package com.wickr.registration.oidc;

import android.content.Context;
import android.content.Intent;
import android.net.Uri;
import androidx.core.app.NotificationCompat;
import com.mywickr.R;
import com.mywickr.WickrCore;
import com.mywickr.config.WickrServerConfiguration;
import com.mywickr.wickr.WickrAPICode;
import com.mywickr.wickr.WickrUser;
import com.wickr.networking.NetworkClient;
import com.wickr.networking.WickrAPIException;
import com.wickr.networking.model.GetOpenIDConnectInfoRequest;
import com.wickr.networking.model.GetOpenIDConnectInfoResponse;
import com.wickr.registration.CustomTabBrowserMatcher;
import com.wickr.util.ExtensionsKt;
import io.reactivex.rxjava3.core.Observable;
import io.reactivex.rxjava3.functions.Consumer;
import io.reactivex.rxjava3.schedulers.Schedulers;
import io.reactivex.rxjava3.subjects.PublishSubject;
import java.util.LinkedHashMap;
import java.util.Map;
import kotlin.Metadata;
import kotlin.jvm.internal.DefaultConstructorMarker;
import kotlin.jvm.internal.Intrinsics;
import net.openid.appauth.AppAuthConfiguration;
import net.openid.appauth.AuthorizationException;
import net.openid.appauth.AuthorizationRequest;
import net.openid.appauth.AuthorizationResponse;
import net.openid.appauth.AuthorizationService;
import net.openid.appauth.AuthorizationServiceConfiguration;
import net.openid.appauth.ClientSecretPost;
import net.openid.appauth.ResponseTypeValues;
import net.openid.appauth.TokenRequest;
import net.openid.appauth.TokenResponse;
import net.openid.appauth.browser.BrowserBlacklist;
import timber.log.Timber;

