package e.d.c.a.a.b;

import android.content.Context;
import android.util.Base64;
import androidx.core.app.NotificationCompat;
import com.hp.sdd.hpc.lib.hpidaccount.data.HpidIDTokenInfo;
import com.hp.sdd.hpc.lib.hpidaccount.data.HpidSigningKeys;
import com.hp.sdd.jabberwocky.chat.d;
import com.hp.sdd.jabberwocky.chat.h;
import e.c.c.e;
import h.m;
import h.m0.c;
import h.w;
import io.jsonwebtoken.Claims;
import io.jsonwebtoken.Jws;
import io.jsonwebtoken.JwtParser;
import io.jsonwebtoken.Jwts;
import j.c0;
import j.d0;
import j.e0;
import j.f;
import j.g;
import j.z;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.nio.charset.Charset;
import java.security.PublicKey;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.List;
import kotlin.jvm.internal.DefaultConstructorMarker;
import kotlin.jvm.internal.j;
import org.json.JSONException;
import org.json.JSONObject;

/* compiled from: AuthZHelper.kt */
@m(bv = {1, 0, 3}, d1 = {"\u0000b\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0010\u000e\n\u0002\b\u0006\n\u0002\u0018\u0002\n\u0002\b\u000b\n\u0002\u0018\u0002\n\u0002\b\b\n\u0002\u0010\u000b\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0010\u0002\n\u0002\b\u0004\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0005\n\u0002\u0018\u0002\n\u0002\b\u0004\u0018\u0000 ;2\u00020\u0001:\u0002:;B\u001f\u0012\b\u0010\u0002\u001a\u0004\u0018\u00010\u0003\u0012\u0006\u0010\u0004\u001a\u00020\u0005\u0012\u0006\u0010\u0006\u001a\u00020\u0005¢\u0006\u0002\u0010\u0007J\u0012\u0010 \u001a\u00020!2\b\u0010\"\u001a\u0004\u0018\u00010#H\u0002J\u0010\u0010$\u001a\u00020%2\u0006\u0010&\u001a\u00020\u0005H\u0004J\u0018\u0010'\u001a\u00020(2\u0006\u0010)\u001a\u00020\u00052\b\u0010\u000b\u001a\u0004\u0018\u00010\fJ\u0010\u0010*\u001a\u00020%2\u0006\u0010&\u001a\u00020\u0005H\u0004J\u0018\u0010+\u001a\u00020(2\u0006\u0010,\u001a\u00020-2\u0006\u0010.\u001a\u00020/H\u0016J\u0018\u00100\u001a\u00020(2\u0006\u0010,\u001a\u00020-2\u0006\u00101\u001a\u000202H\u0016J\u0017\u00103\u001a\u00020!2\b\u00101\u001a\u0004\u0018\u00010%H\u0000¢\u0006\u0002\b4J\u0018\u00105\u001a\u00020(2\u0006\u00105\u001a\u00020\u00052\b\u0010\u000b\u001a\u0004\u0018\u00010\fJ\u0010\u00106\u001a\u00020!2\u0006\u00107\u001a\u000208H\u0002J\u0006\u00109\u001a\u00020(R\u0014\u0010\b\u001a\u00020\u00058@X\u0080\u0004¢\u0006\u0006\u001a\u0004\b\t\u0010\nR\u001c\u0010\u000b\u001a\u0004\u0018\u00010\fX\u0080\u000e¢\u0006\u000e\n\u0000\u001a\u0004\b\r\u0010\u000e\"\u0004\b\u000f\u0010\u0010R\u001c\u0010\u0002\u001a\u0004\u0018\u00010\u0003X\u0080\u000e¢\u0006\u000e\n\u0000\u001a\u0004\b\u0011\u0010\u0012\"\u0004\b\u0013\u0010\u0014R\u0014\u0010\u0015\u001a\u00020\u00058@X\u0080\u0004¢\u0006\u0006\u001a\u0004\b\u0016\u0010\nR\u001c\u0010\u0017\u001a\u0004\u0018\u00010\u0018X\u0080\u000e¢\u0006\u000e\n\u0000\u001a\u0004\b\u0019\u0010\u001a\"\u0004\b\u001b\u0010\u001cR\u000e\u0010\u001d\u001a\u00020\u0005X\u0082\u0004¢\u0006\u0002\n\u0000R\u0014\u0010\u001e\u001a\u00020\u00058@X\u0080\u0004¢\u0006\u0006\u001a\u0004\b\u001f\u0010\n¨\u0006<"}, d2 = {"Lcom/hp/sdd/hpc/lib/authz/AuthZHelper;", "Lokhttp3/Callback;", "context", "Landroid/content/Context;", "applicationId", "", "secret", "(Landroid/content/Context;Ljava/lang/String;Ljava/lang/String;)V", "baseUrl", "getBaseUrl$HpcLib_release", "()Ljava/lang/String;", "callback", "Lcom/hp/sdd/hpc/lib/authz/AuthZHelper$AuthZHelperCallback;", "getCallback$HpcLib_release", "()Lcom/hp/sdd/hpc/lib/authz/AuthZHelper$AuthZHelperCallback;", "setCallback$HpcLib_release", "(Lcom/hp/sdd/hpc/lib/authz/AuthZHelper$AuthZHelperCallback;)V", "getContext$HpcLib_release", "()Landroid/content/Context;", "setContext$HpcLib_release", "(Landroid/content/Context;)V", "jwksUrl", "getJwksUrl$HpcLib_release", "jwtToken", "Lcom/hp/sdd/hpc/lib/authz/AuthZToken;", "getJwtToken$HpcLib_release", "()Lcom/hp/sdd/hpc/lib/authz/AuthZToken;", "setJwtToken$HpcLib_release", "(Lcom/hp/sdd/hpc/lib/authz/AuthZToken;)V", "mAuthentication", "tokenExchangeUrl", "getTokenExchangeUrl$HpcLib_release", "generateRSAPublicKey", "", "signingKeys", "Lcom/hp/sdd/hpc/lib/hpidaccount/data/HpidSigningKeys;", "getTokenExchangeJson", "Lorg/json/JSONObject;", "token", "getTokenFromHPID", "", "oauth", "getTokenRefreshJson", "onFailure", NotificationCompat.CATEGORY_CALL, "Lokhttp3/Call;", "e", "Ljava/io/IOException;", "onResponse", "response", "Lokhttp3/Response;", "parseSigningKeyResponse", "parseSigningKeyResponse$HpcLib_release", "refreshToken", "validatePublicKey", "publicKey", "Ljava/security/PublicKey;", "verifyToken", "AuthZHelperCallback", "Companion", "HpcLib_release"}, k = 1, mv = {1, 1, 15})
/* loaded from: classes.dex */
public final class a implements g {
    private InterfaceC0128a a;
    private e.d.c.a.a.b.b b;
    private final String c;

