package com.hp.sdd.hpc.lib.hpidaccount;

import android.app.Activity;
import android.content.ActivityNotFoundException;
import android.content.Context;
import android.content.SharedPreferences;
import android.net.Uri;
import android.text.TextUtils;
import android.util.Base64;
import androidx.annotation.NonNull;
import androidx.annotation.Nullable;
import androidx.browser.customtabs.CustomTabsIntent;
import androidx.preference.PreferenceManager;
import com.google.gson.Gson;
import com.google.gson.j;
import com.google.gson.q;
import com.hp.sdd.hpc.lib.authz.AuthZToken;
import com.hp.sdd.hpc.lib.authz.b;
import com.hp.sdd.hpc.lib.authz.d;
import com.hp.sdd.hpc.lib.authz.models.JWKS;
import com.hp.sdd.hpc.lib.authz.models.Key;
import com.hp.sdd.hpc.lib.hpidaccount.data.HpidIDTokenInfo;
import com.hp.sdd.jabberwocky.chat.k;
import i.e0;
import i.g0;
import io.jsonwebtoken.Jwts;
import java.io.ByteArrayInputStream;
import java.lang.ref.WeakReference;
import java.nio.charset.StandardCharsets;
import java.security.PublicKey;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.UUID;
import java.util.regex.Pattern;
import org.json.JSONObject;

/* compiled from: HpidOAuthHelper.java */
/* loaded from: classes.dex */
public class d {

    @Nullable
    private String a;

    @NonNull
    Context b;

    @NonNull
    c c;

    /* renamed from: d, reason: collision with root package name */
    @NonNull
    protected final e f3057d;

    /* renamed from: e, reason: collision with root package name */
    @Nullable
    private String f3058e;

    /* renamed from: f, reason: collision with root package name */
    @Nullable
    private String f3059f;

    /* renamed from: g, reason: collision with root package name */
    @Nullable
    private HpidIDTokenInfo.HpidTokenHeader f3060g;

    /* renamed from: h, reason: collision with root package name */
    @Nullable
    private HpidIDTokenInfo.HpidUserInfo f3061h;

    /* renamed from: i, reason: collision with root package name */
    boolean f3062i;

    /* renamed from: j, reason: collision with root package name */
    private boolean f3063j;

    /* renamed from: k, reason: collision with root package name */
    @NonNull
    private final k f3064k;

    /* renamed from: l, reason: collision with root package name */
    @NonNull
    private final SharedPreferences f3065l;

    /* renamed from: m, reason: collision with root package name */
    @Nullable
    private WeakReference<Activity> f3066m;

    /* renamed from: n, reason: collision with root package name */
    private boolean f3067n;

    @NonNull
    private String o;
    private com.hp.sdd.hpc.lib.authz.d p;
    private d.a q;

    /* compiled from: HpidOAuthHelper.java */
    /* loaded from: classes.dex */
    class a implements d.a {
        a() {
        }

        @Override // com.hp.sdd.hpc.lib.authz.d.a
        public void b(AuthZToken authZToken) {
            if (authZToken == null) {
                d.this.c.l(null);
                return;
            }
            d.this.s(authZToken.getId_token());
            d.this.t();
            if (g.k(d.this.b).v(authZToken)) {
                d.this.c.b(authZToken);
            }
        }

        @Override // com.hp.sdd.hpc.lib.authz.d.a
        public void c(@Nullable String str) {
            if (TextUtils.isEmpty(str)) {
                d.this.c.l(null);
                return;
            }
            try {
                d dVar = d.this;
                dVar.q(dVar.d(str));
            } catch (ActivityNotFoundException e2) {
                d.this.c.l(e2);
            }
        }

        @Override // com.hp.sdd.hpc.lib.authz.d.a
        public void d(int i2, @Nullable Exception exc) {
            d.this.c.l(exc);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* compiled from: HpidOAuthHelper.java */
    /* loaded from: classes.dex */
    public class b implements b.a {
        b() {
        }

        @Override // com.hp.sdd.hpc.lib.authz.b.a
        public void a(int i2) {
            d.this.c.l(new com.hp.sdd.jabberwocky.chat.c(i2));
        }

