package com.zocdoc.android.sso.cognito;

import android.app.Activity;
import android.content.ComponentName;
import android.content.Context;
import android.content.Intent;
import android.net.Uri;
import android.os.Handler;
import android.os.RemoteException;
import android.text.TextUtils;
import android.util.Base64;
import androidx.browser.customtabs.CustomTabsClient;
import androidx.browser.customtabs.CustomTabsIntent;
import androidx.browser.customtabs.CustomTabsServiceConnection;
import androidx.browser.customtabs.CustomTabsSession;
import androidx.core.content.ContextCompat;
import com.amazonaws.cognito.clientcontext.data.ConfigurationConstant;
import com.amazonaws.cognito.clientcontext.data.UserContextDataProvider;
import com.amazonaws.internal.keyvaluestore.AWSKeyValueStore;
import com.amazonaws.mobileconnectors.cognitoauth.AuthUserSession;
import com.amazonaws.mobileconnectors.cognitoauth.activities.CustomTabsManagerActivity;
import com.amazonaws.mobileconnectors.cognitoauth.exceptions.AuthInvalidGrantException;
import com.amazonaws.mobileconnectors.cognitoauth.exceptions.AuthInvalidParameterException;
import com.amazonaws.mobileconnectors.cognitoauth.handlers.AuthHandler;
import com.amazonaws.mobileconnectors.cognitoauth.tokens.AccessToken;
import com.amazonaws.mobileconnectors.cognitoauth.tokens.IdToken;
import com.amazonaws.mobileconnectors.cognitoauth.tokens.RefreshToken;
import com.amazonaws.mobileconnectors.cognitoauth.util.AuthHttpClient;
import com.amazonaws.mobileconnectors.cognitoauth.util.AuthHttpResponseParser;
import com.amazonaws.mobileconnectors.cognitoauth.util.JWTParser;
import com.amazonaws.mobileconnectors.cognitoauth.util.LocalDataManager;
import com.google.api.client.http.UrlEncodedParser;
import com.google.common.primitives.Ints;
import com.zocdoc.android.analytics.Analytics;
import com.zocdoc.android.analytics.model.GaConstants;
import com.zocdoc.android.customtabs.CustomTabsHelper;
import com.zocdoc.android.exception.CustomTabsException;
import com.zocdoc.android.login.LoginActivity;
import com.zocdoc.android.mparticle.MPConstants;
import com.zocdoc.android.oauth2.OAuth2ClientConstants;
import com.zocdoc.android.sso.cognito.SocialAuthClient;
import com.zocdoc.android.sso.model.SsoProviderType;
import java.net.URL;
import java.nio.charset.Charset;
import java.security.InvalidParameterException;
import java.security.MessageDigest;
import java.security.SecureRandom;
import java.util.Date;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Locale;
import java.util.Set;
import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;
import l7.c;
import l7.d;
import org.json.JSONObject;

/* loaded from: classes3.dex */
public class SocialAuthClient {
    public static final int CUSTOM_TABS_ACTIVITY_CODE = 49281;

    /* renamed from: a, reason: collision with root package name */
    public final Context f17821a;
    public final CognitoSocialAuth b;

    /* renamed from: c, reason: collision with root package name */
    public String f17822c = null;

    /* renamed from: d, reason: collision with root package name */
    public String f17823d;
    public String e;
    public String f;

    /* renamed from: g, reason: collision with root package name */
    public AuthHandler f17824g;

    /* renamed from: h, reason: collision with root package name */
    public CustomTabsClient f17825h;

    /* renamed from: i, reason: collision with root package name */
    public CustomTabsSession f17826i;
    public CustomTabsIntent j;

    /* renamed from: com.zocdoc.android.sso.cognito.SocialAuthClient$2, reason: invalid class name */
    /* loaded from: classes3.dex */
    class AnonymousClass2 implements Runnable {

        /* renamed from: d, reason: collision with root package name */
        public final Handler f17830d;
        public Runnable e;
        public final /* synthetic */ String f;

        /* renamed from: g, reason: collision with root package name */
        public final /* synthetic */ AuthUserSession f17831g;

        /* renamed from: h, reason: collision with root package name */
        public final /* synthetic */ AuthHandler f17832h;

        /* renamed from: i, reason: collision with root package name */
        public final /* synthetic */ boolean f17833i = true;
        public final /* synthetic */ Activity j;

        /* renamed from: k, reason: collision with root package name */
        public final /* synthetic */ Set f17834k;
        public final /* synthetic */ SsoProviderType l;

