package com.westpac.banking.authentication.services.proxy.impl;

import com.westpac.banking.android.commons.preferences.SecurePreferenceConstants;
import com.westpac.banking.authentication.AuthenticationStatus;
import com.westpac.banking.authentication.BankingUnavailableException;
import com.westpac.banking.authentication.model.SignInData;
import com.westpac.banking.authentication.services.proxy.AuthenticationProxyResult;
import com.westpac.banking.authentication.services.proxy.OTPAuthenticationProxy;
import com.westpac.banking.commons.concurrent.Concurrency;
import com.westpac.banking.commons.http.HttpClient;
import com.westpac.banking.commons.http.HttpClientException;
import com.westpac.banking.commons.http.HttpClientFactory;
import com.westpac.banking.commons.http.HttpRequest;
import com.westpac.banking.commons.http.HttpResponse;
import com.westpac.banking.commons.http.HttpStatus;
import com.westpac.banking.commons.logging.Log;
import com.westpac.banking.commons.util.StringUtil;
import com.westpac.banking.services.SecurityContext;
import com.westpac.banking.services.proxy.ProxyException;
import java.net.CookieStore;
import java.net.URI;
import java.nio.charset.Charset;
import java.util.concurrent.Callable;
import java.util.concurrent.ExecutionException;
import java.util.concurrent.Future;

/* loaded from: classes.dex */
public class DefaultOTPAuthenticationProxy implements OTPAuthenticationProxy {
    private static final String APP_ACTION_UNAVAILABLE = "appaction=unavailable";
    private static final String CONTINUE_SIGNIN_PATH = "/secure/banking/home/keepalive";
    private static final String DASHBOARD = "dashboard";
    private static final String DUPLICATE_ACTIVE_SESSION = "duplicateactivesession";
    private static final String GROUPS = "groups";
    private static final String INIT = "init";
    private static final String MULTIPLE_SESSIONS = "multiplesessions";
    protected static final String SERVICES_VERSION_HEADER = "X-Client-API-Version";
    private static final String SIGNOUT_PATH = "/wbc/banking/handler?TAM_OP=logout";
    private static final String TAG = DefaultOTPAuthenticationProxy.class.getSimpleName();
    private static final String WEBSEAL_SIGNOUT_PATH = "/pkmslogout";

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes.dex */
    public class SignOutCallable implements Callable<AuthenticationProxyResult> {
        private URI signOutUri;

        public SignOutCallable(URI uri) {
            this.signOutUri = uri;
        }

        /* JADX WARN: Can't rename method to resolve collision */
        @Override // java.util.concurrent.Callable
        public AuthenticationProxyResult call() throws Exception {
            AuthenticationProxyResult authenticationProxyResult;
            Log.debug(DefaultOTPAuthenticationProxy.TAG, "Calling signOut: " + this.signOutUri);
            HttpClient newHttpClient = HttpClientFactory.newInstance().newHttpClient();
            HttpRequest.Builder followRedirects = new HttpRequest.Builder(this.signOutUri).header(DefaultOTPAuthenticationProxy.SERVICES_VERSION_HEADER, "1").followRedirects(true);
            CookieStore cookieStore = DefaultOTPAuthenticationProxy.this.getCookieStore();
            if (cookieStore != null) {
                followRedirects.cookieStore(cookieStore);
            }
            HttpResponse httpResponse = null;
            try {
                try {
                    httpResponse = newHttpClient.connect(followRedirects.build());
                    authenticationProxyResult = DefaultOTPAuthenticationProxy.this.createAuthenticationProxyResult(httpResponse, AuthenticationStatus.LOGOUT);
                    if (httpResponse != null) {
                        try {
                            httpResponse.close();
                        } catch (HttpClientException e) {
                            Log.warn(DefaultOTPAuthenticationProxy.TAG, "Failed to close Sign-out HttpResponse");
                        }
                    }
                    if (newHttpClient != null) {
                        newHttpClient.disconnect();
                    }
                } catch (HttpClientException e2) {
                    Log.debug(DefaultOTPAuthenticationProxy.TAG, "Sign Out failed!");
                    authenticationProxyResult = new AuthenticationProxyResult(AuthenticationStatus.ERROR);
                    if (httpResponse != null) {
                        try {
                            httpResponse.close();
                        } catch (HttpClientException e3) {
                            Log.warn(DefaultOTPAuthenticationProxy.TAG, "Failed to close Sign-out HttpResponse");
                        }
                    }
                    if (newHttpClient != null) {
                        newHttpClient.disconnect();
                    }
                }
                return authenticationProxyResult;
            } catch (Throwable th) {
                if (httpResponse != null) {
                    try {
                        httpResponse.close();
                    } catch (HttpClientException e4) {
                        Log.warn(DefaultOTPAuthenticationProxy.TAG, "Failed to close Sign-out HttpResponse");
                        throw th;
                    }
                }
                if (newHttpClient != null) {
                    newHttpClient.disconnect();
                }
                throw th;
            }
        }
    }

    private Future<AuthenticationProxyResult> callSignOut(URI uri) {
        return Concurrency.INSTANCE.getParallelExecutorService().submit(new SignOutCallable(uri));
    }

