package com.backbase.android.clients.auth.oauth2;

import android.os.Handler;
import android.os.Message;
import android.util.Base64;
import androidx.annotation.NonNull;
import androidx.annotation.Nullable;
import androidx.annotation.VisibleForTesting;
import com.backbase.android.Backbase;
import com.backbase.android.clients.auth.AuthClient;
import com.backbase.android.clients.auth.AuthClientListener;
import com.backbase.android.clients.auth.AuthHeadersUtils;
import com.backbase.android.clients.auth.PasswordAuthListener;
import com.backbase.android.configurations.BBOAuth2Configuration;
import com.backbase.android.core.errorhandling.EncryptionException;
import com.backbase.android.core.errorhandling.ErrorCodes;
import com.backbase.android.core.networking.error.ErrorResponseResolver;
import com.backbase.android.core.utils.BBLogger;
import com.backbase.android.core.utils.DoNotObfuscate;
import com.backbase.android.listeners.SessionListener;
import com.backbase.android.modules.SessionState;
import com.backbase.android.plugins.oauth2.OAuth2Web;
import com.backbase.android.plugins.storage.StorageComponent;
import com.backbase.android.plugins.storage.persistent.EncryptedStorage;
import com.backbase.android.utils.inner.test.ForTesting;
import com.backbase.android.utils.net.NetworkConnector;
import com.backbase.android.utils.net.NetworkConnectorBuilder;
import com.backbase.android.utils.net.ServerRequestWorker;
import com.backbase.android.utils.net.request.RequestListener;
import com.backbase.android.utils.net.request.RequestMethods;
import com.backbase.android.utils.net.response.Response;
import com.google.firebase.installations.Utils;
import com.google.gson.GsonBuilder;
import java.net.MalformedURLException;
import java.net.URL;
import java.nio.charset.StandardCharsets;
import java.util.HashMap;
import java.util.Map;
import m.a.a.a.g;

@DoNotObfuscate
/* loaded from: classes6.dex */
public class BBOAuth2AuthClient implements Handler.Callback, AuthClient, OAuth2AuthClient, OAuth2ROPCGrant {
    public static final String APPLICATION_X_WWW_FORM_URLENCODED = "application/x-www-form-urlencoded";
    public static final String CONTENT_TYPE_HEADER_NAME = "Content-Type";
    public static final String ERROR_RESPONSE_KEY = "com.backbase.android.clients.auth.oauth2.ERROR_RESPONSE";
    public static final String LOGTAG = BBOAuth2AuthClient.class.getSimpleName();
    public static final long MILLIS_IN_YEAR = 31536000000L;
    public static final int NOTIFY_OBSERVER = 1;
    public static final String O_AUTH2_ACCESS_TOKEN_STORAGE_KEY = "bb.oauth2.client.access.token";
    public static final String O_AUTH2_AUTHORIZATION_HEADER_NAME = "Authorization";
    public static final String O_AUTH2_REFRESH_TOKEN_STORAGE_KEY = "bb.oauth2.client.refresh.token";
    public static final String PARAM_CLIENT_ID = "client_id";
    public static final String PARAM_CLIENT_SECRET = "client_secret";
    public static final String PARAM_GRANT_TYPE = "grant_type";
    public static final String PARAM_PASSWORD = "password";
    public static final String PARAM_REFRESH_TOKEN = "refresh_token";
    public static final String PARAM_USERNAME = "username";
    public static final String REFRESH_TOKEN = "refresh_token";

    @Nullable
    public Map<String, String> authTokens;

    @Nullable
    public String clientId;

    @Nullable
    public String clientSecret;
    public StorageComponent encryptedStorageComponent;
    public long expiresAt;
    public Handler handler;

    @VisibleForTesting
    public SessionState previousSessionState = SessionState.NONE;
    public SessionListener sessionListener;

    @Nullable
    public URL tokenEndpoint;

    @DoNotObfuscate
    /* loaded from: classes6.dex */
    public final class InvalidOAuth2ConfigurationException extends Exception {
        public InvalidOAuth2ConfigurationException(String str) {
            super(str);
        }
    }