        /* renamed from: m, reason: collision with root package name */
        public final /* synthetic */ String f17835m;

        public AnonymousClass2(String str, AuthUserSession authUserSession, AuthHandler authHandler, Activity activity, Set set, SsoProviderType ssoProviderType, String str2) {
            this.f = str;
            this.f17831g = authUserSession;
            this.f17832h = authHandler;
            this.j = activity;
            this.f17834k = set;
            this.l = ssoProviderType;
            this.f17835m = str2;
            this.f17830d = new Handler(SocialAuthClient.this.f17821a.getMainLooper());
        }

        @Override // java.lang.Runnable
        public final void run() {
            AuthUserSession authUserSession;
            AccessToken accessToken;
            Object obj;
            String obj2;
            AuthHandler authHandler = this.f17832h;
            Uri.Builder scheme = new Uri.Builder().scheme("https");
            final SocialAuthClient socialAuthClient = SocialAuthClient.this;
            Uri build = scheme.authority(socialAuthClient.b.getAppWebDomain()).appendPath("oauth2").appendPath("token").build();
            new AuthHttpClient();
            HashMap a9 = SocialAuthClient.a(socialAuthClient);
            HashMap hashMap = new HashMap();
            hashMap.put("grant_type", "refresh_token");
            hashMap.put("redirect_uri", this.f);
            CognitoSocialAuth cognitoSocialAuth = socialAuthClient.b;
            hashMap.put("client_id", cognitoSocialAuth.getAppId());
            AuthUserSession authUserSession2 = this.f17831g;
            hashMap.put("refresh_token", authUserSession2.f5032c.f5034a);
            String c9 = socialAuthClient.c();
            if (c9 != null) {
                hashMap.put("userContextData", c9);
            }
            int i7 = 1;
            try {
                Analytics.INSTANCE.b(GaConstants.CATEGORY_AUTH, GaConstants.Actions.COGNITO_TOKEN_REFRESH);
                AuthUserSession a10 = AuthHttpResponseParser.a(AuthHttpClient.a(new URL(build.toString()), a9, hashMap));
                IdToken idToken = a10.f5031a;
                accessToken = a10.b;
                authUserSession = new AuthUserSession(idToken, accessToken, authUserSession2.f5032c);
            } catch (AuthInvalidGrantException e) {
                if (this.f17833i) {
                    final Activity activity = this.j;
                    final String str = this.f;
                    final Set set = this.f17834k;
                    final SsoProviderType ssoProviderType = this.l;
                    final String str2 = this.f17835m;
                    this.e = new Runnable() { // from class: l7.a
                        public final /* synthetic */ String e = GaConstants.Actions.COGNITO_TOKEN_REFRESH_LAUNCHED_WEBVIEW;

                        @Override // java.lang.Runnable
                        public final void run() {
                            SocialAuthClient socialAuthClient2 = socialAuthClient;
                            String str3 = str;
                            Set<String> set2 = set;
                            Activity activity2 = activity;
                            String str4 = str2;
                            SsoProviderType ssoProviderType2 = ssoProviderType;
                            String str5 = this.e;
                            if (str5 != null) {
                                socialAuthClient2.getClass();
                                Analytics.INSTANCE.b(GaConstants.CATEGORY_AUTH, str5);
                            }
                            socialAuthClient2.d(str3, set2, activity2, str4, ssoProviderType2);
                        }
                    };
                } else {
                    this.e = new a(this, e, i7);
                }
            } catch (Exception e9) {
                this.e = new d(authHandler, e9, i7);
            }
            if (accessToken != null) {
                try {
                    try {
                        obj = JWTParser.a(accessToken.f5034a).get("username");
                    } catch (Exception e10) {
                        throw new AuthInvalidParameterException("error while parsing JSON", e10);
                    }
                } catch (Exception unused) {
                }
                if (obj != null) {
                    obj2 = obj.toString();
                    LocalDataManager.a(cognitoSocialAuth.f, socialAuthClient.f17821a, cognitoSocialAuth.getAppId(), obj2, authUserSession, cognitoSocialAuth.getScopes());
                    this.e = new c(authHandler, authUserSession, i7);
                    this.f17830d.post(this.e);
                }
            }
            obj2 = null;
            LocalDataManager.a(cognitoSocialAuth.f, socialAuthClient.f17821a, cognitoSocialAuth.getAppId(), obj2, authUserSession, cognitoSocialAuth.getScopes());
            this.e = new c(authHandler, authUserSession, i7);
            this.f17830d.post(this.e);
        }
    }

