package com.kddi.android.ast.client.login.oidc;

import android.content.Context;
import android.util.Base64;
import com.kddi.android.ast.client.LogUtil;
import com.kddi.android.ast.client.Util;
import com.kddi.android.ast.client.login.LoginConstants;
import com.kddi.android.ast.client.login.LoginManager;
import com.kddi.android.ast.client.nativeapirequest.NativeAPIRequestWorker;
import java.io.UnsupportedEncodingException;
import java.net.URLEncoder;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;

/* loaded from: classes3.dex */
public class OidcParam {
    private static final String AUTHZ_AU_REQ_PREFIX = "https://connect.auone.jp/net/vw/cca_lg_eu_net/logoutseq?targeturl=";
    private static final String AUTHZ_AU_REQ_PREFIX_K1 = "https://test.connect.auone.jp/net/vw/cca_lg_eu_net/logoutseq?targeturl=";
    private static final String AUTHZ_AU_REQ_PREFIX_K3 = "https://test.connect.auone.jp/net/vw/k3_cca_lg_eu_net/logoutseq?targeturl=";
    private static final String AUTHZ_AU_REQ_REGISTER_ID_PREFIX = "https://connect.auone.jp/net/vw/cca_eu_net/cca?ID=ENET0510";
    private static final String AUTHZ_AU_REQ_REGISTER_ID_PREFIX_K1 = "https://test.connect.auone.jp/net/vw/cca_eu_net/cca?ID=ENET0510";
    private static final String AUTHZ_AU_REQ_REGISTER_ID_PREFIX_K3 = "https://test.connect.auone.jp/net/vw/k3_cca_eu_net/cca?ID=ENET0510";
    private static final String CHARSET_NAME = "ISO_8859_1";
    private static final int DEFAULT_CODE_VERIFIER_ENTROPY = 64;
    private static final String EQUAL = "=";
    private static final String HASH_TYPE = "SHA-256";
    private static final int MAX_CODE_VERIFIER_ENTROPY = 96;
    private static final int MIN_CODE_VERIFIER_ENTROPY = 32;
    private static final int NONCE_LENGTH = 16;
    public static final String OIDC_ERROR_ACCESS_DENIED = "HNY31004";
    public static final String OIDC_ERROR_INTERNAL_ERROR = "InternalError";
    private static final String OP_METADATA_AU_REQ = "https://oa.connect.auone.jp/net/id/hny_oidc_rt_net/.well-known/openid-configuration";
    private static final String OP_METADATA_AU_REQ_K1 = "https://test.oa.connect.auone.jp/net/id/hny_oidc_rt_net/.well-known/openid-configuration";
    private static final String OP_METADATA_AU_REQ_K3 = "https://test.oa.connect.auone.jp/net/id/k3_hny_oidc_rt_net/.well-known/openid-configuration";
    public static final String PARAM_NAME_AUTHORIZATION_ENDPOINT = "authorization_endpoint";
    private static final String PARAM_NAME_CLIENT_ID = "client_id";
    private static final String PARAM_NAME_COCOA_PARAM = "cocoa_param";
    private static final String PARAM_NAME_CODE_CHALLENGE = "code_challenge";
    private static final String PARAM_NAME_CODE_CHALLENGE_METHOD = "code_challenge_method";
    private static final String PARAM_NAME_NONCE = "nonce";
    private static final String PARAM_NAME_REDIRECT_URI = "redirect_uri";
    private static final String PARAM_NAME_RESPONSE_TYPE = "response_type";
    private static final String PARAM_NAME_SCOPE = "scope";
    private static final String PARAM_NAME_STATE = "state";
    private static final String PARAM_NAME_TARGETURL_PARAM = "targeturl=";
    private static final String PARAM_VALUE_COCOA_PARAM = "atloginseqoff_true";
    private static final String PARAM_VALUE_CODE_CHALLENGE_METHOD = "S256";
    private static final String PARAM_VALUE_RESPONSE_TYPE = "code";
    private static final String PARAM_VALUE_SCOPE = "openid%20ast_token_issue";
    private static final int PKCE_BASE64_ENCODE_SETTINGS = 11;
    private static final String SCHEME_HOST = "ast.kddi.com";
    private static final String SCHEME_PATH = "/oidc";
    private static final String SCHEME_PREFIX = "control-auoneidsetting";
    private static final String SEPARATOR = "&";
    private static final String SPACE = "%20";
    private static final int STATE_LENGTH = 16;
    private static final byte[] VALID_CHARACTERS = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456879".getBytes();
    private static final byte[] VALID_CHARACTERS2 = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456879_-~.".getBytes();
    private static OidcParam mInstance = new OidcParam();
    private String mAuthorizationEndpoint;
    private ParamFor13i mParamFor13i = new ParamFor13i();
    private NativeAPIRequestWorker.RequestOperation mRequestOperation = NativeAPIRequestWorker.RequestOperation.NONE;
    private boolean mIsSchemeFromOidc = false;
    private String mOidcExtraParam = null;
    private String mOidcExtraParamRegistrationUrl = null;
    private String mOidcExtraParamRegistrationVal = null;
    private SchemeParamFor13i mSchemeParamFor13i = new SchemeParamFor13i();