    /* JADX INFO: Access modifiers changed from: private */
    public AuthenticationProxyResult createAuthenticationProxyResult(HttpResponse httpResponse, AuthenticationStatus authenticationStatus) {
        if (httpResponse != null) {
            SecurityContext.INSTANCE.setTargetUri(httpResponse.getRequestUri());
        }
        return new AuthenticationProxyResult(authenticationStatus);
    }

    private String encodeParameter(String str) {
        StringBuffer stringBuffer = new StringBuffer();
        for (byte b : str.getBytes(Charset.forName(SecurePreferenceConstants.CHARSET))) {
            Byte valueOf = Byte.valueOf(b);
            String str2 = new String(new byte[]{valueOf.byteValue()}, Charset.forName(SecurePreferenceConstants.CHARSET));
            if ("!*'();:=&@+$,/?%#[]".contains(str2)) {
                stringBuffer.append(String.format("%%%X", valueOf));
            } else {
                stringBuffer.append(str2);
            }
        }
        return stringBuffer.toString();
    }

    @Override // com.westpac.banking.authentication.services.proxy.OTPAuthenticationProxy, com.westpac.banking.authentication.services.proxy.AuthenticationProxy
    public AuthenticationProxyResult continueSignIn() throws ProxyException {
        URI resolve = SecurityContext.INSTANCE.getBaseUri().resolve(CONTINUE_SIGNIN_PATH);
        HttpClient newHttpClient = HttpClientFactory.newInstance().newHttpClient();
        try {
            HttpRequest.Builder followRedirects = new HttpRequest.Builder(resolve).header(SERVICES_VERSION_HEADER, "1").post().followRedirects(true);
            CookieStore cookieStore = getCookieStore();
            if (cookieStore != null) {
                followRedirects.cookieStore(cookieStore);
            }
            HttpResponse connect = newHttpClient.connect(followRedirects.build());
            newHttpClient.disconnect();
            return createAuthenticationProxyResult(connect, AuthenticationStatus.LOGIN_SUCCESS);
        } catch (HttpClientException e) {
            throw new ProxyException(e);
        }
    }

    @Override // com.westpac.banking.authentication.services.proxy.OTPAuthenticationProxy, com.westpac.banking.authentication.services.proxy.AuthenticationProxy
    public CookieStore getCookieStore() {
        return null;
    }

