package oracle.idm.mobile.auth;

import android.content.Context;
import android.text.TextUtils;
import android.util.Base64;
import android.util.Log;
import java.io.UnsupportedEncodingException;
import java.net.URLEncoder;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.util.HashSet;
import java.util.Map;
import java.util.Set;
import java.util.WeakHashMap;
import oracle.idm.mobile.auth.openID.OpenIDToken;
import oracle.idm.mobile.configuration.OAuthAuthorizationGrantType;
import oracle.idm.mobile.configuration.OMMobileSecurityConfiguration;
import oracle.idm.mobile.crypto.CryptoScheme;

/* loaded from: classes.dex */
public class OAuthConnectionsUtil {
    private static String l = "OAuthConnectionsUtil";
    private static SecureRandom m = new SecureRandom();
    private static final String n = CryptoScheme.SHA256.j();

    /* renamed from: a, reason: collision with root package name */
    private String f2419a;

    /* renamed from: b, reason: collision with root package name */
    private String f2420b;
    private Set<String> c;
    private boolean d = false;
    private OAuthAuthorizationGrantType e;
    private oracle.idm.mobile.configuration.f f;
    private Set<String> g;
    private OAuthType h;
    private String i;
    private boolean j;
    private boolean k;

    /* loaded from: classes.dex */
    public enum OAuthClientAssertionType {
        MS_OAUTH,
        IDCS
    }

    /* loaded from: classes.dex */
    public enum OAuthResponseParameters {
        ACCESS_TOKEN("access_token"),
        ERROR("error"),
        ERROR_DESCRIPTION("error_description"),
        CODE("code"),
        REFRESH_TOKEN("refresh_token"),
        TOKEN_TYPE("token_type"),
        EXPIRES_IN("expires_in"),
        STATE("state"),
        TOKEN_ID("token_id"),
        ID_TOKEN("id_token"),
        NONCE("nonce");

        private String responseValue;

        OAuthResponseParameters(String str) {
            this.responseValue = str;
        }

        public String i() {
            return this.responseValue;
        }
    }

    /* loaded from: classes.dex */
    public enum OAuthType {
        STANDARD,
        MSOAUTH
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes.dex */
    public static /* synthetic */ class a {

        /* renamed from: a, reason: collision with root package name */
        static final /* synthetic */ int[] f2427a;

        static {
            int[] iArr = new int[OAuthAuthorizationGrantType.values().length];
            f2427a = iArr;
            try {
                iArr[OAuthAuthorizationGrantType.RESOURCE_OWNER.ordinal()] = 1;
            } catch (NoSuchFieldError unused) {
            }
            try {
                f2427a[OAuthAuthorizationGrantType.CLIENT_CREDENTIALS.ordinal()] = 2;
            } catch (NoSuchFieldError unused2) {
            }
            try {
                f2427a[OAuthAuthorizationGrantType.AUTHORIZATION_CODE.ordinal()] = 3;
            } catch (NoSuchFieldError unused3) {
            }
            try {
                f2427a[OAuthAuthorizationGrantType.IMPLICIT.ordinal()] = 4;
            } catch (NoSuchFieldError unused4) {
            }
        }
    }

    public OAuthConnectionsUtil(Context context, oracle.idm.mobile.configuration.f fVar, Set<String> set) {
        boolean z = false;
        if (fVar == null) {
            throw new IllegalArgumentException("OAuthConnection arguments can not be null");
        }
        this.h = fVar instanceof oracle.idm.mobile.configuration.e ? OAuthType.MSOAUTH : OAuthType.STANDARD;
        if (fVar instanceof oracle.idm.mobile.configuration.g) {
            oracle.idm.mobile.logging.a.a(l, "This is openID Configuration Use case");
            d();
        }
        this.f = fVar;
        this.e = fVar.x0();
        this.c = set == null ? fVar.v0() : set;
        if (fVar.C0() && w()) {
            z = true;
        }
        this.j = z;
        oracle.idm.mobile.logging.a.a(l, "OAuthConnection Utils -> Use PKCE : " + this.j);
        this.k = fVar.A0();
        oracle.idm.mobile.logging.a.a(l, "OAuthConnection Utils -> Register Client : " + this.k);
    }

    private void a(StringBuilder sb, OAuthToken oAuthToken) {
        if (oAuthToken != null) {
            String j = oAuthToken.j();
            sb.append("client_assertion_type=");
            sb.append(j);
            sb.append("&");
            sb.append("client_assertion=");
            sb.append(oAuthToken.a());
            sb.append("&");
        }
    }

    private void b(StringBuilder sb, Set<String> set) {
        String str = l + "_addScopesToPayload";
        StringBuilder sb2 = new StringBuilder();
        if (set != null && !set.isEmpty()) {
            for (String str2 : set) {
                if (str2 == null) {
                    Log.v(str, "scope is null, hence skipping it");
                } else {
                    sb2.append(v(str2));
                    sb2.append("%20");
                }
            }
            if (sb2.length() >= 3) {
                int length = sb2.length() - 3;
                sb2.delete(length, length + 3);
            }
        }
        if (TextUtils.isEmpty(sb2)) {
            return;
        }
        sb.append("scope=" + sb2.toString());
        sb.append("&");
    }

