package ch.sbb.spc;

import android.annotation.SuppressLint;
import android.content.ActivityNotFoundException;
import android.content.Context;
import android.content.Intent;
import android.net.Uri;
import android.os.AsyncTask;
import android.os.Build;
import ch.qos.logback.classic.spi.CallerData;
import ch.sbb.spc.Request;
import ch.sbb.spc.Scope;
import com.google.gson.Gson;
import com.google.gson.GsonBuilder;
import com.google.gson.JsonIOException;
import com.google.gson.JsonSyntaxException;
import com.google.gson.reflect.TypeToken;
import com.j256.ormlite.stmt.query.SimpleComparison;
import io.fabric.sdk.android.services.network.HttpRequest;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.net.URLEncoder;
import java.util.HashMap;
import java.util.Iterator;
import java.util.concurrent.CopyOnWriteArrayList;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.atomic.AtomicBoolean;
import okhttp3.HttpUrl;
import okhttp3.MediaType;
import okhttp3.OkHttpClient;
import okhttp3.Request;
import okhttp3.RequestBody;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: classes.dex */
public final class OAuthManager {
    private static final long ACCESS_TOKEN_VALID_MARGIN_MILLISEC = 15000;
    private static final String APPVERSION = "WT.i_appversion";
    private static final String AUTHORIZATION = "Authorization";
    private static final String BEARER = "Bearer";
    public static final String CLOSE = "close";
    public static final String CORRELATION_ID = "correlation_id";
    public static final String ERROR = "error";
    private static final String GRANT_TYPE = "grant_type";
    private static final String LANG = "lang";
    private static final String OS = "WT.i_os";
    private static final String OSVERSION = "WT.i_osversion";
    private static final String PARAM = "param";
    private static final String PROVIDER = "provider";
    public static final String REAUTHENTICATE = "reauthenticate";
    private static final String REDIRECT_URI = "redirect_uri";
    private static final String REFRESH_TOKEN = "refresh_token";
    public static final String REGISTER = "register";
    private static final String RESPONSE_ERROR_INVALID_GRANT = "invalid_grant";
    private static final String RESPONSE_ERROR_KEY = "error";
    private static final String ROOTED_PARAM = "rooted";
    public static final String STATE = "state";
    private static final String VERSION_PARAM = "vSDK";
    private Context context;
    private CustomTabListener customTabRequestListener;
    private AtomicBoolean refreshTokenRequestIsActive = new AtomicBoolean(false);
    private CopyOnWriteArrayList<Request> requestList = new CopyOnWriteArrayList<>();
    private TokenStore store;
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) OAuthManager.class);
    private static final Gson gson = new Gson();

    @SuppressLint({"StaticFieldLeak"})
    private static final OAuthManager instance = new OAuthManager();

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes.dex */
    public class RefreshAccessTokenTask extends AsyncTask<okhttp3.Request, Void, TokenResponse> {
        private Request request;

        public RefreshAccessTokenTask(Request request) {
            this.request = request;
        }

        private boolean containsInvalidGrant(okhttp3.Response response) {
            if (response.body() == null) {
                return false;
            }
            try {
                HashMap hashMap = (HashMap) OAuthManager.gson.fromJson(response.body().string(), new TypeToken<HashMap<String, String>>() { // from class: ch.sbb.spc.OAuthManager.RefreshAccessTokenTask.1
                }.getType());
                if (!hashMap.containsKey("error") || !((String) hashMap.get("error")).equals(OAuthManager.RESPONSE_ERROR_INVALID_GRANT)) {
                    return false;
                }
                OAuthManager.LOGGER.info("response contain invalid grant");
                return true;
            } catch (JsonSyntaxException | IOException e) {
                OAuthManager.LOGGER.error("response json conversion failed: ", e);
                return false;
            }
        }

