package com.tomtom.navcloud.common.iam;

import com.google.common.net.HttpHeaders;
import com.tomtom.mydrive.connections.connection.http.HttpHeader;
import com.tomtom.navcloud.common.HttpURLConnectionFactory;
import com.tomtom.navcloud.common.HttpUrlConnectionSupport;
import com.tomtom.navcloud.common.HttpsURLConnectionFactory;
import com.tomtom.navcloud.common.RetryableOperation;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
import java.io.OutputStream;
import java.io.UnsupportedEncodingException;
import java.net.HttpURLConnection;
import java.net.URL;
import java.net.URLEncoder;
import java.util.concurrent.Callable;
import java.util.concurrent.TimeUnit;
import javax.annotation.Nullable;
import javax.annotation.ParametersAreNonnullByDefault;
import javax.net.ssl.SSLSocketFactory;

@ParametersAreNonnullByDefault
/* loaded from: classes3.dex */
public class IamClient {
    private static final int DEFAULT_CONNECT_TIMEOUT_MILLIS = (int) TimeUnit.SECONDS.toMillis(15);
    private static final int DEFAULT_READ_TIMEOUT_MILLIS = (int) TimeUnit.SECONDS.toMillis(15);
    private IamHttpClient httpClient;
    private final IdentityProviderResponseParser responseParser;
    private final URL serverAccessTokenUrl;
    private final URL serverTokenInfoUrl;

    /* loaded from: classes3.dex */
    public static class IamHttpClient {
        private static final int REFRESH_RETRY_BACKOFF_INTERVAL = 5000;
        private final Base64Encoder base64Encoder;
        private final String clientId;
        private final String clientSecret;
        private final HttpURLConnectionFactory connectionFactory;

        public IamHttpClient(String str, String str2, Base64Encoder base64Encoder, @Nullable SSLSocketFactory sSLSocketFactory, boolean z) {
            this.clientId = str;
            this.clientSecret = str2;
            this.base64Encoder = base64Encoder;
            if (!z) {
                this.connectionFactory = HttpURLConnectionFactory.INSTANCE;
            } else {
                if (sSLSocketFactory == null) {
                    throw new IllegalArgumentException("A SSLSocketFactory must be passed for secure endpoints");
                }
                this.connectionFactory = new HttpsURLConnectionFactory(sSLSocketFactory);
            }
        }

        /* JADX INFO: Access modifiers changed from: private */
        public void setHeaders(HttpURLConnection httpURLConnection) throws IOException {
            httpURLConnection.setRequestProperty(HttpHeaders.AUTHORIZATION, String.format("Basic %s", this.base64Encoder.encode(String.format("%s:%s", this.clientId, this.clientSecret).getBytes("UTF-8"))));
            httpURLConnection.setRequestProperty("ContentType", HttpHeader.HTTP_CONTENTTYPE_FORMDATA);
            httpURLConnection.setRequestProperty(HttpHeaders.ACCEPT, "application/json");
        }

        public String retrieveResponse(final URL url, final String str, @Nullable final String str2) throws IOException, BadCredentialException, IamException {
            try {
                return (String) RetryableOperation.create(new Callable<String>() { // from class: com.tomtom.navcloud.common.iam.IamClient.IamHttpClient.1
                    @Override // java.util.concurrent.Callable
                    public String call() throws Exception {
                        OutputStream outputStream;
                        HttpURLConnection createConnection;
                        int retrieveResponseCode;
                        HttpURLConnection httpURLConnection = null;
                        r0 = null;
                        OutputStream outputStream2 = null;
                        try {
                            createConnection = IamHttpClient.this.connectionFactory.createConnection(url);
                            try {
                                createConnection.setRequestMethod(str);
                                if (str2 != null) {
                                    createConnection.setDoOutput(true);
                                }
                                createConnection.setConnectTimeout(IamClient.DEFAULT_CONNECT_TIMEOUT_MILLIS);
                                createConnection.setReadTimeout(IamClient.DEFAULT_READ_TIMEOUT_MILLIS);
                                IamHttpClient.this.setHeaders(createConnection);
                                if (str2 != null) {
                                    outputStream2 = createConnection.getOutputStream();
                                    outputStream2.write(str2.getBytes("UTF-8"));
                                }
                                retrieveResponseCode = HttpUrlConnectionSupport.retrieveResponseCode(createConnection);
                            } catch (Throwable th) {
                                th = th;
                                outputStream = outputStream2;
                                httpURLConnection = createConnection;
                            }
                        } catch (Throwable th2) {
                            th = th2;
                            outputStream = null;
                        }
                        if (retrieveResponseCode == 200) {
                            String urlConnectionToString = IamHttpClient.this.urlConnectionToString(createConnection);
                            if (createConnection != null) {
                                createConnection.disconnect();
                                if (outputStream2 != null) {
                                    outputStream2.close();
                                }
                            }
                            return urlConnectionToString;
                        }
                        if (retrieveResponseCode == 500 || retrieveResponseCode == 503) {
                            throw new IamException("Internal server error", retrieveResponseCode);
                        }
                        if (retrieveResponseCode == 400) {
                            try {
                                throw new BadCredentialException("Wrong credentials are provided: " + IamHttpClient.this.urlConnectionToString(createConnection, true));
                            } catch (IOException unused) {
                                throw new BadCredentialException("Wrong credentials are provided");
                            }
                        }
                        if (retrieveResponseCode != 401) {
                            throw new IamException("Unexpected response received", retrieveResponseCode);
                        }
                        try {
                            throw new BadCredentialException("Access Denied: " + IamHttpClient.this.urlConnectionToString(createConnection, true));
                        } catch (IOException unused2) {
                            throw new BadCredentialException("Access Denied. Cannot get message.");
                        }
                        th = th;
                        outputStream = outputStream2;
                        httpURLConnection = createConnection;
                        if (httpURLConnection != null) {
                            httpURLConnection.disconnect();
                            if (outputStream != null) {
                                outputStream.close();
                            }
                        }
                        throw th;
                    }
                }).withExponentialBackoff(REFRESH_RETRY_BACKOFF_INTERVAL).retry(3, IamException.class, IOException.class);
            } catch (BadCredentialException e) {
                throw e;
            } catch (IamException e2) {
                throw e2;
            } catch (IOException e3) {
                throw e3;
            } catch (Exception e4) {
                throw new RuntimeException(e4);
            }
        }

