package com.amazonaws.mobile.client.internal.oauth2;

import android.content.ComponentName;
import android.content.Context;
import android.net.Uri;
import android.os.Bundle;
import android.util.Log;
import androidx.browser.customtabs.CustomTabsCallback;
import androidx.browser.customtabs.CustomTabsClient;
import androidx.browser.customtabs.CustomTabsIntent;
import androidx.browser.customtabs.CustomTabsServiceConnection;
import androidx.browser.customtabs.CustomTabsSession;
import androidx.constraintlayout.solver.widgets.analyzer.BasicMeasure;
import com.amazonaws.mobile.client.AWSMobileClient;
import com.amazonaws.mobile.client.f;
import com.amazonaws.mobile.client.internal.oauth2.OAuth2Constants;
import com.amazonaws.mobileconnectors.cognitoauth.util.Pkce;
import com.tencent.android.tpns.mqtt.internal.ClientDefaults;
import java.net.URL;
import java.util.HashMap;
import java.util.Map;

/* loaded from: classes.dex */
public class OAuth2Client {
    public static final String r = OAuth2Client.class.getSimpleName();
    public static final String s = "com.android.chrome";
    public static final String t = "com.amazonaws.mobile.client.oauth2";
    private static final long u = 60000;
    public static final String v = "tokenUri";
    public static final String w = "createDate";
    public static final String x = "signOutRedirectUri";
    public static final String y = "signInRedirectUri";

    /* renamed from: a, reason: collision with root package name */
    final AWSMobileClient f4390a;

    /* renamed from: b, reason: collision with root package name */
    final CustomTabsServiceConnection f4391b;

    /* renamed from: c, reason: collision with root package name */
    final Context f4392c;

    /* renamed from: f, reason: collision with root package name */
    CustomTabsClient f4395f;

    /* renamed from: g, reason: collision with root package name */
    CustomTabsSession f4396g;
    f<com.amazonaws.mobile.client.internal.oauth2.a> j;
    String k;
    private String l;
    private String m;
    private String n;
    private String o;
    private f<Void> p;
    private boolean q;

    /* renamed from: e, reason: collision with root package name */
    boolean f4394e = true;

    /* renamed from: i, reason: collision with root package name */
    PKCEMode f4398i = PKCEMode.S256;

    /* renamed from: d, reason: collision with root package name */
    private final com.amazonaws.mobile.client.internal.oauth2.c f4393d = new com.amazonaws.mobile.client.internal.oauth2.c(this);

    /* renamed from: h, reason: collision with root package name */
    CustomTabsCallback f4397h = new a();

    /* loaded from: classes.dex */
    public enum PKCEMode {
        NONE(""),
        S256("S256");

        private String encode;

        PKCEMode(String str) {
            this.encode = str;
        }

        public boolean equals(PKCEMode pKCEMode) {
            return pKCEMode.encode.equals(this.encode);
        }

        @Override // java.lang.Enum
        public String toString() {
            return this.encode;
        }
    }

    /* loaded from: classes.dex */
    class a extends CustomTabsCallback {
        a() {
        }

        public void onNavigationEvent(int i2, Bundle bundle) {
            super.onNavigationEvent(i2, bundle);
            if (i2 != 6 || OAuth2Client.this.q) {
                return;
            }
            if (OAuth2Client.this.p != null) {
                OAuth2Client.this.p.onError(new Exception("User cancelled flow or flow interrupted."));
                OAuth2Client.this.p = null;
                return;
            }
            f<com.amazonaws.mobile.client.internal.oauth2.a> fVar = OAuth2Client.this.j;
            if (fVar != null) {
                fVar.onError(new Exception("User cancelled flow or flow interrupted."));
                OAuth2Client.this.j = null;
            }
        }
    }

    /* loaded from: classes.dex */
    class b extends CustomTabsServiceConnection {
        b() {
        }

        public void a(ComponentName componentName, CustomTabsClient customTabsClient) {
            OAuth2Client.this.f4395f = customTabsClient;
            customTabsClient.warmup(0L);
            OAuth2Client oAuth2Client = OAuth2Client.this;
            oAuth2Client.f4396g = oAuth2Client.f4395f.newSession(oAuth2Client.f4397h);
        }

        public void b(ComponentName componentName) {
            OAuth2Client.this.f4395f = null;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes.dex */
    public static /* synthetic */ class c {