    /* loaded from: classes6.dex */
    public class a implements RequestListener<Response> {
        public /* synthetic */ PasswordAuthListener a;
        public /* synthetic */ String[] b;

        public a(PasswordAuthListener passwordAuthListener, String[] strArr) {
            this.a = passwordAuthListener;
            this.b = strArr;
        }

        @Override // com.backbase.android.utils.net.request.RequestListener
        public /* synthetic */ void onCancelled(@NonNull String str) {
            f.c.b.o.b.c.a.$default$onCancelled(this, str);
        }

        @Override // com.backbase.android.utils.net.request.RequestListener
        public final /* synthetic */ void onRequestDone(@NonNull Response response) {
            Response response2 = response;
            if (response2.isErrorResponse()) {
                BBOAuth2AuthClient.this.handleAuthenticationError(this.a, response2);
            } else {
                if (this.a.onAuthRequiresAction(response2)) {
                    return;
                }
                BBOAuth2AuthClient.this.handleAuthenticationSuccess(this.a, response2, this.b);
            }
        }
    }

    /* loaded from: classes6.dex */
    public class b implements RequestListener<Response> {
        public /* synthetic */ OAuth2AuthClientListener a;

        public b(OAuth2AuthClientListener oAuth2AuthClientListener) {
            this.a = oAuth2AuthClientListener;
        }

        @Override // com.backbase.android.utils.net.request.RequestListener
        public /* synthetic */ void onCancelled(@NonNull String str) {
            f.c.b.o.b.c.a.$default$onCancelled(this, str);
        }

        @Override // com.backbase.android.utils.net.request.RequestListener
        public final /* synthetic */ void onRequestDone(@NonNull Response response) {
            Response response2 = response;
            if (response2.isErrorResponse()) {
                BBLogger.warning(BBOAuth2AuthClient.LOGTAG, "Token refresh wasn't successful");
                this.a.oAuth2AuthClientAccessTokenRefreshFailed(new Response(response2.getErrorMessage(), response2.getResponseCode(), response2.getHeaders()));
                return;
            }
            try {
                BBOAuth2AuthClient.this.c(response2);
                this.a.oAuth2AuthClientAccessTokenRefreshed(response2.getHeaders());
                BBLogger.info(BBOAuth2AuthClient.LOGTAG, "Token refreshed successfully");
            } catch (c unused) {
                BBLogger.warning(BBOAuth2AuthClient.LOGTAG, "Token refresh wasn't successful");
                this.a.oAuth2AuthClientAccessTokenRefreshFailed(new Response("Invalid OAuth2 response: " + new String(response2.getByteResponse(), StandardCharsets.UTF_8), response2.getResponseCode(), response2.getHeaders()));
            }
        }
    }

    /* loaded from: classes6.dex */
    public static class c extends Exception {
        public c() {
        }

        public /* synthetic */ c(byte b) {
            this();
        }
    }

    public BBOAuth2AuthClient() throws InvalidOAuth2ConfigurationException {
        d(null);
    }

    public BBOAuth2AuthClient(@Nullable String str) throws InvalidOAuth2ConfigurationException {
        d(str);
    }

    public BBOAuth2AuthClient(@NonNull URL url) {
        f(url, null, null);
    }

    public BBOAuth2AuthClient(@Nullable URL url, @Nullable String str, @Nullable String str2) {
        f(url, str, str2);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void c(Response response) throws c {
        String stringResponse = response.getStringResponse();
        byte b2 = 0;
        if (stringResponse == null || stringResponse.isEmpty()) {
            throw new c(b2);
        }
        try {
            BBOAuth2Response bBOAuth2Response = (BBOAuth2Response) new GsonBuilder().d().i(new f.d.c.b().c(stringResponse).p(), BBOAuth2Response.class);
            if (bBOAuth2Response.getTokenType() != null && bBOAuth2Response.getAccessToken() != null) {
                this.authTokens.put("Authorization", bBOAuth2Response.getTokenType() + g.SPACE + bBOAuth2Response.getAccessToken());
            }
            if (bBOAuth2Response.getRefreshToken() != null) {
                e(O_AUTH2_REFRESH_TOKEN_STORAGE_KEY, bBOAuth2Response.getRefreshToken());
            } else {
                e(O_AUTH2_ACCESS_TOKEN_STORAGE_KEY, bBOAuth2Response.getAccessToken());
            }
            long expiresIn = bBOAuth2Response.getExpiresIn() * 1000;
            if (expiresIn > 0) {
                this.expiresAt = System.currentTimeMillis() + expiresIn;
            } else {
                this.expiresAt = System.currentTimeMillis() + MILLIS_IN_YEAR;
            }
            this.handler.sendEmptyMessage(1);
            this.handler.sendEmptyMessageDelayed(1, expiresIn);
        } catch (Exception unused) {
            throw new c(b2);
        }
    }

