package com.auth0.identity;

import android.app.Activity;
import android.content.Intent;
import android.net.Uri;
import android.util.Log;
import com.auth0.api.ParameterBuilder;
import com.auth0.api.authentication.AuthenticationAPIClient;
import com.auth0.core.Application;
import com.auth0.core.Auth0;
import com.auth0.core.Token;
import com.auth0.identity.util.PKCE;
import com.auth0.identity.web.CallbackParser;
import com.auth0.identity.web.WebViewActivity;
import com.auth0.util.Telemetry;
import java.util.HashMap;
import java.util.Map;

/* loaded from: classes.dex */
public class WebIdentityProvider implements IdentityProvider {
    private static final String ACCESS_TOKEN_KEY = "access_token";
    private static final String AUTH0_CLIENT_KEY = "auth0Client";
    private static final String CLIENT_ID_KEY = "client_id";
    private static final String CODE_CHALLENGE_KEY = "code_challenge";
    private static final String CODE_CHALLENGE_METHOD_KEY = "code_challenge_method";
    private static final String CODE_KEY = "code";
    private static final String CONNECTION_KEY = "connection";
    private static final String ERROR_KEY = "error";
    private static final String ID_TOKEN_KEY = "id_token";
    private static final String LOGIN_HINT_KEY = "login_hint";
    private static final String METHOD_SHA_256 = "S256";
    private static final String REDIRECT_URI_FORMAT = "a0%s://%s/callback";
    private static final String REDIRECT_URI_KEY = "redirect_uri";
    private static final String REFRESH_TOKEN_KEY = "refresh_token";
    private static final String RESPONSE_TYPE_KEY = "response_type";
    private static final String SCOPE_KEY = "scope";
    private static final String SCOPE_OPENID = "openid";
    private static final String TAG = WebIdentityProvider.class.getName();
    private static final String TOKEN_TYPE_KEY = "token_type";
    private static final String TYPE_CODE = "code";
    private static final String TYPE_TOKEN = "token";
    private AuthenticationAPIClient apiClient;
    private final String authorizeUrl;
    private IdentityProviderCallback callback;
    private final String clientId;
    private String clientInfo;
    private Map<String, Object> parameters;
    private CallbackParser parser;
    private PKCE pkce;
    private boolean useWebView;

    public WebIdentityProvider(Auth0 auth0, boolean z) {
        this(new CallbackParser(), auth0.getClientId(), auth0.getAuthorizeUrl(), (z && PKCE.isAvailable()) ? auth0.newAuthenticationAPIClient() : null);
    }

    public WebIdentityProvider(CallbackParser callbackParser, String str, String str2) {
        this(callbackParser, str, str2, null);
    }

    WebIdentityProvider(CallbackParser callbackParser, String str, String str2, AuthenticationAPIClient authenticationAPIClient) {
        this.parser = callbackParser;
        this.clientId = str;
        this.authorizeUrl = str2;
        this.apiClient = authenticationAPIClient;
        this.useWebView = false;
        this.parameters = new HashMap();
        this.clientInfo = new Telemetry("Lock.Android", "").asBase64();
        this.apiClient = authenticationAPIClient;
    }

    private Uri buildAuthorizeUri(String str, String str2, Map<String, Object> map) {
        Uri parse = Uri.parse(str);
        String format = String.format(REDIRECT_URI_FORMAT, this.clientId.toLowerCase(), parse.getHost());
        HashMap hashMap = new HashMap();
        if (this.clientInfo != null) {
            hashMap.put(AUTH0_CLIENT_KEY, this.clientInfo);
        }
        hashMap.put(SCOPE_KEY, "openid");
        hashMap.put(RESPONSE_TYPE_KEY, "token");
        if (shouldUsePKCE()) {
            try {
                this.pkce = new PKCE(this.apiClient, format);
                String codeChallenge = this.pkce.getCodeChallenge();
                hashMap.put(RESPONSE_TYPE_KEY, "code");
                hashMap.put(CODE_CHALLENGE_KEY, codeChallenge);
                hashMap.put(CODE_CHALLENGE_METHOD_KEY, METHOD_SHA_256);
            } catch (IllegalStateException e) {
                Log.e(TAG, "Cannot use PKCE. Defaulting to token response_type", e);
            }
        }
        if (map != null) {
            for (Map.Entry<String, Object> entry : map.entrySet()) {
                Object value = entry.getValue();
                if (value != null) {
                    hashMap.put(entry.getKey(), value.toString());
                }
            }
        }
        if (str2 != null) {
            hashMap.put(CONNECTION_KEY, str2);
        }
        hashMap.put(CLIENT_ID_KEY, this.clientId);
        Log.d(TAG, "Redirect Uri: " + format);
        hashMap.put(REDIRECT_URI_KEY, format);
        Uri.Builder buildUpon = parse.buildUpon();
        for (Map.Entry entry2 : hashMap.entrySet()) {
            buildUpon.appendQueryParameter((String) entry2.getKey(), (String) entry2.getValue());
        }
        return buildUpon.build();
    }

