package com.auth0.android.provider;

import android.app.Activity;
import android.net.Uri;
import android.text.TextUtils;
import android.util.Base64;
import android.util.Log;
import java.security.SecureRandom;
import java.util.Date;
import java.util.HashMap;
import java.util.Map;

/* JADX INFO: Access modifiers changed from: package-private */
/* compiled from: OAuthManager.java */
/* loaded from: classes.dex */
public class m extends o {

    /* renamed from: m, reason: collision with root package name */
    private static final String f8296m = "m";
    private final c.d.a.a a;

    /* renamed from: b, reason: collision with root package name */
    private final d f8297b;

    /* renamed from: c, reason: collision with root package name */
    private final Map<String, String> f8298c;

    /* renamed from: d, reason: collision with root package name */
    private final c.d.a.f.a f8299d;

    /* renamed from: e, reason: collision with root package name */
    private boolean f8300e;

    /* renamed from: f, reason: collision with root package name */
    private boolean f8301f = true;

    /* renamed from: g, reason: collision with root package name */
    private int f8302g;

    /* renamed from: h, reason: collision with root package name */
    private n f8303h;

    /* renamed from: i, reason: collision with root package name */
    private Long f8304i;

    /* renamed from: j, reason: collision with root package name */
    private i f8305j;

    /* renamed from: k, reason: collision with root package name */
    private Integer f8306k;

    /* renamed from: l, reason: collision with root package name */
    private String f8307l;

    /* compiled from: OAuthManager.java */
    /* loaded from: classes.dex */
    class a implements s {
        final /* synthetic */ c.d.a.i.a a;

        /* renamed from: b, reason: collision with root package name */
        final /* synthetic */ Map f8308b;

        /* JADX INFO: Access modifiers changed from: package-private */
        /* compiled from: OAuthManager.java */
        /* renamed from: com.auth0.android.provider.m$a$a, reason: collision with other inner class name */
        /* loaded from: classes.dex */
        public class C0197a extends q {
            C0197a(d dVar) {
                super(dVar);
            }

            @Override // com.auth0.android.provider.d
            public void b(c.d.a.i.a aVar) {
                m.this.f8297b.b(m.w(a.this.a, aVar));
            }
        }

        a(c.d.a.i.a aVar, Map map) {
            this.a = aVar;
            this.f8308b = map;
        }

        @Override // c.d.a.g.b
        public void b(c.d.a.b bVar) {
            m.this.f8297b.a(new c.d.a.f.b("Could not verify the ID token", bVar));
        }

        @Override // c.d.a.g.a
        /* renamed from: c, reason: merged with bridge method [inline-methods] */
        public void a(Void r4) {
            if (m.this.B()) {
                m.this.f8303h.b((String) this.f8308b.get("code"), new C0197a(m.this.f8297b));
            } else {
                m.this.f8297b.b(this.a);
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* compiled from: OAuthManager.java */
    /* loaded from: classes.dex */
    public class b extends q {

        /* renamed from: b, reason: collision with root package name */
        final /* synthetic */ c.d.a.i.a f8311b;

        /* compiled from: OAuthManager.java */
        /* loaded from: classes.dex */
        class a implements s {
            final /* synthetic */ c.d.a.i.a a;

            a(c.d.a.i.a aVar) {
                this.a = aVar;
            }

            @Override // c.d.a.g.b
            public void b(c.d.a.b bVar) {
                m.this.f8297b.a(new c.d.a.f.b("Could not verify the ID token", bVar));
            }

            @Override // c.d.a.g.a
            /* renamed from: c, reason: merged with bridge method [inline-methods] */
            public void a(Void r2) {
                m.this.f8297b.b(m.w(b.this.f8311b, this.a));
            }
        }

        /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
        b(d dVar, c.d.a.i.a aVar) {
            super(dVar);
            this.f8311b = aVar;
        }

        @Override // com.auth0.android.provider.d
        public void b(c.d.a.i.a aVar) {
            m.this.p(aVar.e(), new a(aVar));
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* compiled from: OAuthManager.java */
    /* loaded from: classes.dex */
    public class c implements c.d.a.g.a<p, r> {
        final /* synthetic */ s a;