        @Override // com.hp.sdd.hpc.lib.authz.b.a
        public void b(@Nullable AuthZToken authZToken) {
            d dVar = d.this;
            if (dVar.f3062i && authZToken != null && g.k(dVar.b).v(authZToken)) {
                d.this.c.b(authZToken);
            }
        }
    }

    /* compiled from: HpidOAuthHelper.java */
    /* loaded from: classes.dex */
    public interface c {
        void b(@Nullable AuthZToken authZToken);

        void e();

        void l(@Nullable Exception exc);
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* compiled from: HpidOAuthHelper.java */
    /* renamed from: com.hp.sdd.hpc.lib.hpidaccount.d$d, reason: collision with other inner class name */
    /* loaded from: classes.dex */
    public class C0139d implements k.b {

        @NonNull
        private final String a;

        C0139d(@NonNull String str) {
            this.a = str;
        }

        @Override // com.hp.sdd.jabberwocky.chat.k.b
        public void a(i.f fVar, g0 g0Var) {
            int i2 = 0;
            n.a.a.a("onRequestSuccessListener, response: %s", g0Var);
            if (!g0Var.e0()) {
                b(fVar, new com.hp.sdd.jabberwocky.chat.c(g0Var.g()));
                return;
            }
            try {
                JSONObject i3 = com.hp.sdd.jabberwocky.chat.f.i(g0Var);
                try {
                    if (TextUtils.equals("REQUEST_GET_SIGNING_KEY", this.a)) {
                        n.a.a.a("REQUEST_GET_SIGNING_KEY Command Success!!!", new Object[0]);
                        i2 = d.this.r(i3) ? 1 : 0;
                    } else {
                        n.a.a.d("We don't recognize the postCommandName: %s", this.a);
                    }
                } catch (Exception e2) {
                    n.a.a.f(e2, "Exception in onRequestSuccessListener!!!", new Object[i2]);
                }
                if (i2 == 0) {
                    d.this.c.l(null);
                }
            } catch (Exception e3) {
                n.a.a.e(e3);
                b(fVar, e3);
            }
        }

        @Override // com.hp.sdd.jabberwocky.chat.k.b
        public void b(i.f fVar, Exception exc) {
            n.a.a.c(exc, "HPC OAuth2 Error Response:", new Object[0]);
            d.this.c.l(exc);
        }
    }

    public d(@NonNull Activity activity, @NonNull c cVar) {
        this(activity.getApplicationContext(), cVar);
        this.f3066m = new WeakReference<>(activity);
    }

    public d(@NonNull Context context, @NonNull c cVar) {
        this.f3063j = true;
        this.f3067n = false;
        this.o = "consent";
        this.q = new a();
        this.b = context.getApplicationContext();
        this.f3064k = new k();
        this.c = cVar;
        this.f3057d = new e(context);
        this.f3065l = PreferenceManager.getDefaultSharedPreferences(context);
        this.p = new com.hp.sdd.hpc.lib.authz.d(context, this.q);
    }

    private boolean A(PublicKey publicKey) {
        this.f3062i = false;
        String subject = Jwts.parserBuilder().setAllowedClockSkewSeconds(300L).setSigningKey(publicKey).build().parseClaimsJws(this.a).getBody().getSubject();
        n.a.a.a("the gotten Subject is : %s", subject);
        HpidIDTokenInfo.HpidUserInfo hpidUserInfo = this.f3061h;
        if (hpidUserInfo == null || TextUtils.isEmpty(hpidUserInfo.getSub()) || !this.f3061h.getSub().equals(subject)) {
            n.a.a.a("validatePublicKey() - Token is not Authentic! Token Subject mismatch found!", new Object[0]);
            return false;
        }
        this.f3062i = true;
        n.a.a.a("validatePublicKey() - Token is Authentic!", new Object[0]);
        return t();
    }

    private String a(@Nullable String str) {
        int length;
        return (TextUtils.isEmpty(str) || (length = str.length() % 4) == 0) ? str : str.concat("====".substring(length));
    }

    private String b(@Nullable String str) {
        String str2 = null;
        if (TextUtils.isEmpty(str)) {
            return null;
        }
        try {
            String str3 = new String(Base64.decode(a(str), 8), StandardCharsets.UTF_8);
            try {
                n.a.a.a("base64Decode() : DecodeBase64String: Decoded string = %s", str3);
                return str3;
            } catch (IllegalArgumentException e2) {
                e = e2;
                str2 = str3;
                n.a.a.f(e, "base64Decode() : IllegalArgumentException encountered while decoding", new Object[0]);
                return str2;
            }
        } catch (IllegalArgumentException e3) {
            e = e3;
        }
    }