    private void d(@Nullable String str) throws InvalidOAuth2ConfigurationException {
        BBOAuth2Configuration oAuth2Config = h().getConfiguration().getExperienceConfiguration().getOAuth2Config();
        try {
            f(new URL(oAuth2Config.getTokenEndpoint()), oAuth2Config.getClientId(), str);
        } catch (MalformedURLException e2) {
            BBLogger.error(LOGTAG, e2, "baseURL is not valid");
            throw new InvalidOAuth2ConfigurationException(e2.getMessage());
        }
    }

    private void e(String str, String str2) {
        try {
            this.encryptedStorageComponent.setItem(str, str2);
        } catch (EncryptionException e2) {
            BBLogger.error(LOGTAG, e2.getLocalizedMessage());
        }
    }

    private void f(@Nullable URL url, @Nullable String str, @Nullable String str2) {
        this.tokenEndpoint = url;
        this.clientId = str;
        this.clientSecret = str2;
        this.encryptedStorageComponent = ((EncryptedStorage) h().getRegisteredPlugin(EncryptedStorage.class)).getStorageComponent();
        this.authTokens = new HashMap();
        h().registerPlugin(new OAuth2Web());
        this.handler = getHandler();
        if (this.encryptedStorageComponent.getItem(O_AUTH2_ACCESS_TOKEN_STORAGE_KEY) != null) {
            this.authTokens.put("Authorization", this.encryptedStorageComponent.getItem(O_AUTH2_ACCESS_TOKEN_STORAGE_KEY));
        }
    }

    @VisibleForTesting
    private SessionState g() {
        return System.currentTimeMillis() > this.expiresAt ? SessionState.NONE : SessionState.VALID;
    }

    @NonNull
    public static Backbase h() {
        Backbase backbase = Backbase.getInstance();
        if (backbase != null) {
            return backbase;
        }
        throw new IllegalStateException("Backbase framework wasn't initialized");
    }

    @Override // com.backbase.android.clients.auth.PasswordAuthClient
    public void authenticate(@NonNull char[] cArr, @NonNull char[] cArr2, @Nullable Map<String, String> map, @Nullable Map<String, String> map2, @NonNull PasswordAuthListener passwordAuthListener, @Nullable String... strArr) {
        HashMap hashMap = new HashMap();
        hashMap.put("grant_type", "password");
        hashMap.put(PARAM_USERNAME, new String(cArr));
        hashMap.put("password", new String(cArr2));
        if (map2 != null && !map2.isEmpty()) {
            map2.remove("password");
            map2.remove(PARAM_USERNAME);
            map2.remove("grant_type");
            for (Map.Entry<String, String> entry : map2.entrySet()) {
                hashMap.put(entry.getKey(), entry.getValue());
            }
        }
        getServerRequestWorker(getAuthNetworkConnector(hashMap, map), getAuthRequestListener(passwordAuthListener, strArr)).start();
    }

    @Override // com.backbase.android.clients.auth.AuthClient
    public void checkSessionValidity(@NonNull AuthClientListener authClientListener) {
        SessionState g2 = g();
        authClientListener.checkSessionState(g2, g2 == SessionState.NONE ? new Response("Session expired", ErrorCodes.SESSION_EXPIRED) : null);
    }

