package com.ca.mas.core.oauth;

import android.util.Log;
import android.util.Pair;
import androidx.annotation.NonNull;
import com.ca.mas.core.MobileSsoConfig;
import com.ca.mas.core.client.ServerClient;
import com.ca.mas.core.context.MssoContext;
import com.ca.mas.core.error.MAGErrorCode;
import com.ca.mas.core.error.MAGException;
import com.ca.mas.core.error.MAGServerException;
import com.ca.mas.core.request.MAGInternalRequest;
import com.ca.mas.core.token.IdToken;
import com.ca.mas.foundation.FoundationConsts;
import com.ca.mas.foundation.MAS;
import com.ca.mas.foundation.MASAuthCredentials;
import com.ca.mas.foundation.MASRequest;
import com.ca.mas.foundation.MASRequestBody;
import com.ca.mas.foundation.MASResponseBody;
import java.util.ArrayList;
import java.util.List;
import org.json.JSONException;

/* loaded from: classes.dex */
public class OAuthTokenClient extends ServerClient {
    public OAuthTokenClient(MssoContext mssoContext) {
        super(mssoContext);
    }

    private void validate(OAuthTokenResponse oAuthTokenResponse) throws OAuthException {
        if (!oAuthTokenResponse.isBearer()) {
            throw new OAuthException(MAGErrorCode.ACCESS_TOKEN_INVALID, "request_token response was token_type other than bearer");
        }
        String accessToken = oAuthTokenResponse.getAccessToken();
        if (accessToken == null || accessToken.length() < 1) {
            throw new OAuthException(MAGErrorCode.ACCESS_TOKEN_INVALID, "request_token response did not include an access_token");
        }
    }

    public OAuthTokenResponse obtainAccessTokenUsingIdToken(@NonNull IdToken idToken, @NonNull String str, @NonNull String str2, String str3) throws OAuthException, OAuthServerException {
        if (str3 == null) {
            str3 = ServerClient.OPENID_PHONE_EMAIL;
        }
        ArrayList arrayList = new ArrayList();
        arrayList.add(new Pair(ServerClient.ASSERTION, idToken.getValue()));
        arrayList.add(new Pair(ServerClient.CLIENT_ID, str));
        arrayList.add(new Pair(ServerClient.CLIENT_SECRET, str2));
        arrayList.add(new Pair(ServerClient.SCOPE, str3));
        arrayList.add(new Pair(ServerClient.GRANT_TYPE, idToken.getType()));
        try {
            OAuthTokenResponse oAuthTokenResponse = new OAuthTokenResponse(obtainServerResponseToPostedForm(new MASRequest.MASRequestBuilder(this.conf.getTokenUri(MobileSsoConfig.PROP_TOKEN_URL_SUFFIX_REQUEST_TOKEN_SSO)).header(ServerClient.X_SA_APPID, MAS.APP_ID).header(ServerClient.X_SA_OTP, MAS.OTP).header(ServerClient.X_SA_AUTHTOKEN, MAS.OTP_AUTHTOKEN).header(ServerClient.X_SA_USERNAME, MAS.USER_NAME).post(MASRequestBody.urlEncodedFormBody(arrayList)).responseBody(MASResponseBody.stringBody()).build()));
            validate(oAuthTokenResponse);
            Log.e("Token", "obtainAccessTokenUsingIdToken :: AccessToken:" + oAuthTokenResponse.getAccessToken() + ", RefreshToken:" + oAuthTokenResponse.getRefreshToken());
            return oAuthTokenResponse;
        } catch (MAGException | JSONException e) {
            throw new OAuthException(MAGErrorCode.ACCESS_TOKEN_INVALID, e);
        }
    }