        /* JADX INFO: Access modifiers changed from: protected */
        @Override // android.os.AsyncTask
        public TokenResponse doInBackground(okhttp3.Request... requestArr) {
            TokenResponse tokenResponse = new TokenResponse();
            try {
                okhttp3.Response execute = OAuthManager.this.getHttpClient().newCall(requestArr[0]).execute();
                if (execute.code() == 200) {
                    OAuthManager.LOGGER.info("new token received");
                    Token token = (Token) OAuthManager.gson.fromJson(execute.body().charStream(), Token.class);
                    if (!ScopeConverter.isValidScopeString(token.getScope())) {
                        token.setScope(ScopeConverter.convertScopeToString(this.request.getScope()));
                    }
                    token.setTimestampMillis(Long.valueOf(System.currentTimeMillis()));
                    OAuthManager.this.saveToken(token);
                    tokenResponse.setAccessToken(token.getAccessToken());
                    tokenResponse.setSidScope(ScopeConverter.convertStringToScope(token.getScope()));
                    return tokenResponse;
                }
                OAuthManager.LOGGER.error("refresh token failed: {}", Integer.valueOf(execute.code()));
                tokenResponse.setErrorCode(RequestListener.SPC_ERROR_IO);
                tokenResponse.setDeveloperErrorMessage(execute.code() + " " + execute.message());
                if (execute.code() == 400 && containsInvalidGrant(execute)) {
                    OAuthManager.this.store.deleteToken();
                    tokenResponse.setErrorCode(RequestListener.SPC_ERROR_INVALID_TOKEN);
                }
                return tokenResponse;
            } catch (JsonIOException e) {
                OAuthManager.LOGGER.error("refresh token failed: message: " + e.getMessage() + ", cause: " + e.getCause(), (Throwable) e);
                tokenResponse.setErrorCode(RequestListener.SPC_ERROR_IO);
                tokenResponse.setDeveloperErrorMessage(e.getMessage());
                return tokenResponse;
            } catch (JsonSyntaxException e2) {
                OAuthManager.LOGGER.error("refresh token failed: message: " + e2.getMessage() + ", cause: " + e2.getCause(), (Throwable) e2);
                tokenResponse.setErrorCode(RequestListener.SPC_ERROR_IO);
                tokenResponse.setDeveloperErrorMessage(e2.getMessage());
                return tokenResponse;
            } catch (IOException e3) {
                OAuthManager.LOGGER.error("refresh token failed: message: " + e3.getMessage() + ", cause: " + e3.getCause(), (Throwable) e3);
                tokenResponse.setErrorCode(RequestListener.SPC_ERROR_IO);
                tokenResponse.setDeveloperErrorMessage(e3.getMessage());
                return tokenResponse;
            }
        }

        /* JADX INFO: Access modifiers changed from: protected */
        @Override // android.os.AsyncTask
        public void onPostExecute(TokenResponse tokenResponse) {
            OAuthManager.this.refreshTokenRequestIsActive.set(false);
            OAuthManager.this.finalizeRequest(this.request, tokenResponse);
            OAuthManager.this.runNextTokenRequest();
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes.dex */
    public class RetrieveTokenTask extends AsyncTask<okhttp3.Request, Void, TokenResponse> {
        private Request request;

        public RetrieveTokenTask(Request request) {
            this.request = request;
        }

        /* JADX INFO: Access modifiers changed from: protected */
        @Override // android.os.AsyncTask
        public TokenResponse doInBackground(okhttp3.Request... requestArr) {
            TokenResponse tokenResponse = new TokenResponse();
            try {
                okhttp3.Response execute = OAuthManager.this.getHttpClient().newCall(requestArr[0]).execute();
                if (execute.code() == 200) {
                    OAuthManager.LOGGER.info("Got token response");
                    Token token = (Token) OAuthManager.gson.fromJson(execute.body().charStream(), Token.class);
                    if (!ScopeConverter.isValidScopeString(token.getScope())) {
                        token.setScope(ScopeConverter.convertScopeToString(this.request.getScope()));
                    }
                    OAuthManager.this.saveToken(token);
                    tokenResponse.setAccessToken(token.getAccessToken());
                    tokenResponse.setSidScope(ScopeConverter.convertStringToScope(token.getScope()));
                    return tokenResponse;
                }
                OAuthManager.LOGGER.error("Request token failed: {}", Integer.valueOf(execute.code()));
                tokenResponse.setErrorCode(RequestListener.SPC_ERROR_IO);
                tokenResponse.setDeveloperErrorMessage(execute.code() + " " + execute.message());
                return tokenResponse;
            } catch (JsonIOException e) {
                OAuthManager.LOGGER.error("Request token failed: message: " + e.getMessage() + ", cause: " + e.getCause(), (Throwable) e);
                tokenResponse.setErrorCode(RequestListener.SPC_ERROR_IO);
                tokenResponse.setDeveloperErrorMessage(e.getMessage());
                return tokenResponse;
            } catch (JsonSyntaxException e2) {
                OAuthManager.LOGGER.error("Request token failed: message: " + e2.getMessage() + ", cause: " + e2.getCause(), (Throwable) e2);
                tokenResponse.setErrorCode(RequestListener.SPC_ERROR_IO);
                tokenResponse.setDeveloperErrorMessage(e2.getMessage());
                return tokenResponse;
            } catch (IOException e3) {
                OAuthManager.LOGGER.error("Request token failed: message: " + e3.getMessage() + ", cause: " + e3.getCause(), (Throwable) e3);
                tokenResponse.setErrorCode(RequestListener.SPC_ERROR_IO);
                tokenResponse.setDeveloperErrorMessage(e3.getMessage());
                return tokenResponse;
            }
        }

        /* JADX INFO: Access modifiers changed from: protected */
        @Override // android.os.AsyncTask
        public void onPostExecute(TokenResponse tokenResponse) {
            OAuthManager.this.finalizeRequest(this.request, tokenResponse);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes.dex */
    public class RetrieveUserinfoTask extends AsyncTask<okhttp3.Request, Void, UserInfoResponse> {
        private Request request;

        public RetrieveUserinfoTask(Request request) {
            this.request = request;
        }

