package com.auth0.android.provider;

import android.app.Activity;
import android.net.Uri;
import android.text.TextUtils;
import android.util.Base64;
import android.util.Log;
import com.auth0.android.authentication.AuthenticationException;
import com.auth0.android.jwt.DecodeException;
import com.facebook.AccessToken;
import com.facebook.internal.NativeProtocol;
import com.facebook.internal.ServerProtocol;
import com.zinio.baseapplication.common.data.database.model.FieldConstantsKt;
import java.security.SecureRandom;
import java.util.Date;
import java.util.HashMap;
import java.util.Map;

/* JADX INFO: Access modifiers changed from: package-private */
/* compiled from: OAuthManager.java */
/* loaded from: classes.dex */
public class k {

    /* renamed from: a, reason: collision with root package name */
    private static final String f4534a = "k";

    /* renamed from: b, reason: collision with root package name */
    private final com.auth0.android.a f4535b;

    /* renamed from: c, reason: collision with root package name */
    private final b f4536c;

    /* renamed from: d, reason: collision with root package name */
    private final Map<String, String> f4537d;

    /* renamed from: e, reason: collision with root package name */
    private boolean f4538e;

    /* renamed from: f, reason: collision with root package name */
    private boolean f4539f = true;

    /* renamed from: g, reason: collision with root package name */
    private int f4540g;

    /* renamed from: h, reason: collision with root package name */
    private m f4541h;

    /* renamed from: i, reason: collision with root package name */
    private Long f4542i;

    /* renamed from: j, reason: collision with root package name */
    private h f4543j;

    /* JADX INFO: Access modifiers changed from: package-private */
    public k(com.auth0.android.a aVar, b bVar, Map<String, String> map) {
        this.f4535b = aVar;
        this.f4536c = bVar;
        this.f4537d = new HashMap(map);
    }

    private Uri a() {
        Uri.Builder buildUpon = Uri.parse(this.f4535b.a()).buildUpon();
        for (Map.Entry<String, String> entry : this.f4537d.entrySet()) {
            buildUpon.appendQueryParameter(entry.getKey(), entry.getValue());
        }
        Uri build = buildUpon.build();
        c("Using the following AuthorizeURI: " + build.toString());
        return build;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static com.auth0.android.d.a a(com.auth0.android.d.a aVar, com.auth0.android.d.a aVar2) {
        return new com.auth0.android.d.a(TextUtils.isEmpty(aVar2.d()) ? aVar.d() : aVar2.d(), TextUtils.isEmpty(aVar2.a()) ? aVar.a() : aVar2.a(), TextUtils.isEmpty(aVar2.g()) ? aVar.g() : aVar2.g(), TextUtils.isEmpty(aVar2.e()) ? aVar.e() : aVar2.e(), aVar2.c() != null ? aVar2.c() : aVar.c(), TextUtils.isEmpty(aVar2.f()) ? aVar.f() : aVar2.f());
    }

    static String a(String str) {
        return str != null ? str : c();
    }

    static void a(String str, String str2) throws AuthenticationException {
        boolean z;
        try {
            z = str.equals(new com.auth0.android.jwt.f(str2).a("nonce").a());
        } catch (DecodeException e2) {
            Log.e(f4534a, "An exception occurred when trying to validate the token's 'nonce' claim. " + e2.getMessage(), e2);
            z = false;
        }
        if (z) {
            return;
        }
        Log.e(f4534a, "Received nonce doesn't match.");
        throw new AuthenticationException("access_denied", "The received nonce is invalid. Try again.");
    }

    private void a(Map<String, String> map) {
        map.put(ServerProtocol.DIALOG_PARAM_STATE, a(map.get(ServerProtocol.DIALOG_PARAM_STATE)));
        if (map.containsKey(ServerProtocol.DIALOG_PARAM_RESPONSE_TYPE) && map.get(ServerProtocol.DIALOG_PARAM_RESPONSE_TYPE).contains("id_token")) {
            map.put("nonce", a(map.get("nonce")));
        }
    }

    private void a(Map<String, String> map, String str) {
        if (this.f4535b.f() != null) {
            map.put("auth0Client", this.f4535b.f().a());
        }
        map.put("client_id", this.f4535b.b());
        map.put(ServerProtocol.DIALOG_PARAM_REDIRECT_URI, str);
    }

    private long b() {
        Long l = this.f4542i;
        return l != null ? l.longValue() : System.currentTimeMillis();
    }

    private void b(String str) {
        if (this.f4541h == null) {
            this.f4541h = new m(new com.auth0.android.authentication.a(this.f4535b), str);
        }
    }