    protected AuthenticationProxyResult processSuccessfulResponse(HttpClient httpClient, HttpResponse httpResponse, boolean z) throws ProxyException {
        String header = httpResponse.getHeader("location");
        HttpStatus status = httpResponse.getStatus();
        AuthenticationStatus authenticationStatus = AuthenticationStatus.ERROR;
        boolean z2 = false;
        boolean z3 = true;
        while (HttpStatus.MOVED_TEMPORARILY == status && z3) {
            if (header == null) {
                throw new ProxyException("Received 302 Moved Temporarily with no location header");
            }
            Log.debug(TAG, "OTP Auth Redirect Location: " + header);
            String lowerCase = StringUtil.toLowerCase(header);
            if (lowerCase.contains(APP_ACTION_UNAVAILABLE)) {
                throw new BankingUnavailableException();
            }
            authenticationStatus = AuthenticationStatus.fromTamOp(header);
            Log.info(TAG, "Auth: " + authenticationStatus);
            switch (authenticationStatus) {
                case AUTH_FAILURE:
                case AUTH_INFO:
                case AUTH_SUSP:
                case AUTH_SELF_SUSP:
                case AUTH_TIMEOUT:
                case ERROR:
                case TEMP_PASSWD_EXP:
                case NO_ACTIVE_PROFILES:
                case OLB_NOACTIVEPROFILES:
                case LOGIN_MULTIPLESESSIONS:
                    z3 = false;
                    break;
                case PASSWD_EXP:
                    z2 = true;
                    z3 = false;
                    SecurityContext.INSTANCE.setTargetUri(header);
                    break;
                case LOGIN_SUCCESS:
                    z2 = true;
                    z3 = shouldRedirectPastLoginSuccess();
                    break;
                case NOT_FOUND:
                    if (!z2) {
                        z3 = true;
                        break;
                    } else if (!lowerCase.contains(DASHBOARD)) {
                        if (lowerCase.contains(DUPLICATE_ACTIVE_SESSION)) {
                            authenticationStatus = AuthenticationStatus.LOGIN_DUPLICATESESSION;
                            SecurityContext.INSTANCE.setTargetUri(header);
                        } else if (lowerCase.contains(MULTIPLE_SESSIONS)) {
                            authenticationStatus = AuthenticationStatus.LOGIN_MULTIPLESESSIONS;
                            SecurityContext.INSTANCE.setTargetUri(header);
                        } else if (lowerCase.contains(GROUPS)) {
                            authenticationStatus = AuthenticationStatus.LOGIN_SUCCESS;
                            SecurityContext.INSTANCE.setTargetUri(header);
                        } else {
                            if (!lowerCase.contains(INIT)) {
                                throw new ProxyException("Unknown redirect to uri " + header);
                            }
                            authenticationStatus = AuthenticationStatus.LOGIN_FIRSTSIGNIN;
                            SecurityContext.INSTANCE.setTargetUri(header);
                        }
                        z3 = false;
                        break;
                    } else {
                        authenticationStatus = AuthenticationStatus.LOGIN_SUCCESS;
                        SecurityContext.INSTANCE.setTargetUri(header);
                        z3 = z;
                        break;
                    }
                default:
                    throw new ProxyException("Could not identify auth status from uri " + header);
            }
            if (HttpStatus.MOVED_TEMPORARILY == status && z3) {
                try {
                    HttpRequest.Builder header2 = new HttpRequest.Builder(URI.create(header)).followRedirects(false).ignoreResponseContent(true).header(SERVICES_VERSION_HEADER, "1");
                    CookieStore cookieStore = getCookieStore();
                    if (cookieStore != null) {
                        header2.cookieStore(cookieStore);
                    }
                    HttpResponse connect = httpClient.connect(header2.build(), true);
                    header = connect.getHeader("location");
                    status = connect.getStatus();
                } catch (HttpClientException e) {
                    throw new ProxyException(e);
                }
            }
        }
        return new AuthenticationProxyResult(authenticationStatus);
    }

    protected boolean shouldRedirectPastLoginSuccess() {
        return true;
    }

    @Override // com.westpac.banking.authentication.services.proxy.OTPAuthenticationProxy, com.westpac.banking.authentication.services.proxy.AuthenticationProxy
    public AuthenticationProxyResult signIn(SignInData signInData) throws ProxyException {
        if (signInData == null || signInData.getOptions() == null) {
            throw new IllegalArgumentException();
        }
        String halgm = signInData.getOptions().getHalgm();
        String customerId = signInData.getCustomerId();
        String password = signInData.getPassword();
        String brand = signInData.getOptions().getBrand();
        URI uri = signInData.getOptions().getUri();
        if (customerId == null || password == null || uri == null || halgm == null || brand == null) {
            throw new IllegalArgumentException();
        }
        StringBuilder sb = new StringBuilder();
        sb.append("brand=").append(brand);
        sb.append("&password=").append(password);
        sb.append("&username=").append(customerId);
        sb.append("&halgm=").append(encodeParameter(halgm));
        HttpClient newHttpClient = HttpClientFactory.newInstance().newHttpClient();
        try {
            HttpRequest.Builder post = new HttpRequest.Builder(uri).header(SERVICES_VERSION_HEADER, "1").followRedirects(false).post(sb.toString(), "application/x-www-form-urlencoded");
            CookieStore cookieStore = getCookieStore();
            if (cookieStore != null) {
                post.cookieStore(cookieStore);
            }
            HttpResponse connect = newHttpClient.connect(post.build(), true);
            if (connect.getStatus() == HttpStatus.OK) {
                throw new ProxyException("Invalid Authentication HTTP Status: " + connect.getStatus());
            }
            AuthenticationProxyResult processSuccessfulResponse = processSuccessfulResponse(newHttpClient, connect, signInData.getOptions().isFollowRedirection());
            newHttpClient.disconnect();
            return processSuccessfulResponse;
        } catch (HttpClientException e) {
            throw new ProxyException(e);
        }
    }

    @Override // com.westpac.banking.authentication.services.proxy.OTPAuthenticationProxy, com.westpac.banking.authentication.services.proxy.AuthenticationProxy
    public AuthenticationProxyResult signOut() throws ProxyException {
        try {
            return callSignOut(SecurityContext.INSTANCE.getBaseUri().resolve(WEBSEAL_SIGNOUT_PATH)).get();
        } catch (InterruptedException e) {
            return new AuthenticationProxyResult(AuthenticationStatus.ERROR);
        } catch (ExecutionException e2) {
            return new AuthenticationProxyResult(AuthenticationStatus.ERROR);
        }
    }
}