        /* JADX INFO: Access modifiers changed from: protected */
        @Override // android.os.AsyncTask
        public UserInfoResponse doInBackground(okhttp3.Request... requestArr) {
            UserInfoResponse userInfoResponse = new UserInfoResponse();
            try {
                okhttp3.Response execute = new OkHttpClient().newCall(requestArr[0]).execute();
                if (execute.code() != 200 || execute.body() == null) {
                    OAuthManager.LOGGER.error("UserInfo failed IO: {} ", Integer.valueOf(execute.code()));
                    userInfoResponse.setErrorCode(RequestListener.SPC_ERROR_IO);
                    userInfoResponse.setDeveloperErrorMessage(execute.code() + " " + execute.message());
                } else {
                    OAuthManager.LOGGER.info("userinfo received");
                    try {
                        String string = execute.body().string();
                        GsonBuilder gsonBuilder = new GsonBuilder();
                        gsonBuilder.registerTypeAdapter(UserInfoGender.class, new UserInfoGenderDeserializer());
                        userInfoResponse.setUserInfo((UserInfo) gsonBuilder.create().fromJson(string, UserInfo.class));
                        userInfoResponse.setJson(string);
                    } catch (JsonSyntaxException e) {
                        OAuthManager.LOGGER.error("userinfo json conversion failed: ", (Throwable) e);
                        userInfoResponse.setDeveloperErrorMessage(e.getMessage());
                        userInfoResponse.setErrorCode(RequestListener.SPC_ERROR_IO);
                    }
                }
                return userInfoResponse;
            } catch (IOException e2) {
                OAuthManager.LOGGER.error("UserInfo failed: message: " + e2.getMessage() + ", cause: " + e2.getCause(), (Throwable) e2);
                userInfoResponse.setErrorCode(RequestListener.SPC_ERROR_IO);
                userInfoResponse.setDeveloperErrorMessage(e2.getMessage());
                return userInfoResponse;
            }
        }

        /* JADX INFO: Access modifiers changed from: protected */
        @Override // android.os.AsyncTask
        public void onPostExecute(UserInfoResponse userInfoResponse) {
            OAuthManager.this.finalizeRequest(this.request, userInfoResponse);
        }
    }

    private OAuthManager() {
    }

    private Response convertResponse(Request request, Response response) {
        LOGGER.info("convert response");
        switch (request.getRequestType()) {
            case LOGIN:
            case TOKEN:
            case REAUTHENTICATE:
            case REGISTER:
                return new TokenResponse(response);
            case LOGOUT:
            case SWISSPASS_PAGE:
                return new Response(response);
            case USERINFO:
                return new UserInfoResponse(response);
            default:
                return null;
        }
    }

    private TokenResponse convertToSPCTokenResponse(Token token) {
        LOGGER.info("convert to token response");
        TokenResponse tokenResponse = new TokenResponse();
        tokenResponse.setAccessToken(token.getAccessToken());
        tokenResponse.setSidScope(ScopeConverter.convertStringToScope(token.getScope()));
        return tokenResponse;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void customTabRequestNotFound(String str) {
        LOGGER.error("request not found ");
        CustomTabListener customTabListener = this.customTabRequestListener;
        if (customTabListener != null) {
            customTabListener.onRequestNotFound(str);
            this.customTabRequestListener = null;
        }
    }

    private void executeAuthorizeRequest(Request request) {
        LOGGER.info("execute authorize request");
        Settings sidSettings = request.getSidSettings();
        String str = (((((sidSettings.getAuthorizeUrl() + "?client_id=" + sidSettings.getClientId()) + "&redirect_uri=" + sidSettings.getRedirectUrl()) + "&response_type=code") + "&scope=" + Uri.encode(ScopeConverter.convertScopeToString(request.getScope()))) + "&state=" + request.getRequestId()) + "&lang=" + LanguageHelper.getLanguage();
        Uri.Builder buildUpon = Uri.parse(sidSettings.getLogoutUrl()).buildUpon();
        buildUpon.appendQueryParameter(LANG, LanguageHelper.getLanguage()).appendQueryParameter(HttpRequest.HEADER_LOCATION, str);
        openUri(buildUpon.build(), request);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void executeReauthenticateRequest(Request request) {
        LOGGER.info("executeReauthenticateRequest()");
        if (StringUtils.isEmpty(request.getSidSettings().getReauthenticateUrl()) || StringUtils.isEmpty(request.getSidSettings().getSsoUrl())) {
            finalizeRequest(request, new TokenResponse(RequestListener.SPC_ERROR_IO, "Not valid url"));
            return;
        }
        String str = "";
        try {
            str = URLEncoder.encode(request.getSidSettings().getReauthenticateUrl() + CallerData.NA + LANG + SimpleComparison.EQUAL_TO_OPERATION + LanguageHelper.getLanguage() + "&Location=" + request.getSidSettings().getRedirectAppUrl() + "/" + REAUTHENTICATE + "/" + request.getRequestId(), "utf-8");
        } catch (UnsupportedEncodingException e) {
            LOGGER.error("URLEncoder failed: ", (Throwable) e);
        }
        openUri(Uri.parse(request.getSidSettings().getSsoUrl() + "/check-login?access_token=" + getTokenFromStore().getAccessToken() + "&Location=" + str), request);
    }