    /* renamed from: d, reason: collision with root package name */
    private Context f3386d;

    /* compiled from: AuthZHelper.kt */
    /* renamed from: e.d.c.a.a.b.a$a, reason: collision with other inner class name */
    /* loaded from: classes.dex */
    public interface InterfaceC0128a {
        void a(int i2);

        void a(e.d.c.a.a.b.b bVar);
    }

    /* compiled from: AuthZHelper.kt */
    /* loaded from: classes.dex */
    public static final class b {
        private b() {
        }

        public /* synthetic */ b(DefaultConstructorMarker defaultConstructorMarker) {
            this();
        }
    }

    static {
        new b(null);
    }

    public a(Context context, String str, String str2) {
        j.b(str, "applicationId");
        j.b(str2, "secret");
        this.f3386d = context;
        String str3 = str + ':' + str2;
        Charset charset = c.a;
        if (str3 == null) {
            throw new w("null cannot be cast to non-null type java.lang.String");
        }
        byte[] bytes = str3.getBytes(charset);
        j.a((Object) bytes, "(this as java.lang.String).getBytes(charset)");
        String encodeToString = Base64.encodeToString(bytes, 2);
        j.a((Object) encodeToString, "Base64.encodeToString(co…eArray(), Base64.NO_WRAP)");
        this.c = encodeToString;
    }