/* compiled from: WickrOIDCProvider.kt */
@Metadata(bv = {1, 0, 3}, d1 = {"\u0000z\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0005\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0010\u0002\n\u0002\b\u0003\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0010\u000e\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0002\u0018\u0000 ,2\u00020\u00012\u00020\u00022\u00020\u0003:\u0001,B\u0015\u0012\u0006\u0010\u0004\u001a\u00020\u0005\u0012\u0006\u0010\u0006\u001a\u00020\u0007¢\u0006\u0002\u0010\bJ\u0010\u0010\u0018\u001a\u00020\u00192\u0006\u0010\u001a\u001a\u00020\nH\u0016J\u001c\u0010\u001b\u001a\u00020\u00192\b\u0010\u001c\u001a\u0004\u0018\u00010\u001d2\b\u0010\u001e\u001a\u0004\u0018\u00010\u001fH\u0016J\u001c\u0010 \u001a\u00020\u00192\b\u0010!\u001a\u0004\u0018\u00010\"2\b\u0010\u001e\u001a\u0004\u0018\u00010\u001fH\u0016J\u0010\u0010#\u001a\u00020\u00192\u0006\u0010$\u001a\u00020%H\u0016J\u0018\u0010&\u001a\u00020\u00192\u0006\u0010'\u001a\u00020(2\u0006\u0010)\u001a\u00020(H\u0016J\u000e\u0010*\u001a\b\u0012\u0004\u0012\u00020\u00130+H\u0016R\u0010\u0010\t\u001a\u0004\u0018\u00010\nX\u0082\u000e¢\u0006\u0002\n\u0000R\u0011\u0010\u0004\u001a\u00020\u0005¢\u0006\b\n\u0000\u001a\u0004\b\u000b\u0010\fR\u0011\u0010\u0006\u001a\u00020\u0007¢\u0006\b\n\u0000\u001a\u0004\b\r\u0010\u000eR\u000e\u0010\u000f\u001a\u00020\u0010X\u0082\u0004¢\u0006\u0002\n\u0000R<\u0010\u0011\u001a0\u0012\f\u0012\n \u0014*\u0004\u0018\u00010\u00130\u0013 \u0014*\u0017\u0012\f\u0012\n \u0014*\u0004\u0018\u00010\u00130\u0013\u0018\u00010\u0012¢\u0006\u0002\b\u00150\u0012¢\u0006\u0002\b\u0015X\u0082\u0004¢\u0006\u0002\n\u0000R\u000e\u0010\u0016\u001a\u00020\u0017X\u0082\u0004¢\u0006\u0002\n\u0000¨\u0006-"}, d2 = {"Lcom/wickr/registration/oidc/WickrOIDCProvider;", "Lcom/wickr/registration/oidc/OIDCProvider;", "Lnet/openid/appauth/AuthorizationServiceConfiguration$RetrieveConfigurationCallback;", "Lnet/openid/appauth/AuthorizationService$TokenResponseCallback;", "context", "Landroid/content/Context;", "networkClient", "Lcom/wickr/networking/NetworkClient;", "(Landroid/content/Context;Lcom/wickr/networking/NetworkClient;)V", "cachedRequest", "Lcom/wickr/registration/oidc/OIDCRequest;", "getContext", "()Landroid/content/Context;", "getNetworkClient", "()Lcom/wickr/networking/NetworkClient;", "oidcConfig", "Lnet/openid/appauth/AppAuthConfiguration;", "results", "Lio/reactivex/rxjava3/subjects/PublishSubject;", "Lcom/wickr/registration/oidc/OIDCResult;", "kotlin.jvm.PlatformType", "Lio/reactivex/rxjava3/annotations/NonNull;", NotificationCompat.CATEGORY_SERVICE, "Lnet/openid/appauth/AuthorizationService;", AuthorizationRequest.Prompt.LOGIN, "", "oidcRequest", "onFetchConfigurationCompleted", "configuration", "Lnet/openid/appauth/AuthorizationServiceConfiguration;", "exception", "Lnet/openid/appauth/AuthorizationException;", "onTokenRequestCompleted", "response", "Lnet/openid/appauth/TokenResponse;", "processLoginResults", "data", "Landroid/content/Intent;", "retrieveNetworkConfiguration", WickrUser.Schema.KEY_networkID, "", "appRedirectUri", "subscribe", "Lio/reactivex/rxjava3/core/Observable;", "Companion", "wickrcoreandroid_release"}, k = 1, mv = {1, 4, 2})
/* loaded from: classes3.dex */
public final class WickrOIDCProvider implements OIDCProvider, AuthorizationServiceConfiguration.RetrieveConfigurationCallback, AuthorizationService.TokenResponseCallback {
    private static final String OIDC_PROMPT = "prompt";
    private static final String OIDC_SCOPES_DEFAULTS = "openid offline_access profile email";
    private OIDCRequest cachedRequest;
    private final Context context;
    private final NetworkClient networkClient;
    private final AppAuthConfiguration oidcConfig;
    private final PublishSubject<OIDCResult> results;
    private final AuthorizationService service;

    public WickrOIDCProvider(Context context, NetworkClient networkClient) {
        Intrinsics.checkNotNullParameter(context, "context");
        Intrinsics.checkNotNullParameter(networkClient, "networkClient");
        this.context = context;
        this.networkClient = networkClient;
        AppAuthConfiguration build = new AppAuthConfiguration.Builder().setBrowserMatcher(new BrowserBlacklist(new CustomTabBrowserMatcher())).build();
        Intrinsics.checkNotNullExpressionValue(build, "AppAuthConfiguration.Bui…()))\n            .build()");
        this.oidcConfig = build;
        this.service = new AuthorizationService(context, build);
        this.results = PublishSubject.create();
    }

    public final Context getContext() {
        return this.context;
    }

    public final NetworkClient getNetworkClient() {
        return this.networkClient;
    }

    @Override // com.wickr.registration.oidc.OIDCProvider
    public void login(OIDCRequest oidcRequest) {
        Intrinsics.checkNotNullParameter(oidcRequest, "oidcRequest");
        this.cachedRequest = oidcRequest;
        Timber.d("Queuing OIDC discovery using issuer: " + oidcRequest.getIssuer(), new Object[0]);
        AuthorizationServiceConfiguration.fetchFromIssuer(Uri.parse(oidcRequest.getIssuer()), this);
    }