    private void executeRefreshTokenRequest(Request request, Token token) {
        LOGGER.info("execute refreshToken request");
        Request.Builder builder = new Request.Builder();
        StringBuilder sb = new StringBuilder();
        sb.append(request.getSidSettings().getRefreshTokenUrl());
        sb.append(CallerData.NA);
        sb.append(REFRESH_TOKEN);
        sb.append(SimpleComparison.EQUAL_TO_OPERATION);
        sb.append(token.getRefreshToken());
        sb.append("&");
        sb.append(GRANT_TYPE);
        sb.append(SimpleComparison.EQUAL_TO_OPERATION);
        sb.append(REFRESH_TOKEN);
        sb.append("&");
        sb.append(REDIRECT_URI);
        sb.append(SimpleComparison.EQUAL_TO_OPERATION);
        sb.append(request.getSidSettings().getRedirectUrl());
        sb.append("&");
        sb.append(ROOTED_PARAM);
        sb.append(SimpleComparison.EQUAL_TO_OPERATION);
        sb.append(DeviceTools.isRooted() ? "true" : "false");
        sb.append("&");
        sb.append(VERSION_PARAM);
        sb.append("=Android.");
        sb.append(BuildConfig.VERSION_NAME);
        new RefreshAccessTokenTask(request).execute(builder.url(sb.toString()).post(RequestBody.create((MediaType) null, "")).build());
    }

    private void executeRegisterRequest(Request request) {
        String str = request.getSidSettings().getRegisterUrl() + CallerData.NA + PROVIDER + SimpleComparison.EQUAL_TO_OPERATION + request.getSidSettings().getProvider() + "&" + PARAM + SimpleComparison.EQUAL_TO_OPERATION + request.getRequestId() + "&" + LANG + SimpleComparison.EQUAL_TO_OPERATION + LanguageHelper.getLanguage() + "&" + APPVERSION + SimpleComparison.EQUAL_TO_OPERATION + DeviceTools.getApplicationVersionCode(this.context) + "&" + OS + "=Android&" + OSVERSION + SimpleComparison.EQUAL_TO_OPERATION + Build.VERSION.RELEASE;
        Uri.Builder buildUpon = Uri.parse(request.getSidSettings().getLogoutUrl()).buildUpon();
        buildUpon.appendQueryParameter(LANG, LanguageHelper.getLanguage()).appendQueryParameter(HttpRequest.HEADER_LOCATION, str);
        openUri(buildUpon.build(), request);
    }

    private void executeScreenLockRequest(Request request, ReauthenticationMethod reauthenticationMethod) {
        LOGGER.info("execute screenlock request");
        Intent intent = new Intent(this.context, (Class<?>) ScreenLockActivity.class);
        intent.setFlags(268435456);
        intent.putExtra("REQUEST_ID", request.getRequestId());
        if (reauthenticationMethod == ReauthenticationMethod.DEVICE_SCREENLOCK) {
            intent.putExtra(ScreenLockActivity.USE_SCREEN_LOCK, true);
        } else if (reauthenticationMethod == ReauthenticationMethod.FINGERPRINT_ONLY) {
            intent.putExtra(ScreenLockActivity.USE_FINGERPRINT_LOCK, true);
        }
        intent.putExtra("SCREEN_LOCK_INO_TEXT", request.getScreenLockInfoText());
        this.context.startActivity(intent);
    }