    public OAuthTokenResponse obtainTokenUsingRefreshToken(@NonNull String str, @NonNull String str2, @NonNull String str3) throws OAuthException, OAuthServerException {
        ArrayList arrayList = new ArrayList();
        arrayList.add(new Pair(ServerClient.REFRESH_TOKEN, str));
        arrayList.add(new Pair(ServerClient.CLIENT_ID, str2));
        arrayList.add(new Pair(ServerClient.CLIENT_SECRET, str3));
        arrayList.add(new Pair(ServerClient.GRANT_TYPE, ServerClient.REFRESH_TOKEN));
        arrayList.add(new Pair(ServerClient.X_SA_APPID, MAS.APP_ID));
        MASRequest build = new MASRequest.MASRequestBuilder(this.conf.getTokenUri(MobileSsoConfig.PROP_TOKEN_URL_SUFFIX_REQUEST_TOKEN)).post(MASRequestBody.urlEncodedFormBody(arrayList)).responseBody(MASResponseBody.stringBody()).build();
        this.mssoContext.takeRefreshToken();
        try {
            OAuthTokenResponse oAuthTokenResponse = new OAuthTokenResponse(obtainServerResponseToPostedForm(build));
            validate(oAuthTokenResponse);
            Log.e("Token", "obtainTokenUsingRefreshToken :: AccessToken:" + oAuthTokenResponse.getAccessToken() + ", RefreshToken:" + oAuthTokenResponse.getRefreshToken());
            return oAuthTokenResponse;
        } catch (MAGException e) {
            e = e;
            throw new OAuthException(MAGErrorCode.ACCESS_TOKEN_INVALID, e);
        } catch (MAGServerException e2) {
            throw new OAuthServerException(e2);
        } catch (JSONException e3) {
            e = e3;
            throw new OAuthException(MAGErrorCode.ACCESS_TOKEN_INVALID, e);
        }
    }

    public OAuthTokenResponse obtainTokensUsingCredentials(@NonNull MAGInternalRequest mAGInternalRequest, @NonNull String str, @NonNull String str2, boolean z) throws OAuthException, OAuthServerException {
        MASAuthCredentials credentials = mAGInternalRequest.getGrantProvider().getCredentials(this.mssoContext);
        if (credentials == null) {
            throw new NullPointerException("credentials");
        }
        String scope = mAGInternalRequest.getScope();
        if (scope == null) {
            scope = ServerClient.OPENID;
        }
        if (z && !scope.contains(ServerClient.MSSO)) {
            scope = scope + FoundationConsts.SPACE + ServerClient.MSSO;
        }
        ArrayList arrayList = new ArrayList();
        List<Pair<String, String>> params = credentials.getParams();
        if (params != null) {
            for (Pair<String, String> pair : params) {
                arrayList.add(new Pair(pair.first, pair.second));
            }
        }
        arrayList.add(new Pair(ServerClient.CLIENT_ID, str));
        arrayList.add(new Pair(ServerClient.CLIENT_SECRET, str2));
        arrayList.add(new Pair(ServerClient.SCOPE, scope));
        arrayList.add(new Pair(ServerClient.GRANT_TYPE, credentials.getGrantType()));
        try {
            OAuthTokenResponse oAuthTokenResponse = new OAuthTokenResponse(obtainServerResponseToPostedForm(new MASRequest.MASRequestBuilder(this.conf.getTokenUri(MobileSsoConfig.PROP_TOKEN_URL_SUFFIX_REQUEST_TOKEN)).header(ServerClient.X_SA_APPID, MAS.APP_ID).header(ServerClient.X_SA_OTP, MAS.OTP).header(ServerClient.X_SA_AUTHTOKEN, MAS.OTP_AUTHTOKEN).header(ServerClient.X_SA_USERNAME, MAS.USER_NAME).post(MASRequestBody.urlEncodedFormBody(arrayList)).responseBody(MASResponseBody.stringBody()).build()));
            validate(oAuthTokenResponse);
            Log.e("Token", "obtainTokensUsingCredentials :: AccessToken:" + oAuthTokenResponse.getAccessToken() + ", RefreshToken:" + oAuthTokenResponse.getRefreshToken());
            return oAuthTokenResponse;
        } catch (MAGException | JSONException e) {
            throw new OAuthException(MAGErrorCode.ACCESS_TOKEN_INVALID, e);
        }
    }
}