        /* renamed from: b, reason: collision with root package name */
        final /* synthetic */ com.auth0.android.jwt.e f8314b;

        c(s sVar, com.auth0.android.jwt.e eVar) {
            this.a = sVar;
            this.f8314b = eVar;
        }

        @Override // c.d.a.g.b
        /* renamed from: c, reason: merged with bridge method [inline-methods] */
        public void b(r rVar) {
            this.a.b(rVar);
        }

        @Override // c.d.a.g.a
        /* renamed from: d, reason: merged with bridge method [inline-methods] */
        public void a(p pVar) {
            k kVar = new k(m.this.f8307l, m.this.f8299d.c(), pVar);
            String str = (String) m.this.f8298c.get("max_age");
            if (!TextUtils.isEmpty(str)) {
                kVar.j(Integer.valueOf(str));
            }
            kVar.i(m.this.f8306k);
            kVar.k((String) m.this.f8298c.get("nonce"));
            kVar.h(new Date(m.this.t()));
            try {
                new l().a(this.f8314b, kVar);
                m.this.v("Authenticated using web flow");
                this.a.a(null);
            } catch (r e2) {
                this.a.b(e2);
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public m(c.d.a.a aVar, d dVar, Map<String, String> map, i iVar) {
        this.a = aVar;
        this.f8297b = dVar;
        this.f8298c = new HashMap(map);
        this.f8299d = new c.d.a.f.a(aVar);
        this.f8305j = iVar;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public boolean B() {
        return this.f8298c.containsKey("response_type") && this.f8298c.get("response_type").contains("code") && n.c();
    }

    private void l(Map<String, String> map, String str) {
        if (this.a.g() != null) {
            map.put("auth0Client", this.a.g().a());
        }
        map.put("client_id", this.a.c());
        map.put("redirect_uri", str);
    }

    private void m(Map<String, String> map, String str) {
        if (B()) {
            try {
                s(str);
                map.put("code_challenge", this.f8303h.a());
                map.put("code_challenge_method", "S256");
                Log.v(f8296m, "Using PKCE authentication flow");
            } catch (IllegalStateException e2) {
                Log.e(f8296m, "Some algorithms aren't available on this device and PKCE can't be used. Defaulting to token response_type.", e2);
            }
        }
    }

    private void n(Map<String, String> map) {
        map.put("state", u(map.get("state")));
        if (map.containsKey("response_type") && (map.get("response_type").contains("id_token") || map.get("response_type").contains("code"))) {
            map.put("nonce", u(map.get("nonce")));
        }
    }

    private void o(String str, String str2) {
        if (str == null) {
            return;
        }
        Log.e(f8296m, "Error, access denied. Check that the required Permissions are granted and that the Application has this Connection configured in Auth0 Dashboard.");
        if ("access_denied".equalsIgnoreCase(str)) {
            throw new c.d.a.f.b("access_denied", "Permissions were not granted. Try again.");
        }
        if ("unauthorized".equalsIgnoreCase(str)) {
            throw new c.d.a.f.b("unauthorized", str2);
        }
        if (!"login_required".equals(str)) {
            throw new c.d.a.f.b("a0.invalid_configuration", "The application isn't configured properly for the social connection. Please check your Auth0's application configuration");
        }
        throw new c.d.a.f.b(str, str2);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void p(String str, s sVar) {
        if (TextUtils.isEmpty(str)) {
            sVar.b(new r("ID token is required but missing"));
            return;
        }
        try {
            com.auth0.android.jwt.e eVar = new com.auth0.android.jwt.e(str);
            c cVar = new c(sVar, eVar);
            String str2 = eVar.g().get("alg");
            if (this.a.j() || "RS256".equals(str2)) {
                p.c(eVar.g().get("kid"), this.f8299d, cVar);
            } else {
                p.d(cVar);
            }
        } catch (com.auth0.android.jwt.d unused) {
            sVar.b(new r("ID token could not be decoded"));
        }
    }