    @Override // net.openid.appauth.AuthorizationServiceConfiguration.RetrieveConfigurationCallback
    public void onFetchConfigurationCompleted(AuthorizationServiceConfiguration configuration, AuthorizationException exception) {
        OIDCRequest oIDCRequest = this.cachedRequest;
        if (oIDCRequest == null) {
            Timber.e("The cached request is missing", new Object[0]);
            this.results.onNext(new OIDCResult(this.context.getString(R.string.error_sso_invalid_auth_result), (WickrAPICode) null, 2, (DefaultConstructorMarker) null));
            return;
        }
        if (exception != null) {
            Timber.e("An exception occurred while discovering the OIDC configuration", new Object[0]);
            Timber.e(exception);
            this.results.onNext(new OIDCResult(false, exception.errorDescription, null, null, null, null, null, null, 252, null));
            return;
        }
        if (configuration == null) {
            Timber.e("No configuration was returned", new Object[0]);
            this.results.onNext(new OIDCResult(this.context.getString(R.string.error_sso_invalid_configuration_result), (WickrAPICode) null, 2, (DefaultConstructorMarker) null));
            return;
        }
        Timber.i("Successfully discovered configuration. Generating login intent", new Object[0]);
        String webRedirectURI = oIDCRequest.getWebRedirectURI();
        Uri parse = ((webRedirectURI == null || webRedirectURI.length() == 0) || !(Intrinsics.areEqual(oIDCRequest.getWebRedirectURI(), "null") ^ true)) ? Uri.parse(oIDCRequest.getAppRedirectURI()) : Uri.parse(oIDCRequest.getWebRedirectURI());
        String scopes = oIDCRequest.getScopes();
        String scopes2 = ((scopes == null || scopes.length() == 0) || !(true ^ Intrinsics.areEqual(oIDCRequest.getScopes(), "null"))) ? "openid offline_access profile email" : oIDCRequest.getScopes();
        if (oIDCRequest.getExtraAuthParams() == null) {
            AuthorizationRequest build = new AuthorizationRequest.Builder(configuration, oIDCRequest.getClientID(), ResponseTypeValues.CODE, parse).setScope(scopes2).build();
            Intrinsics.checkNotNullExpressionValue(build, "AuthorizationRequest.Bui…                 .build()");
            Intent authorizationIntent = this.service.getAuthorizationRequestIntent(build);
            PublishSubject<OIDCResult> publishSubject = this.results;
            Intrinsics.checkNotNullExpressionValue(authorizationIntent, "authorizationIntent");
            publishSubject.onNext(new OIDCResult(authorizationIntent));
            return;
        }
        if (!oIDCRequest.getExtraAuthParams().containsKey(OIDC_PROMPT)) {
            AuthorizationRequest build2 = new AuthorizationRequest.Builder(configuration, oIDCRequest.getClientID(), ResponseTypeValues.CODE, parse).setScope(scopes2).setAdditionalParameters(oIDCRequest.getExtraAuthParams()).build();
            Intrinsics.checkNotNullExpressionValue(build2, "AuthorizationRequest.Bui…                 .build()");
            Intent authorizationIntent2 = this.service.getAuthorizationRequestIntent(build2);
            PublishSubject<OIDCResult> publishSubject2 = this.results;
            Intrinsics.checkNotNullExpressionValue(authorizationIntent2, "authorizationIntent");
            publishSubject2.onNext(new OIDCResult(authorizationIntent2));
            return;
        }
        AuthorizationRequest.Builder prompt = new AuthorizationRequest.Builder(configuration, oIDCRequest.getClientID(), ResponseTypeValues.CODE, parse).setScope(scopes2).setPrompt(oIDCRequest.getExtraAuthParams().get(OIDC_PROMPT));
        Map<String, String> extraAuthParams = oIDCRequest.getExtraAuthParams();
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        for (Map.Entry<String, String> entry : extraAuthParams.entrySet()) {
            if (!Intrinsics.areEqual(entry.getKey(), OIDC_PROMPT)) {
                linkedHashMap.put(entry.getKey(), entry.getValue());
            }
        }
        AuthorizationRequest build3 = prompt.setAdditionalParameters(linkedHashMap).build();
        Intrinsics.checkNotNullExpressionValue(build3, "AuthorizationRequest.Bui…                 .build()");
        Intent authorizationIntent3 = this.service.getAuthorizationRequestIntent(build3);
        PublishSubject<OIDCResult> publishSubject3 = this.results;
        Intrinsics.checkNotNullExpressionValue(authorizationIntent3, "authorizationIntent");
        publishSubject3.onNext(new OIDCResult(authorizationIntent3));
    }

