package com.auth0.android.provider;

import android.app.Activity;
import android.net.Uri;
import android.text.TextUtils;
import android.util.Base64;
import android.util.Log;
import androidx.annotation.NonNull;
import androidx.annotation.Nullable;
import androidx.annotation.VisibleForTesting;
import com.auth0.android.jwt.JWT;
import java.security.SecureRandom;
import java.util.Date;
import java.util.HashMap;
import java.util.Map;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: classes.dex */
public class k extends m {
    private static final String m = "k";
    private final f.a.a.a a;
    private final d b;

    /* renamed from: c, reason: collision with root package name */
    private final Map<String, String> f287c;

    /* renamed from: d, reason: collision with root package name */
    private final f.a.a.e.a f288d;

    /* renamed from: e, reason: collision with root package name */
    private boolean f289e;

    /* renamed from: f, reason: collision with root package name */
    private boolean f290f = true;

    /* renamed from: g, reason: collision with root package name */
    private int f291g;

    /* renamed from: h, reason: collision with root package name */
    private l f292h;

    /* renamed from: i, reason: collision with root package name */
    private Long f293i;

    /* renamed from: j, reason: collision with root package name */
    private CustomTabsOptions f294j;

    /* renamed from: k, reason: collision with root package name */
    private Integer f295k;

    /* renamed from: l, reason: collision with root package name */
    private String f296l;

    /* loaded from: classes.dex */
    class a implements q {
        final /* synthetic */ f.a.a.h.a a;
        final /* synthetic */ Map b;

        /* JADX INFO: Access modifiers changed from: package-private */
        /* renamed from: com.auth0.android.provider.k$a$a, reason: collision with other inner class name */
        /* loaded from: classes.dex */
        public class C0014a extends o {
            C0014a(d dVar) {
                super(dVar);
            }

            @Override // com.auth0.android.provider.d
            public void b(@NonNull f.a.a.h.a aVar) {
                k.this.b.b(k.w(a.this.a, aVar));
            }
        }

        a(f.a.a.h.a aVar, Map map) {
            this.a = aVar;
            this.b = map;
        }

        @Override // f.a.a.f.b
        public void b(@NonNull f.a.a.b bVar) {
            k.this.b.a(new f.a.a.e.b("Could not verify the ID token", bVar));
        }

        @Override // f.a.a.f.a
        /* renamed from: c, reason: merged with bridge method [inline-methods] */
        public void a(@Nullable Void r4) {
            if (k.this.B()) {
                k.this.f292h.b((String) this.b.get("code"), new C0014a(k.this.b));
            } else {
                k.this.b.b(this.a);
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes.dex */
    public class b extends o {
        final /* synthetic */ f.a.a.h.a b;

        /* loaded from: classes.dex */
        class a implements q {
            final /* synthetic */ f.a.a.h.a a;

            a(f.a.a.h.a aVar) {
                this.a = aVar;
            }

            @Override // f.a.a.f.b
            public void b(@Nullable f.a.a.b bVar) {
                k.this.b.a(new f.a.a.e.b("Could not verify the ID token", bVar));
            }

            @Override // f.a.a.f.a
            /* renamed from: c, reason: merged with bridge method [inline-methods] */
            public void a(@Nullable Void r2) {
                k.this.b.b(k.w(b.this.b, this.a));
            }
        }

        /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
        b(d dVar, f.a.a.h.a aVar) {
            super(dVar);
            this.b = aVar;
        }

        @Override // com.auth0.android.provider.d
        public void b(@NonNull f.a.a.h.a aVar) {
            k.this.p(aVar.d(), new a(aVar));
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes.dex */
    public class c implements f.a.a.f.a<n, p> {
        final /* synthetic */ q a;
        final /* synthetic */ JWT b;

        c(q qVar, JWT jwt) {
            this.a = qVar;
            this.b = jwt;
        }

        @Override // f.a.a.f.b
        /* renamed from: c, reason: merged with bridge method [inline-methods] */
        public void b(@NonNull p pVar) {
            this.a.b(pVar);
        }

