package com.auth0.android.provider;

import android.app.Activity;
import android.net.Uri;
import android.text.TextUtils;
import android.util.Base64;
import android.util.Log;
import com.auth0.android.authentication.AuthenticationException;
import com.auth0.android.jwt.DecodeException;
import java.security.SecureRandom;
import java.util.Date;
import java.util.HashMap;
import java.util.Map;

/* JADX INFO: Access modifiers changed from: package-private */
/* compiled from: OAuthManager.java */
/* loaded from: classes.dex */
public class g {

    /* renamed from: j, reason: collision with root package name */
    private static final String f5386j = "g";

    /* renamed from: a, reason: collision with root package name */
    private final a2.a f5387a;

    /* renamed from: b, reason: collision with root package name */
    private final f2.a f5388b;

    /* renamed from: c, reason: collision with root package name */
    private final Map<String, String> f5389c;

    /* renamed from: d, reason: collision with root package name */
    private boolean f5390d;

    /* renamed from: e, reason: collision with root package name */
    private boolean f5391e = true;

    /* renamed from: f, reason: collision with root package name */
    private int f5392f;

    /* renamed from: g, reason: collision with root package name */
    private h f5393g;

    /* renamed from: h, reason: collision with root package name */
    private Long f5394h;

    /* renamed from: i, reason: collision with root package name */
    private e f5395i;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* compiled from: OAuthManager.java */
    /* loaded from: classes.dex */
    public class a implements f2.a {

        /* renamed from: a, reason: collision with root package name */
        final /* synthetic */ h2.a f5396a;

        a(h2.a aVar) {
            this.f5396a = aVar;
        }

        @Override // f2.a
        public void a(h2.a aVar) {
            g.this.f5388b.a(g.m(this.f5396a, aVar));
        }

        @Override // f2.a
        public void b(AuthenticationException authenticationException) {
            g.this.f5388b.b(authenticationException);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public g(a2.a aVar, f2.a aVar2, Map<String, String> map) {
        this.f5387a = aVar;
        this.f5388b = aVar2;
        this.f5389c = new HashMap(map);
    }

    private void b(Map<String, String> map, String str) {
        if (this.f5387a.g() != null) {
            map.put("auth0Client", this.f5387a.g().a());
        }
        map.put("client_id", this.f5387a.c());
        map.put("redirect_uri", str);
    }

    private void c(Map<String, String> map, String str) {
        if (r()) {
            try {
                i(str);
                map.put("code_challenge", this.f5393g.c());
                map.put("code_challenge_method", "S256");
                Log.v(f5386j, "Using PKCE authentication flow");
            } catch (IllegalStateException e10) {
                Log.e(f5386j, "Some algorithms aren't available on this device and PKCE can't be used. Defaulting to token response_type.", e10);
            }
        }
    }

    private void d(Map<String, String> map) {
        map.put("state", k(map.get("state")));
        if (map.containsKey("response_type") && map.get("response_type").contains("id_token")) {
            map.put("nonce", k(map.get("nonce")));
        }
    }

    private void e(String str, String str2) throws AuthenticationException {
        if (str == null) {
            return;
        }
        Log.e(f5386j, "Error, access denied. Check that the required Permissions are granted and that the Application has this Connection configured in Auth0 Dashboard.");
        if ("access_denied".equalsIgnoreCase(str)) {
            throw new AuthenticationException("access_denied", "Permissions were not granted. Try again.");
        }
        if ("unauthorized".equalsIgnoreCase(str)) {
            throw new AuthenticationException("unauthorized", str2);
        }
        if (!"login_required".equals(str)) {
            throw new AuthenticationException("a0.invalid_configuration", "The application isn't configured properly for the social connection. Please check your Auth0's application configuration");
        }
        throw new AuthenticationException(str, str2);
    }

    static void f(String str, String str2) throws AuthenticationException {
        boolean z10;
        try {
            z10 = str.equals(new com.auth0.android.jwt.d(str2).c("nonce").a());
        } catch (DecodeException e10) {
            Log.e(f5386j, "An exception occurred when trying to validate the token's 'nonce' claim. " + e10.getMessage(), e10);
            z10 = false;
        }
        if (z10) {
            return;
        }
        Log.e(f5386j, "Received nonce doesn't match.");
        throw new AuthenticationException("access_denied", "The received nonce is invalid. Try again.");
    }

