package com.auth0.android.provider;

import android.app.Activity;
import android.app.Dialog;
import android.net.Uri;
import android.text.TextUtils;
import android.util.Base64;
import android.util.Log;
import androidx.annotation.NonNull;
import androidx.annotation.Nullable;
import androidx.annotation.VisibleForTesting;
import com.auth0.android.Auth0;
import com.auth0.android.authentication.AuthenticationAPIClient;
import com.auth0.android.authentication.AuthenticationException;
import com.auth0.android.authentication.ParameterBuilder;
import com.auth0.android.jwt.DecodeException;
import com.auth0.android.jwt.JWT;
import com.auth0.android.result.Credentials;
import com.facebook.AccessToken;
import com.facebook.internal.NativeProtocol;
import com.facebook.internal.ServerProtocol;
import com.getmimo.data.lessonparser.interactive.textstyle.TextStyle;
import java.security.SecureRandom;
import java.util.Date;
import java.util.HashMap;
import java.util.Map;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: classes.dex */
public class f {
    private static final String a = "f";
    private final Auth0 b;
    private final AuthCallback c;
    private final Map<String, String> d;
    private boolean e;
    private boolean f = true;
    private int g;
    private g h;
    private Long i;
    private CustomTabsOptions j;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes.dex */
    public class a implements AuthCallback {
        final /* synthetic */ Credentials a;

        a(Credentials credentials) {
            this.a = credentials;
        }

        @Override // com.auth0.android.provider.AuthCallback
        public void onFailure(@NonNull Dialog dialog) {
            f.this.c.onFailure(dialog);
        }

        @Override // com.auth0.android.provider.AuthCallback
        public void onFailure(AuthenticationException authenticationException) {
            f.this.c.onFailure(authenticationException);
        }

        @Override // com.auth0.android.provider.AuthCallback
        public void onSuccess(@NonNull Credentials credentials) {
            f.this.c.onSuccess(f.m(this.a, credentials));
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public f(@NonNull Auth0 auth0, @NonNull AuthCallback authCallback, @NonNull Map<String, String> map) {
        this.b = auth0;
        this.c = authCallback;
        this.d = new HashMap(map);
    }

    private void b(Map<String, String> map, String str) {
        if (this.b.getTelemetry() != null) {
            map.put("auth0Client", this.b.getTelemetry().getValue());
        }
        map.put("client_id", this.b.getClientId());
        map.put(ServerProtocol.DIALOG_PARAM_REDIRECT_URI, str);
    }

    private void c(Map<String, String> map, String str) {
        if (r()) {
            try {
                i(str);
                map.put("code_challenge", this.h.c());
                map.put("code_challenge_method", "S256");
                Log.v(a, "Using PKCE authentication flow");
            } catch (IllegalStateException e) {
                Log.e(a, "Some algorithms aren't available on this device and PKCE can't be used. Defaulting to token response_type.", e);
            }
        }
    }

    private void d(Map<String, String> map) {
        map.put("state", k(map.get("state")));
        if (map.containsKey(ServerProtocol.DIALOG_PARAM_RESPONSE_TYPE) && map.get(ServerProtocol.DIALOG_PARAM_RESPONSE_TYPE).contains(ParameterBuilder.ID_TOKEN_KEY)) {
            map.put("nonce", k(map.get("nonce")));
        }
    }

    private void e(String str, String str2) throws AuthenticationException {
        if (str == null) {
            return;
        }
        Log.e(a, "Error, access denied. Check that the required Permissions are granted and that the Application has this Connection configured in Auth0 Dashboard.");
        if ("access_denied".equalsIgnoreCase(str)) {
            throw new AuthenticationException("access_denied", "Permissions were not granted. Try again.");
        }
        if ("unauthorized".equalsIgnoreCase(str)) {
            throw new AuthenticationException("unauthorized", str2);
        }
        if (!"login_required".equals(str)) {
            throw new AuthenticationException("a0.invalid_configuration", "The application isn't configured properly for the social connection. Please check your Auth0's application configuration");
        }
        throw new AuthenticationException(str, str2);
    }

    @VisibleForTesting
    static void f(@NonNull String str, @NonNull String str2) throws AuthenticationException {
        boolean z;
        try {
            z = str.equals(new JWT(str2).getClaim("nonce").asString());
        } catch (DecodeException e) {
            Log.e(a, "An exception occurred when trying to validate the token's 'nonce' claim. " + e.getMessage(), e);
            z = false;
        }
        if (z) {
            return;
        }
        Log.e(a, "Received nonce doesn't match.");
        throw new AuthenticationException("access_denied", "The received nonce is invalid. Try again.");
    }

