package com.auth0.android.provider;

import android.app.Activity;
import android.net.Uri;
import android.text.TextUtils;
import android.util.Base64;
import android.util.Log;
import com.auth0.android.authentication.AuthenticationException;
import com.auth0.android.jwt.DecodeException;
import com.hyprmx.mediate.model.AnalyticsEvent;
import com.spotxchange.internal.util.Analytics;
import java.security.SecureRandom;
import java.util.Date;
import java.util.HashMap;
import java.util.Map;

/* JADX INFO: Access modifiers changed from: package-private */
/* compiled from: OAuthManager.java */
/* loaded from: classes.dex */
public class h {

    /* renamed from: a, reason: collision with root package name */
    private static final String f3368a = "h";

    /* renamed from: b, reason: collision with root package name */
    private final com.auth0.android.a f3369b;

    /* renamed from: c, reason: collision with root package name */
    private final b f3370c;
    private final Map<String, String> d;
    private boolean e;
    private boolean f = true;
    private int g;
    private i h;
    private Long i;
    private f j;

    /* JADX INFO: Access modifiers changed from: package-private */
    public h(com.auth0.android.a aVar, b bVar, Map<String, String> map) {
        this.f3369b = aVar;
        this.f3370c = bVar;
        this.d = new HashMap(map);
    }

    private long a() {
        return this.i != null ? this.i.longValue() : System.currentTimeMillis();
    }

    static com.auth0.android.d.a a(com.auth0.android.d.a aVar, com.auth0.android.d.a aVar2) {
        return new com.auth0.android.d.a(TextUtils.isEmpty(aVar2.b()) ? aVar.b() : aVar2.b(), TextUtils.isEmpty(aVar2.c()) ? aVar.c() : aVar2.c(), TextUtils.isEmpty(aVar2.d()) ? aVar.d() : aVar2.d(), TextUtils.isEmpty(aVar2.e()) ? aVar.e() : aVar2.e(), aVar2.h() != null ? aVar2.h() : aVar.h(), TextUtils.isEmpty(aVar2.g()) ? aVar.g() : aVar2.g());
    }

    static String a(String str) {
        return str != null ? str : d();
    }

    static void a(String str, String str2) throws AuthenticationException {
        if (str.equals(str2)) {
            return;
        }
        Log.e(f3368a, String.format("Received state doesn't match. Received %s but expected %s", str2, str));
        throw new AuthenticationException("access_denied", "The received state is invalid. Try again.");
    }

    private void a(Map<String, String> map) {
        map.put("state", a(map.get("state")));
        if (map.containsKey("response_type") && map.get("response_type").contains("id_token")) {
            map.put("nonce", a(map.get("nonce")));
        }
    }

    private void a(Map<String, String> map, String str) {
        if (c()) {
            try {
                b(str);
                map.put("code_challenge", this.h.a());
                map.put("code_challenge_method", "S256");
                Log.v(f3368a, "Using PKCE authentication flow");
            } catch (IllegalStateException e) {
                Log.e(f3368a, "Some algorithms aren't available on this device and PKCE can't be used. Defaulting to token response_type.", e);
            }
        }
    }

    private Uri b() {
        Uri.Builder buildUpon = Uri.parse(this.f3369b.c()).buildUpon();
        for (Map.Entry<String, String> entry : this.d.entrySet()) {
            buildUpon.appendQueryParameter(entry.getKey(), entry.getValue());
        }
        Uri build = buildUpon.build();
        c("Using the following AuthorizeURI: " + build.toString());
        return build;
    }

    private void b(String str) {
        if (this.h == null) {
            this.h = new i(new com.auth0.android.authentication.a(this.f3369b), str);
        }
    }

    static void b(String str, String str2) throws AuthenticationException {
        boolean z;
        try {
            z = str.equals(new com.auth0.android.jwt.d(str2).a("nonce").a());
        } catch (DecodeException e) {
            Log.e(f3368a, "An exception occurred when trying to validate the token's 'nonce' claim. " + e.getMessage(), e);
            z = false;
        }
        if (z) {
            return;
        }
        Log.e(f3368a, "Received nonce doesn't match.");
        throw new AuthenticationException("access_denied", "The received nonce is invalid. Try again.");
    }

