package com.amazonaws.mobile.client.internal.oauth2;

import android.content.ComponentName;
import android.content.Context;
import android.net.Uri;
import android.os.Bundle;
import androidx.browser.customtabs.CustomTabsCallback;
import androidx.browser.customtabs.CustomTabsClient;
import androidx.browser.customtabs.CustomTabsIntent;
import androidx.browser.customtabs.CustomTabsServiceConnection;
import androidx.browser.customtabs.CustomTabsSession;
import com.amazonaws.mobile.client.AWSMobileClient;
import com.amazonaws.mobile.client.Callback;
import com.amazonaws.mobile.client.internal.oauth2.OAuth2Constants;
import com.amazonaws.mobileconnectors.cognitoauth.util.Pkce;
import com.facebook.internal.t0;
import com.facebook.internal.w0;
import java.net.URL;
import java.util.HashMap;
import java.util.Map;

/* loaded from: classes.dex */
public class OAuth2Client {

    /* renamed from: s, reason: collision with root package name */
    public static final String f4766s = "OAuth2Client";

    /* renamed from: t, reason: collision with root package name */
    public static final String f4767t = "com.android.chrome";

    /* renamed from: u, reason: collision with root package name */
    public static final String f4768u = "com.amazonaws.mobile.client.oauth2";

    /* renamed from: v, reason: collision with root package name */
    public static final long f4769v = 60000;

    /* renamed from: w, reason: collision with root package name */
    public static final String f4770w = "tokenUri";

    /* renamed from: x, reason: collision with root package name */
    public static final String f4771x = "createDate";

    /* renamed from: y, reason: collision with root package name */
    public static final String f4772y = "signOutRedirectUri";

    /* renamed from: z, reason: collision with root package name */
    public static final String f4773z = "signInRedirectUri";

    /* renamed from: a, reason: collision with root package name */
    public final AWSMobileClient f4774a;

    /* renamed from: b, reason: collision with root package name */
    public final CustomTabsServiceConnection f4775b;

    /* renamed from: c, reason: collision with root package name */
    public final Context f4776c;

    /* renamed from: f, reason: collision with root package name */
    public CustomTabsClient f4779f;

    /* renamed from: g, reason: collision with root package name */
    public CustomTabsSession f4780g;

    /* renamed from: j, reason: collision with root package name */
    public Callback<AuthorizeResponse> f4783j;

    /* renamed from: k, reason: collision with root package name */
    public String f4784k;

    /* renamed from: l, reason: collision with root package name */
    public String f4785l;

    /* renamed from: m, reason: collision with root package name */
    public String f4786m;

    /* renamed from: n, reason: collision with root package name */
    public String f4787n;

    /* renamed from: o, reason: collision with root package name */
    public String f4788o;

    /* renamed from: p, reason: collision with root package name */
    public String f4789p;

    /* renamed from: q, reason: collision with root package name */
    public Callback<Void> f4790q;

    /* renamed from: r, reason: collision with root package name */
    public boolean f4791r;

    /* renamed from: e, reason: collision with root package name */
    public boolean f4778e = true;

    /* renamed from: i, reason: collision with root package name */
    public PKCEMode f4782i = PKCEMode.S256;

    /* renamed from: d, reason: collision with root package name */
    public final OAuth2ClientStore f4777d = new OAuth2ClientStore(this);

    /* renamed from: h, reason: collision with root package name */
    public CustomTabsCallback f4781h = new CustomTabsCallback() { // from class: com.amazonaws.mobile.client.internal.oauth2.OAuth2Client.1
        @Override // androidx.browser.customtabs.CustomTabsCallback
        public void onNavigationEvent(int i10, Bundle bundle) {
            super.onNavigationEvent(i10, bundle);
            if (i10 != 6 || OAuth2Client.this.f4791r) {
                return;
            }
            if (OAuth2Client.this.f4790q != null) {
                OAuth2Client.this.f4790q.a(new Exception("User cancelled flow or flow interrupted."));
                OAuth2Client.this.f4790q = null;
                return;
            }
            Callback<AuthorizeResponse> callback = OAuth2Client.this.f4783j;
            if (callback != null) {
                callback.a(new Exception("User cancelled flow or flow interrupted."));
                OAuth2Client.this.f4783j = null;
            }
        }
    };