    private final boolean a(HpidSigningKeys hpidSigningKeys) {
        if (hpidSigningKeys == null) {
            m.a.a.b("signingKeys is null!", new Object[0]);
            return false;
        }
        List<HpidSigningKeys.HpidSigningKey> keys = hpidSigningKeys.getKeys();
        if (keys == null || keys.isEmpty()) {
            m.a.a.b("signingKeysList.size() <= 0!", new Object[0]);
            return false;
        }
        while (true) {
            boolean z = false;
            for (HpidSigningKeys.HpidSigningKey hpidSigningKey : keys) {
                j.a((Object) hpidSigningKey, "key");
                String kid = hpidSigningKey.getKid();
                e.d.c.a.a.b.b bVar = this.b;
                PublicKey publicKey = null;
                if (j.a((Object) kid, (Object) (bVar != null ? bVar.b() : null))) {
                    List<String> x5c = hpidSigningKey.getX5c();
                    String str = x5c != null ? (String) h.c0.m.f((List) x5c) : null;
                    if (str == null || str.length() == 0) {
                        continue;
                    } else {
                        try {
                            Certificate generateCertificate = CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(Base64.decode(str, 0)));
                            if (!(generateCertificate instanceof X509Certificate)) {
                                generateCertificate = null;
                            }
                            X509Certificate x509Certificate = (X509Certificate) generateCertificate;
                            if (x509Certificate != null) {
                                publicKey = x509Certificate.getPublicKey();
                            }
                            if (publicKey != null && a(publicKey)) {
                                z = true;
                            }
                        } catch (CertificateException e2) {
                            m.a.a.b(e2, "generateRSAPublicKey() : CertificateException encountered.", new Object[0]);
                        }
                    }
                }
            }
            return z;
        }
    }

    private final boolean a(PublicKey publicKey) {
        JwtParser signingKey = Jwts.parser().setAllowedClockSkewSeconds(300L).setSigningKey(publicKey);
        e.d.c.a.a.b.b bVar = this.b;
        Jws<Claims> parseClaimsJws = signingKey.parseClaimsJws(bVar != null ? bVar.e() : null);
        j.a((Object) parseClaimsJws, "Jwts.parser()\n          …laimsJws(jwtToken?.token)");
        Claims body = parseClaimsJws.getBody();
        j.a((Object) body, "Jwts.parser()\n          …Jws(jwtToken?.token).body");
        String subject = body.getSubject();
        m.a.a.a("the gotten Subject is : %s", subject);
        e.d.c.a.a.b.b bVar2 = this.b;
        HpidIDTokenInfo.HpidUserInfo f2 = bVar2 != null ? bVar2.f() : null;
        if (j.a((Object) (f2 != null ? f2.getSub() : null), (Object) subject)) {
            return true;
        }
        m.a.a.a("validatePublicKey() - Token is not Authentic! Token Subject mismatch found!", new Object[0]);
        return false;
    }

    public final String a() {
        return e.d.c.a.a.a.b(this.f3386d) ? "https://pie.authz.wpp.api.hp.com" : e.d.c.a.a.a.d(this.f3386d) ? "https://stage.authz.wpp.api.hp.com" : "https://authz.wpp.api.hp.com";
    }

    protected final JSONObject a(String str) {
        j.b(str, "token");
        JSONObject jSONObject = new JSONObject();
        try {
            jSONObject.put("grant_type", "urn:ietf:params:oauth:grant-type:token-exchange");
            jSONObject.put("subject_token", str);
            jSONObject.put("subject_token_type", "urn:ietf:params:oauth:token-type:id_token");
        } catch (Exception e2) {
            e2.printStackTrace();
        }
        return jSONObject;
    }

