package oracle.idm.mobile;

import android.app.Activity;
import android.graphics.Bitmap;
import android.os.Handler;
import android.text.TextUtils;
import android.util.Log;
import android.view.View;
import android.webkit.CookieManager;
import android.webkit.CookieSyncManager;
import android.webkit.WebView;
import android.webkit.WebViewClient;
import java.net.MalformedURLException;
import java.net.URL;
import java.util.ArrayList;
import java.util.Calendar;
import java.util.Date;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import oracle.idm.mobile.OMAuthenticationContext;
import oracle.idm.mobile.callback.OMCredentialCollectorCallback;
import oracle.idm.mobile.callback.OMInputParamCallback;
import oracle.idm.mobile.callback.OMMobileServiceCallback;
import oracle.idm.mobile.util.CookieUtils;
import org.json.JSONException;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: classes.dex */
public class FederatedAuthenticationService extends AuthenticationService {
    private static final String TAG = FederatedAuthenticationService.class.getName();
    private OMFederatedMobileSecurityConfiguration mConfig;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes.dex */
    public class LogoutWebViewClient extends WebViewClient {
        private static final int DEFAULT_LOGOUT_TIMEOUT = 30;
        private static final int TIME_BETWEEN_PAGE_START_AND_FINISH = 3000;
        private CheckLogoutDoneRunnable checkLogoutDoneRunnable;
        private CheckLogoutMaxTimeRunnable checkLogoutMaxTimeRunnable;
        private Handler handler = new Handler();
        private boolean logoutDone;
        private int logoutTimeout;
        private WebView webView;

        /* JADX INFO: Access modifiers changed from: private */
        /* loaded from: classes.dex */
        public class CheckLogoutDoneRunnable implements Runnable {
            private CheckLogoutDoneRunnable() {
            }

            @Override // java.lang.Runnable
            public void run() {
                LogoutWebViewClient.this.onLogoutSuccessful();
            }
        }

        /* JADX INFO: Access modifiers changed from: private */
        /* loaded from: classes.dex */
        public class CheckLogoutMaxTimeRunnable implements Runnable {
            private CheckLogoutMaxTimeRunnable() {
            }

            @Override // java.lang.Runnable
            public void run() {
                Log.e(FederatedAuthenticationService.TAG, "Logout failed as connection timed out.");
                LogoutWebViewClient.this.onLogoutFailed(OMErrorCode.LOGOUT_TIMED_OUT, null);
            }
        }

        public LogoutWebViewClient(WebView webView, int i) {
            this.logoutTimeout = DEFAULT_LOGOUT_TIMEOUT;
            this.webView = webView;
            if (i > 0) {
                this.logoutTimeout = i;
            }
        }

        /* JADX INFO: Access modifiers changed from: private */
        public void onLogoutFailed(OMErrorCode oMErrorCode, String str) {
            if (this.logoutDone) {
                return;
            }
            this.webView.destroy();
            this.handler.removeCallbacks(this.checkLogoutMaxTimeRunnable, null);
            this.handler.removeCallbacks(this.checkLogoutDoneRunnable, null);
            FederatedAuthenticationService.this.removeSessionCookies();
            FederatedAuthenticationService.this.mss.onLogoutCompleted();
            this.logoutDone = true;
            OMMobileServiceCallback callback = FederatedAuthenticationService.this.mss.getCallback();
            if (callback != null) {
                callback.processLogoutResponse(FederatedAuthenticationService.this.mss, new OMMobileSecurityException(oMErrorCode, str, FederatedAuthenticationService.this.mss.getApplicationContext()));
            }
        }

        /* JADX INFO: Access modifiers changed from: private */
        public void onLogoutSuccessful() {
            if (this.logoutDone) {
                return;
            }
            this.webView.destroy();
            this.handler.removeCallbacks(this.checkLogoutMaxTimeRunnable, null);
            FederatedAuthenticationService.this.mss.onLogoutCompleted();
            this.logoutDone = true;
            OMMobileServiceCallback callback = FederatedAuthenticationService.this.mss.getCallback();
            if (callback != null) {
                callback.processLogoutResponse(FederatedAuthenticationService.this.mss, null);
            }
        }

