package g.c.i.a.a.b;

import android.content.Context;
import android.text.TextUtils;
import android.util.Base64;
import androidx.core.app.NotificationCompat;
import com.facebook.AccessToken;
import com.google.firebase.perf.network.FirebasePerfOkHttpClient;
import com.hp.sdd.hpc.lib.hpidaccount.data.HpidIDTokenInfo;
import com.hp.sdd.hpc.lib.hpidaccount.data.HpidSigningKeys;
import com.hp.sdd.jabberwocky.chat.HTTPServerErrorException;
import com.hp.sdd.jabberwocky.chat.d;
import io.jsonwebtoken.Claims;
import io.jsonwebtoken.Jws;
import io.jsonwebtoken.JwtParser;
import io.jsonwebtoken.Jwts;
import j.b0;
import j.e0;
import j.f;
import j.f0;
import j.g;
import j.g0;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.nio.charset.Charset;
import java.security.PublicKey;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.List;
import kotlin.TypeCastException;
import kotlin.d0.d.k;
import kotlin.j0.c;
import kotlin.m;
import org.json.JSONObject;

/* compiled from: AuthZHelper.kt */
@m(bv = {1, 0, 3}, d1 = {"\u0000b\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0010\u000e\n\u0002\b\u0006\n\u0002\u0018\u0002\n\u0002\b\u000b\n\u0002\u0018\u0002\n\u0002\b\b\n\u0002\u0010\u000b\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0010\u0002\n\u0002\b\u0004\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0005\n\u0002\u0018\u0002\n\u0002\b\u0004\u0018\u0000 ;2\u00020\u0001:\u0002:;B\u001f\u0012\b\u0010\u0002\u001a\u0004\u0018\u00010\u0003\u0012\u0006\u0010\u0004\u001a\u00020\u0005\u0012\u0006\u0010\u0006\u001a\u00020\u0005¢\u0006\u0002\u0010\u0007J\u0012\u0010 \u001a\u00020!2\b\u0010\"\u001a\u0004\u0018\u00010#H\u0002J\u0010\u0010$\u001a\u00020%2\u0006\u0010&\u001a\u00020\u0005H\u0004J\u0018\u0010'\u001a\u00020(2\u0006\u0010)\u001a\u00020\u00052\b\u0010\u000b\u001a\u0004\u0018\u00010\fJ\u0010\u0010*\u001a\u00020%2\u0006\u0010&\u001a\u00020\u0005H\u0004J\u0018\u0010+\u001a\u00020(2\u0006\u0010,\u001a\u00020-2\u0006\u0010.\u001a\u00020/H\u0016J\u0018\u00100\u001a\u00020(2\u0006\u0010,\u001a\u00020-2\u0006\u00101\u001a\u000202H\u0016J\u0017\u00103\u001a\u00020!2\b\u00101\u001a\u0004\u0018\u00010%H\u0000¢\u0006\u0002\b4J\u0018\u00105\u001a\u00020(2\u0006\u00105\u001a\u00020\u00052\b\u0010\u000b\u001a\u0004\u0018\u00010\fJ\u0010\u00106\u001a\u00020!2\u0006\u00107\u001a\u000208H\u0002J\u0006\u00109\u001a\u00020(R\u0014\u0010\b\u001a\u00020\u00058@X\u0080\u0004¢\u0006\u0006\u001a\u0004\b\t\u0010\nR\u001