package eu.faircode.email;

import android.content.Context;
import eu.faircode.email.EntityLog;
import java.util.Date;
import java.util.Objects;
import java.util.concurrent.Semaphore;
import java.util.concurrent.TimeUnit;
import javax.mail.Authenticator;
import javax.mail.MessagingException;
import javax.mail.PasswordAuthentication;
import net.openid.appauth.AuthState;
import net.openid.appauth.AuthorizationException;
import net.openid.appauth.AuthorizationService;
import net.openid.appauth.ClientAuthentication;
import net.openid.appauth.ClientSecretPost;
import net.openid.appauth.NoClientAuthentication;
import net.openid.appauth.ResponseTypeValues;
import net.openid.appauth.TokenRequest;
import org.json.JSONException;

/* loaded from: classes2.dex */
public class ServiceAuthenticator extends Authenticator {
    static final int AUTH_TYPE_GMAIL = 2;
    static final int AUTH_TYPE_OAUTH = 3;
    static final int AUTH_TYPE_PASSWORD = 1;
    static final int MAX_TOKEN_WAIT = 90;
    static final long MIN_FORCE_REFRESH_INTERVAL = 900000;
    static final long MIN_REFRESH_INTERVAL = 900000;
    private int auth;
    private Context context;
    private IAuthenticated intf;
    private String password;
    private String provider;
    private String user;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes2.dex */
    public static class ErrorHolder {
        AuthorizationException error;

        private ErrorHolder() {
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes2.dex */
    public interface IAuthenticated {
        void onPasswordChanged(Context context, String str);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public ServiceAuthenticator(Context context, int i4, String str, String str2, String str3, IAuthenticated iAuthenticated) {
        this.context = context.getApplicationContext();
        this.auth = i4;
        this.provider = str;
        this.user = str2;
        this.password = str3;
        this.intf = iAuthenticated;
    }

    private static void OAuthRefresh(Context context, String str, String str2, AuthState authState, boolean z4) {
        try {
            long time = new Date().getTime();
            Long accessTokenExpirationTime = authState.getAccessTokenExpirationTime();
            boolean z5 = accessTokenExpirationTime != null && accessTokenExpirationTime.longValue() < time;
            if (!z5 && z4 && accessTokenExpirationTime != null && accessTokenExpirationTime.longValue() - 900000 < time) {
                z5 = true;
            }
            if (z5) {
                authState.setNeedsTokenRefresh(true);
            }
            EntityLog.Type type = EntityLog.Type.Debug;
            StringBuilder sb = new StringBuilder();
            sb.append("Token user=");
            sb.append(str);
            sb.append(":");
            sb.append(str2);
            sb.append(" expiration=");
            sb.append(accessTokenExpirationTime == null ? null : new Date(accessTokenExpirationTime.longValue()));
            sb.append(" need=");
            sb.append(z5);
            sb.append("/");
            sb.append(authState.getNeedsTokenRefresh());
            sb.append(" force=");
            sb.append(z4);
            EntityLog.log(context, type, sb.toString());
            String str3 = EmailProvider.getProvider(context, str).oauth.clientSecret;
            ClientAuthentication clientSecretPost = str3 == null ? NoClientAuthentication.INSTANCE : new ClientSecretPost(str3);
            final ErrorHolder errorHolder = new ErrorHolder();
            final Semaphore semaphore = new Semaphore(0);
            Log.i("OAuth refresh user=" + str + ":" + str2);
            authState.performActionWithFreshTokens(new AuthorizationService(context), clientSecretPost, new AuthState.AuthStateAction() { // from class: eu.faircode.email.ServiceAuthenticator.1
                @Override // net.openid.appauth.AuthState.AuthStateAction
                public void execute(String str4, String str5, AuthorizationException authorizationException) {
                    if (authorizationException != null) {
                        ErrorHolder.this.error = authorizationException;
                    }
                    semaphore.release();
                }
            });
            if (!semaphore.tryAcquire(90L, TimeUnit.SECONDS)) {
                throw new InterruptedException("Timeout getting token id=" + str);
            }
            Log.i("OAuth refreshed user=" + str + ":" + str2);
            AuthorizationException authorizationException = errorHolder.error;
            if (authorizationException != null) {
                throw authorizationException;
            }
        } catch (Exception e4) {
            throw new MessagingException("OAuth refresh id=" + str, e4);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static String getAuthTokenType(String str) {
        if ("com.google".equals(str)) {
            return "oauth2:https://mail.google.com/";
        }
        return null;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Long getAccessTokenExpirationTime() {
        try {
            int i4 = this.auth;
            if (i4 == 2) {
                return GmailState.jsonDeserialize(this.password).getAccessTokenExpirationTime();
            }
            if (i4 == 3) {
                return AuthState.jsonDeserialize(this.password).getAccessTokenExpirationTime();
            }
            return null;
        } catch (JSONException e4) {
            Log.e(e4);
            return null;
        }
    }

    @Override // javax.mail.Authenticator
    protected PasswordAuthentication getPasswordAuthentication() {
        String str = this.password;
        try {
            str = refreshToken(false);
        } catch (Throwable th) {
            if (th.getCause() instanceof InterruptedException) {
                Log.i(th);
            } else if (th.getMessage() == null || !th.getMessage().startsWith("OAuth refresh")) {
                Log.e(th);
            } else {
                Log.w(th);
            }
        }
        StringBuilder sb = new StringBuilder();
        sb.append(this.user);
        sb.append(" returning ");
        sb.append(this.auth == 1 ? TokenRequest.GRANT_TYPE_PASSWORD : ResponseTypeValues.TOKEN);
        sb.append("");
        Log.i(sb.toString());
        return new PasswordAuthentication(this.user, str);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String refreshToken(boolean z4) {
        int i4 = this.auth;
        if (i4 == 2) {
            GmailState jsonDeserialize = GmailState.jsonDeserialize(this.password);
            jsonDeserialize.refresh(this.context, "android", this.user, z4);
            Long accessTokenExpirationTime = jsonDeserialize.getAccessTokenExpirationTime();
            if (accessTokenExpirationTime != null) {
                EntityLog.log(this.context, this.user + " token expiration=" + new Date(accessTokenExpirationTime.longValue()));
            }
            String jsonSerializeString = jsonDeserialize.jsonSerializeString();
            if (!Objects.equals(this.password, jsonSerializeString)) {
                this.password = jsonSerializeString;
                IAuthenticated iAuthenticated = this.intf;
                if (iAuthenticated != null) {
                    iAuthenticated.onPasswordChanged(this.context, jsonSerializeString);
                }
            }
            return jsonDeserialize.getAccessToken();
        }
        if (i4 != 3 || this.provider == null) {
            return this.password;
        }
        AuthState jsonDeserialize2 = AuthState.jsonDeserialize(this.password);
        OAuthRefresh(this.context, this.provider, this.user, jsonDeserialize2, z4);
        Long accessTokenExpirationTime2 = jsonDeserialize2.getAccessTokenExpirationTime();
        if (accessTokenExpirationTime2 != null) {
            EntityLog.log(this.context, this.user + " token expiration=" + new Date(accessTokenExpirationTime2.longValue()));
        }
        String jsonSerializeString2 = jsonDeserialize2.jsonSerializeString();
        if (!Objects.equals(this.password, jsonSerializeString2)) {
            this.password = jsonSerializeString2;
            IAuthenticated iAuthenticated2 = this.intf;
            if (iAuthenticated2 != null) {
                iAuthenticated2.onPasswordChanged(this.context, jsonSerializeString2);
            }
        }
        return jsonDeserialize2.getAccessToken();
    }
}