    @NonNull
    @VisibleForTesting
    public Map<String, String> createRefreshParams(@Nullable String str) {
        HashMap hashMap = new HashMap();
        hashMap.put("grant_type", "refresh_token");
        hashMap.put("refresh_token", this.encryptedStorageComponent.getItem(O_AUTH2_REFRESH_TOKEN_STORAGE_KEY));
        if (str != null && !str.isEmpty()) {
            hashMap.put("scope", str);
        }
        return hashMap;
    }

    @Override // com.backbase.android.clients.auth.AuthClient
    public void endSession(@NonNull AuthClientListener authClientListener) {
        endSession(null, authClientListener);
    }

    @Override // com.backbase.android.clients.auth.AuthClient
    public void endSession(@Nullable Response response, @NonNull AuthClientListener authClientListener) {
        this.expiresAt = 0L;
        NetworkConnectorBuilder.Configurations.removeHeaders(this.authTokens);
        this.authTokens = new HashMap();
        if (response == null) {
            this.handler.sendEmptyMessage(1);
        } else {
            Message obtain = Message.obtain();
            obtain.what = 1;
            obtain.getData().putParcelable(ERROR_RESPONSE_KEY, response);
            this.handler.sendMessage(obtain);
        }
        authClientListener.checkSessionState(SessionState.NONE, response);
        BBLogger.info(LOGTAG, "Session ended correctly");
    }

    @Override // com.backbase.android.clients.auth.AuthClient
    public void endSessionObserver() {
        this.sessionListener = null;
        this.handler.removeCallbacksAndMessages(null);
    }

    @NonNull
    @VisibleForTesting
    public NetworkConnector getAuthNetworkConnector(Map<String, String> map, @Nullable Map<String, String> map2) {
        NetworkConnectorBuilder networkConnectorBuilder = new NetworkConnectorBuilder(this.tokenEndpoint.toString());
        networkConnectorBuilder.addRequestMethod(RequestMethods.POST);
        networkConnectorBuilder.addParameters(map);
        networkConnectorBuilder.nullifyBody(true);
        if (this.clientId != null && this.clientSecret != null) {
            if (map2 == null) {
                map2 = new HashMap();
            }
            StringBuilder sb = new StringBuilder("Basic ");
            sb.append(new String(Base64.encode((this.clientId + Utils.APP_ID_IDENTIFICATION_SUBSTRING + this.clientSecret).getBytes(), 2)));
            map2.put("Authorization", sb.toString());
            map2.put("Content-Type", APPLICATION_X_WWW_FORM_URLENCODED);
        }
        networkConnectorBuilder.addHeaders(map2);
        return networkConnectorBuilder.buildConnection();
    }

    @NonNull
    @VisibleForTesting
    public RequestListener<Response> getAuthRequestListener(PasswordAuthListener passwordAuthListener, String... strArr) {
        return new a(passwordAuthListener, strArr);
    }

    @Override // com.backbase.android.clients.auth.AuthClient
    @Nullable
    public Map<String, String> getAuthTokens() {
        return this.authTokens;
    }

    @NonNull
    @ForTesting
    public Handler getHandler() {
        return new Handler(this);
    }

    @NonNull
    @VisibleForTesting
    public RequestListener<Response> getRefreshRequestListener(OAuth2AuthClientListener oAuth2AuthClientListener) {
        return new b(oAuth2AuthClientListener);
    }

    @NonNull
    public ServerRequestWorker getServerRequestWorker(NetworkConnector networkConnector, RequestListener<Response> requestListener) {
        return new ServerRequestWorker(networkConnector, requestListener);
    }

    public void handleAuthenticationError(PasswordAuthListener passwordAuthListener, Response response) {
        BBLogger.warning(LOGTAG, "Authorization wasn't successful");
        Response response2 = new Response(response.getErrorMessage(), response.getResponseCode(), response.getHeaders());
        Response cause = response.getCause();
        if (cause != null) {
            response2.setCause(cause);
        }
        passwordAuthListener.onAuthError(response2);
    }