c\u0010\u000b\u001a\u0004\u0018\u00010\fX\u0080\u000e¢\u0006\u000e\n\u0000\u001a\u0004\b\r\u0010\u000e\"\u0004\b\u000f\u0010\u0010R\u001c\u0010\u0002\u001a\u0004\u0018\u00010\u0003X\u0080\u000e¢\u0006\u000e\n\u0000\u001a\u0004\b\u0011\u0010\u0012\"\u0004\b\u0013\u0010\u0014R\u0014\u0010\u0015\u001a\u00020\u00058@X\u0080\u0004¢\u0006\u0006\u001a\u0004\b\u0016\u0010\nR\u001c\u0010\u0017\u001a\u0004\u0018\u00010\u0018X\u0080\u000e¢\u0006\u000e\n\u0000\u001a\u0004\b\u0019\u0010\u001a\"\u0004\b\u001b\u0010\u001cR\u000e\u0010\u001d\u001a\u00020\u0005X\u0082\u0004¢\u0006\u0002\n\u0000R\u0014\u0010\u001e\u001a\u00020\u00058@X\u0080\u0004¢\u0006\u0006\u001a\u0004\b\u001f\u0010\n¨\u0006<"}, d2 = {"Lcom/hp/sdd/hpc/lib/authz/AuthZHelper;", "Lokhttp3/Callback;", "context", "Landroid/content/Context;", "applicationId", "", "secret", "(Landroid/content/Context;Ljava/lang/String;Ljava/lang/String;)V", "baseUrl", "getBaseUrl$HpcLib_release", "()Ljava/lang/String;", "callback", "Lcom/hp/sdd/hpc/lib/authz/AuthZHelper$AuthZHelperCallback;", "getCallback$HpcLib_release", "()Lcom/hp/sdd/hpc/lib/authz/AuthZHelper$AuthZHelperCallback;", "setCallback$HpcLib_release", "(Lcom/hp/sdd/hpc/lib/authz/AuthZHelper$AuthZHelperCallback;)V", "getContext$HpcLib_release", "()Landroid/content/Context;", "setContext$HpcLib_release", "(Landroid/content/Context;)V", "jwksUrl", "getJwksUrl$HpcLib_release", "jwtToken", "Lcom/hp/sdd/hpc/lib/authz/AuthZToken;", "getJwtToken$HpcLib_release", "()Lcom/hp/sdd/hpc/lib/authz/AuthZToken;", "setJwtToken$HpcLib_release", "(Lcom/hp/sdd/hpc/lib/authz/AuthZToken;)V", "mAuthentication", "tokenExchangeUrl", "getTokenExchangeUrl$HpcLib_release", "generateRSAPublicKey", "", "signingKeys", "Lcom/hp/sdd/hpc/lib/hpidaccount/data/HpidSigningKeys;", "getTokenExchangeJson", "Lorg/json/JSONObject;", "token", "getTokenFromHPID", "", "oauth", "getTokenRefreshJson", "onFailure", NotificationCompat.CATEGORY_CALL, "Lokhttp3/Call;", "e", "Ljava/io/IOException;", "onResponse", "response", "Lokhttp3/Response;", "parseSigningKeyResponse", "parseSigningKeyResponse$HpcLib_release", "refreshToken", "validatePublicKey", "publicKey", "Ljava/security/PublicKey;", "verifyToken", "AuthZHelperCallback", "Companion", "HpcLib_release"}, k = 1, mv = {1, 1, 15})
/* loaded from: classes2.dex */
public final class a implements g {
    private InterfaceC0328a a;
    private g.c.i.a.a.b.b b;
    private final String c;
    private Context d;