    static void g(String str, String str2) throws AuthenticationException {
        if (str.equals(str2)) {
            return;
        }
        Log.e(f5386j, String.format("Received state doesn't match. Received %s but expected %s", str2, str));
        throw new AuthenticationException("access_denied", "The received state is invalid. Try again.");
    }

    private Uri h() {
        Uri.Builder buildUpon = Uri.parse(this.f5387a.b()).buildUpon();
        for (Map.Entry<String, String> entry : this.f5389c.entrySet()) {
            buildUpon.appendQueryParameter(entry.getKey(), entry.getValue());
        }
        Uri build = buildUpon.build();
        l("Using the following AuthorizeURI: " + build.toString());
        return build;
    }

    private void i(String str) {
        if (this.f5393g == null) {
            this.f5393g = new h(new b2.a(this.f5387a), str);
        }
    }

    private long j() {
        Long l10 = this.f5394h;
        return l10 != null ? l10.longValue() : System.currentTimeMillis();
    }

    static String k(String str) {
        return str != null ? str : o();
    }

    private void l(String str) {
        if (this.f5387a.i()) {
            Log.d(f5386j, str);
        }
    }

    static h2.a m(h2.a aVar, h2.a aVar2) {
        return new h2.a(TextUtils.isEmpty(aVar2.d()) ? aVar.d() : aVar2.d(), TextUtils.isEmpty(aVar2.a()) ? aVar.a() : aVar2.a(), TextUtils.isEmpty(aVar2.g()) ? aVar.g() : aVar2.g(), TextUtils.isEmpty(aVar2.e()) ? aVar.e() : aVar2.e(), aVar2.c() != null ? aVar2.c() : aVar.c(), TextUtils.isEmpty(aVar2.f()) ? aVar.f() : aVar2.f());
    }

    private static String o() {
        byte[] bArr = new byte[32];
        new SecureRandom().nextBytes(bArr);
        return Base64.encodeToString(bArr, 11);
    }

    private boolean r() {
        return this.f5389c.containsKey("response_type") && this.f5389c.get("response_type").contains("code") && h.e();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean n(b bVar) {
        if (!bVar.c(this.f5392f)) {
            Log.w(f5386j, "The Authorize Result is invalid.");
            return false;
        }
        Map<String, String> c10 = c.c(bVar.a().getData());
        if (c10.isEmpty()) {
            Log.w(f5386j, "The response didn't contain any of these values: code, state, id_token, access_token, token_type, refresh_token");
            return false;
        }
        l("The parsed CallbackURI contains the following values: " + c10);
        try {
            e(c10.get("error"), c10.get("error_description"));
            g(this.f5389c.get("state"), c10.get("state"));
            if (this.f5389c.containsKey("response_type") && this.f5389c.get("response_type").contains("id_token")) {
                f(this.f5389c.get("nonce"), c10.get("id_token"));
            }
            Log.d(f5386j, "Authenticated using web flow");
            h2.a aVar = new h2.a(c10.get("id_token"), c10.get("access_token"), c10.get("token_type"), c10.get("refresh_token"), !c10.containsKey("expires_in") ? null : new Date(j() + (Long.valueOf(c10.get("expires_in")).longValue() * 1000)), c10.get("scope"));
            if (r()) {
                this.f5393g.d(c10.get("code"), new a(aVar));
                return true;
            }
            this.f5388b.a(aVar);
            return true;
        } catch (AuthenticationException e10) {
            this.f5388b.b(e10);
            return true;
        }
    }

    public void p(e eVar) {
        this.f5395i = eVar;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void q(h hVar) {
        this.f5393g = hVar;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void s(Activity activity2, String str, int i10) {
        c(this.f5389c, str);
        b(this.f5389c, str);
        d(this.f5389c);
        Uri h10 = h();
        this.f5392f = i10;
        if (this.f5391e) {
            AuthenticationActivity.a(activity2, h10, this.f5395i);
        } else {
            AuthenticationActivity.b(activity2, h10, i10, this.f5389c.get("connection"), this.f5390d);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void t(boolean z10) {
        this.f5391e = z10;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void u(boolean z10) {
        this.f5390d = z10;
    }
}