    /* renamed from: com.amazonaws.mobile.client.internal.oauth2.OAuth2Client$3, reason: invalid class name */
    /* loaded from: classes.dex */
    public static /* synthetic */ class AnonymousClass3 {

        /* renamed from: a, reason: collision with root package name */
        public static final /* synthetic */ int[] f4792a;

        static {
            int[] iArr = new int[PKCEMode.values().length];
            f4792a = iArr;
            try {
                iArr[PKCEMode.S256.ordinal()] = 1;
            } catch (NoSuchFieldError unused) {
            }
            try {
                f4792a[PKCEMode.NONE.ordinal()] = 2;
            } catch (NoSuchFieldError unused2) {
            }
        }
    }

    /* loaded from: classes.dex */
    public enum PKCEMode {
        NONE(""),
        S256("S256");

        private String encode;

        PKCEMode(String str) {
            this.encode = str;
        }

        public boolean equals(PKCEMode pKCEMode) {
            return pKCEMode.encode.equals(this.encode);
        }

        @Override // java.lang.Enum
        public String toString() {
            return this.encode;
        }
    }

    public OAuth2Client(Context context, AWSMobileClient aWSMobileClient) {
        this.f4774a = aWSMobileClient;
        this.f4776c = context;
        CustomTabsServiceConnection customTabsServiceConnection = new CustomTabsServiceConnection() { // from class: com.amazonaws.mobile.client.internal.oauth2.OAuth2Client.2
            @Override // androidx.browser.customtabs.CustomTabsServiceConnection
            public void onCustomTabsServiceConnected(ComponentName componentName, CustomTabsClient customTabsClient) {
                OAuth2Client.this.f4779f = customTabsClient;
                customTabsClient.warmup(0L);
                OAuth2Client oAuth2Client = OAuth2Client.this;
                oAuth2Client.f4780g = oAuth2Client.f4779f.newSession(oAuth2Client.f4781h);
            }

            @Override // android.content.ServiceConnection
            public void onServiceDisconnected(ComponentName componentName) {
                OAuth2Client.this.f4779f = null;
            }
        };
        this.f4775b = customTabsServiceConnection;
        CustomTabsClient.bindCustomTabsService(context, f4767t, customTabsServiceConnection);
    }

    public void d(Uri uri, Callback<AuthorizeResponse> callback) {
        this.f4783j = callback;
        try {
            Uri.Builder buildUpon = uri.buildUpon();
            int i10 = AnonymousClass3.f4792a[this.f4782i.ordinal()];
            if (i10 == 1) {
                String generateRandom = Pkce.generateRandom();
                String generateHash = Pkce.generateHash(generateRandom);
                this.f4777d.f("proofKey", generateRandom);
                this.f4777d.f("proofKeyHash", generateHash);
                buildUpon.appendQueryParameter(w0.DIALOG_PARAM_CODE_CHALLENGE_METHOD, this.f4782i.toString()).appendQueryParameter(w0.DIALOG_PARAM_CODE_CHALLENGE, generateHash).build();
            } else if (i10 != 2) {
                throw new IllegalArgumentException("Unsupported PKCE mode was chosen, please choose another");
            }
            Uri build = buildUpon.build();
            String queryParameter = build.getQueryParameter("client_id");
            this.f4786m = queryParameter;
            if (queryParameter == null) {
                throw new IllegalArgumentException("The authorize URI must contain a client_id");
            }
            String queryParameter2 = build.getQueryParameter(w0.DIALOG_PARAM_REDIRECT_URI);
            if (queryParameter2 == null) {
                throw new IllegalArgumentException("The authorize URI must contain a redirect_uri");
            }
            this.f4777d.f(f4773z, queryParameter2);
            Uri.parse(queryParameter2);
            if (build.getQueryParameter(w0.DIALOG_PARAM_RESPONSE_TYPE) == null) {
                buildUpon.appendQueryParameter(w0.DIALOG_PARAM_RESPONSE_TYPE, "code").build();
            }
            String queryParameter3 = build.getQueryParameter("state");
            this.f4784k = queryParameter3;
            if (queryParameter3 == null) {
                String generateRandom2 = Pkce.generateRandom();
                this.f4784k = generateRandom2;
                buildUpon.appendQueryParameter("state", generateRandom2).build();
            }
            this.f4777d.f("state", this.f4784k);
            g(buildUpon.build());
        } catch (Exception e10) {
            callback.a(e10);
        }
    }

