package com.amazon.atozm.auth;

import android.app.Activity;
import android.content.ActivityNotFoundException;
import android.content.Intent;
import android.net.Uri;
import android.os.Bundle;
import android.util.Base64;
import android.view.View;
import android.widget.LinearLayout;
import androidx.appcompat.app.AppCompatActivity;
import com.amazon.atozm.LoadingFragment;
import com.amazon.atozm.MainActivity;
import com.amazon.atozm.MainApplication;
import com.amazon.atozm.config.AuthConfigJsonFile;
import com.amazon.atozm.exceptions.InvalidJsonConfiguration;
import com.amazon.atozm.logging.Logger;
import com.amazon.atozm.logging.LoggerContextKey;
import com.amazon.atozm.logging.StaticLogger;
import com.amazon.atozm.login.AccountSelectorActivity;
import com.amazon.atozm.login.BaseIdentityPickerFragment;
import com.amazon.atozm.login.ErrorModalFragment;
import com.amazon.atozm.login.IdentityPreference;
import com.amazon.atozm.login.IdentityPreferenceStore;
import com.amazon.atozm.login.LoginActivityProvider;
import com.amazon.atozm.login.LoginReasonHelper;
import com.amazon.atozm.metrics.ESSMDimension;
import com.amazon.atozm.metrics.ESSMMetric;
import com.amazon.atozm.metrics.Metrics;
import com.amazon.atozm.net.ConnectionMonitor;
import com.amazon.atozm.net.ConnectionMonitorProvider;
import com.amazon.atozm.utils.DemoModeManager;
import com.google.common.base.Strings;
import java.io.InterruptedIOException;
import java.security.SecureRandom;
import java.util.HashMap;
import java.util.Map;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.Executors;
import java.util.concurrent.atomic.AtomicInteger;
import net.openid.appauth.AuthorizationException;
import net.openid.appauth.AuthorizationRequest;
import net.openid.appauth.AuthorizationResponse;
import net.openid.appauth.AuthorizationService;
import net.openid.appauth.AuthorizationServiceConfiguration;
import net.openid.appauth.CodeVerifierUtil;
import net.openid.appauth.TokenRequest;
import net.openid.appauth.TokenResponse;

/* loaded from: classes.dex */
public final class AuthenticationActivity extends AppCompatActivity {
    public static final String APPAUTH_BROWSER_DISMISSED = "APPAUTH_BROWSER_DISMISSED";
    public static final String APP_KEY_PARAMETER = "appKey";
    public static final String AUTH_ERROR_EXTRA = "AUTH_ERROR";
    public static final String CHECK_SESSION_EXTRA = "checkSession";
    private static final String FEDERATE_RESPONDED_TO_AUTH_REQUEST = "success";
    private static final String INVALID_ID_TOKEN = "invalid_id_token";
    private static final Integer NONCE_LENGTH = 64;
    public static final String SET_DISPLAY_EXTRA = "setDisplay";
    private static final String TAG = "Authentication";
    private AuthenticationStateManager authenticationStateManager;
    private ExecutorService executorService;
    private ConnectionMonitor monitor;
    private final Logger logger = new Logger(TAG);
    private final Metrics metrics = Metrics.getInstance();
    private String username = null;
    private final IdentityPreferenceStore identityPreferenceStore = new IdentityPreferenceStore();

