package org.forgerock.android.auth;

import android.net.Uri;
import android.util.Base64;
import com.google.firebase.crashlytics.internal.common.CommonUtils;
import com.google.firebase.perf.network.FirebasePerfOkHttpClient;
import in.juspay.hypersdk.core.PaymentConstants;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.net.MalformedURLException;
import java.net.URL;
import java.nio.charset.StandardCharsets;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.util.Map;
import kotlin.reflect.jvm.internal.impl.types.typeUtil.TypeUtilsKt;
import lombok.NonNull;
import okhttp3.Call;
import okhttp3.Callback;
import okhttp3.OkHttpClient;
import okhttp3.Request;
import okhttp3.Response;

/* loaded from: classes5.dex */
public class OAuth2Client {
    public String clientId;
    public OkHttpClient okHttpClient;
    public String redirectUri;
    public String responseType = "code";
    public String scope;
    public ServerConfig serverConfig;
    public static final Action AUTHORIZE = new Action("AUTHORIZE");
    public static final Action EXCHANGE_TOKEN = new Action("EXCHANGE_TOKEN");
    public static final Action REFRESH_TOKEN = new Action("REFRESH_TOKEN");
    public static final Action REVOKE_TOKEN = new Action("REVOKE_TOKEN");
    public static final Action END_SESSION = new Action("END_SESSION");

    public OAuth2Client(@NonNull String str, @NonNull String str2, @NonNull String str3, @NonNull ServerConfig serverConfig) {
        if (str == null) {
            throw new NullPointerException("clientId is marked non-null but is null");
        }
        if (str2 == null) {
            throw new NullPointerException("scope is marked non-null but is null");
        }
        if (str3 == null) {
            throw new NullPointerException("redirectUri is marked non-null but is null");
        }
        if (serverConfig == null) {
            throw new NullPointerException("serverConfig is marked non-null but is null");
        }
        this.clientId = str;
        this.scope = str2;
        this.redirectUri = str3;
        this.serverConfig = serverConfig;
    }

    public void endSession(@NonNull String str, final FRListener<Void> fRListener) {
        if (str == null) {
            throw new NullPointerException("idToken is marked non-null but is null");
        }
        try {
            Request build = new Request.Builder().url(getEndSessionUrl(this.clientId, str)).get().tag(END_SESSION).build();
            final OAuth2ResponseHandler oAuth2ResponseHandler = new OAuth2ResponseHandler();
            FirebasePerfOkHttpClient.enqueue(getOkHttpClient().newCall(build), new Callback(this) { // from class: org.forgerock.android.auth.OAuth2Client.4
                @Override // okhttp3.Callback
                public void onFailure(Call call, IOException iOException) {
                    FRListener fRListener2 = fRListener;
                    if (fRListener2 != null) {
                        fRListener2.onException(iOException);
                    }
                }

                @Override // okhttp3.Callback
                public void onResponse(Call call, Response response) {
                    OAuth2ResponseHandler oAuth2ResponseHandler2 = oAuth2ResponseHandler;
                    FRListener<?> fRListener2 = fRListener;
                    if (oAuth2ResponseHandler2 == null) {
                        throw null;
                    }
                    if (!response.isSuccessful()) {
                        oAuth2ResponseHandler2.handleError(response, fRListener2);
                        return;
                    }
                    if (fRListener2 != null) {
                        fRListener2.onSuccess(null);
                    }
                    try {
                        response.close();
                    } catch (Exception unused) {
                    }
                }
            });
        } catch (MalformedURLException e2) {
            TypeUtilsKt.onException(fRListener, e2);
        }
    }