    private void b(Map<String, String> map, String str) {
        if (this.f3369b.d() != null) {
            map.put("auth0Client", this.f3369b.d().a());
        }
        map.put("client_id", this.f3369b.a());
        map.put("redirect_uri", str);
    }

    private void c(String str) {
        if (this.f3369b.e()) {
            Log.d(f3368a, str);
        }
    }

    private void c(String str, String str2) throws AuthenticationException {
        if (str == null) {
            return;
        }
        Log.e(f3368a, "Error, access denied. Check that the required Permissions are granted and that the Application has this Connection configured in Auth0 Dashboard.");
        if ("access_denied".equalsIgnoreCase(str)) {
            throw new AuthenticationException("access_denied", "Permissions were not granted. Try again.");
        }
        if (!"unauthorized".equalsIgnoreCase(str)) {
            throw new AuthenticationException("a0.invalid_configuration", "The application isn't configured properly for the social connection. Please check your Auth0's application configuration");
        }
        throw new AuthenticationException("unauthorized", str2);
    }

    private boolean c() {
        return this.d.containsKey("response_type") && this.d.get("response_type").contains("code") && i.b();
    }

    private static String d() {
        byte[] bArr = new byte[32];
        new SecureRandom().nextBytes(bArr);
        return Base64.encodeToString(bArr, 11);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void a(Activity activity, String str, int i) {
        a(this.d, str);
        b(this.d, str);
        a(this.d);
        Uri b2 = b();
        this.g = i;
        if (this.f) {
            AuthenticationActivity.a(activity, b2, this.j);
        } else {
            AuthenticationActivity.a(activity, b2, i, this.d.get("connection"), this.e);
        }
    }

    public void a(f fVar) {
        this.j = fVar;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void a(i iVar) {
        this.h = iVar;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void a(boolean z) {
        this.e = z;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean a(c cVar) {
        if (!cVar.a(this.g)) {
            Log.w(f3368a, "The Authorize Result is invalid.");
            return false;
        }
        Map<String, String> a2 = d.a(cVar.a().getData());
        if (a2.isEmpty()) {
            Log.w(f3368a, "The response didn't contain any of these values: code, state, id_token, access_token, token_type, refresh_token");
            return false;
        }
        c("The parsed CallbackURI contains the following values: " + a2);
        try {
            c(a2.get(Analytics.ACTION_ERROR), a2.get(AnalyticsEvent.kHYPRMediateErrorReportingKeyErrorDescription));
            a(this.d.get("state"), a2.get("state"));
            if (this.d.containsKey("response_type") && this.d.get("response_type").contains("id_token")) {
                b(this.d.get("nonce"), a2.get("id_token"));
            }
            Log.d(f3368a, "Authenticated using web flow");
            final com.auth0.android.d.a aVar = new com.auth0.android.d.a(a2.get("id_token"), a2.get("access_token"), a2.get("token_type"), a2.get("refresh_token"), !a2.containsKey("expires_in") ? null : new Date(a() + (Long.valueOf(a2.get("expires_in")).longValue() * 1000)), a2.get("scope"));
            if (c()) {
                this.h.a(a2.get("code"), new b() { // from class: com.auth0.android.provider.h.1
                    @Override // com.auth0.android.provider.b
                    public void a(AuthenticationException authenticationException) {
                        h.this.f3370c.a(authenticationException);
                    }

                    @Override // com.auth0.android.provider.b
                    public void a(com.auth0.android.d.a aVar2) {
                        h.this.f3370c.a(h.a(aVar, aVar2));
                    }
                });
                return true;
            }
            this.f3370c.a(aVar);
            return true;
        } catch (AuthenticationException e) {
            this.f3370c.a(e);
            return true;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void b(boolean z) {
        this.f = z;
    }
}