    /* compiled from: AuthZHelper.kt */
    /* renamed from: g.c.i.a.a.b.a$a, reason: collision with other inner class name */
    /* loaded from: classes2.dex */
    public interface InterfaceC0328a {
        void a(int i2);

        void a(g.c.i.a.a.b.b bVar);
    }

    /* compiled from: AuthZHelper.kt */
    /* loaded from: classes2.dex */
    public static final class b {
        private b() {
        }

        public /* synthetic */ b(kotlin.d0.d.g gVar) {
            this();
        }
    }

    static {
        new b(null);
    }

    public a(Context context, String str, String str2) {
        k.b(str, "applicationId");
        k.b(str2, "secret");
        this.d = context;
        String str3 = str + ':' + str2;
        Charset charset = c.a;
        if (str3 == null) {
            throw new TypeCastException("null cannot be cast to non-null type java.lang.String");
        }
        byte[] bytes = str3.getBytes(charset);
        k.a((Object) bytes, "(this as java.lang.String).getBytes(charset)");
        String encodeToString = Base64.encodeToString(bytes, 2);
        k.a((Object) encodeToString, "Base64.encodeToString(co…eArray(), Base64.NO_WRAP)");
        this.c = encodeToString;
    }

    private final boolean a(HpidSigningKeys hpidSigningKeys) {
        if (hpidSigningKeys == null) {
            m.a.a.b("signingKeys is null!", new Object[0]);
            return false;
        }
        List<HpidSigningKeys.HpidSigningKey> keys = hpidSigningKeys.getKeys();
        if (keys == null) {
            k.a();
            throw null;
        }
        if (keys.size() <= 0) {
            m.a.a.b("signingKeysList.size() <= 0!", new Object[0]);
            return false;
        }
        boolean z = false;
        for (HpidSigningKeys.HpidSigningKey hpidSigningKey : keys) {
            k.a((Object) hpidSigningKey, "key");
            String kid = hpidSigningKey.getKid();
            g.c.i.a.a.b.b bVar = this.b;
            if (k.a((Object) kid, (Object) (bVar != null ? bVar.b() : null))) {
                List<String> x5c = hpidSigningKey.getX5c();
                if (x5c == null) {
                    k.a();
                    throw null;
                }
                if (TextUtils.isEmpty(x5c.get(0))) {
                    continue;
                } else {
                    try {
                        CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
                        List<String> x5c2 = hpidSigningKey.getX5c();
                        if (x5c2 == null) {
                            k.a();
                            throw null;
                        }
                        Certificate generateCertificate = certificateFactory.generateCertificate(new ByteArrayInputStream(Base64.decode(x5c2.get(0), 0)));
                        if (generateCertificate == null) {
                            throw new TypeCastException("null cannot be cast to non-null type java.security.cert.X509Certificate");
                        }
                        PublicKey publicKey = ((X509Certificate) generateCertificate).getPublicKey();
                        k.a((Object) publicKey, "publicKey");
                        z = a(publicKey);
                    } catch (CertificateException e2) {
                        m.a.a.b(e2, "generateRSAPublicKey() : CertificateException encountered.", new Object[0]);
                    }
                }
            }
        }
        return z;
    }

    private final boolean a(PublicKey publicKey) {
        JwtParser signingKey = Jwts.parser().setAllowedClockSkewSeconds(300L).setSigningKey(publicKey);
        g.c.i.a.a.b.b bVar = this.b;
        Jws<Claims> parseClaimsJws = signingKey.parseClaimsJws(bVar != null ? bVar.e() : null);
        k.a((Object) parseClaimsJws, "Jwts.parser()\n          …laimsJws(jwtToken?.token)");
        Claims body = parseClaimsJws.getBody();
        k.a((Object) body, "Jwts.parser()\n          …Jws(jwtToken?.token).body");
        String subject = body.getSubject();
        m.a.a.a("the gotten Subject is : %s", subject);
        g.c.i.a.a.b.b bVar2 = this.b;
        HpidIDTokenInfo.HpidUserInfo f2 = bVar2 != null ? bVar2.f() : null;
        if (k.a((Object) (f2 != null ? f2.getSub() : null), (Object) subject)) {
            return true;
        }
        m.a.a.a("validatePublicKey() - Token is not Authentic! Token Subject mismatch found!", new Object[0]);
        return false;
    }

    public final String a() {
        return g.c.i.a.a.a.c(this.d) ? "https://authz.wpp.api.hp.com" : g.c.i.a.a.a.d(this.d) ? "https://stage.authz.wpp.api.hp.com" : "https://pie.authz.wpp.api.hp.com";
    }

    protected final JSONObject a(String str) {
        k.b(str, "token");
        JSONObject jSONObject = new JSONObject();
        try {
            jSONObject.put("grant_type", "urn:ietf:params:oauth:grant-type:token-exchange");
            jSONObject.put("subject_token", str);
            jSONObject.put("subject_token_type", "urn:ietf:params:oauth:token-type:id_token");
        } catch (Exception e2) {
            e2.printStackTrace();
        }
        return jSONObject;
    }

