package cz.eman.oneconnect.auth.manager.token;

import android.content.SharedPreferences;
import android.net.Uri;
import android.text.TextUtils;
import androidx.annotation.NonNull;
import androidx.annotation.Nullable;
import androidx.lifecycle.Observer;
import cz.eman.core.api.oneconnect.log.L;
import cz.eman.core.api.plugin.user.auth.LoginFailure;
import cz.eman.core.api.plugin.user.auth.configuration.Configuration;
import cz.eman.oneconnect.auth.Constants;
import cz.eman.oneconnect.auth.api.connector.IdpConnector;
import cz.eman.oneconnect.auth.crypto.TokenKind;
import cz.eman.oneconnect.auth.crypto.TokensCryptoHelper;
import cz.eman.oneconnect.auth.manager.callback.AuthIdpCallback;
import cz.eman.oneconnect.auth.model.AuthorizationRequest;
import cz.eman.oneconnect.auth.model.DownloadPolicy;
import cz.eman.oneconnect.auth.model.LoginProgress;
import cz.eman.oneconnect.auth.model.Tokens;
import cz.eman.oneconnect.auth.stage.StageRepository;
import cz.eman.oneconnect.auth.task.tokens.IdpTokensTask;

/* loaded from: classes2.dex */
public abstract class IdpTokenManager<T extends IdpConnector> extends TokenManager {
    protected static final String FRAGMENT_CODE = "code";
    protected static final String FRAGMENT_ID_TOKEN = "id_token";
    protected static final String FRAGMENT_STATE = "state";

    @Nullable
    protected AuthIdpCallback mAuthIdpCallback;

    @Nullable
    protected AuthorizationRequest mAuthorizationRequest;

    @Nullable
    protected Configuration mConfiguration;

    @NonNull
    protected T mConnector;

    @NonNull
    protected TokensCryptoHelper mCryptoHelper;

    @Nullable
    protected String mInitialIdToken;

    @Nullable
    protected String mLogin;

    @NonNull
    protected SharedPreferences mPreferences;

    @Nullable
    protected String mUserId;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: cz.eman.oneconnect.auth.manager.token.IdpTokenManager$1, reason: invalid class name */
    /* loaded from: classes2.dex */
    public static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$cz$eman$oneconnect$auth$task$tokens$IdpTokensTask$Mode = new int[IdpTokensTask.Mode.values().length];

        static {
            try {
                $SwitchMap$cz$eman$oneconnect$auth$task$tokens$IdpTokensTask$Mode[IdpTokensTask.Mode.CODE.ordinal()] = 1;
            } catch (NoSuchFieldError unused) {
            }
            try {
                $SwitchMap$cz$eman$oneconnect$auth$task$tokens$IdpTokensTask$Mode[IdpTokensTask.Mode.REFRESH_TOKEN.ordinal()] = 2;
            } catch (NoSuchFieldError unused2) {
            }
        }
    }

    public IdpTokenManager(@NonNull T t, @NonNull StageRepository stageRepository, @NonNull TokensCryptoHelper tokensCryptoHelper, @NonNull SharedPreferences sharedPreferences) {
        this.mConnector = t;
        this.mCryptoHelper = tokensCryptoHelper;
        this.mPreferences = sharedPreferences;
        stageRepository.getStage().observeForever(new Observer() { // from class: cz.eman.oneconnect.auth.manager.token.-$$Lambda$O_5YYNELyHtsunDdRn2p_O_vyVM
            @Override // androidx.lifecycle.Observer
            public final void onChanged(Object obj) {
                IdpTokenManager.this.onStageChanged((Configuration) obj);
            }
        });
        this.mUserId = this.mPreferences.getString(Constants.getSsoId(getId()), null);
        this.mLogin = this.mPreferences.getString(Constants.getLogin(getId()), null);
        setTokens(this.mCryptoHelper.decrypt(getId()));
    }