        @Override // android.webkit.WebViewClient
        public void onPageFinished(WebView webView, String str) {
            CookieSyncManager.getInstance().sync();
            Log.d(FederatedAuthenticationService.TAG + "_logout", "onPageFinished : " + str);
            this.handler.removeCallbacks(this.checkLogoutMaxTimeRunnable, null);
            if (this.checkLogoutDoneRunnable == null) {
                this.checkLogoutDoneRunnable = new CheckLogoutDoneRunnable();
            }
            if (!this.handler.postDelayed(this.checkLogoutDoneRunnable, 3000L)) {
                Log.e(FederatedAuthenticationService.TAG, "CheckLogoutDoneRunnable is not placed in MessageQueue!");
                onLogoutFailed(OMErrorCode.INTERNAL_ERROR, null);
            }
            super.onPageFinished(webView, str);
        }

        @Override // android.webkit.WebViewClient
        public void onPageStarted(WebView webView, String str, Bitmap bitmap) {
            Log.d(FederatedAuthenticationService.TAG + "_logout", "onPageStarted : " + str);
            if (this.checkLogoutDoneRunnable != null) {
                this.handler.removeCallbacks(this.checkLogoutDoneRunnable, null);
            }
            if (this.checkLogoutMaxTimeRunnable == null) {
                this.checkLogoutMaxTimeRunnable = new CheckLogoutMaxTimeRunnable();
                this.handler.postDelayed(this.checkLogoutMaxTimeRunnable, this.logoutTimeout * 1000);
            }
            super.onPageStarted(webView, str, bitmap);
        }

        @Override // android.webkit.WebViewClient
        public void onReceivedError(WebView webView, int i, String str, String str2) {
            Log.d(FederatedAuthenticationService.TAG + "_logout", "onReceivedError : description = " + str + " errorCode = " + i + " failingUrl = " + str2);
            super.onReceivedError(webView, i, str, str2);
            onLogoutFailed(OMErrorCode.LOGOUT_FAILED, str);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public FederatedAuthenticationService(OMAuthenticationServiceManager oMAuthenticationServiceManager, OMCredentialCollector oMCredentialCollector) {
        super(oMAuthenticationServiceManager, oMCredentialCollector);
        if (this.mss.getMobileSecurityConfig() instanceof OMFederatedMobileSecurityConfiguration) {
            this.mConfig = (OMFederatedMobileSecurityConfiguration) this.mss.getMobileSecurityConfig();
        }
    }

    private Map<String, OMToken> filterTokens(String str, List<String> list, String str2) {
        if (str == null) {
            return null;
        }
        HashMap hashMap = new HashMap();
        ArrayList<String> filterCookieNames = CookieUtils.filterCookieNames(str);
        String str3 = "_" + str2;
        boolean z = (list == null || list.isEmpty()) ? false : true;
        Iterator<String> it = filterCookieNames.iterator();
        while (it.hasNext()) {
            String next = it.next();
            if (!z || (z && list.contains(next))) {
                int indexOf = str.indexOf(next) + next.length() + 1;
                if (indexOf < str.length()) {
                    int indexOf2 = str.indexOf(59, indexOf);
                    if (indexOf2 > 0) {
                        hashMap.put(next + str3, new OMToken(next, str.substring(indexOf, indexOf2), str2));
                    } else {
                        hashMap.put(next + str3, new OMToken(next, str.substring(indexOf), str2));
                    }
                } else {
                    hashMap.put(next + str3, new OMToken(next, "", str2));
                }
            }
        }
        return hashMap;
    }

    private void onAuthenticationFailed(OMAuthenticationContext oMAuthenticationContext, String str, Throwable th) throws OMMobileSecurityException {
        oMAuthenticationContext.setAuthenticationProvider(OMAuthenticationContext.AuthenticationProvider.FEDERATED);
        Log.e(TAG, str, th);
        throw new OMMobileSecurityException(OMErrorCode.USER_AUTHENTICATION_FAILED, (String) null, this.mss.getApplicationContext());
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void removeSessionCookies() {
        Log.d(TAG + "_removeSessionCookies", "Clearing all session cookies.");
        CookieManager.getInstance().removeSessionCookie();
        Log.d(TAG + "_removeSessionCookies", "Syncing cookies between RAM and permanent storage");
        CookieSyncManager.createInstance(this.asm.getApplicationContext());
        CookieSyncManager.getInstance().sync();
    }