    private boolean shouldUsePKCE() {
        return this.apiClient != null && PKCE.isAvailable();
    }

    private void startAuthorization(Activity activity, Uri uri, String str) {
        Log.i(TAG, "Start authorization called with uri: " + uri);
        if (!this.useWebView) {
            activity.startActivity(new Intent("android.intent.action.VIEW", uri));
            return;
        }
        Intent intent = new Intent(activity, (Class<?>) WebViewActivity.class);
        intent.setData(uri);
        if (str != null) {
            intent.putExtra(WebViewActivity.SERVICE_NAME_EXTRA, str);
        }
        activity.startActivityForResult(intent, IdentityProvider.WEBVIEW_AUTH_REQUEST_CODE);
    }

    @Override // com.auth0.identity.IdentityProvider
    public boolean authorize(Activity activity, int i, int i2, Intent intent) {
        Uri data = intent != null ? intent.getData() : null;
        Log.v(TAG, "Authenticating with webflow with data " + data);
        boolean z = i == 500 && i2 == -1 && data != null;
        if (z) {
            Map<String, String> valuesFromUri = this.parser.getValuesFromUri(data);
            if (valuesFromUri.containsKey("error")) {
                this.callback.onFailure(R.string.com_auth0_social_error_title, "access_denied".equalsIgnoreCase(valuesFromUri.get("error")) ? R.string.com_auth0_social_access_denied_message : R.string.com_auth0_social_error_message, null);
            } else if (valuesFromUri.size() > 0) {
                Log.d(TAG, "Authenticated using web flow");
                if (shouldUsePKCE()) {
                    this.pkce.getToken(valuesFromUri.get("code"), this.callback);
                } else {
                    this.callback.onSuccess(new Token(valuesFromUri.get("id_token"), valuesFromUri.get(ACCESS_TOKEN_KEY), valuesFromUri.get(TOKEN_TYPE_KEY), valuesFromUri.get("refresh_token")));
                }
            }
        }
        return z;
    }

    @Override // com.auth0.identity.IdentityProvider
    public void clearSession() {
        this.pkce = null;
    }

    public void setAPIClient(AuthenticationAPIClient authenticationAPIClient) {
        this.apiClient = authenticationAPIClient;
    }

    @Override // com.auth0.identity.IdentityProvider
    public void setCallback(IdentityProviderCallback identityProviderCallback) {
        this.callback = identityProviderCallback;
    }

    public void setClientInfo(String str) {
        this.clientInfo = str;
    }

    public void setParameters(Map<String, Object> map) {
        this.parameters = map != null ? new HashMap(map) : new HashMap();
    }

    public void setUseWebView(boolean z) {
        this.useWebView = z;
    }

    public void start(Activity activity) {
        startAuthorization(activity, buildAuthorizeUri(this.authorizeUrl, null, this.parameters), null);
    }

    @Override // com.auth0.identity.IdentityProvider
    public void start(Activity activity, IdentityProviderRequest identityProviderRequest, Application application) {
        ParameterBuilder newBuilder = ParameterBuilder.newBuilder(this.parameters);
        String username = identityProviderRequest.getUsername();
        if (username != null) {
            int indexOf = username.indexOf("@");
            newBuilder.set(LOGIN_HINT_KEY, indexOf < 0 ? username : username.substring(0, indexOf));
        }
        String serviceName = identityProviderRequest.getServiceName();
        startAuthorization(activity, buildAuthorizeUri(this.authorizeUrl, serviceName, newBuilder.asDictionary()), serviceName);
    }

    @Override // com.auth0.identity.IdentityProvider
    public void start(Activity activity, String str) {
        if (this.authorizeUrl != null) {
            startAuthorization(activity, buildAuthorizeUri(this.authorizeUrl, str, this.parameters), str);
        } else if (this.callback != null) {
            this.callback.onFailure(R.string.com_auth0_social_error_title, R.string.com_auth0_social_invalid_authorize_url, null);
        } else {
            Log.w(TAG, "No callback set for web IdP authenticator");
        }
    }

    @Override // com.auth0.identity.IdentityProvider
    public void stop() {
    }
}