    private void executeSwissPassPage(Request request, Token token) {
        String str = "";
        String str2 = "lang=" + LanguageHelper.getLanguage() + "&" + PARAM + SimpleComparison.EQUAL_TO_OPERATION + request.getRequestId() + "&" + PROVIDER + SimpleComparison.EQUAL_TO_OPERATION + request.getSidSettings().getProvider();
        switch (request.getPage()) {
            case ACCOUNT_MANAGEMENT:
                if (!StringUtils.isEmpty(request.getSidSettings().getAccountManagementUrl())) {
                    str = request.getSidSettings().getAccountManagementUrl() + CallerData.NA + str2;
                    break;
                }
                break;
            case TOKEN_MANAGEMENT:
                if (!StringUtils.isEmpty(request.getSidSettings().getTokenManagementUrl())) {
                    str = request.getSidSettings().getTokenManagementUrl() + CallerData.NA + str2;
                    break;
                }
                break;
            case LOGIN_DATA_MANAGEMENT:
                if (!StringUtils.isEmpty(request.getSidSettings().getLoginDataManagementUrl())) {
                    str = request.getSidSettings().getLoginDataManagementUrl() + CallerData.NA + str2;
                    break;
                }
                break;
            case LINK_CARD_MANAGEMENT:
                if (!StringUtils.isEmpty(request.getSidSettings().getLinkCardManagementUrl())) {
                    str = request.getSidSettings().getLinkCardManagementUrl() + CallerData.NA + str2;
                    break;
                }
                break;
            case INFO_ABOS:
                if (!StringUtils.isEmpty(request.getSidSettings().getAbosInfoUrl())) {
                    str = request.getSidSettings().getAbosInfoUrl() + CallerData.NA + str2;
                    break;
                }
                break;
            case INFO_SWISSPASS:
                if (!StringUtils.isEmpty(request.getSidSettings().getSwissPassInfoUrl())) {
                    str = request.getSidSettings().getSwissPassInfoUrl() + CallerData.NA + str2;
                    break;
                }
                break;
            case CONTACT_FORM:
                if (!StringUtils.isEmpty(request.getSidSettings().getContactFormUrl())) {
                    str = request.getSidSettings().getContactFormUrl() + CallerData.NA + str2;
                    break;
                }
                break;
            default:
                finalizeRequest(request, new Response(RequestListener.SPC_ERROR_IO, "Not valid Page"));
                return;
        }
        if (StringUtils.isEmpty(str) || StringUtils.isEmpty(request.getSidSettings().getSsoUrl())) {
            finishRequestNotValidUrl(request);
            return;
        }
        try {
            String str3 = request.getSidSettings().getSsoUrl() + "/check-login?access_token=" + token.getAccessToken() + "&Location=" + URLEncoder.encode(str, "utf-8");
            if (StringUtils.isEmpty(request.getSidSettings().getLogoutUrl())) {
                finishRequestNotValidUrl(request);
                return;
            }
            try {
                openUri(Uri.parse(request.getSidSettings().getLogoutUrl() + CallerData.NA + ("Location=" + URLEncoder.encode(str3, "utf-8"))), request);
            } catch (UnsupportedEncodingException e) {
                LOGGER.error("URLEncoder failed: ", (Throwable) e);
                finishRequestNotValidUrl(request);
            }
        } catch (UnsupportedEncodingException e2) {
            LOGGER.error("URLEncoder failed: ", (Throwable) e2);
            finishRequestNotValidUrl(request);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void executeTokenRequest(Request request) {
        LOGGER.info("execute token request");
        if (!isValidUrl(request.getSidSettings().getTokenUrl())) {
            finalizeRequest(request, new TokenResponse(RequestListener.SPC_ERROR_IO, "Invalid url"));
            return;
        }
        Request.Builder builder = new Request.Builder();
        StringBuilder sb = new StringBuilder();
        sb.append(request.getSidSettings().getTokenUrl());
        sb.append(CallerData.NA);
        sb.append(STATE);
        sb.append(SimpleComparison.EQUAL_TO_OPERATION);
        sb.append(request.getRequestId());
        sb.append("&");
        sb.append(REDIRECT_URI);
        sb.append(SimpleComparison.EQUAL_TO_OPERATION);
        sb.append(request.getSidSettings().getRedirectUrl());
        sb.append("&");
        sb.append(ROOTED_PARAM);
        sb.append(SimpleComparison.EQUAL_TO_OPERATION);
        sb.append(DeviceTools.isRooted() ? "true" : "false");
        sb.append("&");
        sb.append(VERSION_PARAM);
        sb.append("=Android.");
        sb.append(BuildConfig.VERSION_NAME);
        Request.Builder url = builder.url(sb.toString());
        url.addHeader(STATE, request.getRequestId());
        new RetrieveTokenTask(request).execute(url.post(RequestBody.create((MediaType) null, "")).build());
    }

    private void executeUserInfoRequest(Request request, Token token) {
        LOGGER.info("execute userinfo request");
        new RetrieveUserinfoTask(request).execute(new Request.Builder().url(request.getSidSettings().getUserinfoUrl()).addHeader("Authorization", "Bearer " + token.getAccessToken()).build());
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void finalizeRequest(Request request, Response response) {
        LOGGER.info("Finalize RequestType: '{}', errorCode: '{}'", request.getRequestType(), Integer.valueOf(response.getErrorCode()));
        this.requestList.remove(request);
        CustomTabListener customTabListener = this.customTabRequestListener;
        if (customTabListener != null) {
            customTabListener.onResponseProcessed();
            this.customTabRequestListener = null;
        }
        if (request.getRequestListener() != null) {
            request.getRequestListener().onResult(response);
        }
    }

    private void finishRequestNotValidUrl(Request request) {
        finalizeRequest(request, new Response(RequestListener.SPC_ERROR_IO, "Not valid url"));
    }

    /* JADX INFO: Access modifiers changed from: private */
    public OkHttpClient getHttpClient() {
        OkHttpClient.Builder builder = new OkHttpClient.Builder();
        builder.readTimeout(60L, TimeUnit.SECONDS);
        builder.writeTimeout(60L, TimeUnit.SECONDS);
        return builder.build();
    }

    public static OAuthManager getInstance() {
        return instance;
    }

    private Token getTokenFromStore() {
        LOGGER.info("loadToken token");
        return this.store.loadToken();
    }

    private boolean isAccessTokenValid(Token token) {
        if (token == null || StringUtils.isEmpty(token.getAccessToken())) {
            LOGGER.error("isAccessTokenValid false");
            return false;
        }
        if (token.getExpiresInSeconds() != null && token.getTimestampMillis() != null) {
            if (System.currentTimeMillis() < ((token.getExpiresInSeconds().longValue() * 1000) + token.getTimestampMillis().longValue()) - ACCESS_TOKEN_VALID_MARGIN_MILLISEC) {
                LOGGER.info("isAccessTokenValid true");
                return true;
            }
        }
        LOGGER.info("isAccessTokenValid false");
        return false;
    }