    @Override // oracle.idm.mobile.AuthenticationService
    public void collectInputParams(final SDKViewFlipper sDKViewFlipper, Map<String, Object> map, final OMInputParamCallback oMInputParamCallback) {
        View processViewRequest = this.view.processViewRequest(map, new OMCredentialCollectorCallback() { // from class: oracle.idm.mobile.FederatedAuthenticationService.1
            @Override // oracle.idm.mobile.callback.OMCredentialCollectorCallback
            public void processCancelResponse() {
                FederatedAuthenticationService.this.freeResources(sDKViewFlipper, R.id.loginWebView);
                oMInputParamCallback.sendInputParam(null);
            }

            @Override // oracle.idm.mobile.callback.OMCredentialCollectorCallback
            public void processLoginResponse(Map<String, Object> map2) {
                FederatedAuthenticationService.this.freeResources(sDKViewFlipper, R.id.loginWebView);
                if (FederatedAuthenticationService.this.asm.getApplicationContext() != null) {
                    FederatedAuthenticationService.this.showProgressView(FederatedAuthenticationService.this.asm.getApplicationContext(), sDKViewFlipper);
                }
                oMInputParamCallback.sendInputParam(map2);
            }
        });
        if (processViewRequest != null) {
            sDKViewFlipper.removeAllViews();
            sDKViewFlipper.addView(processViewRequest);
        }
    }

    @Override // oracle.idm.mobile.AuthenticationService
    public String handleAuthentication(OMAuthenticationRequest oMAuthenticationRequest, OMAuthenticationContext oMAuthenticationContext) throws OMMobileSecurityException {
        HashMap hashMap = new HashMap();
        List<String> requiredTokens = oMAuthenticationRequest.getRequiredTokens();
        Map<String, Object> inputParams = oMAuthenticationContext.getInputParams();
        Set<String> set = (Set) inputParams.get("visitedURLs");
        CookieManager cookieManager = CookieManager.getInstance();
        for (String str : set) {
            String str2 = null;
            try {
                str2 = new URL(str).getHost();
            } catch (MalformedURLException e) {
                Log.e(TAG, e.getLocalizedMessage());
            }
            Map<String, OMToken> filterTokens = filterTokens(cookieManager.getCookie(str), requiredTokens, str2);
            if (filterTokens != null) {
                hashMap.putAll(filterTokens);
            }
        }
        AuthenticationMechanism authenticationMechanism = (AuthenticationMechanism) inputParams.get(OMSecurityConstants.AUTHENTICATION_MECHANISM);
        if (authenticationMechanism != null) {
            oMAuthenticationContext.setAuthenticationMechanism(authenticationMechanism);
        } else {
            oMAuthenticationContext.setAuthenticationMechanism(AuthenticationMechanism.FEDERATED);
        }
        if (hashMap == null || hashMap.isEmpty() || (requiredTokens != null && requiredTokens.size() != 0 && hashMap.size() < requiredTokens.size())) {
            onAuthenticationFailed(oMAuthenticationContext, "Tokens that are requested are not available from the server.", null);
        }
        if (this.mConfig.parseTokenRelayResponse()) {
            String str3 = (String) inputParams.get("tokenRelayResponse");
            if (TextUtils.isEmpty(str3)) {
                onAuthenticationFailed(oMAuthenticationContext, "Token Relay Response is empty", null);
            }
            try {
                OAuthToken oAuthToken = new OAuthToken(str3);
                ArrayList arrayList = new ArrayList();
                arrayList.add(oAuthToken);
                oMAuthenticationContext.setOAuthTokenList(arrayList);
                Log.d(TAG, "Token Relay Response has a valid access token. It is parsed & set in authContext.");
            } catch (JSONException e2) {
                onAuthenticationFailed(oMAuthenticationContext, "Token Relay Response does not have valid access token", e2);
            }
        }
        oMAuthenticationContext.setTokens(hashMap);
        oMAuthenticationContext.setVisitedUrls(set);
        oMAuthenticationContext.setAuthenticationProvider(OMAuthenticationContext.AuthenticationProvider.FEDERATED);
        oMAuthenticationContext.setStatus(OMAuthenticationContext.AuthContextStatus.COMPLETED);
        return null;
    }