    static /* synthetic */ String access$300() {
        return generateNonce();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void exchangeAuthorizationCodeForTokens(final Activity activity) {
        try {
            AuthorizationServiceWrapper authorizationServiceWrapper = new AuthorizationServiceWrapper(activity, AuthConnectionBuilder.TOKEN_EXCHANGE_INSTANCE);
            try {
                String employeeIdFromIdToken = this.authenticationStateManager.getEmployeeIdFromIdToken();
                if (employeeIdFromIdToken != null) {
                    StaticLogger.putContext(LoggerContextKey.EMPLOYEE_ID, employeeIdFromIdToken);
                }
                TokenRequest tokenRequest = this.authenticationStateManager.getTokenRequest(null);
                final AtomicInteger atomicInteger = new AtomicInteger();
                boolean performTokenExchange = authorizationServiceWrapper.performTokenExchange(tokenRequest, new AuthorizationService.TokenResponseCallback() { // from class: com.amazon.atozm.auth.AuthenticationActivity.2
                    @Override // net.openid.appauth.AuthorizationService.TokenResponseCallback
                    public void onTokenRequestCompleted(TokenResponse tokenResponse, AuthorizationException authorizationException) {
                        if (authorizationException != null) {
                            AuthenticationActivity.this.logger.warn(String.format("Error during token exchange: %d %s", Integer.valueOf(authorizationException.code), authorizationException.error), authorizationException);
                            atomicInteger.set(authorizationException.code);
                        } else {
                            if (tokenResponse == null || tokenResponse.accessToken == null) {
                                return;
                            }
                            AuthenticationActivity.this.authenticationStateManager.applyTokenResponse(tokenResponse, authorizationException);
                            AuthenticationActivity.this.identityPreferenceStore.confirmIdentityPreference(activity);
                        }
                    }
                });
                boolean hasAuthenticated = this.authenticationStateManager.hasAuthenticated();
                if (!hasAuthenticated) {
                    int i = atomicInteger.get();
                    ESSMMetric eSSMMetric = ESSMMetric.LOGIN_FAILURE_REASON;
                    if (i != AuthorizationException.GeneralErrors.JSON_DESERIALIZATION_ERROR.code && i != AuthorizationException.GeneralErrors.SERVER_ERROR.code) {
                        if (i == AuthorizationException.GeneralErrors.NETWORK_ERROR.code) {
                            eSSMMetric.setMetricDimension(ESSMDimension.LOGIN_ERROR_NETWORK_FEDERATE);
                        } else if (i == AuthorizationException.GeneralErrors.ID_TOKEN_VALIDATION_ERROR.code) {
                            eSSMMetric.setMetricDimension(ESSMDimension.LOGIN_ERROR_CLIENT_ID_TOKEN);
                            activity.getIntent().putExtra(INVALID_ID_TOKEN, true);
                        }
                        this.metrics.logAndPut(eSSMMetric);
                    }
                    eSSMMetric.setMetricDimension(ESSMDimension.LOGIN_ERROR_SERVICE_FEDERATE);
                    this.metrics.logAndPut(eSSMMetric);
                }
                if (performTokenExchange) {
                    this.metrics.put(hasAuthenticated ? ESSMMetric.FEDERATE_GET_TOKENS_SUCCESS_RETRIED : ESSMMetric.FEDERATE_GET_TOKENS_FAILURE_RETRIED);
                }
                authorizationServiceWrapper.close();
            } finally {
            }
        } catch (Exception e) {
            if (isCausedBy(e, InterruptedException.class) || isCausedBy(e, InterruptedIOException.class)) {
                this.metrics.put(ESSMMetric.FEDERATE_GET_TOKENS_INTERRUPTED);
            }
            this.logger.warn("Failed to exchange authorization code for tokens", e);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void finishSuccessfully(Activity activity) {
        this.logger.info("Finishing login activity successfully");
        invokeMainActivity(activity, null);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void finishUnsuccessfully(Activity activity) {
        this.metrics.logAndPut(ESSMMetric.LOGIN_FAILURE);
        this.logger.info("Finishing login activity unsuccessfully");
        invokeMainActivity(activity, selectErrorType(activity.getIntent()));
    }

    private static String generateNonce() {
        return generateNonce(NONCE_LENGTH.intValue());
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static String generateNonce(int i) {
        byte[] bArr = new byte[i];
        new SecureRandom().nextBytes(bArr);
        return Base64.encodeToString(bArr, 11);
    }