    public void handleAuthenticationSuccess(PasswordAuthListener passwordAuthListener, Response response, String... strArr) {
        try {
            c(response);
            AuthHeadersUtils.retrieveAuthTokens(response.getHeaders(), this.authTokens, strArr);
            passwordAuthListener.onAuthSuccess(response.getHeaders());
            BBLogger.info(LOGTAG, "Authorization processed successfully");
        } catch (c unused) {
            BBLogger.error(LOGTAG, "Invalid OAuth2 response");
            passwordAuthListener.onAuthError(new Response("Invalid OAuth2 response: " + new String(response.getByteResponse(), StandardCharsets.UTF_8), response.getResponseCode(), response.getHeaders()));
        }
    }

    @Override // android.os.Handler.Callback
    public boolean handleMessage(Message message) {
        SessionState g2 = g();
        BBLogger.debug(LOGTAG, "Session state changed : " + this.previousSessionState + " --->>> " + g2);
        if (message.what != 1 || this.sessionListener == null || this.previousSessionState == g2) {
            return false;
        }
        Response response = message.peekData() != null ? (Response) message.getData().getParcelable(ERROR_RESPONSE_KEY) : null;
        if (response == null && g2 == SessionState.NONE) {
            response = new Response("Session access token expired", ErrorCodes.SESSION_EXPIRED);
        }
        this.sessionListener.onSessionStateChange(g2, response);
        this.previousSessionState = g2;
        return false;
    }

    @Override // com.backbase.android.clients.auth.oauth2.OAuth2AuthClient
    public void invalidateTokens(@NonNull OAuth2AuthClientListener oAuth2AuthClientListener) {
        this.encryptedStorageComponent.removeItem(O_AUTH2_ACCESS_TOKEN_STORAGE_KEY);
        this.encryptedStorageComponent.removeItem(O_AUTH2_REFRESH_TOKEN_STORAGE_KEY);
        NetworkConnectorBuilder.Configurations.removeHeaders(this.authTokens);
        this.authTokens = new HashMap();
        oAuth2AuthClientListener.oAuth2AuthClientTokenInvalidated();
    }

    @Override // com.backbase.android.clients.auth.oauth2.OAuth2AuthClient
    @NonNull
    public OAuth2TokenType isTokenStored() {
        return this.encryptedStorageComponent.getItem(O_AUTH2_ACCESS_TOKEN_STORAGE_KEY) != null ? OAuth2TokenType.ACCESS_TOKEN : this.encryptedStorageComponent.getItem(O_AUTH2_REFRESH_TOKEN_STORAGE_KEY) != null ? OAuth2TokenType.REFRESH_TOKEN : OAuth2TokenType.NONE;
    }

    @Override // com.backbase.android.clients.auth.oauth2.OAuth2AuthClient
    public void refreshAccessToken(@NonNull OAuth2AuthClientListener oAuth2AuthClientListener, @Nullable Map<String, String> map, @Nullable String str) {
        if (this.encryptedStorageComponent.getItem(O_AUTH2_REFRESH_TOKEN_STORAGE_KEY) == null) {
            oAuth2AuthClientListener.oAuth2AuthClientAccessTokenRefreshFailed(new Response(400, "No refresh token was stored."));
        } else {
            getServerRequestWorker(getAuthNetworkConnector(createRefreshParams(str), map), getRefreshRequestListener(oAuth2AuthClientListener)).start();
        }
    }

    public void registerAuthErrorResolver(ErrorResponseResolver errorResponseResolver) {
        h().registerErrorResponseResolver(401, errorResponseResolver);
    }

    @Override // com.backbase.android.clients.auth.AuthClient
    public void startSessionObserver(@NonNull SessionListener sessionListener) {
        if (this.sessionListener != null) {
            BBLogger.error(LOGTAG, "There is already session listener running, please stop it first");
            throw new IllegalStateException("Session listener is already running");
        }
        this.sessionListener = sessionListener;
        this.handler.sendEmptyMessageDelayed(1, this.expiresAt - System.currentTimeMillis());
    }

    public void unregisterAuthErrorResolver() {
        h().unregisterErrorResponseResolver(401);
    }
}
