package com.kaldorgroup.pugpig.net.auth;

import android.content.Context;
import android.content.SharedPreferences;
import android.net.Uri;
import android.util.Base64;
import b.r.a.a;
import b.r.a.b;
import com.kaldorgroup.pugpig.app.Application;
import com.kaldorgroup.pugpig.net.AsynchronousDownloadCompletionHandler;
import com.kaldorgroup.pugpig.net.AsynchronousDownloader;
import com.kaldorgroup.pugpig.net.URLRequest;
import com.kaldorgroup.pugpig.net.URLResponse;
import com.kaldorgroup.pugpig.net.auth.LoginProvider;
import com.kaldorgroup.pugpig.util.DataUtils;
import com.kaldorgroup.pugpig.util.Dictionary;
import com.kaldorgroup.pugpig.util.PPDeepLinkUtils;
import com.kaldorgroup.pugpig.util.PPLog;
import com.kaldorgroup.pugpig.util.RunnableWith;
import com.kaldorgroup.pugpig.util.StringUtils;
import com.kaldorgroup.pugpig.util.URLUtils;
import java.io.IOException;
import java.net.URL;
import java.security.GeneralSecurityException;
import java.security.SecureRandom;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import org.json.JSONException;
import org.json.JSONObject;

/* loaded from: classes.dex */
public class KGOAuth2PKCELoginProvider extends WebLoginProvider implements RenewProvider {
    private SharedPreferences _encryptedSharedPreferences;
    private String codeVerifier;
    private final SecureRandom secureRandom;
    private final Map<String, String> tokenExchangePostParams;
    private final URL tokenExchangeURL;

    public KGOAuth2PKCELoginProvider(Dictionary dictionary) {
        super(dictionary);
        this.codeVerifier = null;
        this.tokenExchangeURL = URLUtils.URLWithString(dictionary.stringForKey("TokenExchangeEndpoint"));
        this.tokenExchangePostParams = new HashMap();
        Dictionary dictionary2 = (Dictionary) dictionary.objectForKey("TokenExchangePostParams");
        Iterator<String> it = dictionary2.allKeys().iterator();
        while (it.hasNext()) {
            String next = it.next();
            this.tokenExchangePostParams.put(next, dictionary2.stringForKey(next));
        }
        this.secureRandom = new SecureRandom();
    }

    private Uri.Builder formBuilderWithDefaults() {
        Uri.Builder builder = new Uri.Builder();
        for (Map.Entry<String, String> entry : this.tokenExchangePostParams.entrySet()) {
            builder.appendQueryParameter(entry.getKey(), entry.getValue());
        }
        return builder;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public SharedPreferences getEncryptedSharedPreferences() {
        if (this._encryptedSharedPreferences == null) {
            try {
                Context context = Application.context();
                this._encryptedSharedPreferences = b.r.a.a.a(context, "oidc_store", new b.C0071b(context).c(b.c.AES256_GCM).a(), a.d.AES256_SIV, a.e.AES256_GCM);
            } catch (IOException | GeneralSecurityException e2) {
                PPLog.Log("%s", e2);
                throw new RuntimeException(e2);
            }
        }
        return this._encryptedSharedPreferences;
    }

    @Override // com.kaldorgroup.pugpig.net.auth.WebLoginProvider, com.kaldorgroup.pugpig.net.auth.LoginProvider
    public void loginWithCompletionHandler(LoginProvider.CompletionHandler completionHandler) {
        if (this.pendingCompletion != null) {
            completionHandler.run(buildResponse(null, "busy", StringUtils.getLocalizedString("pugpig_error_login_bad_config", "Unable to sign in")), null);
            return;
        }
        byte[] bArr = new byte[32];
        this.secureRandom.nextBytes(bArr);
        String encodeToString = Base64.encodeToString(bArr, 11);
        this.codeVerifier = encodeToString;
        String encodeToString2 = Base64.encodeToString(DataUtils.SHA256Digest(encodeToString.getBytes()), 11);
        Uri.Builder buildUpon = this.requestUri.buildUpon();
        buildUpon.clearQuery();
        for (String str : this.requestUri.getQueryParameterNames()) {
            if (!str.equals("code_challenge")) {
                buildUpon.appendQueryParameter(str, this.requestUri.getQueryParameter(str));
            }
        }
        buildUpon.appendQueryParameter("code_challenge", encodeToString2);
        this.requestUri = buildUpon.build();
        super.loginWithCompletionHandler(completionHandler);
    }

