package com.amazonaws.mobile.client.internal.oauth2;

import android.content.ComponentName;
import android.content.Context;
import android.net.Uri;
import android.os.Bundle;
import android.util.Log;
import androidx.browser.customtabs.CustomTabsCallback;
import androidx.browser.customtabs.CustomTabsClient;
import androidx.browser.customtabs.CustomTabsIntent;
import androidx.browser.customtabs.CustomTabsServiceConnection;
import androidx.browser.customtabs.CustomTabsSession;
import com.amazonaws.mobile.client.AWSMobileClient;
import com.amazonaws.mobile.client.Callback;
import com.amazonaws.mobile.client.internal.oauth2.OAuth2Constants;
import com.amazonaws.mobileconnectors.cognitoauth.util.ClientConstants;
import com.amazonaws.mobileconnectors.cognitoauth.util.Pkce;
import java.net.URL;
import java.util.HashMap;
import java.util.Map;

/* loaded from: classes5.dex */
public class OAuth2Client {
    public static final String a = OAuth2Client.class.getSimpleName();
    public static final String b = "com.android.chrome";
    public static final String c = "com.amazonaws.mobile.client.oauth2";
    public static final String d = "tokenUri";
    public static final String e = "createDate";
    public static final String f = "signOutRedirectUri";
    public static final String g = "signInRedirectUri";
    private static final long r = 60000;
    final AWSMobileClient h;
    final Context j;
    CustomTabsClient l;
    CustomTabsSession m;
    Callback<AuthorizeResponse> p;
    String q;
    private String t;
    private String u;
    private String v;
    private String w;
    private Callback<Void> x;
    private boolean y;
    boolean k = true;
    PKCEMode o = PKCEMode.S256;
    private final OAuth2ClientStore s = new OAuth2ClientStore(this);
    CustomTabsCallback n = new CustomTabsCallback() { // from class: com.amazonaws.mobile.client.internal.oauth2.OAuth2Client.1
        @Override // androidx.browser.customtabs.CustomTabsCallback
        public void onNavigationEvent(int i, Bundle bundle) {
            super.onNavigationEvent(i, bundle);
            if (i != 6 || OAuth2Client.this.y) {
                return;
            }
            if (OAuth2Client.this.x != null) {
                OAuth2Client.this.x.a(new Exception("User cancelled flow or flow interrupted."));
                OAuth2Client.this.x = null;
            } else if (OAuth2Client.this.p != null) {
                OAuth2Client.this.p.a(new Exception("User cancelled flow or flow interrupted."));
                OAuth2Client.this.p = null;
            }
        }
    };
    final CustomTabsServiceConnection i = new CustomTabsServiceConnection() { // from class: com.amazonaws.mobile.client.internal.oauth2.OAuth2Client.2
        @Override // androidx.browser.customtabs.CustomTabsServiceConnection
        public void onCustomTabsServiceConnected(ComponentName componentName, CustomTabsClient customTabsClient) {
            OAuth2Client.this.l = customTabsClient;
            OAuth2Client.this.l.warmup(0L);
            OAuth2Client.this.m = OAuth2Client.this.l.newSession(OAuth2Client.this.n);
        }

        @Override // android.content.ServiceConnection
        public void onServiceDisconnected(ComponentName componentName) {
            OAuth2Client.this.l = null;
        }
    };

    /* loaded from: classes2.dex */
    public enum PKCEMode {
        NONE(""),
        S256(ClientConstants.o);

        private String encode;

        PKCEMode(String str) {
            this.encode = str;
        }

        public boolean equals(PKCEMode pKCEMode) {
            return pKCEMode.encode.equals(this.encode);
        }