    public SocialAuthClient(Context context, CognitoSocialAuth cognitoSocialAuth, String str) throws CustomTabsException {
        this.f17821a = context;
        this.b = cognitoSocialAuth;
        CustomTabsServiceConnection customTabsServiceConnection = new CustomTabsServiceConnection() { // from class: com.zocdoc.android.sso.cognito.SocialAuthClient.3
            @Override // androidx.browser.customtabs.CustomTabsServiceConnection
            public final void a(ComponentName componentName, CustomTabsClient customTabsClient) {
                SocialAuthClient socialAuthClient = SocialAuthClient.this;
                socialAuthClient.f17825h = customTabsClient;
                try {
                    customTabsClient.f729a.e();
                } catch (RemoteException unused) {
                }
                socialAuthClient.f17826i = socialAuthClient.f17825h.a();
            }

            @Override // android.content.ServiceConnection
            public final void onServiceDisconnected(ComponentName componentName) {
                SocialAuthClient.this.f17825h = null;
            }
        };
        if (str == null) {
            throw new CustomTabsException(new IllegalArgumentException("browser package is null"));
        }
        customTabsServiceConnection.f734a = context.getApplicationContext();
        Intent intent = new Intent("android.support.customtabs.action.CustomTabsService");
        if (!TextUtils.isEmpty(str)) {
            intent.setPackage(str);
        }
        context.bindService(intent, customTabsServiceConnection, 33);
    }

    public static HashMap a(SocialAuthClient socialAuthClient) {
        socialAuthClient.getClass();
        HashMap hashMap = new HashMap();
        hashMap.put("Content-Type", UrlEncodedParser.CONTENT_TYPE);
        CognitoSocialAuth cognitoSocialAuth = socialAuthClient.b;
        if (cognitoSocialAuth.getAppSecret() != null) {
            StringBuilder sb = new StringBuilder("Basic ");
            String str = cognitoSocialAuth.getAppId() + ":" + cognitoSocialAuth.getAppSecret();
            sb.append(str == null ? null : Base64.encodeToString(str.getBytes(Charset.forName("ISO-8859-1")), 3));
            hashMap.put("Authorization", sb.toString());
        }
        return hashMap;
    }

    public final void b(Activity activity, String str, SsoProviderType ssoProviderType) {
        String str2;
        boolean z8 = false;
        try {
            byte[] bArr = new byte[32];
            new SecureRandom().nextBytes(bArr);
            String encodeToString = Base64.encodeToString(bArr, 11);
            this.f17823d = encodeToString;
            try {
                byte[] bytes = encodeToString.getBytes("US-ASCII");
                MessageDigest messageDigest = MessageDigest.getInstance("SHA-256");
                messageDigest.update(bytes, 0, bytes.length);
                this.e = Base64.encodeToString(messageDigest.digest(), 11);
                byte[] bArr2 = new byte[32];
                new SecureRandom().nextBytes(bArr2);
                this.f = Base64.encodeToString(bArr2, 11);
            } catch (Exception e) {
                throw e;
            }
        } catch (Exception e9) {
            this.f17824g.onFailure(e9);
        }
        boolean z9 = activity instanceof LoginActivity;
        CognitoSocialAuth cognitoSocialAuth = this.b;
        if (z9) {
            d(cognitoSocialAuth.getSignInRedirectUri(), cognitoSocialAuth.getScopes(), activity, str, ssoProviderType);
            return;
        }
        AWSKeyValueStore aWSKeyValueStore = cognitoSocialAuth.f;
        String appId = cognitoSocialAuth.getAppId();
        String str3 = this.f17822c;
        Set<String> scopes = cognitoSocialAuth.getScopes();
        AuthUserSession authUserSession = new AuthUserSession(null, null, null);
        if (str3 != null) {
            if (this.f17821a == null || appId == null || appId.isEmpty()) {
                throw new InvalidParameterException("Application context, and application domain cannot be null");
            }
            Locale locale = Locale.US;
            String format = String.format(locale, "%s.%s.%s.%s", "CognitoIdentityProvider", appId, str3, "idToken");
            String format2 = String.format(locale, "%s.%s.%s.%s", "CognitoIdentityProvider", appId, str3, "accessToken");
            String format3 = String.format(locale, "%s.%s.%s.%s", "CognitoIdentityProvider", appId, str3, "refreshToken");
            try {
                if (LocalDataManager.b(aWSKeyValueStore.c(String.format(locale, "%s.%s.%s.%s", "CognitoIdentityProvider", appId, str3, "tokenScopes"))).equals(scopes)) {
                    authUserSession = new AuthUserSession(new IdToken(aWSKeyValueStore.c(format)), new AccessToken(aWSKeyValueStore.c(format2)), new RefreshToken(aWSKeyValueStore.c(format3)));
                }
            } catch (Exception unused) {
            }
        }
        AuthUserSession authUserSession2 = authUserSession;
        AccessToken accessToken = authUserSession2.b;
        if (accessToken != null && (str2 = accessToken.f5034a) != null) {
            try {
                long currentTimeMillis = System.currentTimeMillis();
                try {
                    try {
                        Object obj = JWTParser.a(str2).get("exp");
                        String obj2 = obj != null ? obj.toString() : null;
                        if ((obj2 == null ? null : new Date(Long.parseLong(obj2) * 1000)).getTime() - currentTimeMillis > 300000) {
                            z8 = true;
                        }
                    } catch (Exception e10) {
                        throw new AuthInvalidParameterException("error while parsing JSON", e10);
                    }
                } catch (Exception e11) {
                    throw e11;
                }
            } catch (Exception unused2) {
            }
        }
        if (z8) {
            this.f17824g.a(authUserSession2);
            return;
        }
        RefreshToken refreshToken = authUserSession2.f5032c;
        if (refreshToken == null || refreshToken.f5034a == null) {
            d(cognitoSocialAuth.getSignInRedirectUri(), cognitoSocialAuth.getScopes(), activity, str, ssoProviderType);
        } else {
            new Thread(new AnonymousClass2(cognitoSocialAuth.getSignInRedirectUri(), authUserSession2, this.f17824g, activity, cognitoSocialAuth.getScopes(), ssoProviderType, str)).start();
        }
    }