    private void handleAppAuthCompletion(Intent intent) {
        this.metrics.put(ESSMMetric.LOGIN_APP_AUTH_COMPLETION);
        AuthorizationException fromIntent = AuthorizationException.fromIntent(intent);
        if (fromIntent != null) {
            this.logger.warn("Received an app auth error during authentication", fromIntent);
        }
        if (getIntent().hasExtra(BaseIdentityPickerFragment.USERNAME_EXTRA)) {
            this.username = getIntent().getStringExtra(BaseIdentityPickerFragment.USERNAME_EXTRA);
        }
        this.authenticationStateManager.applyAuthorizationCodeResponse(AuthorizationResponse.fromIntent(intent), fromIntent);
        if (this.authenticationStateManager.shouldExchangeCodeForTokens()) {
            this.logger.info("Returned to application from app-auth browser with an authorization code");
            this.executorService.execute(new Runnable() { // from class: com.amazon.atozm.auth.AuthenticationActivity.3
                @Override // java.lang.Runnable
                public void run() {
                    AuthenticationActivity.this.metrics.logAndPut(ESSMMetric.FEDERATE_GET_TOKENS_COUNT);
                    AuthenticationActivity.this.exchangeAuthorizationCodeForTokens(this);
                    AuthenticationActivity.this.metrics.put(ESSMMetric.FEDERATE_GET_TOKENS_SUCCESS);
                    if (!AuthenticationActivity.this.authenticationStateManager.hasAuthenticated()) {
                        AuthenticationActivity.this.logger.warn("Federate token exchange failed");
                        AuthenticationActivity.this.metrics.logAndPut(ESSMMetric.FEDERATE_GET_TOKENS_FAILURE);
                        AuthenticationActivity.this.finishUnsuccessfully(this);
                        return;
                    }
                    AuthenticationActivity.this.metrics.logAndPut(ESSMMetric.LOGIN_AUTHENTICATION_COMPLETED_COUNT);
                    AuthenticationActivity.this.metrics.logAndPut(new LoginReasonHelper().loginReason(AuthenticationActivity.this.authenticationStateManager.getEmployeeIdFromIdToken()));
                    IdentityPreference identityPreference = AuthenticationActivity.this.identityPreferenceStore.getIdentityPreference(MainApplication.getAppContext());
                    if (!(identityPreference != null && identityPreference.isDspAssociate()) && AuthenticationActivity.this.username != null && !AuthenticationActivity.this.username.isEmpty()) {
                        AccountSelector.getInstance().saveUserAlias(AuthenticationActivity.this.username);
                    }
                    AuthenticationActivity.this.finishSuccessfully(this);
                }
            });
        } else {
            this.logger.warn("Returned to application from app-auth browser flow without an authorization code");
            this.metrics.put(ESSMMetric.FEDERATE_CALLBACK_INVALID_COUNT);
            finishUnsuccessfully(this);
        }
    }

    private void handleLaunch(Intent intent) {
        if (shouldFinishImmediatelySinceLoggedIn() || DemoModeManager.getInstance().isDemoModeEnabled()) {
            finishSuccessfully(this);
            return;
        }
        this.executorService = Executors.newSingleThreadExecutor();
        if (intent.getBooleanExtra(FEDERATE_RESPONDED_TO_AUTH_REQUEST, false)) {
            this.authenticationStateManager.clearLoginTimeout();
            handleAppAuthCompletion(intent);
        } else {
            this.authenticationStateManager.resetState();
            this.metrics.emitLaunchMetric(new LoginReasonHelper().loginPromptReason());
            kickoffAuthorizationFlow(this);
        }
    }

    private void initView() {
        LinearLayout linearLayout = new LinearLayout(this);
        linearLayout.setId(View.generateViewId());
        setContentView(linearLayout);
        getSupportFragmentManager().beginTransaction().add(linearLayout.getId(), new LoadingFragment()).commit();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void invokeMainActivity(Activity activity, ErrorModalFragment.ErrorModalContent errorModalContent) {
        Intent intent = new Intent(activity, (Class<?>) MainActivity.class);
        intent.setFlags(67174400);
        if (errorModalContent != null) {
            intent.putExtra(AUTH_ERROR_EXTRA, errorModalContent.toString());
        }
        startActivity(intent);
        activity.finish();
    }