    @Override // com.kaldorgroup.pugpig.net.auth.WebLoginProvider
    protected void processToken(String str, final RunnableWith<String> runnableWith) {
        URLRequest uRLRequest = new URLRequest(this.tokenExchangeURL);
        uRLRequest.setHTTPMethod(com.salesforce.marketingcloud.d.b.f13970b);
        Uri.Builder formBuilderWithDefaults = formBuilderWithDefaults();
        formBuilderWithDefaults.appendQueryParameter("grant_type", "authorization_code");
        formBuilderWithDefaults.appendQueryParameter(PPDeepLinkUtils.CODE_URL_PARAM, str);
        formBuilderWithDefaults.appendQueryParameter("code_verifier", this.codeVerifier);
        uRLRequest.setHTTPBody(StringUtils.stringDataUsingEncoding(formBuilderWithDefaults.build().getEncodedQuery(), "UTF-8"));
        new AsynchronousDownloader(uRLRequest, new AsynchronousDownloadCompletionHandler() { // from class: com.kaldorgroup.pugpig.net.auth.KGOAuth2PKCELoginProvider.1
            @Override // com.kaldorgroup.pugpig.net.AsynchronousDownloadCompletionHandler
            public void run(URLResponse uRLResponse, byte[] bArr, Exception exc) {
                if (exc != null) {
                    PPLog.Log("PKCE login error: ", exc.getLocalizedMessage());
                } else {
                    if (bArr != null) {
                        try {
                            JSONObject jSONObject = new JSONObject(new String(bArr));
                            String string = jSONObject.getString("access_token");
                            KGOAuth2PKCELoginProvider.this.getEncryptedSharedPreferences().edit().putString("refresh_token", jSONObject.getString("refresh_token")).commit();
                            runnableWith.run(string);
                        } catch (JSONException e2) {
                            PPLog.Log("%s", e2);
                            runnableWith.run(null);
                            return;
                        }
                    }
                    PPLog.Log("PKCE login error: empty response", new Object[0]);
                }
                runnableWith.run(null);
            }
        });
    }

    @Override // com.kaldorgroup.pugpig.net.auth.RenewProvider
    public void renewTokenWithCompletionHandler(String str, final LoginProvider.CompletionHandler completionHandler) {
        String string = getEncryptedSharedPreferences().getString("refresh_token", null);
        if (string != null && string.length() != 0) {
            URLRequest uRLRequest = new URLRequest(this.tokenExchangeURL);
            uRLRequest.setHTTPMethod(com.salesforce.marketingcloud.d.b.f13970b);
            Uri.Builder formBuilderWithDefaults = formBuilderWithDefaults();
            formBuilderWithDefaults.appendQueryParameter("grant_type", "refresh_token");
            formBuilderWithDefaults.appendQueryParameter("refresh_token", string);
            uRLRequest.setHTTPBody(StringUtils.stringDataUsingEncoding(formBuilderWithDefaults.build().getEncodedQuery(), "UTF-8"));
            new AsynchronousDownloader(uRLRequest, new AsynchronousDownloadCompletionHandler() { // from class: com.kaldorgroup.pugpig.net.auth.KGOAuth2PKCELoginProvider.2
                @Override // com.kaldorgroup.pugpig.net.AsynchronousDownloadCompletionHandler
                public void run(URLResponse uRLResponse, byte[] bArr, Exception exc) {
                    if (exc != null) {
                        PPLog.Log("PKCE renew error: ", exc.getLocalizedMessage());
                        completionHandler.run(null, exc);
                        return;
                    }
                    if (bArr == null) {
                        PPLog.Log("PKCE renew error: empty response", new Object[0]);
                        completionHandler.run(null, new Exception("No data"));
                        return;
                    }
                    try {
                        JSONObject jSONObject = new JSONObject(new String(bArr));
                        String string2 = jSONObject.getString("access_token");
                        KGOAuth2PKCELoginProvider.this.getEncryptedSharedPreferences().edit().putString("refresh_token", jSONObject.getString("refresh_token")).commit();
                        completionHandler.run(KGOAuth2PKCELoginProvider.this.buildResponse(string2, null, null), null);
                    } catch (JSONException e2) {
                        PPLog.Log("%s", e2);
                        completionHandler.run(null, e2);
                    }
                }
            });
            return;
        }
        completionHandler.run(buildResponse(null, "notoken", "no refresh token to renew"), null);
    }
}