    private boolean isRefreshTokenValid(Token token) {
        if (token == null || StringUtils.isEmpty(token.getRefreshToken())) {
            LOGGER.error("isRefreshTokenValid false");
            return false;
        }
        LOGGER.info("isRefreshTokenValid true");
        return true;
    }

    private boolean isValidUrl(String str) {
        return HttpUrl.parse(str) != null;
    }

    private void login(Request request) {
        LOGGER.info("login");
        if (request.getScope() == null || !request.getScope().contains(Scope.ScopeValue.SCOPE_CUSTOMER)) {
            request.setScope(new Scope());
        }
        executeAuthorizeRequest(request);
    }

    private void logout(Request request) {
        LOGGER.info("logout");
        this.store.deleteToken();
        finalizeRequest(request, new Response());
    }

    private void openUri(Uri uri, Request request) {
        LOGGER.info("open chrome custom tab");
        String customTabPackageName = CustomTabBrowserHelper.getCustomTabPackageName(this.context);
        if (customTabPackageName != null && !customTabPackageName.isEmpty()) {
            CustomTabBrowserHelper.openCustomTabActivity(this.context, uri, customTabPackageName, request);
        } else {
            CustomTabBrowserHelper.showChromeError(this.context, request, CustomTabBrowserHelper.getBrowserInfo(this.context), uri);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void processRequest(Request request) {
        LOGGER.info("process request requestId: " + request.getRequestId().split("-")[0] + " requestType:" + request.getRequestType());
        switch (request.getRequestType()) {
            case LOGIN:
                login(request);
                return;
            case LOGOUT:
                logout(request);
                return;
            case USERINFO:
                userinfo(request);
                return;
            case TOKEN:
                token(request);
                return;
            case SWISSPASS_PAGE:
                swissPassPage(request);
                return;
            case REAUTHENTICATE:
                reauthenticate(request);
                return;
            case REGISTER:
                register(request);
                return;
            default:
                this.requestList.remove(request);
                return;
        }
    }

    private void reauthenticate(Request request) {
        LOGGER.info(REAUTHENTICATE);
        if (!isRefreshTokenValid(getTokenFromStore())) {
            finalizeRequest(request, new TokenResponse(RequestListener.SPC_ERROR_INVALID_TOKEN, "Invalid token"));
            return;
        }
        if (request.getReauthenticationMethod() == ReauthenticationMethod.DEVICE_SCREENLOCK && ScreenLockHelper.isScreenLockRequestSupported() && ScreenLockHelper.hasFingerprintPermisson(this.context) && ScreenLockHelper.isScreenLockSet(this.context)) {
            executeScreenLockRequest(request, ReauthenticationMethod.DEVICE_SCREENLOCK);
            return;
        }
        if (request.getReauthenticationMethod() == ReauthenticationMethod.FINGERPRINT_ONLY && ScreenLockHelper.isScreenLockRequestSupported() && ScreenLockHelper.hasFingerprintPermisson(this.context) && ScreenLockHelper.isScreenLockSet(this.context) && ScreenLockHelper.isFingerprintSet(this.context)) {
            executeScreenLockRequest(request, ReauthenticationMethod.FINGERPRINT_ONLY);
        } else {
            executeReauthenticateRequest(request);
        }
    }

    private void register(Request request) {
        LOGGER.info(REGISTER);
        Token tokenFromStore = getTokenFromStore();
        if (tokenFromStore == null || StringUtils.isEmpty(tokenFromStore.getRefreshToken())) {
            executeRegisterRequest(request);
        } else {
            request.getRequestListener().onResult(new Response(RequestListener.SPC_ERROR_USER_LOGGED_IN, "Request cannot be processed while user is logged in"));
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void requestNotFound() {
        LOGGER.error("request not found ");
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void runNextTokenRequest() {
        Iterator<Request> it = this.requestList.iterator();
        while (it.hasNext()) {
            Request next = it.next();
            if (Request.RequestType.TOKEN.equals(next.getRequestType())) {
                LOGGER.info("next token request found");
                runRequest(next);
                return;
            }
        }
    }

    private void runRequest(final Request request) {
        new Thread(new Runnable() { // from class: ch.sbb.spc.OAuthManager.1
            @Override // java.lang.Runnable
            public void run() {
                OAuthManager.this.processRequest(request);
            }
        }).start();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void saveToken(Token token) {
        LOGGER.info("save token");
        this.store.storeToken(token);
    }

    private void swissPassPage(Request request) {
        LOGGER.info("SwissPass page");
        Token tokenFromStore = getTokenFromStore();
        if (isAccessTokenValid(tokenFromStore)) {
            executeSwissPassPage(request, tokenFromStore);
        } else {
            finalizeRequest(request, new TokenResponse(RequestListener.SPC_ERROR_INVALID_TOKEN, "Invalid token"));
        }
    }

