthStatus value = this.mOAuthSubject.getValue();
        if (value instanceof TmgOAuthStatus.LoggedIn) {
            return ((TmgOAuthStatus.LoggedIn) value).getUserId();
        }
        return null;
    }

    public String getToken() {
        TmgOAuthStatus value = this.mOAuthSubject.getValue();
        if (value instanceof TmgOAuthStatus.LoggedIn) {
            return ((TmgOAuthStatus.LoggedIn) value).getAccessToken();
        }
        return null;
    }

    @Override // okhttp3.Interceptor
    public Response intercept(Interceptor.Chain chain) throws IOException {
        Request request = chain.request();
        if (request.tag(OAuthInterceptor.class) != null) {
            return chain.proceed(request);
        }
        if (Strings.isEmpty(getToken())) {
            refreshOAuthToken(chain, getToken());
        }
        Response proceed = chain.proceed(signRequest(request));
        if (!isUnauthorized(proceed.code())) {
            return proceed;
        }
        refreshOAuthToken(chain, getToken());
        return chain.proceed(signRequest(request));
    }

    public void logout() {
        this.mOAuthSubject.onNext(TmgOAuthStatus.loggedOut());
    }
}