    /* JADX WARN: Code restructure failed: missing block: B:0:?, code lost:
    
        r2 = r2;
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private boolean isCausedBy(java.lang.Exception r2, java.lang.Class<? extends java.lang.Exception> r3) {
        /*
            r1 = this;
        L0:
            if (r2 == 0) goto Lf
            boolean r0 = r3.isInstance(r2)
            if (r0 == 0) goto La
            r2 = 1
            return r2
        La:
            java.lang.Throwable r2 = r2.getCause()
            goto L0
        Lf:
            r2 = 0
            return r2
        */
        throw new UnsupportedOperationException("Method not decompiled: com.amazon.atozm.auth.AuthenticationActivity.isCausedBy(java.lang.Exception, java.lang.Class):boolean");
    }

    private void kickoffAuthorizationFlow(final Activity activity) {
        if (getIntent().hasExtra(BaseIdentityPickerFragment.USERNAME_EXTRA)) {
            this.username = getIntent().getStringExtra(BaseIdentityPickerFragment.USERNAME_EXTRA);
        }
        this.executorService.execute(new Runnable() { // from class: com.amazon.atozm.auth.AuthenticationActivity.1
            @Override // java.lang.Runnable
            public void run() {
                try {
                    AuthorizationServiceWrapper authorizationServiceWrapper = new AuthorizationServiceWrapper(activity);
                    try {
                        String currentIdentityPreferenceConfigKey = AuthenticationActivity.this.identityPreferenceStore.getCurrentIdentityPreferenceConfigKey(activity);
                        AuthConfigJsonFile appConfiguration = AuthConfigReader.getAppConfiguration(currentIdentityPreferenceConfigKey, AuthenticationActivity.this.getResources());
                        AuthorizationServiceConfiguration serviceConfiguration = AuthConfigReader.getServiceConfiguration(currentIdentityPreferenceConfigKey, AuthenticationActivity.this.getResources());
                        if (serviceConfiguration == null) {
                            throw new InvalidJsonConfiguration("Configuration produced null openIdConfig");
                        }
                        HashMap hashMap = new HashMap();
                        if (!Strings.isNullOrEmpty(AuthenticationActivity.this.username)) {
                            hashMap.put(AuthorizationRequest.Prompt.LOGIN, Uri.encode(AuthenticationActivity.this.username));
                        }
                        if (IdentityPreference.HOURLY_ASSOCIATE_CONFIG.equals(currentIdentityPreferenceConfigKey)) {
                            AuthenticationActivity.this.putSessionParams(hashMap);
                        }
                        String clientIdPkce = appConfiguration.getClientIdPkce();
                        StaticLogger.putContext(LoggerContextKey.FEDERATE_CLIENT_ID, clientIdPkce);
                        AuthorizationRequest build = new AuthorizationRequest.Builder(serviceConfiguration, clientIdPkce, appConfiguration.getResponseType(), Uri.parse(appConfiguration.getRedirectUri())).setCodeVerifier(CodeVerifierUtil.generateRandomCodeVerifier()).setResponseMode(appConfiguration.getResponseMode()).setScopes(appConfiguration.getAuthorizationScope()).setNonce(AuthenticationActivity.access$300()).setAdditionalParameters(hashMap).setLoginHint(AuthenticationActivity.this.username).setDisplay(AuthenticationActivity.this.getIntent().getStringExtra(AuthenticationActivity.SET_DISPLAY_EXTRA)).build();
                        Intent intent = new Intent(activity, (Class<?>) AuthenticationActivity.class);
                        intent.addFlags(1073741824);
                        intent.putExtra(AuthenticationActivity.FEDERATE_RESPONDED_TO_AUTH_REQUEST, true);
                        intent.putExtra(BaseIdentityPickerFragment.USERNAME_EXTRA, AuthenticationActivity.this.username);
                        Intent intent2 = new Intent(activity, (Class<?>) (AuthenticationActivity.this.getIntent().getBooleanExtra(AccountSelectorActivity.ACCOUNT_SELECTOR_EXTRA, false) ? AccountSelectorActivity.class : LoginActivityProvider.getInitialLoginActivity(activity)));
                        intent2.addFlags(1140850688);
                        intent2.putExtra(AuthenticationActivity.APPAUTH_BROWSER_DISMISSED, true);
                        AuthenticationTimeoutHandler authenticationTimeoutHandler = new AuthenticationTimeoutHandler(AuthenticationActivity.class);
                        if (AuthenticationActivity.this.authenticationStateManager == null) {
                            AuthenticationActivity.this.authenticationStateManager = AuthenticationStateManager.getInstance(MainApplication.getAppContext());
                        }
                        AuthenticationActivity.this.authenticationStateManager.setTimeoutHandler(authenticationTimeoutHandler);
                        AuthenticationActivity.this.logger.info("Attempting to login");
                        AuthenticationActivity.this.metrics.logAndPut(ESSMMetric.LOGIN_AUTHORIZATION_REQUEST_COUNT);
                        authorizationServiceWrapper.performAuthorizationRequest(build, intent, intent2, authorizationServiceWrapper.prepareCustomTabs(build.toUri(), authenticationTimeoutHandler));
                        authorizationServiceWrapper.close();
                    } finally {
                    }
                } catch (ActivityNotFoundException e) {
                    AuthenticationActivity.this.logger.warn("Failed to open browser for authentication", e);
                    AuthenticationActivity.this.metrics.logAndPut(ESSMMetric.LOGIN_BROWSER_UNAVAILABLE_COUNT);
                    AuthenticationActivity.this.invokeMainActivity(activity, ErrorModalFragment.ErrorModalContent.NO_BROWSER);
                } catch (Exception e2) {
                    AuthenticationActivity.this.logger.warn("Failed to kickoff authorization flow", e2);
                    AuthenticationActivity.this.metrics.logAndPut(ESSMMetric.FEDERATE_AUTHORIZE_FAILURE);
                    AuthenticationActivity.this.finishUnsuccessfully(activity);
                }
            }
        });
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void putSessionParams(Map<String, String> map) {
        if (getIntent().getBooleanExtra(CHECK_SESSION_EXTRA, false)) {
            map.put(CHECK_SESSION_EXTRA, Boolean.toString(true));
        }
        if (this.authenticationStateManager == null) {
            this.authenticationStateManager = AuthenticationStateManager.getInstance(getApplicationContext());
        }
        String appKey = this.authenticationStateManager.getAppKey();
        if (Strings.isNullOrEmpty(appKey)) {
            return;
        }
        map.put(APP_KEY_PARAMETER, appKey);
    }

