package com.cisco.webex.spark.authenticator;

import com.cisco.webex.spark.core.ApiClientProvider;
import com.cisco.webex.spark.core.IRestApiRequest;
import com.microsoft.identity.common.adal.internal.AuthenticationConstants;
import com.microsoft.identity.common.internal.providers.oauth2.OAuth2Strategy;
import com.webex.meeting.model.dto.WebexAccount;
import com.webex.util.Logger;
import defpackage.be4;
import defpackage.yd4;
import java.util.HashMap;
import java.util.Map;

/* loaded from: classes2.dex */
public class OAuth2 extends OAuth2Basic {
    public static final String CONVERSATION_SCOPES = "webexsquare:get_conversation Identity:SCIM";
    public static final String KMS_SCOPES = "spark:kms";
    public static final String OAUTH_REVOKE_CITOKEN = "/authorization/oauth/token/revoke";
    public static final String OAUTH_SWAP_CITOKEN = "/authorization/oauth/swap/citoken";
    public static final String OOB_SCOPE = "Identity:SCIM";
    public static final String REFRESH_BASE_URL = "https://idbroker.webex.com/idb/oauth2/v1";
    private static final String TAG = "OAuth2";
    public static final String UBER_SCOPES = "webexsquare:get_conversation Identity:SCIM spark:kms squared-fusion-uc:vm_api";
    private static final String VM_SCOPES = "squared-fusion-uc:vm_api";
    private static OAuth2 instance;
    public String clientId;
    public String clientSecret;
    public OAuth2Client oAuth2Client = ApiClientProvider.get().getOAuth2Client();

    public OAuth2(String str, String str2) {
        this.clientId = str;
        this.clientSecret = str2;
    }

    public static synchronized OAuth2 get() {
        OAuth2 oAuth2;
        synchronized (OAuth2.class) {
            if (instance == null) {
                instance = new OAuth2(OAuth2Basic.USER_CLIENT_ID, OAuth2Basic.USER_CLIENT_SECRET);
            }
            oAuth2 = instance;
        }
        return oAuth2;
    }

    public OAuth2Tokens getTokens(final WebexAccount webexAccount) {
        OAuth2Tokens postCode = this.oAuth2Client.postCode(new IRestApiRequest() { // from class: com.cisco.webex.spark.authenticator.OAuth2.2
            @Override // com.cisco.webex.spark.core.IRestApiRequest
            public String getBody() {
                String str = "site=" + be4.b(webexAccount.siteName, "utf-8");
                if (!OAuth2.this.isOAuthAuth(webexAccount)) {
                    str = str + "&session_ticket=" + be4.b(webexAccount.sessionTicket.d, "utf-8");
                }
                return ((str + "&token_client_id=" + be4.b(OAuth2.this.clientId, "utf-8")) + "&token_client_secret=" + be4.b(OAuth2.this.clientSecret, "utf-8")) + "&scope=" + be4.b("webexsquare:get_conversation+Identity:SCIM+spark:kms+spark:all+spark:pairing+Identity:OAuthUpgradeScope+spark:e2ei", "utf-8");
            }

            @Override // com.cisco.webex.spark.core.IRestApiRequest
            public Map<String, String> getHeaders() {
                HashMap hashMap = new HashMap();
                hashMap.put("Content-Type", OAuth2Strategy.TOKEN_REQUEST_CONTENT_TYPE);
                if (OAuth2.this.isOAuthAuth(webexAccount)) {
                    hashMap.put("Authorization", "Bearer " + webexAccount.sessionTicket.d);
                }
                return hashMap;
            }

            @Override // com.cisco.webex.spark.core.IRestApiRequest
            public String getMethod() {
                return "POST";
            }