        protected String urlConnectionToString(HttpURLConnection httpURLConnection) throws IOException {
            return urlConnectionToString(httpURLConnection, false);
        }

        protected String urlConnectionToString(HttpURLConnection httpURLConnection, boolean z) throws IOException {
            BufferedReader bufferedReader;
            BufferedReader bufferedReader2 = null;
            try {
                bufferedReader = new BufferedReader(new InputStreamReader(z ? httpURLConnection.getErrorStream() : httpURLConnection.getInputStream(), "UTF-8"));
            } catch (Throwable th) {
                th = th;
            }
            try {
                StringBuilder sb = new StringBuilder();
                while (true) {
                    String readLine = bufferedReader.readLine();
                    if (readLine == null) {
                        String sb2 = sb.toString();
                        bufferedReader.close();
                        return sb2;
                    }
                    sb.append(readLine);
                }
            } catch (Throwable th2) {
                th = th2;
                bufferedReader2 = bufferedReader;
                if (bufferedReader2 != null) {
                    bufferedReader2.close();
                }
                throw th;
            }
        }
    }

    private IamClient(URL url, URL url2, String str, String str2, Base64Encoder base64Encoder, IdentityProviderResponseParser identityProviderResponseParser, @Nullable SSLSocketFactory sSLSocketFactory) {
        this.serverAccessTokenUrl = url;
        this.serverTokenInfoUrl = url2;
        this.responseParser = identityProviderResponseParser;
        this.httpClient = new IamHttpClient(str, str2, base64Encoder, sSLSocketFactory, HttpsURLConnectionFactory.isSecure(url));
    }

    public static IamClient create(URL url, URL url2, String str, String str2, Base64Encoder base64Encoder, IdentityProviderResponseParser identityProviderResponseParser, @Nullable SSLSocketFactory sSLSocketFactory) {
        return new IamClient(url, url2, str, str2, base64Encoder, identityProviderResponseParser, sSLSocketFactory);
    }

    public String getUserId(String str) throws IOException, BadCredentialException, IamException {
        return this.responseParser.getUserId(this.httpClient.retrieveResponse(new URL(this.serverTokenInfoUrl.toString() + "?access_token=" + str), HttpHeader.HTTP_METHOD_GET, null));
    }

    public IamToken logon(String str, String str2) throws IOException, BadCredentialException, IamException {
        try {
            return this.responseParser.getToken(this.httpClient.retrieveResponse(this.serverAccessTokenUrl, "POST", String.format("grant_type=password&username=%s&password=%s", URLEncoder.encode(str, "UTF-8"), URLEncoder.encode(str2, "UTF-8"))));
        } catch (UnsupportedEncodingException e) {
            throw new BadCredentialException(e.getMessage());
        }
    }

    public IamToken refreshAccessToken(String str) throws IOException, BadCredentialException, IamException {
        return this.responseParser.getToken(this.httpClient.retrieveResponse(this.serverAccessTokenUrl, "POST", String.format("grant_type=refresh_token&refresh_token=%s", str)));
    }
}