    static void q(String str, String str2) {
        if (str.equals(str2)) {
            return;
        }
        Log.e(f8296m, String.format("Received state doesn't match. Received %s but expected %s", str2, str));
        throw new c.d.a.f.b("access_denied", "The received state is invalid. Try again.");
    }

    private Uri r() {
        Uri.Builder buildUpon = Uri.parse(this.a.b()).buildUpon();
        for (Map.Entry<String, String> entry : this.f8298c.entrySet()) {
            buildUpon.appendQueryParameter(entry.getKey(), entry.getValue());
        }
        Uri build = buildUpon.build();
        v("Using the following Authorize URI: " + build.toString());
        return build;
    }

    private void s(String str) {
        if (this.f8303h == null) {
            this.f8303h = new n(this.f8299d, str);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public long t() {
        Long l2 = this.f8304i;
        return l2 != null ? l2.longValue() : System.currentTimeMillis();
    }

    static String u(String str) {
        return str != null ? str : x();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void v(String str) {
        if (this.a.i()) {
            Log.d(f8296m, str);
        }
    }

    static c.d.a.i.a w(c.d.a.i.a aVar, c.d.a.i.a aVar2) {
        return new c.d.a.i.a(TextUtils.isEmpty(aVar.e()) ? aVar2.e() : aVar.e(), TextUtils.isEmpty(aVar2.a()) ? aVar.a() : aVar2.a(), TextUtils.isEmpty(aVar2.h()) ? aVar.h() : aVar2.h(), aVar2.f(), aVar2.c() != null ? aVar2.c() : aVar.c(), TextUtils.isEmpty(aVar2.g()) ? aVar.g() : aVar2.g());
    }

    private static String x() {
        byte[] bArr = new byte[32];
        new SecureRandom().nextBytes(bArr);
        return Base64.encodeToString(bArr, 11);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void A(n nVar) {
        this.f8303h = nVar;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void C(Activity activity, String str, int i2) {
        m(this.f8298c, str);
        l(this.f8298c, str);
        n(this.f8298c);
        Uri r = r();
        this.f8302g = i2;
        if (this.f8301f) {
            AuthenticationActivity.a(activity, r, this.f8305j);
        } else {
            AuthenticationActivity.b(activity, r, i2, this.f8298c.get("connection"), this.f8300e);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void D(boolean z) {
        this.f8301f = z;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void E(boolean z) {
        this.f8300e = z;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // com.auth0.android.provider.o
    public boolean a(e eVar) {
        boolean z = false;
        if (!eVar.c(this.f8302g)) {
            Log.w(f8296m, "The Authorize Result is invalid.");
            return false;
        }
        if (eVar.b()) {
            this.f8297b.a(new c.d.a.f.b("a0.authentication_canceled", "The user closed the browser app and the authentication was canceled."));
            return true;
        }
        Map<String, String> c2 = g.c(eVar.a());
        if (c2.isEmpty()) {
            Log.w(f8296m, "The response didn't contain any of these values: code, state, id_token, access_token, token_type, refresh_token");
            return false;
        }
        v("The parsed CallbackURI contains the following values: " + c2);
        try {
            o(c2.get("error"), c2.get("error_description"));
            q(this.f8298c.get("state"), c2.get("state"));
            Date date = !c2.containsKey("expires_in") ? null : new Date(t() + (Long.parseLong(c2.get("expires_in")) * 1000));
            if (this.f8298c.containsKey("response_type") && this.f8298c.get("response_type").contains("id_token")) {
                z = true;
            }
            c.d.a.i.a aVar = new c.d.a.i.a(z ? c2.get("id_token") : null, c2.get("access_token"), c2.get("token_type"), null, date, c2.get("scope"));
            if (z) {
                p(aVar.e(), new a(aVar, c2));
                return true;
            }
            if (B()) {
                this.f8303h.b(c2.get("code"), new b(this.f8297b, aVar));
                return true;
            }
            this.f8297b.b(aVar);
            return true;
        } catch (c.d.a.f.b e2) {
            this.f8297b.a(e2);
            return true;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void y(String str) {
        if (TextUtils.isEmpty(str)) {
            str = this.f8299d.b();
        }
        this.f8307l = str;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void z(Integer num) {
        this.f8306k = num;
    }
}