        /* renamed from: a, reason: collision with root package name */
        static final /* synthetic */ int[] f4401a;

        static {
            int[] iArr = new int[PKCEMode.values().length];
            f4401a = iArr;
            try {
                iArr[PKCEMode.S256.ordinal()] = 1;
            } catch (NoSuchFieldError e2) {
            }
            try {
                f4401a[PKCEMode.NONE.ordinal()] = 2;
            } catch (NoSuchFieldError e3) {
            }
        }
    }

    public OAuth2Client(Context context, AWSMobileClient aWSMobileClient) {
        this.f4390a = aWSMobileClient;
        this.f4392c = context;
        b bVar = new b();
        this.f4391b = bVar;
        if (CustomTabsClient.bindCustomTabsService(context, s, bVar)) {
            return;
        }
        Log.d(r, "OAuth2Client: Failed to pre-warm custom tab, first page load may be slower");
    }

    public void d(Uri uri, f<com.amazonaws.mobile.client.internal.oauth2.a> fVar) {
        this.j = fVar;
        try {
            Uri.Builder buildUpon = uri.buildUpon();
            int i2 = c.f4401a[this.f4398i.ordinal()];
            if (i2 == 1) {
                String generateRandom = Pkce.generateRandom();
                String generateHash = Pkce.generateHash(generateRandom);
                this.f4393d.f("proofKey", generateRandom);
                this.f4393d.f("proofKeyHash", generateHash);
                buildUpon.appendQueryParameter("code_challenge_method", this.f4398i.toString()).appendQueryParameter("code_challenge", generateHash).build();
            } else if (i2 != 2) {
                throw new IllegalArgumentException("Unsupported PKCE mode was chosen, please choose another");
            }
            Uri build = buildUpon.build();
            String queryParameter = build.getQueryParameter("client_id");
            this.l = queryParameter;
            if (queryParameter == null) {
                throw new IllegalArgumentException("The authorize URI must contain a client_id");
            }
            String queryParameter2 = build.getQueryParameter("redirect_uri");
            if (queryParameter2 == null) {
                throw new IllegalArgumentException("The authorize URI must contain a redirect_uri");
            }
            this.f4393d.f(y, queryParameter2);
            Uri.parse(queryParameter2);
            if (build.getQueryParameter("response_type") == null) {
                buildUpon.appendQueryParameter("response_type", com.heytap.mcssdk.a.a.j).build();
            }
            String queryParameter3 = build.getQueryParameter("state");
            this.k = queryParameter3;
            if (queryParameter3 == null) {
                String generateRandom2 = Pkce.generateRandom();
                this.k = generateRandom2;
                buildUpon.appendQueryParameter("state", generateRandom2).build();
            }
            this.f4393d.f("state", this.k);
            g(buildUpon.build());
        } catch (Exception e2) {
            fVar.onError(e2);
        }
    }

    public void e(f<d> fVar) {
        String b2;
        try {
            d d2 = this.f4393d.d();
            if (d2.f4413f != null && (d2.f4414g.longValue() + d2.f4413f.longValue()) - System.currentTimeMillis() < 60000) {
                if (d2.f4411d == null || (b2 = this.f4393d.b(v)) == null) {
                    fVar.onError(new Exception("No cached tokens available, refresh not available."));
                } else {
                    h(Uri.parse(b2), new HashMap(), new HashMap(), fVar);
                }
            }
            fVar.onResult(d2);
        } catch (Exception e2) {
            fVar.onError(e2);
        }
    }

    public boolean f(Uri uri) {
        if (uri == null) {
            return false;
        }
        String b2 = this.f4393d.b(y);
        String b3 = this.f4393d.b(x);
        if (b2 != null) {
            Uri parse = Uri.parse(b2);
            if (uri.getScheme().equals(parse.getScheme()) && uri.getAuthority().equals(parse.getAuthority()) && uri.getPath().equals(parse.getPath()) && uri.getQueryParameterNames().containsAll(parse.getQueryParameterNames())) {
                String queryParameter = uri.getQueryParameter(com.heytap.mcssdk.a.a.j);
                if (!this.f4393d.b("state").equals(uri.getQueryParameter("state"))) {
                    return false;
                }
                this.m = uri.getQueryParameter("error");
                this.n = uri.getQueryParameter("error_description");
                this.o = uri.getQueryParameter("error_uri");
                this.q = true;
                if (this.m != null) {
                    f<com.amazonaws.mobile.client.internal.oauth2.a> fVar = this.j;
                    if (fVar != null) {
                        fVar.onError(new OAuth2Exception("Authorization call failed with response from authorization server", this.m, this.n, this.o));
                        this.j = null;
                    }
                    return true;
                }
                if (queryParameter == null) {
                    return false;
                }
                if (this.j != null) {
                    com.amazonaws.mobile.client.internal.oauth2.a aVar = new com.amazonaws.mobile.client.internal.oauth2.a();
                    aVar.f4405b = queryParameter;
                    aVar.f4404a = uri;
                    this.j.onResult(aVar);
                    this.j = null;
                }
                return true;
            }
        }
        if (b3 != null) {
            Uri parse2 = Uri.parse(b3);
            if (uri.getScheme().equals(parse2.getScheme()) && uri.getAuthority().equals(parse2.getAuthority()) && uri.getPath().equals(parse2.getPath()) && uri.getQueryParameterNames().containsAll(parse2.getQueryParameterNames())) {
                this.q = true;
                f<Void> fVar2 = this.p;
                if (fVar2 != null) {
                    fVar2.onResult(null);
                    this.p = null;
                }
                return true;
            }
        }
        return false;
    }