    public final String c() {
        String str;
        CognitoSocialAuth cognitoSocialAuth = this.b;
        if (cognitoSocialAuth.f17802g) {
            UserContextDataProvider a9 = UserContextDataProvider.a();
            Context context = this.f17821a;
            String str2 = this.f17822c;
            String userPoolId = cognitoSocialAuth.getUserPoolId();
            String appId = cognitoSocialAuth.getAppId();
            a9.getClass();
            new JSONObject();
            try {
                HashMap a10 = a9.f5018a.a(context);
                JSONObject jSONObject = new JSONObject();
                jSONObject.put("contextData", new JSONObject(a10));
                jSONObject.put("username", str2);
                jSONObject.put("userPoolId", userPoolId);
                jSONObject.put("timestamp", String.valueOf(System.currentTimeMillis()));
                String jSONObject2 = jSONObject.toString();
                a9.b.getClass();
                try {
                    Mac mac = Mac.getInstance("HmacSHA256");
                    Charset charset = ConfigurationConstant.f5017a;
                    mac.init(new SecretKeySpec(appId.getBytes(charset), "HmacSHA256"));
                    mac.update("ANDROID20171114".getBytes(charset));
                    str = Base64.encodeToString(mac.doFinal(jSONObject2.getBytes(charset)), 0);
                } catch (Exception unused) {
                    str = "";
                }
                JSONObject jSONObject3 = new JSONObject();
                jSONObject3.put("payload", jSONObject2);
                jSONObject3.put("signature", str);
                jSONObject3.put("version", "ANDROID20171114");
                return Base64.encodeToString(jSONObject3.toString().getBytes(ConfigurationConstant.f5017a), 0);
            } catch (Exception unused2) {
            }
        }
        return null;
    }