    private Uri e() {
        g();
        if (p()) {
            n.a.a.a("Error - release build logout should have valid passed in redirect URL, returning null", new Object[0]);
            return null;
        }
        String str = "post_logout_redirect_uri=" + this.f3059f;
        if (!TextUtils.isEmpty(this.f3058e) && this.f3058e.contains("oauth/authorize")) {
            this.f3058e = this.f3058e.replace("oauth/authorize", "");
        }
        Uri.Builder buildUpon = Uri.parse(this.f3058e).buildUpon();
        buildUpon.appendEncodedPath("oauth/logout");
        buildUpon.encodedQuery(str);
        buildUpon.appendQueryParameter("state", "signed_out");
        Uri build = buildUpon.build();
        n.a.a.a("buildLogoutUri: URL (strbuilder): %s", build);
        return build;
    }

    private void g() {
        if (TextUtils.isEmpty(this.f3058e)) {
            u(this.f3057d.b);
        }
    }

    private void h() {
        g.k(this.b).b();
    }

    @NonNull
    public static Map<String, String> i(@Nullable String str) {
        HashMap hashMap = new HashMap();
        if (TextUtils.isEmpty(str)) {
            return hashMap;
        }
        String[] split = str.split("[#?]");
        if (split.length > 1) {
            for (String str2 : split[1].split("&")) {
                String[] split2 = str2.split("=");
                if (split2.length == 2) {
                    hashMap.put(split2[0], split2[1]);
                }
            }
        }
        return hashMap;
    }

    private boolean j(JWKS jwks) {
        HpidIDTokenInfo.HpidTokenHeader hpidTokenHeader;
        if (jwks == null) {
            n.a.a.d("signingKeys is null!", new Object[0]);
            return false;
        }
        List<Key> keys = jwks.getKeys();
        if (keys == null || keys.size() <= 0) {
            n.a.a.d("signingKeysList.size() <= 0!", new Object[0]);
            return false;
        }
        boolean z = false;
        for (Key key : keys) {
            if (!TextUtils.isEmpty(key.getKid()) && (hpidTokenHeader = this.f3060g) != null && !TextUtils.isEmpty(hpidTokenHeader.getKid()) && key.getKid().equals(this.f3060g.getKid()) && key.getX5c() != null && !TextUtils.isEmpty(key.getX5c().get(0))) {
                try {
                    z = A(((X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(Base64.decode(key.getX5c().get(0), 0)))).getPublicKey());
                } catch (CertificateException e2) {
                    n.a.a.f(e2, "generateRSAPublicKey() : CertificateException encountered.", new Object[0]);
                }
            }
        }
        return z;
    }

    private void m() {
        k kVar = this.f3064k;
        e0.a aVar = new e0.a();
        aVar.n(this.f3057d.d());
        aVar.g("Accept", "application/json");
        aVar.f();
        kVar.b(aVar.a(), new C0139d("REQUEST_GET_SIGNING_KEY"));
    }

    private boolean p() {
        if (TextUtils.isEmpty(this.f3059f)) {
            n.a.a.a("Error - isRedirectURLSet release build should have valid passed in redirect URL, returning false", new Object[0]);
            return true;
        }
        n.a.a.a("isRedirectURLSet: redirectURLValue: %s", this.f3059f);
        return false;
    }

