package com.salesforce.androidsdk.auth;

import android.net.Uri;
import android.text.TextUtils;
import android.util.Log;
import com.salesforce.androidsdk.auth.HttpAccess;
import com.salesforce.salesforceremoteapi.Constants;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.net.URI;
import java.net.URISyntaxException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashMap;
import java.util.HashSet;
import java.util.List;
import java.util.Map;
import org.apache.http.HttpResponse;
import org.apache.http.NameValuePair;
import org.apache.http.client.entity.UrlEncodedFormEntity;
import org.apache.http.message.BasicNameValuePair;
import org.apache.http.util.EntityUtils;
import org.codehaus.jackson.util.MinimalPrettyPrinter;
import org.json.JSONException;
import org.json.JSONObject;

/* loaded from: classes.dex */
public class OAuth2 {
    private static final String ACCESS_TOKEN = "access_token";
    private static final String ACTIVATED_CLIENT_CODE = "activated_client_code";
    private static final String AND = "&";
    private static final String CLIENT_ID = "client_id";
    private static final String CODE = "code";
    private static final String CSRF_TOKEN = "csrf_token";
    private static final String CUSTOM_ATTRIBUTES = "custom_attributes";
    private static final String CUSTOM_PERMISSIONS = "custom_permissions";
    private static final String EQUAL = "=";
    private static final String ERROR = "error";
    private static final String ERROR_DESCRIPTION = "error_description";
    private static final String FORMAT = "format";
    private static final String GRANT_TYPE = "grant_type";
    private static final String ID = "id";
    private static final String INSTANCE_URL = "instance_url";
    private static final String JSON = "json";
    private static final String LIGHTNING_DOMAIN = "lightning_domain";
    private static final String LIGHTNING_SID = "lightning_sid";
    private static final String MOBILE_POLICY = "mobile_policy";
    private static final String OAUTH_AUTH_PATH = "/services/oauth2/authorize?display=";
    private static final String OAUTH_REVOKE_PATH = "/services/oauth2/revoke?token=";
    private static final String OAUTH_TOKEN_PATH = "/services/oauth2/token";
    private static final String PIN_LENGTH = "pin_length";
    private static final String REDIRECT_URI = "redirect_uri";
    private static final String REFRESH_TOKEN = "refresh_token";
    private static final String RESPONSE_TYPE = "response_type";
    private static final String SCOPE = "scope";
    private static final String SCREEN_LOCK = "screen_lock";
    private static final String SFDC_COMMUNITY_ID = "sfdc_community_id";
    private static final String SFDC_COMMUNITY_URL = "sfdc_community_url";
    private static final String TOKEN = "token";
    private static final String TOUCH = "touch";
    private static final String USERNAME = "username";

    /* loaded from: classes.dex */
    public static class AbstractResponse {
        protected JSONObject parseResponse(HttpResponse httpResponse) throws IOException, JSONException {
            return new JSONObject(EntityUtils.toString(httpResponse.getEntity(), "UTF-8"));
        }
    }

    /* loaded from: classes.dex */
    public static class IdServiceResponse extends AbstractResponse {
        public JSONObject customAttributes;
        public JSONObject customPermissions;
        public int pinLength;
        public int screenLockTimeout;
        public String username;

        public IdServiceResponse(HttpResponse httpResponse) {
            this.pinLength = -1;
            this.screenLockTimeout = -1;
            try {
                JSONObject parseResponse = parseResponse(httpResponse);
                this.username = parseResponse.getString("username");
                this.customAttributes = parseResponse.optJSONObject(OAuth2.CUSTOM_ATTRIBUTES);
                this.customPermissions = parseResponse.optJSONObject(OAuth2.CUSTOM_PERMISSIONS);
                if (parseResponse.has("mobile_policy")) {
                    this.pinLength = parseResponse.getJSONObject("mobile_policy").getInt(OAuth2.PIN_LENGTH);
                    this.screenLockTimeout = parseResponse.getJSONObject("mobile_policy").getInt("screen_lock");
                }
            } catch (Exception e) {
                Log.w("IdServiceResponse:constructor", "", e);
            }
        }
    }

    /* loaded from: classes.dex */
    public static class OAuthFailedException extends Exception {
        private static final long serialVersionUID = 1;
        final int httpStatusCode;
        final TokenErrorResponse response;

        OAuthFailedException(TokenErrorResponse tokenErrorResponse, int i) {
            super(tokenErrorResponse.toString());
            this.response = tokenErrorResponse;
            this.httpStatusCode = i;
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        public boolean isRefreshTokenInvalid() {
            return this.httpStatusCode == 401 || this.httpStatusCode == 403 || this.httpStatusCode == 400;
        }
    }