        @Override // java.lang.Enum
        public String toString() {
            return this.encode;
        }
    }

    public OAuth2Client(Context context, AWSMobileClient aWSMobileClient) {
        this.h = aWSMobileClient;
        this.j = context;
        if (CustomTabsClient.bindCustomTabsService(this.j, "com.android.chrome", this.i)) {
            return;
        }
        Log.d(a, "OAuth2Client: Failed to pre-warm custom tab, first page load may be slower");
    }

    public void a() {
        this.s.b();
        this.x = null;
        this.p = null;
        this.o = PKCEMode.S256;
        this.q = null;
        this.t = null;
        this.u = null;
        this.v = null;
        this.w = null;
    }

    public void a(Uri uri) {
        CustomTabsIntent build = new CustomTabsIntent.Builder(this.m).build();
        build.intent.setPackage("com.android.chrome");
        build.intent.addFlags(1073741824);
        build.intent.addFlags(268435456);
        this.y = false;
        build.launchUrl(this.j, uri);
    }

    public void a(Uri uri, Callback<Void> callback) {
        this.x = callback;
        String queryParameter = uri.getQueryParameter(ClientConstants.r);
        if (queryParameter == null) {
            throw new IllegalArgumentException("The sign-out URI must contain a redirect_uri");
        }
        this.s.a(f, queryParameter);
        Uri.parse(queryParameter);
        a(uri);
    }

    public void a(Uri uri, Map<String, String> map, Map<String, String> map2, Callback<OAuth2Tokens> callback) {
        String a2 = this.s.a(OAuth2Constants.TokenResponseFields.REFRESH_TOKEN.toString());
        if (a2 == null) {
            callback.a(new IllegalStateException("Refresh called without refresh token available"));
        }
        try {
            if (map2.get("grant_type") == null) {
                map2.put("grant_type", OAuth2Constants.GrantTypes.REFRESH_TOKEN.toString());
            }
            if (map2.get("refresh_token") == null) {
                if (a2 == null) {
                    throw new IllegalArgumentException("The refresh flow must contain a refresh_token");
                }
                map2.put("refresh_token", a2);
            }
            OAuth2Tokens a3 = HTTPUtil.a(HTTPUtil.a(new URL(uri.toString()), map, map2));
            this.s.a(a3);
            callback.a((Callback<OAuth2Tokens>) a3);
        } catch (Exception e2) {
            callback.a(new Exception("Failed to refresh tokens with service", e2));
        }
    }

    public void a(Uri uri, Map<String, String> map, Map<String, String> map2, String str, Callback<OAuth2Tokens> callback) {
        String a2 = this.s.a("proofKey");
        if (a2 == null && !this.o.equals(PKCEMode.NONE)) {
            callback.a(new Exception("Proof key could not be found from current session."));
        }
        try {
            if (map2.get("client_id") == null) {
                throw new IllegalArgumentException("The token exchange must contain a client_id");
            }
            if (map2.get(ClientConstants.r) == null) {
                throw new IllegalArgumentException("The token exchange must contain a redirect_uri");
            }
            if (map2.get("code") == null) {
                if (str == null) {
                    throw new IllegalArgumentException("The token exchange must contain a code");
                }
                map2.put("code", str);
            }
            if (map2.get(ClientConstants.p) == null) {
                if (a2 == null) {
                    throw new IllegalStateException("The token exchange must contain a code verifier");
                }
                map2.put(ClientConstants.p, a2);
            }
            if (map2.get("grant_type") == null) {
                map2.put("grant_type", OAuth2Constants.GrantTypes.AUTHORIZATION_CODE.toString());
            }
            this.s.a(d, uri.toString());
            OAuth2Tokens a3 = HTTPUtil.a(HTTPUtil.a(new URL(uri.toString()), map, map2));
            this.s.a(a3);
            callback.a((Callback<OAuth2Tokens>) a3);
        } catch (Exception e2) {
            callback.a(new Exception("Failed to exchange code for tokens", e2));
        }
    }

    public void a(Callback<OAuth2Tokens> callback) {
        String a2;
        try {
            OAuth2Tokens a3 = this.s.a();
            if (a3.f != null && (a3.g.longValue() + a3.f.longValue()) - System.currentTimeMillis() < 60000) {
                if (a3.d == null || (a2 = this.s.a(d)) == null) {
                    callback.a(new Exception("No cached tokens available, refresh not available."));
                } else {
                    a(Uri.parse(a2), new HashMap(), new HashMap(), callback);
                }
            }
            callback.a((Callback<OAuth2Tokens>) a3);
        } catch (Exception e2) {
            callback.a(e2);
        }
    }