    @VisibleForTesting
    static void g(@NonNull String str, @Nullable String str2) throws AuthenticationException {
        if (str.equals(str2)) {
            return;
        }
        Log.e(a, String.format("Received state doesn't match. Received %s but expected %s", str2, str));
        throw new AuthenticationException("access_denied", "The received state is invalid. Try again.");
    }

    private Uri h() {
        Uri.Builder buildUpon = Uri.parse(this.b.getAuthorizeUrl()).buildUpon();
        for (Map.Entry<String, String> entry : this.d.entrySet()) {
            buildUpon.appendQueryParameter(entry.getKey(), entry.getValue());
        }
        Uri build = buildUpon.build();
        l("Using the following AuthorizeURI: " + build.toString());
        return build;
    }

    private void i(String str) {
        if (this.h == null) {
            this.h = new g(new AuthenticationAPIClient(this.b), str);
        }
    }

    private long j() {
        Long l = this.i;
        return l != null ? l.longValue() : System.currentTimeMillis();
    }

    @VisibleForTesting
    static String k(@Nullable String str) {
        return str != null ? str : o();
    }

    private void l(String str) {
        if (this.b.isLoggingEnabled()) {
            Log.d(a, str);
        }
    }

    @VisibleForTesting
    static Credentials m(Credentials credentials, Credentials credentials2) {
        return new Credentials(TextUtils.isEmpty(credentials2.getIdToken()) ? credentials.getIdToken() : credentials2.getIdToken(), TextUtils.isEmpty(credentials2.getAccessToken()) ? credentials.getAccessToken() : credentials2.getAccessToken(), TextUtils.isEmpty(credentials2.getType()) ? credentials.getType() : credentials2.getType(), TextUtils.isEmpty(credentials2.getRefreshToken()) ? credentials.getRefreshToken() : credentials2.getRefreshToken(), credentials2.getExpiresAt() != null ? credentials2.getExpiresAt() : credentials.getExpiresAt(), TextUtils.isEmpty(credentials2.getScope()) ? credentials.getScope() : credentials2.getScope());
    }

    private static String o() {
        byte[] bArr = new byte[32];
        new SecureRandom().nextBytes(bArr);
        return Base64.encodeToString(bArr, 11);
    }

    private boolean r() {
        return this.d.containsKey(ServerProtocol.DIALOG_PARAM_RESPONSE_TYPE) && this.d.get(ServerProtocol.DIALOG_PARAM_RESPONSE_TYPE).contains(TextStyle.CODE) && g.e();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean n(b bVar) {
        if (!bVar.c(this.g)) {
            Log.w(a, "The Authorize Result is invalid.");
            return false;
        }
        Map<String, String> c = c.c(bVar.a().getData());
        if (c.isEmpty()) {
            Log.w(a, "The response didn't contain any of these values: code, state, id_token, access_token, token_type, refresh_token");
            return false;
        }
        l("The parsed CallbackURI contains the following values: " + c);
        try {
            e(c.get("error"), c.get(NativeProtocol.BRIDGE_ARG_ERROR_DESCRIPTION));
            g(this.d.get("state"), c.get("state"));
            if (this.d.containsKey(ServerProtocol.DIALOG_PARAM_RESPONSE_TYPE) && this.d.get(ServerProtocol.DIALOG_PARAM_RESPONSE_TYPE).contains(ParameterBuilder.ID_TOKEN_KEY)) {
                f(this.d.get("nonce"), c.get(ParameterBuilder.ID_TOKEN_KEY));
            }
            Log.d(a, "Authenticated using web flow");
            Credentials credentials = new Credentials(c.get(ParameterBuilder.ID_TOKEN_KEY), c.get("access_token"), c.get("token_type"), c.get("refresh_token"), !c.containsKey(AccessToken.EXPIRES_IN_KEY) ? null : new Date(j() + (Long.valueOf(c.get(AccessToken.EXPIRES_IN_KEY)).longValue() * 1000)), c.get("scope"));
            if (r()) {
                this.h.d(c.get(TextStyle.CODE), new a(credentials));
                return true;
            }
            this.c.onSuccess(credentials);
            return true;
        } catch (AuthenticationException e) {
            this.c.onFailure(e);
            return true;
        }
    }

    public void p(@Nullable CustomTabsOptions customTabsOptions) {
        this.j = customTabsOptions;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @VisibleForTesting
    public void q(g gVar) {
        this.h = gVar;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void s(Activity activity, String str, int i) {
        c(this.d, str);
        b(this.d, str);
        d(this.d);
        Uri h = h();
        this.g = i;
        if (this.f) {
            AuthenticationActivity.a(activity, h, this.j);
        } else {
            AuthenticationActivity.b(activity, h, i, this.d.get(ParameterBuilder.CONNECTION_KEY), this.e);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void t(boolean z) {
        this.f = z;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void u(boolean z) {
        this.e = z;
    }
}