    public void e(Callback<OAuth2Tokens> callback) {
        String b10;
        try {
            OAuth2Tokens d10 = this.f4777d.d();
            if (d10.f4802f != null && (d10.f4803g.longValue() + d10.f4802f.longValue()) - System.currentTimeMillis() < 60000) {
                if (d10.f4800d == null || (b10 = this.f4777d.b(f4770w)) == null) {
                    callback.a(new Exception("No cached tokens available, refresh not available."));
                } else {
                    h(Uri.parse(b10), new HashMap(), new HashMap(), callback);
                }
            }
            callback.b(d10);
        } catch (Exception e10) {
            callback.a(e10);
        }
    }

    public boolean f(Uri uri) {
        if (uri == null) {
            return false;
        }
        String b10 = this.f4777d.b(f4773z);
        String b11 = this.f4777d.b(f4772y);
        if (b10 != null) {
            Uri parse = Uri.parse(b10);
            if (uri.getScheme().equals(parse.getScheme()) && uri.getAuthority().equals(parse.getAuthority()) && uri.getPath().equals(parse.getPath()) && uri.getQueryParameterNames().containsAll(parse.getQueryParameterNames())) {
                String queryParameter = uri.getQueryParameter("code");
                if (!this.f4777d.b("state").equals(uri.getQueryParameter("state"))) {
                    return false;
                }
                this.f4787n = uri.getQueryParameter("error");
                this.f4788o = uri.getQueryParameter(t0.BRIDGE_ARG_ERROR_DESCRIPTION);
                this.f4789p = uri.getQueryParameter("error_uri");
                this.f4791r = true;
                if (this.f4787n != null) {
                    Callback<AuthorizeResponse> callback = this.f4783j;
                    if (callback != null) {
                        callback.a(new OAuth2Exception("Authorization call failed with response from authorization server", this.f4787n, this.f4788o, this.f4789p));
                        this.f4783j = null;
                    }
                    return true;
                }
                if (queryParameter == null) {
                    return false;
                }
                if (this.f4783j != null) {
                    AuthorizeResponse authorizeResponse = new AuthorizeResponse();
                    authorizeResponse.f4765b = queryParameter;
                    authorizeResponse.f4764a = uri;
                    this.f4783j.b(authorizeResponse);
                    this.f4783j = null;
                }
                return true;
            }
        }
        if (b11 != null) {
            Uri parse2 = Uri.parse(b11);
            if (uri.getScheme().equals(parse2.getScheme()) && uri.getAuthority().equals(parse2.getAuthority()) && uri.getPath().equals(parse2.getPath()) && uri.getQueryParameterNames().containsAll(parse2.getQueryParameterNames())) {
                this.f4791r = true;
                Callback<Void> callback2 = this.f4790q;
                if (callback2 != null) {
                    callback2.b(null);
                    this.f4790q = null;
                }
                return true;
            }
        }
        return false;
    }