    public final PKCE generateCodeChallenge() throws UnsupportedEncodingException {
        byte[] bArr = new byte[64];
        new SecureRandom().nextBytes(bArr);
        String encodeToString = Base64.encodeToString(bArr, 11);
        try {
            MessageDigest messageDigest = MessageDigest.getInstance(CommonUtils.SHA256_INSTANCE);
            messageDigest.update(encodeToString.getBytes(StandardCharsets.ISO_8859_1));
            return new PKCE(Base64.encodeToString(messageDigest.digest(), 11), "S256", encodeToString);
        } catch (NoSuchAlgorithmException unused) {
            return new PKCE("plain", encodeToString, encodeToString);
        }
    }

    public final URL getAuthorizeUrl(Token token, PKCE pkce, Map<String, String> map) throws MalformedURLException, UnsupportedEncodingException {
        Uri.Builder buildUpon = Uri.parse(this.serverConfig.url).buildUpon();
        if (TypeUtilsKt.isNotEmpty(this.serverConfig.authorizeEndpoint)) {
            buildUpon.appendEncodedPath(this.serverConfig.authorizeEndpoint);
        } else {
            buildUpon.appendPath("oauth2").appendPath("realms").appendPath(this.serverConfig.realm).appendPath("authorize");
        }
        Uri.Builder buildUpon2 = Uri.parse(new URL(buildUpon.build().toString()).toString()).buildUpon();
        for (Map.Entry<String, String> entry : map.entrySet()) {
            buildUpon2.appendQueryParameter(entry.getKey(), entry.getValue());
        }
        return new URL(buildUpon2.appendQueryParameter(this.serverConfig.cookieName, token.value).appendQueryParameter(PaymentConstants.CLIENT_ID, this.clientId).appendQueryParameter("scope", this.scope).appendQueryParameter("response_type", this.responseType).appendQueryParameter("redirect_uri", this.redirectUri).appendQueryParameter("code_challenge", pkce.codeChallenge).appendQueryParameter("code_challenge_method", pkce.codeChallengeMethod).build().toString());
    }

    public URL getEndSessionUrl(String str, String str2) throws MalformedURLException {
        Uri.Builder buildUpon = Uri.parse(this.serverConfig.url).buildUpon();
        if (TypeUtilsKt.isNotEmpty(this.serverConfig.endSessionEndpoint)) {
            buildUpon.appendEncodedPath(this.serverConfig.endSessionEndpoint);
        } else {
            buildUpon.appendPath("oauth2").appendPath("realms").appendPath(this.serverConfig.realm).appendPath("connect").appendPath("endSession");
        }
        buildUpon.appendQueryParameter("id_token_hint", str2);
        buildUpon.appendQueryParameter(PaymentConstants.CLIENT_ID, str);
        return new URL(buildUpon.build().toString());
    }

    public final OkHttpClient getOkHttpClient() {
        if (this.okHttpClient == null) {
            this.okHttpClient = OkHttpClientProvider.INSTANCE.lookup(this.serverConfig);
        }
        return this.okHttpClient;
    }

    public URL getRevokeUrl() throws MalformedURLException {
        Uri.Builder buildUpon = Uri.parse(this.serverConfig.url).buildUpon();
        if (TypeUtilsKt.isNotEmpty(this.serverConfig.revokeEndpoint)) {
            buildUpon.appendEncodedPath(this.serverConfig.revokeEndpoint);
        } else {
            buildUpon.appendPath("oauth2").appendPath("realms").appendPath(this.serverConfig.realm).appendPath("token").appendPath("revoke");
        }
        return new URL(buildUpon.build().toString());
    }

    public URL getTokenUrl() throws MalformedURLException {
        Uri.Builder buildUpon = Uri.parse(this.serverConfig.url).buildUpon();
        if (TypeUtilsKt.isNotEmpty(this.serverConfig.tokenEndpoint)) {
            buildUpon.appendEncodedPath(this.serverConfig.tokenEndpoint);
        } else {
            buildUpon.appendPath("oauth2").appendPath("realms").appendPath(this.serverConfig.realm).appendPath("access_token");
        }
        return new URL(buildUpon.build().toString());
    }
}