    @Override // j.g
    public void a(f fVar, e0 e0Var) {
        j.b(fVar, NotificationCompat.CATEGORY_CALL);
        j.b(e0Var, "response");
        if (!e0Var.p()) {
            a(fVar, new com.hp.sdd.jabberwocky.chat.a(e0Var.l()));
            return;
        }
        if (!fVar.m().h().toString().equals(c())) {
            if (fVar.m().h().toString().equals(b())) {
                try {
                    if (a(d.c(e0Var))) {
                        InterfaceC0128a interfaceC0128a = this.a;
                        if (interfaceC0128a != null) {
                            interfaceC0128a.a(this.b);
                            return;
                        }
                        return;
                    }
                } catch (Exception unused) {
                    InterfaceC0128a interfaceC0128a2 = this.a;
                    if (interfaceC0128a2 != null) {
                        interfaceC0128a2.a(-1);
                    }
                }
                InterfaceC0128a interfaceC0128a3 = this.a;
                if (interfaceC0128a3 != null) {
                    interfaceC0128a3.a(-1);
                    return;
                }
                return;
            }
            return;
        }
        try {
            JSONObject c = d.c(e0Var);
            if (c == null) {
                throw new JSONException("invalid response");
            }
            String string = c.getString("access_token");
            long j2 = c.getLong("expires_in");
            String string2 = c.getString("token_type");
            String string3 = c.getString("scope");
            String string4 = c.getString("refresh_token");
            j.a((Object) string, "access_token");
            j.a((Object) string4, "refresh_token");
            j.a((Object) string2, "tokenType");
            j.a((Object) string3, "scope");
            this.b = new e.d.c.a.a.b.b(string, string4, string2, string3, j2);
            d();
        } catch (Exception unused2) {
            InterfaceC0128a interfaceC0128a4 = this.a;
            if (interfaceC0128a4 != null) {
                interfaceC0128a4.a(-1);
            }
        }
    }

    @Override // j.g
    public void a(f fVar, IOException iOException) {
        j.b(fVar, NotificationCompat.CATEGORY_CALL);
        j.b(iOException, "e");
        InterfaceC0128a interfaceC0128a = this.a;
        if (interfaceC0128a != null) {
            interfaceC0128a.a(-1);
        }
    }

    public final void a(String str, InterfaceC0128a interfaceC0128a) {
        j.b(str, "oauth");
        this.a = interfaceC0128a;
        m.a.a.a("Token exchange URL: %s", c());
        String str2 = "Basic " + this.c;
        z a = new h().a();
        c0.a aVar = new c0.a();
        aVar.b(c());
        aVar.a("Authorization", str2);
        aVar.a("content-type", "application/json");
        d0.a aVar2 = d0.a;
        String jSONObject = a(str).toString();
        j.a((Object) jSONObject, "getTokenExchangeJson(oauth).toString()");
        aVar.b(d0.a.a(aVar2, jSONObject, null, 1, null));
        a.a(aVar.a()).a(this);
    }

    public final boolean a(JSONObject jSONObject) {
        if (jSONObject == null) {
            return false;
        }
        return a((HpidSigningKeys) new e().a(jSONObject.toString(), HpidSigningKeys.class));
    }

    public final String b() {
        return a() + "/oauth/v1/jwks/jwks.json";
    }

    protected final JSONObject b(String str) {
        j.b(str, "token");
        JSONObject jSONObject = new JSONObject();
        try {
            jSONObject.put("grant_type", "refresh_token");
            jSONObject.put("refresh_token", str);
        } catch (Exception e2) {
            e2.printStackTrace();
        }
        return jSONObject;
    }

    public final void b(String str, InterfaceC0128a interfaceC0128a) {
        j.b(str, "refreshToken");
        this.a = interfaceC0128a;
        m.a.a.a("Token exchange URL: %s", c());
        String str2 = "Basic " + this.c;
        z a = new h().a();
        c0.a aVar = new c0.a();
        aVar.b(c());
        aVar.a("Authorization", str2);
        aVar.a("content-type", "application/json");
        d0.a aVar2 = d0.a;
        String jSONObject = b(str).toString();
        j.a((Object) jSONObject, "getTokenRefreshJson(refreshToken).toString()");
        aVar.b(d0.a.a(aVar2, jSONObject, null, 1, null));
        a.a(aVar.a()).a(this);
    }

    public final String c() {
        return a() + "/oauth/v1/token";
    }

    public final void d() {
        m.a.a.a("Token verify URL: %s", b());
        String str = "Basic " + this.c;
        z a = new h().a();
        c0.a aVar = new c0.a();
        aVar.b(b());
        aVar.a("Authorization", str);
        aVar.a("content-type", "application/json");
        a.a(aVar.a()).a(this);
    }
}