    private void token(Request request) {
        Token tokenFromStore = getTokenFromStore();
        if (tokenFromStore == null || !isRefreshTokenValid(tokenFromStore)) {
            if (tokenFromStore == null || this.store.isKeyStoreAvailable() || !isAccessTokenValid(tokenFromStore)) {
                finalizeRequest(request, new TokenResponse(RequestListener.SPC_ERROR_INVALID_TOKEN, "Invalid token"));
                return;
            } else {
                finalizeRequest(request, convertToSPCTokenResponse(tokenFromStore));
                return;
            }
        }
        if (!request.isForceRefresh() && isAccessTokenValid(tokenFromStore)) {
            finalizeRequest(request, convertToSPCTokenResponse(tokenFromStore));
            return;
        }
        if (!isValidUrl(request.getSidSettings().getRefreshTokenUrl())) {
            finalizeRequest(request, new TokenResponse(RequestListener.SPC_ERROR_IO, "Invalid url"));
        } else if (this.refreshTokenRequestIsActive.compareAndSet(false, true)) {
            executeRefreshTokenRequest(request, tokenFromStore);
        } else {
            LOGGER.info("refreshTokenRequest is already ongoing, wait until complete");
        }
    }

    private boolean tokenIncludesScope(Token token, Scope scope) {
        if (token == null || StringUtils.isEmpty(token.getScope())) {
            LOGGER.info("tokenIncludesScope false");
            return false;
        }
        if (scope == null || !ScopeConverter.convertStringToScope(token.getScope()).containsAll(scope.getAll())) {
            LOGGER.info("tokenIncludesScope false");
            return false;
        }
        LOGGER.info("tokenIncludesScope true");
        return true;
    }

    private void userinfo(Request request) {
        LOGGER.info("userinfo");
        Token tokenFromStore = getTokenFromStore();
        if (isAccessTokenValid(tokenFromStore)) {
            executeUserInfoRequest(request, tokenFromStore);
        } else {
            finalizeRequest(request, new UserInfoResponse(RequestListener.SPC_ERROR_INVALID_TOKEN, "Invalid token"));
        }
    }

    public void addRequest(Request request, boolean z) {
        LOGGER.info("add request requestType: {}", request.getRequestType());
        this.requestList.add(request);
        if (z) {
            runRequest(request);
        }
    }

    public void cancelCustomTabRequest(String str, CustomTabListener customTabListener) {
        LOGGER.info("cancel customtab request");
        this.customTabRequestListener = customTabListener;
        Response response = new Response();
        if (!StringUtils.isEmpty(str)) {
            Iterator<Request> it = this.requestList.iterator();
            while (it.hasNext()) {
                Request next = it.next();
                if (next.getRequestId().equals(str)) {
                    if (!Request.RequestType.SWISSPASS_PAGE.equals(next.getRequestType())) {
                        response.setDeveloperErrorMessage("user cancelled the request");
                        response.setErrorCode(RequestListener.SPC_ERROR_CANCELLED);
                    }
                    finalizeRequest(next, convertResponse(next, response));
                    return;
                }
            }
        }
        customTabRequestNotFound(str);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String getAccessTokenPrefix() {
        return this.store.getAccessTokenPrefix();
    }

    public void init(Context context, String str) {
        LOGGER.info("initialize");
        this.context = context.getApplicationContext();
        this.store = new TokenStore(context, str);
        CustomTabBrowserHelper.initCustomTab(this.context);
    }

    public boolean isKeyStoreAvailable() {
        LOGGER.info("isKeyStoreAvailable()");
        return this.store.isKeyStoreAvailable();
    }

    public void openUriInDefaultBrowser(Uri uri, String str) {
        LOGGER.info("open default browser");
        Intent intent = new Intent("android.intent.action.VIEW", uri);
        intent.setFlags(268435456);
        intent.putExtra("com.android.browser.application_id", this.context.getPackageName());
        intent.setData(uri);
        try {
            this.context.startActivity(intent);
        } catch (ActivityNotFoundException unused) {
            LOGGER.info("no browser installed or enabled");
            Iterator<Request> it = this.requestList.iterator();
            while (it.hasNext()) {
                Request next = it.next();
                if (next.getRequestId().contains(str)) {
                    finalizeRequest(next, convertResponse(next, new Response(RequestListener.SPC_ERROR_NO_WEB_BROWSER_FOUND, "no browser installed or enabled")));
                    return;
                }
            }
        }
    }

    public void processFillUserinfoResponse(final String str, final Response response) {
        LOGGER.info("process fill userinfo response");
        if (StringUtils.isEmpty(str)) {
            return;
        }
        new Thread(new Runnable() { // from class: ch.sbb.spc.OAuthManager.3
            @Override // java.lang.Runnable
            public void run() {
                Iterator it = OAuthManager.this.requestList.iterator();
                while (it.hasNext()) {
                    Request request = (Request) it.next();
                    if (request.getRequestType() == Request.RequestType.FILL_USERINFO && request.getRequestId().equals(str)) {
                        OAuthManager.this.finalizeRequest(request, response);
                        return;
                    }
                }
            }
        }).start();
    }