    static void b(String str, String str2) throws AuthenticationException {
        if (str.equals(str2)) {
            return;
        }
        Log.e(f4534a, String.format("Received state doesn't match. Received %s but expected %s", str2, str));
        throw new AuthenticationException("access_denied", "The received state is invalid. Try again.");
    }

    private void b(Map<String, String> map, String str) {
        if (d()) {
            try {
                b(str);
                map.put("code_challenge", this.f4541h.b());
                map.put("code_challenge_method", "S256");
                Log.v(f4534a, "Using PKCE authentication flow");
            } catch (IllegalStateException e2) {
                Log.e(f4534a, "Some algorithms aren't available on this device and PKCE can't be used. Defaulting to token response_type.", e2);
            }
        }
    }

    private static String c() {
        byte[] bArr = new byte[32];
        new SecureRandom().nextBytes(bArr);
        return Base64.encodeToString(bArr, 11);
    }

    private void c(String str) {
        if (this.f4535b.h()) {
            Log.d(f4534a, str);
        }
    }

    private void c(String str, String str2) throws AuthenticationException {
        if (str == null) {
            return;
        }
        Log.e(f4534a, "Error, access denied. Check that the required Permissions are granted and that the Application has this Connection configured in Auth0 Dashboard.");
        if ("access_denied".equalsIgnoreCase(str)) {
            throw new AuthenticationException("access_denied", "Permissions were not granted. Try again.");
        }
        if ("unauthorized".equalsIgnoreCase(str)) {
            throw new AuthenticationException("unauthorized", str2);
        }
        if (!"login_required".equals(str)) {
            throw new AuthenticationException("a0.invalid_configuration", "The application isn't configured properly for the social connection. Please check your Auth0's application configuration");
        }
        throw new AuthenticationException(str, str2);
    }

    private boolean d() {
        return this.f4537d.containsKey(ServerProtocol.DIALOG_PARAM_RESPONSE_TYPE) && this.f4537d.get(ServerProtocol.DIALOG_PARAM_RESPONSE_TYPE).contains("code") && m.c();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void a(Activity activity, String str, int i2) {
        b(this.f4537d, str);
        a(this.f4537d, str);
        a(this.f4537d);
        Uri a2 = a();
        this.f4540g = i2;
        if (this.f4539f) {
            AuthenticationActivity.a(activity, a2, this.f4543j);
        } else {
            AuthenticationActivity.a(activity, a2, i2, this.f4537d.get("connection"), this.f4538e);
        }
    }

    public void a(h hVar) {
        this.f4543j = hVar;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void a(m mVar) {
        this.f4541h = mVar;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void a(boolean z) {
        this.f4539f = z;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean a(c cVar) {
        if (!cVar.a(this.f4540g)) {
            Log.w(f4534a, "The Authorize Result is invalid.");
            return false;
        }
        Map<String, String> a2 = d.a(cVar.a().getData());
        if (a2.isEmpty()) {
            Log.w(f4534a, "The response didn't contain any of these values: code, state, id_token, access_token, token_type, refresh_token");
            return false;
        }
        c("The parsed CallbackURI contains the following values: " + a2);
        try {
            c(a2.get("error"), a2.get(NativeProtocol.BRIDGE_ARG_ERROR_DESCRIPTION));
            b(this.f4537d.get(ServerProtocol.DIALOG_PARAM_STATE), a2.get(ServerProtocol.DIALOG_PARAM_STATE));
            if (this.f4537d.containsKey(ServerProtocol.DIALOG_PARAM_RESPONSE_TYPE) && this.f4537d.get(ServerProtocol.DIALOG_PARAM_RESPONSE_TYPE).contains("id_token")) {
                a(this.f4537d.get("nonce"), a2.get("id_token"));
            }
            Log.d(f4534a, "Authenticated using web flow");
            com.auth0.android.d.a aVar = new com.auth0.android.d.a(a2.get("id_token"), a2.get("access_token"), a2.get("token_type"), a2.get(FieldConstantsKt.FIELD_REFRESH_TOKEN), !a2.containsKey(AccessToken.EXPIRES_IN_KEY) ? null : new Date(b() + (Long.valueOf(a2.get(AccessToken.EXPIRES_IN_KEY)).longValue() * 1000)), a2.get("scope"));
            if (d()) {
                this.f4541h.a(a2.get("code"), new j(this, aVar));
                return true;
            }
            this.f4536c.onSuccess(aVar);
            return true;
        } catch (AuthenticationException e2) {
            this.f4536c.onFailure(e2);
            return true;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void b(boolean z) {
        this.f4538e = z;
    }
}