    public void g(Uri uri) {
        CustomTabsIntent build = new CustomTabsIntent.Builder(this.f4780g).build();
        build.intent.setPackage(f4767t);
        build.intent.addFlags(1073741824);
        build.intent.addFlags(268435456);
        this.f4791r = false;
        build.launchUrl(this.f4776c, uri);
    }

    public void h(Uri uri, Map<String, String> map, Map<String, String> map2, Callback<OAuth2Tokens> callback) {
        String b10 = this.f4777d.b(OAuth2Constants.TokenResponseFields.REFRESH_TOKEN.toString());
        if (b10 == null) {
            callback.a(new IllegalStateException("Refresh called without refresh token available"));
        }
        try {
            if (map2.get(OAuth2Constants.f4796b) == null) {
                map2.put(OAuth2Constants.f4796b, OAuth2Constants.GrantTypes.REFRESH_TOKEN.toString());
            }
            if (map2.get("refresh_token") == null) {
                if (b10 == null) {
                    throw new IllegalArgumentException("The refresh flow must contain a refresh_token");
                }
                map2.put("refresh_token", b10);
            }
            OAuth2Tokens b11 = HTTPUtil.b(HTTPUtil.a(new URL(uri.toString()), map, map2, this.f4785l));
            this.f4777d.e(b11);
            callback.b(b11);
        } catch (Exception e10) {
            callback.a(new Exception("Failed to refresh tokens with service", e10));
        }
    }

    public void i(Uri uri, Map<String, String> map, Map<String, String> map2, String str, Callback<OAuth2Tokens> callback) {
        String b10 = this.f4777d.b("proofKey");
        if (b10 == null && !this.f4782i.equals(PKCEMode.NONE)) {
            callback.a(new Exception("Proof key could not be found from current session."));
        }
        try {
            if (map2.get("client_id") == null) {
                throw new IllegalArgumentException("The token exchange must contain a client_id");
            }
            if (map2.get(w0.DIALOG_PARAM_REDIRECT_URI) == null) {
                throw new IllegalArgumentException("The token exchange must contain a redirect_uri");
            }
            if (map2.get("code") == null) {
                if (str == null) {
                    throw new IllegalArgumentException("The token exchange must contain a code");
                }
                map2.put("code", str);
            }
            if (map2.get("code_verifier") == null) {
                if (b10 == null) {
                    throw new IllegalStateException("The token exchange must contain a code verifier");
                }
                map2.put("code_verifier", b10);
            }
            if (map2.get(OAuth2Constants.f4796b) == null) {
                map2.put(OAuth2Constants.f4796b, OAuth2Constants.GrantTypes.AUTHORIZATION_CODE.toString());
            }
            this.f4777d.f(f4770w, uri.toString());
            OAuth2Tokens b11 = HTTPUtil.b(HTTPUtil.a(new URL(uri.toString()), map, map2, this.f4785l));
            this.f4777d.e(b11);
            callback.b(b11);
        } catch (Exception e10) {
            callback.a(new Exception("Failed to exchange code for tokens", e10));
        }
    }

    public void j(PKCEMode pKCEMode) {
        this.f4782i = pKCEMode;
    }

    public void k(boolean z10) {
        this.f4778e = z10;
        this.f4777d.h(z10);
    }

    public void l(String str) {
        this.f4785l = str;
    }

    public void m() {
        this.f4777d.a();
        this.f4790q = null;
        this.f4783j = null;
        this.f4782i = PKCEMode.S256;
        this.f4784k = null;
        this.f4786m = null;
        this.f4787n = null;
        this.f4788o = null;
        this.f4789p = null;
    }

    public void n(Uri uri, Callback<Void> callback) {
        this.f4790q = callback;
        String queryParameter = uri.getQueryParameter(w0.DIALOG_PARAM_REDIRECT_URI);
        if (queryParameter == null) {
            throw new IllegalArgumentException("The sign-out URI must contain a redirect_uri");
        }
        this.f4777d.f(f4772y, queryParameter);
        Uri.parse(queryParameter);
        g(uri);
    }
}