    private String c() {
        if (this.i == null) {
            this.i = e();
        }
        MessageDigest messageDigest = MessageDigest.getInstance(n);
        messageDigest.update(this.i.getBytes());
        return Base64.encodeToString(messageDigest.digest(), 11);
    }

    private void d() {
        this.f2420b = String.valueOf((long) ((m.nextDouble() * 9.999999999E9d) + 1.0E8d));
        oracle.idm.mobile.logging.a.e(l, "Generated Nonce: " + this.f2420b);
    }

    private String e() {
        byte[] bArr = new byte[64];
        m.nextBytes(bArr);
        return Base64.encodeToString(bArr, 11);
    }

    private StringBuilder g(OAuthAuthorizationGrantType oAuthAuthorizationGrantType, Map<String, Object> map) {
        String str;
        StringBuilder sb;
        StringBuilder sb2 = new StringBuilder();
        int i = a.f2427a[oAuthAuthorizationGrantType.ordinal()];
        if (i == 1) {
            sb2.append("grant_type=" + v("password"));
            sb2.append("&");
            sb2.append("username=" + v((String) map.get("username_key")));
            sb2.append("&");
            char[] cArr = (char[]) map.get("password_as_char_array_key");
            str = !oracle.idm.mobile.util.a.b(cArr) ? new String(cArr) : (String) map.get("password_key");
            sb = new StringBuilder();
            sb.append("password=");
        } else {
            if (i != 2) {
                if (i == 3) {
                    sb2.append("code=" + map.get(OAuthResponseParameters.CODE.i()));
                    sb2.append("&");
                    sb2.append("grant_type=" + v("authorization_code"));
                    sb2.append("&");
                    sb2.append("redirect_uri=" + v(this.f.u0()));
                    sb2.append("&");
                    if (this.j && l() != null) {
                        sb2.append("code_verifier=" + l());
                        sb2.append("&");
                    }
                }
                return sb2;
            }
            sb = new StringBuilder();
            sb.append("grant_type=");
            str = "client_credentials";
        }
        sb.append(v(str));
        sb2.append(sb.toString());
        sb2.append("&");
        b(sb2, this.c);
        return sb2;
    }

    private String l() {
        return this.i;
    }

    private String v(String str) {
        return URLEncoder.encode(str, "US-ASCII");
    }

    private boolean w() {
        try {
            MessageDigest.getInstance(n);
            return true;
        } catch (NoSuchAlgorithmException unused) {
            oracle.idm.mobile.logging.a.c(l, "PKCE-- " + n + " not supported");
            return false;
        }
    }

    private boolean x() {
        return this.f.w0().toString().toLowerCase().contains(".facebook.com/");
    }

    private void y(StringBuilder sb, String str) {
        oracle.idm.mobile.logging.a.a(l, "updating payload with client ID : " + str);
        sb.append("client_id=" + v(str));
        sb.append("&");
    }

    public String f(OAuthAuthorizationGrantType oAuthAuthorizationGrantType, Map<String, Object> map) {
        oracle.idm.mobile.logging.a.a(l, "getBackChannelRequestForAccessToken :  grantType : " + oAuthAuthorizationGrantType);
        StringBuilder g = g(oAuthAuthorizationGrantType, map);
        boolean isEmpty = TextUtils.isEmpty(this.f.t0()) ^ true;
        if (!isEmpty || x()) {
            y(g, this.f.s0());
        }
        String str = l;
        StringBuilder sb = new StringBuilder();
        sb.append("OAuthClient Type = ");
        sb.append(isEmpty ? "confidential!" : "non-confidential!");
        oracle.idm.mobile.logging.a.a(str, sb.toString());
        if (this.d) {
            oracle.idm.mobile.logging.a.a(l, "--> Request for fetching access token for grant type " + oAuthAuthorizationGrantType + "  " + g.toString());
        }
        return g.toString();
    }

    public String h(OAuthAuthorizationGrantType oAuthAuthorizationGrantType, Map<String, Object> map, OAuthClientAssertionType oAuthClientAssertionType) {
        oracle.idm.mobile.logging.a.a(l, "getBackChannelRequestForAccessTokenUsingClientAssertion:  grantType : " + oAuthAuthorizationGrantType + " Assertion type: " + oAuthClientAssertionType);
        StringBuilder g = g(oAuthAuthorizationGrantType, map);
        boolean isEmpty = TextUtils.isEmpty(this.f.t0()) ^ true;
        OAuthToken oAuthToken = (OAuthToken) map.get("OAuthClientAssertion");
        if (oAuthToken != null) {
            a(g, oAuthToken);
        }
        if (!isEmpty) {
            String s0 = this.f.s0();
            if (oAuthClientAssertionType == OAuthClientAssertionType.IDCS) {
                IDCSClientRegistrationToken iDCSClientRegistrationToken = (IDCSClientRegistrationToken) oAuthToken;
                if (iDCSClientRegistrationToken.p() != null) {
                    s0 = iDCSClientRegistrationToken.p();
                }
            }
            y(g, s0);
        }
        String str = l;
        StringBuilder sb = new StringBuilder();
        sb.append("OAuthClient Type = ");
        sb.append(isEmpty ? "confidential!" : "non-confidential!");
        oracle.idm.mobile.logging.a.a(str, sb.toString());
        if (this.d) {
            oracle.idm.mobile.logging.a.a(l, "--> Request for fetching access token for grant type " + oAuthAuthorizationGrantType + "  " + g.toString());
        }
        return g.toString();
    }