    private void onSsoInitialTokensDownloaded(@NonNull Tokens tokens) {
        Configuration configuration;
        AuthorizationRequest authorizationRequest = this.mAuthorizationRequest;
        if (authorizationRequest != null && (configuration = this.mConfiguration) != null) {
            executeTokenValidationTask(tokens, authorizationRequest, configuration);
        } else if (getSsoViewModel() != null) {
            L.d(getClass(), "Cannot validate, tokens stage or authorization task is null", new Object[0]);
            getSsoViewModel().setLoginFailure(LoginFailure.UNKNOWN_ERROR);
        }
    }

    private void onSsoRefreshTokensDownloaded(@NonNull Tokens tokens) {
        saveTokens(tokens, this.mUserId);
        AuthIdpCallback authIdpCallback = this.mAuthIdpCallback;
        if (authIdpCallback != null) {
            authIdpCallback.onIdpTokens(tokens, DownloadPolicy.IDP_DISALLOWED);
        }
    }

    protected abstract void executeInitialTokensTask(@NonNull String str, @Nullable String str2);

    protected abstract void executeLogoutTask(@NonNull Tokens tokens);

    protected abstract void executeRefreshTokensTask(@NonNull String str);

    protected abstract void executeTokenValidationTask(@NonNull Tokens tokens, @NonNull AuthorizationRequest authorizationRequest, @NonNull Configuration configuration);

    @NonNull
    protected abstract TokenKind getId();

    @Nullable
    public String getLogin() {
        return this.mLogin;
    }

    protected void getSsoTokens(@Nullable String str, @Nullable String str2, @Nullable AuthorizationRequest authorizationRequest) {
        this.mAuthorizationRequest = authorizationRequest;
        this.mInitialIdToken = str;
        AuthIdpCallback authIdpCallback = this.mAuthIdpCallback;
        if (authIdpCallback != null) {
            authIdpCallback.onTokensProgress(LoginProgress.FETCHING_TOKENS);
        }
        executeInitialTokensTask(str2, str);
    }

    @Override // cz.eman.oneconnect.auth.manager.token.TokenManager
    @Nullable
    public String getUserId() {
        return this.mUserId;
    }

    @Override // cz.eman.oneconnect.auth.manager.token.TokenManager
    public void logout() {
        if (getTokens() != null) {
            executeLogoutTask(getTokens());
            return;
        }
        purgeStorageCache();
        purgeMemoryCache();
        L.d(getClass(), "IDP Tokens revoking complete - nothing to revoke on server", new Object[0]);
    }

    public void onIdpResponse(@NonNull Uri uri, @NonNull AuthorizationRequest authorizationRequest, @NonNull AuthIdpCallback authIdpCallback) {
        this.mAuthIdpCallback = authIdpCallback;
        String fragment = uri.getFragment();
        if (fragment == null) {
            L.e(getClass(), "Cannot login, no tokens received", new Object[0]);
            authIdpCallback.onTokensFailed(LoginFailure.TOKENS_INVALID);
            return;
        }
        String str = null;
        Object obj = null;
        String str2 = null;
        for (String str3 : fragment.split("&")) {
            String[] split = str3.split("=");
            if (split.length == 2) {
                String str4 = split[0];
                String str5 = split[1];
                char c = 65535;
                int hashCode = str4.hashCode();
                if (hashCode != -302143019) {
                    if (hashCode != 3059181) {
                        if (hashCode == 109757585 && str4.equals("state")) {
                            c = 1;
                        }
                    } else if (str4.equals("code")) {
                        c = 0;
                    }
                } else if (str4.equals(FRAGMENT_ID_TOKEN)) {
                    c = 2;
                }
                if (c == 0) {
                    str = str5;
                } else if (c == 1) {
                    obj = str5;
                } else if (c == 2) {
                    str2 = str5;
                }
            } else {
                L.w(getClass(), "Tried to parse token part that does not have 2 parts", new Object[0]);
            }
        }
        if (TextUtils.isEmpty(str) || !authorizationRequest.getState().equals(obj) || str2 == null) {
            L.e(getClass(), "Cannot login, code is null or states does not match", new Object[0]);
            authIdpCallback.onTokensFailed(LoginFailure.TOKENS_INVALID);
        } else {
            L.d(getClass(), "Code, state OK - attempting to download real tokens", new Object[0]);
            getSsoTokens(str2, str, authorizationRequest);
        }
    }