    private void u(@Nullable String str) {
        this.f3058e = str;
    }

    Uri c() {
        g();
        if (p()) {
            n.a.a.a("Error - release build login should have valid passed in redirect URL, returning null", new Object[0]);
            return null;
        }
        String str = "scope=openid+email+profile&redirect_uri=" + this.f3059f + "&response_type=token+id_token";
        Uri.Builder buildUpon = Uri.parse(this.f3058e).buildUpon();
        if (!TextUtils.isEmpty(this.f3058e) && !this.f3058e.contains("oauth/authorize")) {
            buildUpon.appendEncodedPath("oauth/authorize");
        }
        buildUpon.encodedQuery(str);
        buildUpon.appendQueryParameter("client_id", this.f3057d.e());
        if (this.f3063j) {
            buildUpon.appendQueryParameter("target", "create");
        }
        buildUpon.appendQueryParameter("prompt", this.o);
        buildUpon.appendQueryParameter("nonce", UUID.randomUUID().toString());
        buildUpon.appendQueryParameter("state", "signed_in");
        if (this.f3065l.contains("email")) {
            buildUpon.appendQueryParameter("login_hint", this.f3065l.getString("email", ""));
            n.a.a.a("buildLoginUri: Use email to prefill HP ID login. %s", this.f3065l.getString("email", ""));
        } else {
            n.a.a.a("buildLoginUri: No email available for prefill HP ID login", new Object[0]);
        }
        Uri build = buildUpon.build();
        n.a.a.a("buildLoginUri: HP ID login URL (strbuilder): %s", build);
        return build;
    }

    @NonNull
    Uri d(String str) {
        Uri.Builder buildUpon = Uri.parse(str).buildUpon();
        buildUpon.appendQueryParameter("scope", "openid+email+profile");
        buildUpon.appendQueryParameter("redirect_uri", this.f3059f);
        buildUpon.appendQueryParameter("response_type", "code");
        buildUpon.appendQueryParameter("nonce", UUID.randomUUID().toString());
        buildUpon.appendQueryParameter("state", "signed_in" + UUID.randomUUID().toString());
        if (this.f3063j) {
            buildUpon.appendQueryParameter("target", "create");
        }
        if (TextUtils.equals(this.o, "login consent")) {
            String d2 = g.k(this.b).d();
            if (!TextUtils.isEmpty(d2)) {
                buildUpon.appendQueryParameter("login_hint", d2);
            }
        }
        buildUpon.appendQueryParameter("prompt", this.o);
        buildUpon.appendQueryParameter("hide_create", String.valueOf(this.f3067n));
        buildUpon.appendQueryParameter("client_id", this.f3057d.g());
        Uri build = buildUpon.build();
        n.a.a.a("buildLoginUri: StratusAuthZ login URL (strbuilder): %s", build);
        return build;
    }

    public void f() {
        n.a.a.a("Pending request canceled.", new Object[0]);
        this.f3064k.c();
    }

    protected void k(@NonNull String str) {
        n.a.a.l("getAccessToken() called", new Object[0]);
        if (TextUtils.isEmpty(this.f3057d.g()) || TextUtils.isEmpty(this.f3057d.h())) {
            this.c.l(null);
        }
        if (this.f3057d.f()) {
            this.p.k(str);
        } else {
            new com.hp.sdd.hpc.lib.authz.b(this.b, this.f3057d.g(), this.f3057d.h()).g(str, new b());
        }
    }

    public boolean l(@Nullable String str) {
        Map<String, String> i2 = i(str);
        if (i2.isEmpty()) {
            return false;
        }
        boolean z = true;
        if (this.f3057d.f()) {
            String str2 = i2.get("code");
            this.a = str2;
            boolean z2 = !TextUtils.isEmpty(str2);
            n.a.a.a("getAuthCode: HP ID authCode = %s", this.a);
            z = z2;
        } else {
            String str3 = i2.get("id_token");
            this.a = str3;
            if (TextUtils.isEmpty(str3) || !s(this.a)) {
                z = false;
            } else {
                m();
                n.a.a.a("getAuthCode: HP ID ID token = %s", this.a);
            }
        }
        if (!z || TextUtils.isEmpty(this.a)) {
            n.a.a.m("getAuthCode: Failed to get data from redirect URL", new Object[0]);
            return false;
        }
        k(this.a);
        return z;
    }

    public void n() {
        if (this.f3057d.f()) {
            this.p.e();
        } else {
            q(c());
        }
    }