    private ErrorModalFragment.ErrorModalContent selectErrorType(Intent intent) {
        if (intent == null) {
            return null;
        }
        if (intent.getBooleanExtra(INVALID_ID_TOKEN, false)) {
            return ErrorModalFragment.ErrorModalContent.INVALID_ID_TOKEN;
        }
        if (intent.getBooleanExtra(FEDERATE_RESPONDED_TO_AUTH_REQUEST, false)) {
            return ErrorModalFragment.ErrorModalContent.GENERIC;
        }
        return null;
    }

    private boolean shouldFinishImmediatelySinceLoggedIn() {
        boolean hasAuthenticated = this.authenticationStateManager.hasAuthenticated();
        if (hasAuthenticated) {
            this.logger.info("Immediately finishing activity, already logged in");
        }
        return hasAuthenticated;
    }

    @Override // androidx.fragment.app.FragmentActivity, androidx.activity.ComponentActivity, androidx.core.app.ComponentActivity, android.app.Activity
    public void onCreate(Bundle bundle) {
        super.onCreate(bundle);
        initView();
        this.authenticationStateManager = AuthenticationStateManager.getInstance(MainApplication.getAppContext());
        this.monitor = ConnectionMonitorProvider.getInstance(MainApplication.getAppContext());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // androidx.appcompat.app.AppCompatActivity, androidx.fragment.app.FragmentActivity, android.app.Activity
    public void onDestroy() {
        super.onDestroy();
        this.monitor.stop();
        ExecutorService executorService = this.executorService;
        if (executorService == null || executorService.isShutdown()) {
            return;
        }
        this.executorService.shutdown();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // androidx.fragment.app.FragmentActivity, android.app.Activity
    public void onPause() {
        super.onPause();
        this.metrics.flush();
        this.logger.flush();
    }

    @Override // androidx.appcompat.app.AppCompatActivity, androidx.fragment.app.FragmentActivity, android.app.Activity
    public void onStart() {
        super.onStart();
        handleLaunch(getIntent());
        this.monitor.start();
    }
}