    @Override // oracle.idm.mobile.AuthenticationService
    public boolean isValid(OMAuthenticationContext oMAuthenticationContext, boolean z) throws OMMobileSecurityException {
        if (oMAuthenticationContext.getAuthenticationProvider() != OMAuthenticationContext.AuthenticationProvider.FEDERATED) {
            return true;
        }
        if (oMAuthenticationContext.getTokens() == null || oMAuthenticationContext.getTokens().isEmpty()) {
            return false;
        }
        Date sessionExpiry = oMAuthenticationContext.getSessionExpiry();
        Date idleTimeExpiry = oMAuthenticationContext.getIdleTimeExpiry();
        Date time = Calendar.getInstance().getTime();
        if ((sessionExpiry != null && oMAuthenticationContext.getSessionExpInSecs() != 0 && (time.after(sessionExpiry) || time.equals(sessionExpiry))) || (idleTimeExpiry != null && oMAuthenticationContext.getIdleTimeExpInSecs() != 0 && (time.after(idleTimeExpiry) || time.equals(idleTimeExpiry)))) {
            Log.d(TAG + "_isValid", "Idle time or Session time is expired.");
            return false;
        }
        if (oMAuthenticationContext.getIdleTimeExpInSecs() > 0) {
            oMAuthenticationContext.resetIdleTime();
            Log.d(TAG + "_isValid", "Idle time is reset to : " + oMAuthenticationContext.getIdleTimeExpiry());
        }
        if (!this.mConfig.parseTokenRelayResponse()) {
            return true;
        }
        List<OMToken> tokens = oMAuthenticationContext.getTokens(null);
        if (tokens == null || tokens.isEmpty()) {
            return false;
        }
        if (((OAuthToken) tokens.get(0)).isTokenExpired()) {
            return false;
        }
        Log.d(TAG, "OAuth token is valid");
        return true;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // oracle.idm.mobile.AuthenticationService
    public void logout(final OMAuthenticationContext oMAuthenticationContext, boolean z, boolean z2, boolean z3, boolean z4) {
        if (oMAuthenticationContext.getAuthenticationProvider() != OMAuthenticationContext.AuthenticationProvider.FEDERATED) {
            return;
        }
        if (z4) {
            final URL logoutUrl = this.mss.getMobileSecurityConfig().getLogoutUrl();
            if (logoutUrl != null) {
                final Activity activity = this.mss.getActivity();
                if (activity != null) {
                    activity.runOnUiThread(new Runnable() { // from class: oracle.idm.mobile.FederatedAuthenticationService.2
                        @Override // java.lang.Runnable
                        public void run() {
                            WebView webView = new WebView(activity);
                            webView.getSettings().setJavaScriptEnabled(true);
                            webView.setWebViewClient(new LogoutWebViewClient(webView, oMAuthenticationContext.getLogoutTimeout()));
                            webView.loadUrl(logoutUrl.toString());
                            CookieSyncManager.getInstance().sync();
                        }
                    });
                } else {
                    removeSessionCookies();
                    OMMobileServiceCallback callback = this.mss.getCallback();
                    this.mss.onLogoutCompleted();
                    if (callback != null) {
                        callback.processLogoutResponse(this.mss, new OMMobileSecurityException(OMErrorCode.ACTIVITY_IS_NULL, (String) null, this.mss.getApplicationContext()));
                    }
                }
            }
        } else {
            removeSessionCookies();
        }
        if (z3) {
            oMAuthenticationContext.getTokens().clear();
            if (this.mConfig.parseTokenRelayResponse()) {
                oMAuthenticationContext.getTokens(null).clear();
            }
        }
    }
}