    public final void d(String str, Set<String> set, Activity activity, String str2, SsoProviderType ssoProviderType) {
        Uri.Builder scheme = new Uri.Builder().scheme("https");
        CognitoSocialAuth cognitoSocialAuth = this.b;
        Uri.Builder appendQueryParameter = scheme.authority(cognitoSocialAuth.getAppWebDomain()).appendPath("oauth2").appendPath("authorize").appendQueryParameter("client_id", cognitoSocialAuth.getAppId()).appendQueryParameter("redirect_uri", str).appendQueryParameter("response_type", "code").appendQueryParameter("code_challenge", this.e).appendQueryParameter("code_challenge_method", "S256").appendQueryParameter(MPConstants.EventDetails.STATE, this.f).appendQueryParameter("userContextData", c()).appendQueryParameter(OAuth2ClientConstants.COGNITO_IDENTITY_PROVIDER_KEY, ssoProviderType.getValue());
        if (!TextUtils.isEmpty(cognitoSocialAuth.getIdentityProvider())) {
            appendQueryParameter.appendQueryParameter(OAuth2ClientConstants.COGNITO_IDENTITY_PROVIDER_KEY, cognitoSocialAuth.getIdentityProvider());
        }
        if (!TextUtils.isEmpty(cognitoSocialAuth.getIdpIdentifier())) {
            appendQueryParameter.appendQueryParameter("idp_identifier", cognitoSocialAuth.getIdpIdentifier());
        }
        int size = set.size();
        if (size > 0) {
            StringBuilder sb = new StringBuilder();
            Iterator<String> it = set.iterator();
            int i7 = 0;
            while (it.hasNext()) {
                sb.append(it.next());
                int i9 = i7 + 1;
                if (i7 < size - 1) {
                    sb.append(" ");
                }
                i7 = i9;
            }
            appendQueryParameter.appendQueryParameter("scope", sb.toString());
        }
        Uri build = appendQueryParameter.build();
        AWSKeyValueStore aWSKeyValueStore = cognitoSocialAuth.f;
        String str3 = this.f;
        try {
            aWSKeyValueStore.f(str3 + "code_challenge", this.f17823d);
            aWSKeyValueStore.f(str3 + "scope", LocalDataManager.c(set));
        } catch (Exception unused) {
        }
        try {
            this.j = new CustomTabsIntent.Builder(this.f17826i).a();
            if (cognitoSocialAuth.getCustomTabExtras() != null) {
                this.j.f730a.putExtras(cognitoSocialAuth.getCustomTabExtras());
            }
            Intent intent = this.j.f730a;
            if (str2 == null) {
                str2 = CustomTabsHelper.STABLE_PACKAGE;
            }
            intent.setPackage(str2);
            this.j.f730a.setData(build);
            Context context = this.f17821a;
            Intent intent2 = this.j.f730a;
            int i10 = CustomTabsManagerActivity.f;
            Intent intent3 = new Intent(context, (Class<?>) CustomTabsManagerActivity.class);
            intent3.putExtra("customTabsIntent", intent2);
            activity.startActivityForResult(intent3, CUSTOM_TABS_ACTIVITY_CODE);
        } catch (Exception e) {
            this.f17824g.onFailure(e);
        }
    }

    public final void e(String str) {
        CognitoSocialAuth cognitoSocialAuth = this.b;
        AWSKeyValueStore aWSKeyValueStore = cognitoSocialAuth.f;
        String appId = cognitoSocialAuth.getAppId();
        String str2 = this.f17822c;
        if (str2 != null) {
            Locale locale = Locale.US;
            String format = String.format(locale, "%s.%s.%s.%s", "CognitoIdentityProvider", appId, str2, "idToken");
            String format2 = String.format(locale, "%s.%s.%s.%s", "CognitoIdentityProvider", appId, str2, "accessToken");
            String format3 = String.format(locale, "%s.%s.%s.%s", "CognitoIdentityProvider", appId, str2, "refreshToken");
            String format4 = String.format(locale, "%s.%s.%s.%s", "CognitoIdentityProvider", appId, str2, "tokenType");
            String format5 = String.format(locale, "%s.%s.%s.%s", "CognitoIdentityProvider", appId, str2, "tokenScopes");
            String format6 = String.format(locale, "%s.%s.%s", "CognitoIdentityProvider", appId, "LastAuthUser");
            try {
                aWSKeyValueStore.g(format);
                aWSKeyValueStore.g(format2);
                aWSKeyValueStore.g(format3);
                aWSKeyValueStore.g(format4);
                aWSKeyValueStore.g(format5);
                aWSKeyValueStore.g(format6);
            } catch (Exception unused) {
            }
        }
        Uri build = new Uri.Builder().scheme("https").authority(cognitoSocialAuth.getAppWebDomain()).appendPath("logout").appendQueryParameter("client_id", cognitoSocialAuth.getAppId()).appendQueryParameter("logout_uri", cognitoSocialAuth.getSignOutRedirectUri()).build();
        try {
            this.j = new CustomTabsIntent.Builder(this.f17826i).a();
            if (cognitoSocialAuth.getCustomTabExtras() != null) {
                this.j.f730a.putExtras(cognitoSocialAuth.getCustomTabExtras());
            }
            this.j.f730a.setPackage(str != null ? str : CustomTabsHelper.STABLE_PACKAGE);
            this.j.f730a.addFlags(Ints.MAX_POWER_OF_TWO);
            this.j.f730a.addFlags(268435456);
            CustomTabsIntent customTabsIntent = this.j;
            Context context = this.f17821a;
            Intent intent = customTabsIntent.f730a;
            intent.setData(build);
            ContextCompat.j(context, intent, customTabsIntent.b);
        } catch (Exception e) {
            this.f17824g.onFailure(e);
        }
    }
}