    @Override // net.openid.appauth.AuthorizationService.TokenResponseCallback
    public void onTokenRequestCompleted(TokenResponse response, AuthorizationException exception) {
        String str;
        if (exception != null) {
            Timber.e("An exception occurred while refreshing tokens", new Object[0]);
            Timber.e(exception);
            this.results.onNext(new OIDCResult(exception.getMessage(), (WickrAPICode) null, 2, (DefaultConstructorMarker) null));
            return;
        }
        if (response == null) {
            Timber.e("No configuration was returned", new Object[0]);
            this.results.onNext(new OIDCResult(this.context.getString(R.string.error_sso_invalid_token_result), (WickrAPICode) null, 2, (DefaultConstructorMarker) null));
            return;
        }
        if (response.accessToken == null) {
            Timber.e("Response has no access token", new Object[0]);
            this.results.onNext(new OIDCResult(this.context.getString(R.string.error_sso_invalid_token_result), (WickrAPICode) null, 2, (DefaultConstructorMarker) null));
            return;
        }
        if (response.refreshToken != null) {
            Timber.d("Response returned a valid refreshToken: " + response.refreshToken, new Object[0]);
        }
        if (response.idToken != null) {
            Timber.d("Response returned a valid idToken: " + response.idToken, new Object[0]);
        }
        Timber.d("Successfully retrieved fresh tokens", new Object[0]);
        OIDCRequest oIDCRequest = this.cachedRequest;
        String usernameField = oIDCRequest != null ? oIDCRequest.getUsernameField() : null;
        if (usernameField == null || usernameField.length() == 0) {
            str = "email";
        } else {
            OIDCRequest oIDCRequest2 = this.cachedRequest;
            str = oIDCRequest2 != null ? oIDCRequest2.getUsernameField() : null;
            Intrinsics.checkNotNull(str);
        }
        PublishSubject<OIDCResult> publishSubject = this.results;
        String str2 = response.accessToken;
        Intrinsics.checkNotNull(str2);
        Intrinsics.checkNotNullExpressionValue(str2, "response.accessToken!!");
        publishSubject.onNext(new OIDCResult(str2, response.refreshToken, response.idToken, str));
    }

    @Override // com.wickr.registration.oidc.OIDCProvider
    public void processLoginResults(Intent data) {
        Intrinsics.checkNotNullParameter(data, "data");
        OIDCRequest oIDCRequest = this.cachedRequest;
        AuthorizationResponse fromIntent = AuthorizationResponse.fromIntent(data);
        AuthorizationException fromIntent2 = AuthorizationException.fromIntent(data);
        if (oIDCRequest == null) {
            Timber.e("The cached request is missing", new Object[0]);
            this.results.onNext(new OIDCResult(this.context.getString(R.string.error_sso_invalid_auth_result), (WickrAPICode) null, 2, (DefaultConstructorMarker) null));
            return;
        }
        if (fromIntent2 != null) {
            Timber.e("An exception occurred while processing the OIDC login", new Object[0]);
            Timber.e(fromIntent2);
            this.results.onNext(new OIDCResult(fromIntent2.errorDescription, (WickrAPICode) null, 2, (DefaultConstructorMarker) null));
            return;
        }
        if (fromIntent == null) {
            Timber.e("No response was returned", new Object[0]);
            this.results.onNext(new OIDCResult(this.context.getString(R.string.error_sso_invalid_auth_result), (WickrAPICode) null, 2, (DefaultConstructorMarker) null));
            return;
        }
        if (fromIntent.authorizationCode == null) {
            Timber.e("No authorization code was returned", new Object[0]);
            this.results.onNext(new OIDCResult(this.context.getString(R.string.error_sso_invalid_auth_result), (WickrAPICode) null, 2, (DefaultConstructorMarker) null));
            return;
        }
        Timber.i("Successfully authorized user", new Object[0]);
        TokenRequest createTokenExchangeRequest = fromIntent.createTokenExchangeRequest();
        Intrinsics.checkNotNullExpressionValue(createTokenExchangeRequest, "response.createTokenExchangeRequest()");
        String clientSecret = oIDCRequest.getClientSecret();
        if ((clientSecret == null || clientSecret.length() == 0) || !(!Intrinsics.areEqual(oIDCRequest.getClientSecret(), "null"))) {
            Timber.i("Performing token request using default authentication", new Object[0]);
            this.service.performTokenRequest(createTokenExchangeRequest, this);
        } else {
            Timber.i("Performing token request using client secret authentication", new Object[0]);
            this.service.performTokenRequest(createTokenExchangeRequest, new ClientSecretPost(oIDCRequest.getClientSecret()), this);
        }
    }