    public String i(WeakHashMap<String, Object> weakHashMap) {
        StringBuilder sb = new StringBuilder();
        if (!this.f.B0()) {
            sb.append("client_id=" + v(this.f.s0()));
            sb.append("&");
        }
        sb.append("refresh_token=" + v((String) weakHashMap.get("ParamOAuthRefreshTokenValue")));
        sb.append("&");
        sb.append("grant_type=" + v("refresh_token"));
        sb.append("&");
        if (this.d) {
            oracle.idm.mobile.logging.a.a(l, "--> Request for refreshing : ACCESS TOKEN " + sb.toString());
        }
        return sb.toString();
    }

    public OMMobileSecurityConfiguration.BrowserMode j() {
        return this.f.q0();
    }

    public String k() {
        StringBuilder sb = new StringBuilder(this.f.s0());
        sb.append(":");
        if (!TextUtils.isEmpty(this.f.t0())) {
            sb.append(this.f.t0());
        }
        return Base64.encodeToString(sb.toString().getBytes("UTF-8"), 2);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Set<String> m() {
        if (this.g == null) {
            HashSet hashSet = new HashSet();
            this.g = hashSet;
            hashSet.add("idmmobileSDKDefaultScope");
        }
        return this.g;
    }

    /* JADX WARN: Removed duplicated region for block: B:12:0x00bd  */
    /* JADX WARN: Removed duplicated region for block: B:15:0x00c8  */
    /* JADX WARN: Removed duplicated region for block: B:18:0x00e9  */
    /* JADX WARN: Removed duplicated region for block: B:21:0x0110  */
    /* JADX WARN: Removed duplicated region for block: B:9:0x007b  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public java.lang.String n(boolean r6) {
        /*
            Method dump skipped, instructions count: 317
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: oracle.idm.mobile.auth.OAuthConnectionsUtil.n(boolean):java.lang.String");
    }

    public String o() {
        oracle.idm.mobile.logging.a.a(l, "getFrontChannelRequestForClientRegistration");
        StringBuilder sb = new StringBuilder();
        sb.append(this.f.p0());
        sb.append("?");
        sb.append("client_id=" + v(this.f.s0()));
        sb.append("&");
        sb.append("response_type=" + v("code"));
        sb.append("&");
        if (this.f.u0() != null) {
            sb.append("redirect_uri=" + v(this.f.u0()));
            sb.append("&");
        }
        sb.append("state=" + v(s()));
        sb.append("&");
        HashSet hashSet = new HashSet();
        hashSet.add("urn:opc:idm:t.app.register");
        b(sb, hashSet);
        if (w()) {
            oracle.idm.mobile.logging.a.a(l, "Adding PKCE!");
            sb.append("&");
            sb.append("code_challenge=" + c());
            sb.append("&");
            sb.append("code_challenge_method=S256");
        }
        if (this.d) {
            oracle.idm.mobile.logging.a.a(l, "--> Request front channel for : CLIENT REGISTRATION TOKEN : " + this.f.x0() + " : " + sb.toString());
        }
        return sb.toString();
    }

    public String p(OMAuthenticationContext oMAuthenticationContext) {
        if (this.f.E() == null) {
            return null;
        }
        StringBuilder sb = new StringBuilder(this.f.E().toString());
        oracle.idm.mobile.configuration.f fVar = this.f;
        if (fVar instanceof oracle.idm.mobile.configuration.g) {
            String u0 = fVar.u0();
            try {
                u0 = v(u0);
            } catch (UnsupportedEncodingException e) {
                oracle.idm.mobile.logging.a.d(l, e.getMessage(), e);
            }
            sb.append("?");
            sb.append("post_logout_redirect_uri=");
            sb.append(u0);
            sb.append("&");
            sb.append("state=");
            sb.append(s());
            OpenIDToken openIDToken = oMAuthenticationContext != null ? (OpenIDToken) oMAuthenticationContext.J().get("openid_connect_token") : null;
            if (openIDToken != null) {
                sb.append("&");
                sb.append("id_token_hint=");
                sb.append(openIDToken.a());
            }
        }
        return sb.toString();
    }

    public OAuthAuthorizationGrantType q() {
        return this.e;
    }

    public Set<String> r() {
        return this.c;
    }

    public String s() {
        if (this.f2419a == null) {
            this.f2419a = ((int) ((m.nextDouble() * 999999.0d) + 10000.0d)) + "";
        }
        return this.f2419a;
    }

    public OAuthType t() {
        return this.h;
    }

    public String u() {
        return this.f2420b;
    }
}