    /* loaded from: classes3.dex */
    public class ParamFor13i {
        public String clientId;
        public String codeVerifier;
        public String nonce;
        public String redirectUri;
        public String state;

        public ParamFor13i() {
        }
    }

    /* loaded from: classes3.dex */
    public class SchemeParamFor13i {
        public String authzResCode;
        public String authzResStat;
        public String errorDescription;

        public SchemeParamFor13i() {
        }
    }

    private OidcParam() {
    }

    private String addOidcExtraParam(String str) {
        if (!Util.isStringValid(str)) {
            return null;
        }
        if (!Util.isStringValid(this.mOidcExtraParam)) {
            return str;
        }
        return str + SPACE + this.mOidcExtraParam;
    }

    private static String deriveCodeVerifierChallenge(String str) {
        try {
            MessageDigest messageDigest = MessageDigest.getInstance("SHA-256");
            messageDigest.update(str.getBytes(CHARSET_NAME));
            return Base64.encodeToString(messageDigest.digest(), 11);
        } catch (UnsupportedEncodingException e10) {
            LogUtil.printStackTrace(e10);
            return null;
        } catch (NoSuchAlgorithmException e11) {
            LogUtil.printStackTrace(e11);
            return null;
        }
    }

    private String generateRandom(byte[] bArr, int i10) {
        SecureRandom secureRandom = new SecureRandom(bArr);
        byte[] bArr2 = new byte[i10];
        secureRandom.nextBytes(bArr2);
        return Base64.encodeToString(bArr2, 11);
    }

    private String generateRandomCodeVerifier(SecureRandom secureRandom, int i10) {
        if (secureRandom == null || i10 < 32 || i10 > 96) {
            return null;
        }
        byte[] bArr = new byte[i10];
        secureRandom.nextBytes(bArr);
        return Base64.encodeToString(bArr, 11);
    }

    private String generateRandomCodeVerifier(byte[] bArr) {
        return generateRandomCodeVerifier(new SecureRandom(bArr), 64);
    }

    public static OidcParam getInstance() {
        return mInstance;
    }

    private static String getOidcAuthzAuReqPrefixUrl(Context context) {
        String buildMode = LoginManager.getBuildMode(context);
        return (!Util.isStringValid(buildMode) || buildMode.equals("release")) ? AUTHZ_AU_REQ_PREFIX : buildMode.equals(LoginConstants.BUILD_MODE_TEST_ENVIRONMENT_K1) ? AUTHZ_AU_REQ_PREFIX_K1 : AUTHZ_AU_REQ_PREFIX_K3;
    }

    private static String getOidcAuthzAuReqRegisterIdPrefixUrl(Context context) {
        String buildMode = LoginManager.getBuildMode(context);
        return (!Util.isStringValid(buildMode) || buildMode.equals("release")) ? AUTHZ_AU_REQ_REGISTER_ID_PREFIX : buildMode.equals(LoginConstants.BUILD_MODE_TEST_ENVIRONMENT_K1) ? AUTHZ_AU_REQ_REGISTER_ID_PREFIX_K1 : AUTHZ_AU_REQ_REGISTER_ID_PREFIX_K3;
    }

    private String getOidcAuthzAuReqUrl(Context context) {
        String str;
        byte[] bArr = VALID_CHARACTERS;
        String generateRandom = generateRandom(bArr, 16);
        String generateRandom2 = generateRandom(bArr, 16);
        String generateRandomCodeVerifier = generateRandomCodeVerifier(VALID_CHARACTERS2);
        String deriveCodeVerifierChallenge = Util.isStringValid(generateRandomCodeVerifier) ? deriveCodeVerifierChallenge(generateRandomCodeVerifier) : null;
        if (Util.isStringValid(generateRandom) && Util.isStringValid(generateRandom2) && Util.isStringValid(deriveCodeVerifierChallenge)) {
            String clientId = OidcId.getInstance().getClientId(context);
            String schemeId = OidcId.getInstance().getSchemeId(context);
            if (Util.isStringValid(clientId) && Util.isStringValid(schemeId)) {
                String buildMode = LoginManager.getBuildMode(context);
                if (!Util.isStringValid(buildMode) || buildMode.equals("release")) {
                    str = "control-auoneidsetting-s-" + schemeId + "://" + SCHEME_HOST + SCHEME_PATH;
                } else if (buildMode.equals(LoginConstants.BUILD_MODE_TEST_ENVIRONMENT_K1)) {
                    str = "control-auoneidsetting-k1-" + schemeId + "://" + SCHEME_HOST + SCHEME_PATH;
                } else {
                    str = "control-auoneidsetting-k3-" + schemeId + "://" + SCHEME_HOST + SCHEME_PATH;
                }
                setParamFor13i(generateRandomCodeVerifier, generateRandom2, generateRandom, clientId, str);
                StringBuilder sb = new StringBuilder();
                sb.append(this.mAuthorizationEndpoint);
                sb.append("&response_type=code");
                sb.append("&client_id=" + clientId);
                sb.append("&redirect_uri=" + str);
                sb.append("&scope=openid%20ast_token_issue");
                sb.append("&state=" + generateRandom);
                sb.append("&code_challenge=" + deriveCodeVerifierChallenge);
                sb.append("&code_challenge_method=S256");
                sb.append("&nonce=" + generateRandom2);
                sb.append("&cocoa_param=atloginseqoff_true");
                String sb2 = sb.toString();
                LogUtil.d("#debug#", " getOidcAuthzAuReqUrl url:" + sb2);
                return sb2;
            }
        }
        return null;
    }