    public void onSsoTokensDownloaded(@NonNull Tokens tokens, @NonNull IdpTokensTask.Mode mode) {
        L.d(getClass(), "Tokens: " + tokens, new Object[0]);
        int i = AnonymousClass1.$SwitchMap$cz$eman$oneconnect$auth$task$tokens$IdpTokensTask$Mode[mode.ordinal()];
        if (i == 1) {
            onSsoInitialTokensDownloaded(tokens);
        } else {
            if (i != 2) {
                return;
            }
            onSsoRefreshTokensDownloaded(tokens);
        }
    }

    public void onSsoTokensInvalid(@Nullable LoginFailure loginFailure) {
        AuthIdpCallback authIdpCallback = this.mAuthIdpCallback;
        if (authIdpCallback != null) {
            authIdpCallback.onTokensFailed(loginFailure);
        }
    }

    public void onSsoTokensValid(@NonNull Tokens tokens, @NonNull String str, @Nullable String str2) {
        String str3 = this.mUserId;
        if (str3 != null && str != null && !str3.equals(str)) {
            onSsoTokensInvalid(LoginFailure.DIFFERENT_USER);
            return;
        }
        if (!this.mPreferences.edit().putString(Constants.getSsoId(getId()), str).putString(Constants.getLogin(getId()), str2).putString(Constants.SP_STAGE, this.mConfiguration.name()).commit()) {
            L.e(getClass(), "Could not save user info preferences", new Object[0]);
        }
        this.mUserId = str;
        this.mLogin = str2;
        setTokens(tokens);
        AuthIdpCallback authIdpCallback = this.mAuthIdpCallback;
        if (authIdpCallback != null) {
            authIdpCallback.onIdpTokens(tokens, DownloadPolicy.IDP_ID_TOKEN_ALLOWED);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void onStageChanged(@Nullable Configuration configuration) {
        this.mConfiguration = configuration;
    }

    @Override // cz.eman.oneconnect.auth.manager.token.TokenManager
    public void purgeMemoryCache() {
        this.mUserId = null;
        this.mInitialIdToken = null;
        this.mAuthorizationRequest = null;
        this.mAuthIdpCallback = null;
        this.mLogin = null;
        setTokens(null);
    }

    @Override // cz.eman.oneconnect.auth.manager.token.TokenManager
    public void purgeStorageCache() {
        if (!this.mPreferences.edit().remove(Constants.getSsoId(getId())).remove(Constants.getLogin(getId())).commit()) {
            L.e(getClass(), "Could not purge preferences storage", new Object[0]);
        }
        this.mCryptoHelper.nuke(getId());
    }

    public void refreshTokens(@NonNull AuthIdpCallback authIdpCallback) {
        this.mAuthIdpCallback = authIdpCallback;
        if (getTokens() != null && !getTokens().isAboutToExpire()) {
            L.d(getClass(), "Skipping refreshing of IDP tokens, they are already valid", new Object[0]);
            onSsoTokensDownloaded(getTokens(), IdpTokensTask.Mode.REFRESH_TOKEN);
        } else if (getTokens() == null || getTokens().getRefreshToken() == null) {
            L.e(getClass(), "Attempting to refresh id tokens without valid refresh token :(, fix me if this happens", new Object[0]);
            onSsoTokensInvalid(LoginFailure.INVALID_IDP_REFRESH_TOKEN);
        } else {
            L.d(getClass(), "Refreshing IDP tokens...", new Object[0]);
            executeRefreshTokensTask(getTokens().getRefreshToken());
        }
    }

    @Override // cz.eman.oneconnect.auth.manager.token.TokenManager
    public void saveTokens(@NonNull Tokens tokens, @NonNull String str) {
        Tokens tokens2 = getTokens();
        if (tokens2 != null) {
            tokens.merge(tokens2);
        }
        this.mCryptoHelper.encrypt(tokens, str, getId());
        setTokens(tokens);
    }
}