        @Override // f.a.a.f.a
        /* renamed from: d, reason: merged with bridge method [inline-methods] */
        public void a(@Nullable n nVar) {
            i iVar = new i(k.this.f296l, k.this.f288d.c(), nVar);
            String str = (String) k.this.f287c.get("max_age");
            if (!TextUtils.isEmpty(str)) {
                iVar.j(Integer.valueOf(str));
            }
            iVar.i(k.this.f295k);
            iVar.k((String) k.this.f287c.get("nonce"));
            iVar.h(new Date(k.this.t()));
            try {
                new j().a(this.b, iVar);
                k.this.v("Authenticated using web flow");
                this.a.a(null);
            } catch (p e2) {
                this.a.b(e2);
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public k(@NonNull f.a.a.a aVar, @NonNull d dVar, @NonNull Map<String, String> map, @NonNull CustomTabsOptions customTabsOptions) {
        this.a = aVar;
        this.b = dVar;
        this.f287c = new HashMap(map);
        this.f288d = new f.a.a.e.a(aVar);
        this.f294j = customTabsOptions;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public boolean B() {
        return this.f287c.containsKey("response_type") && this.f287c.get("response_type").contains("code") && l.c();
    }

    private void l(Map<String, String> map, String str) {
        if (this.a.g() != null) {
            map.put("auth0Client", this.a.g().a());
        }
        map.put("client_id", this.a.c());
        map.put("redirect_uri", str);
    }

    private void m(Map<String, String> map, String str) {
        if (B()) {
            try {
                s(str);
                map.put("code_challenge", this.f292h.a());
                map.put("code_challenge_method", "S256");
                Log.v(m, "Using PKCE authentication flow");
            } catch (IllegalStateException e2) {
                Log.e(m, "Some algorithms aren't available on this device and PKCE can't be used. Defaulting to token response_type.", e2);
            }
        }
    }

    private void n(Map<String, String> map) {
        map.put("state", u(map.get("state")));
        if (map.containsKey("response_type") && (map.get("response_type").contains("id_token") || map.get("response_type").contains("code"))) {
            map.put("nonce", u(map.get("nonce")));
        }
    }

    private void o(String str, String str2) throws f.a.a.e.b {
        if (str == null) {
            return;
        }
        Log.e(m, "Error, access denied. Check that the required Permissions are granted and that the Application has this Connection configured in Auth0 Dashboard.");
        if ("access_denied".equalsIgnoreCase(str)) {
            throw new f.a.a.e.b("access_denied", "Permissions were not granted. Try again.");
        }
        if ("unauthorized".equalsIgnoreCase(str)) {
            throw new f.a.a.e.b("unauthorized", str2);
        }
        if (!"login_required".equals(str)) {
            throw new f.a.a.e.b("a0.invalid_configuration", "The application isn't configured properly for the social connection. Please check your Auth0's application configuration");
        }
        throw new f.a.a.e.b(str, str2);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void p(String str, q qVar) {
        p pVar;
        if (TextUtils.isEmpty(str)) {
            pVar = new p("ID token is required but missing");
        } else {
            try {
                JWT jwt = new JWT(str);
                c cVar = new c(qVar, jwt);
                String str2 = jwt.g().get("alg");
                if (this.a.j() || "RS256".equals(str2)) {
                    n.c(jwt.g().get("kid"), this.f288d, cVar);
                    return;
                } else {
                    n.d(cVar);
                    return;
                }
            } catch (com.auth0.android.jwt.d unused) {
                pVar = new p("ID token could not be decoded");
            }
        }
        qVar.b(pVar);
    }