    public void processLoginResponse(final String str, final int i, final String str2, CustomTabListener customTabListener) {
        LOGGER.info("process login response");
        this.customTabRequestListener = customTabListener;
        if (StringUtils.isEmpty(str)) {
            customTabRequestNotFound(str);
        } else {
            new Thread(new Runnable() { // from class: ch.sbb.spc.OAuthManager.5
                @Override // java.lang.Runnable
                public void run() {
                    Iterator it = OAuthManager.this.requestList.iterator();
                    while (it.hasNext()) {
                        Request request = (Request) it.next();
                        if (request.getRequestType() == Request.RequestType.LOGIN || request.getRequestType() == Request.RequestType.TOKEN) {
                            if (request.getRequestId().startsWith(str)) {
                                int i2 = i;
                                if (i2 != 0) {
                                    OAuthManager.this.finalizeRequest(request, new TokenResponse(i2, str2));
                                    return;
                                } else {
                                    OAuthManager.this.executeTokenRequest(request);
                                    return;
                                }
                            }
                        }
                    }
                    OAuthManager.this.customTabRequestNotFound(str);
                }
            }).start();
        }
    }

    public void processReauthenticateResponse(final String str, final int i, final String str2, CustomTabListener customTabListener) {
        LOGGER.info("process reauthenticate response");
        this.customTabRequestListener = customTabListener;
        if (StringUtils.isEmpty(str)) {
            customTabRequestNotFound(str);
        } else {
            new Thread(new Runnable() { // from class: ch.sbb.spc.OAuthManager.6
                @Override // java.lang.Runnable
                public void run() {
                    Iterator it = OAuthManager.this.requestList.iterator();
                    while (it.hasNext()) {
                        Request request = (Request) it.next();
                        if (request.getRequestType() == Request.RequestType.REAUTHENTICATE && request.getRequestId().contains(str)) {
                            Response response = new Response();
                            int i2 = i;
                            if (i2 != 0) {
                                response = new Response(i2, str2, OAuthManager.this.context.getResources().getString(R.string.error_reauth));
                            }
                            try {
                                Thread.sleep(500L, 0);
                            } catch (InterruptedException e) {
                                OAuthManager.LOGGER.debug("processReauthenticateResponse timer interrupted: ", (Throwable) e);
                            }
                            OAuthManager.this.finalizeRequest(request, response);
                            return;
                        }
                    }
                    OAuthManager.this.customTabRequestNotFound(str);
                }
            }).start();
        }
    }

    public void processRegisterResponse(final String str, CustomTabListener customTabListener) {
        LOGGER.info("process register response");
        this.customTabRequestListener = customTabListener;
        if (StringUtils.isEmpty(str)) {
            customTabRequestNotFound(str);
        } else {
            new Thread(new Runnable() { // from class: ch.sbb.spc.OAuthManager.4
                @Override // java.lang.Runnable
                public void run() {
                    Iterator it = OAuthManager.this.requestList.iterator();
                    while (it.hasNext()) {
                        Request request = (Request) it.next();
                        if (request.getRequestType() == Request.RequestType.REGISTER && request.getRequestId().equals(str)) {
                            OAuthManager.this.finalizeRequest(request, new Response());
                            return;
                        } else if (request.getRequestType() == Request.RequestType.LOGIN && request.getRequestId().equals(str)) {
                            OAuthManager.this.finalizeRequest(request, new TokenResponse(RequestListenerInternal.SPC_ERROR_INTERNAL_REGISTRATION_IN_LOGIN_REQUEST, "registration complete, not logged in"));
                            return;
                        }
                    }
                    OAuthManager.this.customTabRequestNotFound(str);
                }
            }).start();
        }
    }

    public void processScreenLockResponse(final String str, final boolean z, final boolean z2) {
        LOGGER.info("process screenlock response");
        if (StringUtils.isEmpty(str)) {
            return;
        }
        new Thread(new Runnable() { // from class: ch.sbb.spc.OAuthManager.2
            @Override // java.lang.Runnable
            public void run() {
                Iterator it = OAuthManager.this.requestList.iterator();
                while (it.hasNext()) {
                    Request request = (Request) it.next();
                    if (request.getRequestType() == Request.RequestType.REAUTHENTICATE && request.getRequestId().equals(str)) {
                        if (z) {
                            OAuthManager.this.finalizeRequest(request, new Response());
                            return;
                        } else if (z2) {
                            OAuthManager.this.executeReauthenticateRequest(request);
                            return;
                        } else {
                            OAuthManager.this.finalizeRequest(request, new Response(RequestListener.SPC_ERROR_CANCELLED, "user cancelled the action"));
                            return;
                        }
                    }
                }
                OAuthManager.this.requestNotFound();
            }
        }).start();
    }

    public void runRequest(String str) {
        Iterator<Request> it = this.requestList.iterator();
        while (it.hasNext()) {
            Request next = it.next();
            if (next.getRequestId().equals(str)) {
                runRequest(next);
                return;
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void saveAccessTokenPrefix(String str) {
        this.store.storeAccessTokenPrefix(str);
    }
}