    @Override // com.wickr.registration.oidc.OIDCProvider
    public void retrieveNetworkConfiguration(final String networkID, final String appRedirectUri) {
        String str;
        Intrinsics.checkNotNullParameter(networkID, "networkID");
        Intrinsics.checkNotNullParameter(appRedirectUri, "appRedirectUri");
        Timber.i("Searching for Wickr SSO configuration for network: " + networkID, new Object[0]);
        if (WickrCore.getDeviceConfig().exists()) {
            WickrServerConfiguration deviceConfig = WickrCore.getDeviceConfig();
            Intrinsics.checkNotNullExpressionValue(deviceConfig, "WickrCore.getDeviceConfig()");
            str = deviceConfig.getRegistrationToken();
        } else {
            str = null;
        }
        this.networkClient.getWickrRestAPI().getSSONetworkInfo(new GetOpenIDConnectInfoRequest(networkID, str)).observeOn(Schedulers.io()).subscribe(new Consumer<GetOpenIDConnectInfoResponse>() { // from class: com.wickr.registration.oidc.WickrOIDCProvider$retrieveNetworkConfiguration$1
            @Override // io.reactivex.rxjava3.functions.Consumer
            public final void accept(GetOpenIDConnectInfoResponse getOpenIDConnectInfoResponse) {
                Timber.d("Provisioning request returned", new Object[0]);
                OIDCRequest oIDCRequest = new OIDCRequest(getOpenIDConnectInfoResponse.getIssuer(), getOpenIDConnectInfoResponse.getClientID(), networkID, appRedirectUri, getOpenIDConnectInfoResponse.getRedirectUri(), getOpenIDConnectInfoResponse.getClientSecret(), getOpenIDConnectInfoResponse.getScopes(), getOpenIDConnectInfoResponse.getUsernameTokenField(), getOpenIDConnectInfoResponse.getExtraAuthParams());
                Timber.d("Parsed login request: " + oIDCRequest, new Object[0]);
                WickrOIDCProvider.this.login(oIDCRequest);
            }
        }, new Consumer<Throwable>() { // from class: com.wickr.registration.oidc.WickrOIDCProvider$retrieveNetworkConfiguration$2
            @Override // io.reactivex.rxjava3.functions.Consumer
            public final void accept(Throwable it) {
                PublishSubject publishSubject;
                PublishSubject publishSubject2;
                Intrinsics.checkNotNullExpressionValue(it, "it");
                ExtensionsKt.logNetworkError(it);
                if (!(it instanceof WickrAPIException)) {
                    Timber.e("A network error occurred", new Object[0]);
                    publishSubject = WickrOIDCProvider.this.results;
                    publishSubject.onNext(new OIDCResult(WickrOIDCProvider.this.getContext().getString(R.string.api_error_network), (WickrAPICode) null, 2, (DefaultConstructorMarker) null));
                    return;
                }
                WickrAPICode wickrAPICode = new WickrAPICode((WickrAPIException) it);
                Timber.e("Server threw an error: " + wickrAPICode.toString(WickrOIDCProvider.this.getContext()), new Object[0]);
                publishSubject2 = WickrOIDCProvider.this.results;
                publishSubject2.onNext(new OIDCResult(wickrAPICode.toString(WickrOIDCProvider.this.getContext()), wickrAPICode));
            }
        });
    }

    @Override // com.wickr.registration.oidc.OIDCProvider
    public Observable<OIDCResult> subscribe() {
        PublishSubject<OIDCResult> results = this.results;
        Intrinsics.checkNotNullExpressionValue(results, "results");
        return results;
    }
}