    @VisibleForTesting
    static void q(@NonNull String str, @Nullable String str2) throws f.a.a.e.b {
        if (str.equals(str2)) {
            return;
        }
        Log.e(m, String.format("Received state doesn't match. Received %s but expected %s", str2, str));
        throw new f.a.a.e.b("access_denied", "The received state is invalid. Try again.");
    }

    private Uri r() {
        Uri.Builder buildUpon = Uri.parse(this.a.b()).buildUpon();
        for (Map.Entry<String, String> entry : this.f287c.entrySet()) {
            buildUpon.appendQueryParameter(entry.getKey(), entry.getValue());
        }
        Uri build = buildUpon.build();
        v("Using the following Authorize URI: " + build.toString());
        return build;
    }

    private void s(String str) {
        if (this.f292h == null) {
            this.f292h = new l(this.f288d, str);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public long t() {
        Long l2 = this.f293i;
        return l2 != null ? l2.longValue() : System.currentTimeMillis();
    }

    @VisibleForTesting
    static String u(@Nullable String str) {
        return str != null ? str : x();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void v(String str) {
        if (this.a.i()) {
            Log.d(m, str);
        }
    }

    @VisibleForTesting
    static f.a.a.h.a w(f.a.a.h.a aVar, f.a.a.h.a aVar2) {
        return new f.a.a.h.a(TextUtils.isEmpty(aVar.d()) ? aVar2.d() : aVar.d(), TextUtils.isEmpty(aVar2.a()) ? aVar.a() : aVar2.a(), TextUtils.isEmpty(aVar2.g()) ? aVar.g() : aVar2.g(), aVar2.e(), aVar2.c() != null ? aVar2.c() : aVar.c(), TextUtils.isEmpty(aVar2.f()) ? aVar.f() : aVar2.f());
    }

    private static String x() {
        byte[] bArr = new byte[32];
        new SecureRandom().nextBytes(bArr);
        return Base64.encodeToString(bArr, 11);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @VisibleForTesting
    public void A(@Nullable l lVar) {
        this.f292h = lVar;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void C(Activity activity, String str, int i2) {
        m(this.f287c, str);
        l(this.f287c, str);
        n(this.f287c);
        Uri r = r();
        this.f291g = i2;
        if (this.f290f) {
            AuthenticationActivity.a(activity, r, this.f294j);
        } else {
            AuthenticationActivity.b(activity, r, i2, this.f287c.get("connection"), this.f289e);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void D(boolean z) {
        this.f290f = z;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void E(boolean z) {
        this.f289e = z;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // com.auth0.android.provider.m
    public boolean a(e eVar) {
        String str;
        String str2;
        boolean z = false;
        if (!eVar.c(this.f291g)) {
            str = m;
            str2 = "The Authorize Result is invalid.";
        } else {
            if (eVar.b()) {
                this.b.a(new f.a.a.e.b("a0.authentication_canceled", "The user closed the browser app and the authentication was canceled."));
                return true;
            }
            Map<String, String> c2 = f.c(eVar.a());
            if (!c2.isEmpty()) {
                v("The parsed CallbackURI contains the following values: " + c2);
                try {
                    o(c2.get("error"), c2.get("error_description"));
                    q(this.f287c.get("state"), c2.get("state"));
                    Date date = !c2.containsKey("expires_in") ? null : new Date(t() + (Long.parseLong(c2.get("expires_in")) * 1000));
                    if (this.f287c.containsKey("response_type") && this.f287c.get("response_type").contains("id_token")) {
                        z = true;
                    }
                    f.a.a.h.a aVar = new f.a.a.h.a(z ? c2.get("id_token") : null, c2.get("access_token"), c2.get("token_type"), null, date, c2.get("scope"));
                    if (z) {
                        p(aVar.d(), new a(aVar, c2));
                        return true;
                    }
                    if (B()) {
                        this.f292h.b(c2.get("code"), new b(this.b, aVar));
                        return true;
                    }
                    this.b.b(aVar);
                    return true;
                } catch (f.a.a.e.b e2) {
                    this.b.a(e2);
                    return true;
                }
            }
            str = m;
            str2 = "The response didn't contain any of these values: code, state, id_token, access_token, token_type, refresh_token";
        }
        Log.w(str, str2);
        return false;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void y(String str) {
        if (TextUtils.isEmpty(str)) {
            str = this.f288d.b();
        }
        this.f296l = str;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void z(Integer num) {
        this.f295k = num;
    }
}