    public void o() {
        q(e());
        h();
    }

    void q(@Nullable Uri uri) {
        if (uri == null) {
            n.a.a.d("openCustomTab: destination is null, returning", new Object[0]);
            return;
        }
        try {
            CustomTabsIntent build = new CustomTabsIntent.Builder().build();
            WeakReference<Activity> weakReference = this.f3066m;
            if (weakReference == null || weakReference.get() == null) {
                n.a.a.a("Using application context to launch url so adding FLAG_ACTIVITY_NEW_TASK. This may cause issues with your application.", new Object[0]);
                build.intent.addFlags(343932928);
                build.launchUrl(this.b, uri);
            } else {
                n.a.a.a("Using activity to launch url", new Object[0]);
                build.intent.addFlags(75497472);
                build.launchUrl(this.f3066m.get(), uri);
            }
            n.a.a.a("openCustomTab: customTab was launched", new Object[0]);
        } catch (ActivityNotFoundException e2) {
            n.a.a.e(e2);
            n.a.a.a("openCustomTab: No activity found that can open the link. Throwing exception.", new Object[0]);
            throw e2;
        }
    }

    boolean r(JSONObject jSONObject) {
        this.f3062i = false;
        if (jSONObject == null) {
            return false;
        }
        return j((JWKS) new Gson().i(jSONObject.toString(), JWKS.class));
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean s(@Nullable String str) {
        long j2;
        if (TextUtils.isEmpty(str)) {
            return false;
        }
        String[] split = str.split(Pattern.quote("."));
        if (split.length <= 1) {
            return false;
        }
        Gson gson = new Gson();
        String b2 = b(split[0]);
        if (!TextUtils.isEmpty(b2)) {
            HpidIDTokenInfo.HpidTokenHeader hpidTokenHeader = (HpidIDTokenInfo.HpidTokenHeader) gson.i(b2, HpidIDTokenInfo.HpidTokenHeader.class);
            this.f3060g = hpidTokenHeader;
            n.a.a.a("processHPIDToken() :  Hpid Token Header Algorith : %s , kid : %s", hpidTokenHeader.getAlg(), this.f3060g.getKid());
        }
        String b3 = b(split[1]);
        if (TextUtils.isEmpty(b3)) {
            return false;
        }
        try {
            HpidIDTokenInfo.HpidUserInfo hpidUserInfo = (HpidIDTokenInfo.HpidUserInfo) gson.i(b3, HpidIDTokenInfo.HpidUserInfo.class);
            this.f3061h = hpidUserInfo;
            if (hpidUserInfo == null) {
                return false;
            }
            long currentTimeMillis = System.currentTimeMillis() / 1000;
            try {
                long j3 = 0;
                if (this.f3061h.getNbf() == null || this.f3061h.getExp() == null) {
                    j2 = 0;
                } else {
                    j3 = Long.parseLong(this.f3061h.getNbf()) - 180;
                    j2 = 180 + Long.parseLong(this.f3061h.getExp());
                }
                if (j3 > currentTimeMillis || currentTimeMillis >= j2) {
                    n.a.a.a("processHPIDToken() : Hpid token is not valid. Current time is not between 'nbf' and 'exp' values.", new Object[0]);
                    return false;
                }
                n.a.a.a("processHPIDToken() :  Hpid UserInfo email id : %s , Given Name : %s , Family Name : %s", this.f3061h.getEmail(), this.f3061h.getGiven_name(), this.f3061h.getFamily_name());
                return true;
            } catch (NumberFormatException e2) {
                n.a.a.f(e2, "processHPIDToken() : NumberFormatException encountered while converting nbf or exp string to long number", new Object[0]);
                return false;
            }
        } catch (j e3) {
            n.a.a.f(e3, "processHPIDToken() : JsonIOException encountered while converting JSON to class object", new Object[0]);
            return false;
        } catch (q e4) {
            n.a.a.f(e4, "processHPIDToken() : JsonSyntaxException encountered while converting JSON to class object", new Object[0]);
            return false;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean t() {
        boolean x = this.f3061h != null ? g.k(this.b).x(this.f3061h.getGiven_name(), this.f3061h.getFamily_name(), this.f3061h.getEmail()) : false;
        if (x) {
            this.c.e();
        }
        return x;
    }

    public void v(@NonNull String str) {
        this.o = str;
    }

    public void w(@Nullable String str, @Nullable String str2) {
        n.a.a.a("setRedirectURL: %s  called from : %s", str, str2);
        this.f3059f = str;
    }

    public void x(boolean z) {
        this.f3067n = z;
    }

    public void y(boolean z) {
        this.f3063j = z;
    }

    public void z(@Nullable Activity activity) {
        this.f3066m = new WeakReference<>(activity);
    }
}