    @Override // j.g
    public void a(f fVar, g0 g0Var) {
        k.b(fVar, NotificationCompat.CATEGORY_CALL);
        k.b(g0Var, "response");
        if (!g0Var.q()) {
            a(fVar, new HTTPServerErrorException(g0Var.m()));
            return;
        }
        if (!fVar.q().h().toString().equals(c())) {
            if (fVar.q().h().toString().equals(b())) {
                try {
                    if (a(com.hp.sdd.jabberwocky.chat.c.f(g0Var))) {
                        InterfaceC0328a interfaceC0328a = this.a;
                        if (interfaceC0328a != null) {
                            interfaceC0328a.a(this.b);
                            return;
                        }
                        return;
                    }
                } catch (Exception unused) {
                    InterfaceC0328a interfaceC0328a2 = this.a;
                    if (interfaceC0328a2 != null) {
                        interfaceC0328a2.a(-1);
                    }
                }
                InterfaceC0328a interfaceC0328a3 = this.a;
                if (interfaceC0328a3 != null) {
                    interfaceC0328a3.a(-1);
                    return;
                }
                return;
            }
            return;
        }
        try {
            JSONObject f2 = com.hp.sdd.jabberwocky.chat.c.f(g0Var);
            if (f2 == null) {
                k.a();
                throw null;
            }
            String string = f2.getString("access_token");
            long j2 = f2.getLong(AccessToken.EXPIRES_IN_KEY);
            String string2 = f2.getString("token_type");
            String string3 = f2.getString("scope");
            String string4 = f2.getString("refresh_token");
            k.a((Object) string, "access_token");
            k.a((Object) string4, "refresh_token");
            k.a((Object) string2, "tokenType");
            k.a((Object) string3, "scope");
            this.b = new g.c.i.a.a.b.b(string, string4, string2, string3, j2);
            d();
        } catch (Exception unused2) {
            InterfaceC0328a interfaceC0328a4 = this.a;
            if (interfaceC0328a4 != null) {
                interfaceC0328a4.a(-1);
            }
        }
    }

    @Override // j.g
    public void a(f fVar, IOException iOException) {
        k.b(fVar, NotificationCompat.CATEGORY_CALL);
        k.b(iOException, "e");
        InterfaceC0328a interfaceC0328a = this.a;
        if (interfaceC0328a != null) {
            interfaceC0328a.a(-1);
        }
    }

    public final void a(String str, InterfaceC0328a interfaceC0328a) {
        k.b(str, "oauth");
        this.a = interfaceC0328a;
        m.a.a.a("Token exchange URL: %s", c());
        String str2 = "Basic " + this.c;
        b0 a = new d().a();
        e0.a aVar = new e0.a();
        aVar.b(c());
        aVar.b("Authorization", str2);
        aVar.b("content-type", io.fabric.sdk.android.m.b.a.ACCEPT_JSON_VALUE);
        f0.a aVar2 = f0.a;
        String jSONObject = a(str).toString();
        k.a((Object) jSONObject, "getTokenExchangeJson(oauth).toString()");
        aVar.b(f0.a.a(aVar2, jSONObject, null, 1, null));
        FirebasePerfOkHttpClient.enqueue(a.a(aVar.a()), this);
    }

    public final boolean a(JSONObject jSONObject) {
        if (jSONObject == null) {
            return false;
        }
        return a((HpidSigningKeys) new com.google.gson.f().a(jSONObject.toString(), HpidSigningKeys.class));
    }

    public final String b() {
        return a() + "/oauth/v1/jwks/jwks.json";
    }

    protected final JSONObject b(String str) {
        k.b(str, "token");
        JSONObject jSONObject = new JSONObject();
        try {
            jSONObject.put("grant_type", "refresh_token");
            jSONObject.put("refresh_token", str);
        } catch (Exception e2) {
            e2.printStackTrace();
        }
        return jSONObject;
    }

    public final void b(String str, InterfaceC0328a interfaceC0328a) {
        k.b(str, "refreshToken");
        this.a = interfaceC0328a;
        m.a.a.a("Token exchange URL: %s", c());
        String str2 = "Basic " + this.c;
        b0 a = new d().a();
        e0.a aVar = new e0.a();
        aVar.b(c());
        aVar.b("Authorization", str2);
        aVar.b("content-type", io.fabric.sdk.android.m.b.a.ACCEPT_JSON_VALUE);
        f0.a aVar2 = f0.a;
        String jSONObject = b(str).toString();
        k.a((Object) jSONObject, "getTokenRefreshJson(refreshToken).toString()");
        aVar.b(f0.a.a(aVar2, jSONObject, null, 1, null));
        FirebasePerfOkHttpClient.enqueue(a.a(aVar.a()), this);
    }

    public final String c() {
        return a() + "/oauth/v1/token";
    }

    public final void d() {
        m.a.a.a("Token verify URL: %s", b());
        String str = "Basic " + this.c;
        b0 a = new d().a();
        e0.a aVar = new e0.a();
        aVar.b(b());
        aVar.b("Authorization", str);
        aVar.b("content-type", io.fabric.sdk.android.m.b.a.ACCEPT_JSON_VALUE);
        FirebasePerfOkHttpClient.enqueue(a.a(aVar.a()), this);
    }
}