            @Override // com.cisco.webex.spark.core.IRestApiRequest
            public String getUrl() {
                return AuthenticationConstants.Broker.REDIRECT_SSL_PREFIX + webexAccount.serverName + OAuth2.OAUTH_SWAP_CITOKEN;
            }
        });
        if (postCode != null) {
            postCode.scopes = OAuth2Basic.WBX_SCOPES;
        }
        return postCode;
    }

    public boolean isOAuthAuth(WebexAccount webexAccount) {
        return webexAccount.sessionTicket.c == 1;
    }

    public OAuth2AccessToken refreshTokens(final String str) {
        return this.oAuth2Client.refreshToken(new IRestApiRequest() { // from class: com.cisco.webex.spark.authenticator.OAuth2.4
            @Override // com.cisco.webex.spark.core.IRestApiRequest
            public String getBody() {
                return "grant_type=refresh_token&refresh_token=" + str;
            }

            @Override // com.cisco.webex.spark.core.IRestApiRequest
            public Map<String, String> getHeaders() {
                String D = yd4.D(OAuth2.this.clientId + ":" + OAuth2.this.clientSecret);
                HashMap hashMap = new HashMap();
                hashMap.put("Content-Type", OAuth2Strategy.TOKEN_REQUEST_CONTENT_TYPE);
                hashMap.put("Authorization", "Basic " + D);
                return hashMap;
            }

            @Override // com.cisco.webex.spark.core.IRestApiRequest
            public String getMethod() {
                return "POST";
            }

            @Override // com.cisco.webex.spark.core.IRestApiRequest
            public String getUrl() {
                return "https://idbroker.webex.com/idb/oauth2/v1/access_token";
            }
        });
    }

    public OAuth2AccessToken refreshTokens2(final String str, final String str2) {
        return this.oAuth2Client.refreshToken(new IRestApiRequest() { // from class: com.cisco.webex.spark.authenticator.OAuth2.3
            @Override // com.cisco.webex.spark.core.IRestApiRequest
            public String getBody() {
                return yd4.G("grant_type=refresh_token&refresh_token=%s&client_id=%s&client_secret=%s", new Object[]{str, be4.b(OAuth2.this.clientId, "utf-8"), be4.b(OAuth2.this.clientSecret, "utf-8")});
            }

            @Override // com.cisco.webex.spark.core.IRestApiRequest
            public Map<String, String> getHeaders() {
                HashMap hashMap = new HashMap();
                hashMap.put("Content-Type", OAuth2Strategy.TOKEN_REQUEST_CONTENT_TYPE);
                return hashMap;
            }

            @Override // com.cisco.webex.spark.core.IRestApiRequest
            public String getMethod() {
                return "POST";
            }

            @Override // com.cisco.webex.spark.core.IRestApiRequest
            public String getUrl() {
                return yd4.G("https://%s/authorization/oauth/citoken", new Object[]{str2});
            }
        });
    }

    public void revokeToken(final String str, final String str2, final String str3) {
        if (yd4.r0(str3) || yd4.r0(str) || yd4.r0(str3)) {
            Logger.w(TAG, "revoke not executed since params is not valid.");
            return;
        }
        if (str3.split("\\.").length != 3) {
            Logger.e(TAG, "invalid access token in revoke token case");
            return;
        }
        RevokeCITokenBean revokeRefreshToken = this.oAuth2Client.revokeRefreshToken(new IRestApiRequest() { // from class: com.cisco.webex.spark.authenticator.OAuth2.1
            @Override // com.cisco.webex.spark.core.IRestApiRequest
            public String getBody() {
                return ("refresh_token=" + be4.b(str2, "utf-8")) + "&access_token=" + be4.b(str3, "utf-8");
            }

            @Override // com.cisco.webex.spark.core.IRestApiRequest
            public Map<String, String> getHeaders() {
                HashMap hashMap = new HashMap();
                hashMap.put("Content-Type", OAuth2Strategy.TOKEN_REQUEST_CONTENT_TYPE);
                return hashMap;
            }

            @Override // com.cisco.webex.spark.core.IRestApiRequest
            public String getMethod() {
                return "POST";
            }

            @Override // com.cisco.webex.spark.core.IRestApiRequest
            public String getUrl() {
                return AuthenticationConstants.Broker.REDIRECT_SSL_PREFIX + str + OAuth2.OAUTH_REVOKE_CITOKEN;
            }
        });
        if (revokeRefreshToken != null) {
            Logger.i(TAG, "revoke refresh token result " + revokeRefreshToken.getSuccess());
        }
    }
}