    public void g(Uri uri) {
        CustomTabsIntent build = new CustomTabsIntent.Builder(this.f4396g).build();
        build.intent.setPackage(s);
        build.intent.addFlags(BasicMeasure.EXACTLY);
        build.intent.addFlags(ClientDefaults.MAX_MSG_SIZE);
        this.q = false;
        build.launchUrl(this.f4392c, uri);
    }

    public void h(Uri uri, Map<String, String> map, Map<String, String> map2, f<d> fVar) {
        String b2 = this.f4393d.b(OAuth2Constants.TokenResponseFields.REFRESH_TOKEN.toString());
        if (b2 == null) {
            fVar.onError(new IllegalStateException("Refresh called without refresh token available"));
        }
        try {
            if (map2.get(OAuth2Constants.f4403b) == null) {
                map2.put(OAuth2Constants.f4403b, OAuth2Constants.GrantTypes.REFRESH_TOKEN.toString());
            }
            if (map2.get("refresh_token") == null) {
                if (b2 == null) {
                    throw new IllegalArgumentException("The refresh flow must contain a refresh_token");
                }
                map2.put("refresh_token", b2);
            }
            d b3 = com.amazonaws.mobile.client.internal.oauth2.b.b(com.amazonaws.mobile.client.internal.oauth2.b.a(new URL(uri.toString()), map, map2));
            this.f4393d.e(b3);
            fVar.onResult(b3);
        } catch (Exception e2) {
            fVar.onError(new Exception("Failed to refresh tokens with service", e2));
        }
    }

    public void i(Uri uri, Map<String, String> map, Map<String, String> map2, String str, f<d> fVar) {
        String b2 = this.f4393d.b("proofKey");
        if (b2 == null && !this.f4398i.equals(PKCEMode.NONE)) {
            fVar.onError(new Exception("Proof key could not be found from current session."));
        }
        try {
            if (map2.get("client_id") == null) {
                throw new IllegalArgumentException("The token exchange must contain a client_id");
            }
            if (map2.get("redirect_uri") == null) {
                throw new IllegalArgumentException("The token exchange must contain a redirect_uri");
            }
            if (map2.get(com.heytap.mcssdk.a.a.j) == null) {
                if (str == null) {
                    throw new IllegalArgumentException("The token exchange must contain a code");
                }
                map2.put(com.heytap.mcssdk.a.a.j, str);
            }
            if (map2.get("code_verifier") == null) {
                if (b2 == null) {
                    throw new IllegalStateException("The token exchange must contain a code verifier");
                }
                map2.put("code_verifier", b2);
            }
            if (map2.get(OAuth2Constants.f4403b) == null) {
                map2.put(OAuth2Constants.f4403b, OAuth2Constants.GrantTypes.AUTHORIZATION_CODE.toString());
            }
            this.f4393d.f(v, uri.toString());
            d b3 = com.amazonaws.mobile.client.internal.oauth2.b.b(com.amazonaws.mobile.client.internal.oauth2.b.a(new URL(uri.toString()), map, map2));
            this.f4393d.e(b3);
            fVar.onResult(b3);
        } catch (Exception e2) {
            fVar.onError(new Exception("Failed to exchange code for tokens", e2));
        }
    }

    public void j(PKCEMode pKCEMode) {
        this.f4398i = pKCEMode;
    }

    public void k(boolean z) {
        this.f4394e = z;
        this.f4393d.h(z);
    }

    public void l() {
        this.f4393d.a();
        this.p = null;
        this.j = null;
        this.f4398i = PKCEMode.S256;
        this.k = null;
        this.l = null;
        this.m = null;
        this.n = null;
        this.o = null;
    }

    public void m(Uri uri, f<Void> fVar) {
        this.p = fVar;
        String queryParameter = uri.getQueryParameter("redirect_uri");
        if (queryParameter == null) {
            throw new IllegalArgumentException("The sign-out URI must contain a redirect_uri");
        }
        this.f4393d.f(x, queryParameter);
        Uri.parse(queryParameter);
        g(uri);
    }
}