    public void a(PKCEMode pKCEMode) {
        this.o = pKCEMode;
    }

    public void a(boolean z) {
        this.k = z;
        this.s.a(z);
    }

    public void b(Uri uri, Callback<AuthorizeResponse> callback) {
        this.p = callback;
        try {
            Uri.Builder buildUpon = uri.buildUpon();
            switch (this.o) {
                case S256:
                    String a2 = Pkce.a();
                    String a3 = Pkce.a(a2);
                    this.s.a("proofKey", a2);
                    this.s.a("proofKeyHash", a3);
                    buildUpon.appendQueryParameter(ClientConstants.n, this.o.toString()).appendQueryParameter(ClientConstants.m, a3).build();
                    break;
                case NONE:
                    break;
                default:
                    throw new IllegalArgumentException("Unsupported PKCE mode was chosen, please choose another");
            }
            Uri build = buildUpon.build();
            this.t = build.getQueryParameter("client_id");
            if (this.t == null) {
                throw new IllegalArgumentException("The authorize URI must contain a client_id");
            }
            String queryParameter = build.getQueryParameter(ClientConstants.r);
            if (queryParameter == null) {
                throw new IllegalArgumentException("The authorize URI must contain a redirect_uri");
            }
            this.s.a(g, queryParameter);
            Uri.parse(queryParameter);
            if (build.getQueryParameter(ClientConstants.t) == null) {
                buildUpon.appendQueryParameter(ClientConstants.t, "code").build();
            }
            this.q = build.getQueryParameter(ClientConstants.v);
            if (this.q == null) {
                this.q = Pkce.a();
                buildUpon.appendQueryParameter(ClientConstants.v, this.q).build();
            }
            this.s.a(ClientConstants.v, this.q);
            a(buildUpon.build());
        } catch (Exception e2) {
            callback.a(e2);
        }
    }

    public boolean b(Uri uri) {
        if (uri == null) {
            return false;
        }
        String a2 = this.s.a(g);
        String a3 = this.s.a(f);
        if (a2 != null) {
            Uri parse = Uri.parse(a2);
            if (uri.getScheme().equals(parse.getScheme()) && uri.getAuthority().equals(parse.getAuthority()) && uri.getPath().equals(parse.getPath()) && uri.getQueryParameterNames().containsAll(parse.getQueryParameterNames())) {
                String queryParameter = uri.getQueryParameter("code");
                if (!this.s.a(ClientConstants.v).equals(uri.getQueryParameter(ClientConstants.v))) {
                    return false;
                }
                this.u = uri.getQueryParameter("error");
                this.v = uri.getQueryParameter("error_description");
                this.w = uri.getQueryParameter("error_uri");
                this.y = true;
                if (this.u != null) {
                    if (this.p != null) {
                        this.p.a(new OAuth2Exception("Authorization call failed with response from authorization server", this.u, this.v, this.w));
                        this.p = null;
                    }
                    return true;
                }
                if (queryParameter == null) {
                    return false;
                }
                if (this.p != null) {
                    AuthorizeResponse authorizeResponse = new AuthorizeResponse();
                    authorizeResponse.b = queryParameter;
                    authorizeResponse.a = uri;
                    this.p.a((Callback<AuthorizeResponse>) authorizeResponse);
                    this.p = null;
                }
                return true;
            }
        }
        if (a3 == null) {
            return false;
        }
        Uri parse2 = Uri.parse(a3);
        if (!uri.getScheme().equals(parse2.getScheme()) || !uri.getAuthority().equals(parse2.getAuthority()) || !uri.getPath().equals(parse2.getPath()) || !uri.getQueryParameterNames().containsAll(parse2.getQueryParameterNames())) {
            return false;
        }
        this.y = true;
        if (this.x != null) {
            this.x.a((Callback<Void>) null);
            this.x = null;
        }
        return true;
    }
}