    public static String getOidcOpMetadataAuReqUrl(Context context) {
        String buildMode = LoginManager.getBuildMode(context);
        return (!Util.isStringValid(buildMode) || buildMode.equals("release")) ? OP_METADATA_AU_REQ : buildMode.equals(LoginConstants.BUILD_MODE_TEST_ENVIRONMENT_K1) ? OP_METADATA_AU_REQ_K1 : OP_METADATA_AU_REQ_K3;
    }

    private void setParamFor13i(String str, String str2, String str3, String str4, String str5) {
        ParamFor13i paramFor13i = this.mParamFor13i;
        paramFor13i.codeVerifier = str;
        paramFor13i.nonce = str2;
        paramFor13i.state = str3;
        paramFor13i.clientId = str4;
        paramFor13i.redirectUri = str5;
    }

    public String getOidcAuthzAuReqUrlDefault(Context context) {
        return addOidcExtraParam(getOidcAuthzAuReqUrl(context));
    }

    public String getOidcAuthzAuReqUrlForAnotherId(Context context) {
        String addOidcExtraParam = addOidcExtraParam(getOidcAuthzAuReqUrl(context));
        if (!Util.isStringValid(addOidcExtraParam)) {
            return null;
        }
        try {
            return getOidcAuthzAuReqPrefixUrl(context) + URLEncoder.encode(addOidcExtraParam, "UTF-8");
        } catch (UnsupportedEncodingException unused) {
            return null;
        }
    }

    public String getOidcAuthzAuReqUrlForRegisterId(Context context) {
        String oidcAuthzAuReqUrl = getOidcAuthzAuReqUrl(context);
        if (!Util.isStringValid(oidcAuthzAuReqUrl)) {
            return null;
        }
        try {
            if (!Util.isStringValid(this.mOidcExtraParamRegistrationUrl)) {
                return getOidcAuthzAuReqRegisterIdPrefixUrl(context) + SEPARATOR + PARAM_NAME_TARGETURL_PARAM + URLEncoder.encode(oidcAuthzAuReqUrl, "UTF-8");
            }
            String str = this.mOidcExtraParamRegistrationUrl + PARAM_NAME_TARGETURL_PARAM + URLEncoder.encode(oidcAuthzAuReqUrl, "UTF-8");
            if (!Util.isStringValid(this.mOidcExtraParamRegistrationVal)) {
                return str;
            }
            return str + SPACE + this.mOidcExtraParamRegistrationVal;
        } catch (UnsupportedEncodingException unused) {
            return null;
        }
    }

    public ParamFor13i getParamFor13i() {
        return this.mParamFor13i;
    }

    public SchemeParamFor13i getSchemeParamFor13i() {
        return this.mSchemeParamFor13i;
    }

    public boolean isRequestOperationLinkIdToContract() {
        return this.mRequestOperation.equals(NativeAPIRequestWorker.RequestOperation.LINK_ID_TO_CONTRACT);
    }

    public boolean isSchemaFromOidc() {
        return this.mIsSchemeFromOidc;
    }

    public boolean isValidState(String str) {
        return Util.isStringValid(str) && str.equals(this.mParamFor13i.state);
    }

    public void setAuthorizationEndpoint(String str) {
        this.mAuthorizationEndpoint = str;
    }

    public void setIsSchemaFromOidc(boolean z10) {
        this.mIsSchemeFromOidc = z10;
    }

    public void setOidcExtraParam(String str) {
        this.mOidcExtraParam = str;
    }

    public void setOidcExtraParamRegistrationUrl(String str) {
        this.mOidcExtraParamRegistrationUrl = str;
    }

    public void setOidcExtraParamRegistrationVal(String str) {
        this.mOidcExtraParamRegistrationVal = str;
    }

    public void setRequestOperation(NativeAPIRequestWorker.RequestOperation requestOperation) {
        this.mRequestOperation = requestOperation;
    }

    public void setSchemeParamFor13i(String str, String str2, String str3) {
        SchemeParamFor13i schemeParamFor13i = this.mSchemeParamFor13i;
        schemeParamFor13i.authzResCode = str;
        schemeParamFor13i.authzResStat = str2;
        schemeParamFor13i.errorDescription = str3;
    }
}