    /* loaded from: classes.dex */
    public static class TokenEndpointResponse extends AbstractResponse {
        public String authToken;
        public String code;
        public String communityId;
        public String communityUrl;
        public String csrfToken;
        public String idUrl;
        public String idUrlWithInstance;
        public String instanceUrl;
        public String lightningDomain;
        public String lightningSid;
        public String orgId;
        public String refreshToken;
        public String userId;

        public TokenEndpointResponse(Map<String, String> map) {
            try {
                this.authToken = map.get(OAuth2.ACCESS_TOKEN);
                this.refreshToken = map.get(OAuth2.REFRESH_TOKEN);
                this.instanceUrl = map.get(OAuth2.INSTANCE_URL);
                this.idUrl = map.get("id");
                this.code = map.get(OAuth2.CODE);
                computeOtherFields();
                this.communityId = map.get(OAuth2.SFDC_COMMUNITY_ID);
                this.communityUrl = map.get(OAuth2.SFDC_COMMUNITY_URL);
                this.csrfToken = map.get("csrf_token");
                this.lightningDomain = map.get("lightning_domain");
                this.lightningSid = map.get("lightning_sid");
            } catch (Exception e) {
                Log.w("TokenEndpointResponse:constructor", "", e);
            }
        }

        public TokenEndpointResponse(HttpResponse httpResponse) {
            try {
                JSONObject parseResponse = parseResponse(httpResponse);
                this.authToken = parseResponse.getString(OAuth2.ACCESS_TOKEN);
                this.instanceUrl = parseResponse.getString(OAuth2.INSTANCE_URL);
                this.idUrl = parseResponse.getString("id");
                computeOtherFields();
                if (parseResponse.has(OAuth2.REFRESH_TOKEN)) {
                    this.refreshToken = parseResponse.getString(OAuth2.REFRESH_TOKEN);
                }
                if (parseResponse.has(OAuth2.SFDC_COMMUNITY_ID)) {
                    this.communityId = parseResponse.getString(OAuth2.SFDC_COMMUNITY_ID);
                }
                if (parseResponse.has(OAuth2.SFDC_COMMUNITY_URL)) {
                    this.communityUrl = parseResponse.getString(OAuth2.SFDC_COMMUNITY_URL);
                }
                if (parseResponse.has("csrf_token")) {
                    this.csrfToken = parseResponse.getString("csrf_token");
                }
                if (parseResponse.has("lightning_domain")) {
                    this.lightningDomain = parseResponse.getString("lightning_domain");
                }
                if (parseResponse.has("lightning_sid")) {
                    this.lightningSid = parseResponse.getString("lightning_sid");
                }
            } catch (Exception e) {
                Log.w("TokenEndpointResponse:constructor", "", e);
            }
        }

        private void computeOtherFields() throws URISyntaxException {
            this.idUrlWithInstance = this.idUrl.replace(new URI(this.idUrl).getHost(), new URI(this.instanceUrl).getHost());
            String[] split = this.idUrl.split("/");
            this.userId = split[split.length - 1];
            this.orgId = split[split.length - 2];
        }
    }

    /* loaded from: classes.dex */
    public static class TokenErrorResponse extends AbstractResponse {
        public String error;
        public String errorDescription;

        public TokenErrorResponse(HttpResponse httpResponse) {
            try {
                JSONObject parseResponse = parseResponse(httpResponse);
                this.error = parseResponse.getString("error");
                this.errorDescription = parseResponse.getString(OAuth2.ERROR_DESCRIPTION);
            } catch (Exception e) {
                Log.w("TokenErrorResponse:constructor", "", e);
            }
        }

        public String toString() {
            return this.error + ":" + this.errorDescription;
        }
    }

    public static final IdServiceResponse callIdentityService(HttpAccess httpAccess, String str, String str2) throws IOException, URISyntaxException {
        HashMap hashMap = new HashMap();
        hashMap.put("Authorization", "Bearer " + str2);
        return new IdServiceResponse(httpAccess.doGet(hashMap, new URI(str)).response);
    }

    private static String computeScopeParameter(String[] strArr) {
        if (strArr == null) {
            strArr = new String[0];
        }
        HashSet hashSet = new HashSet(Arrays.asList(strArr));
        hashSet.add(REFRESH_TOKEN);
        return TextUtils.join(MinimalPrettyPrinter.DEFAULT_ROOT_VALUE_SEPARATOR, hashSet.toArray(new String[0]));
    }

    public static URI getAuthorizationUrl(URI uri, String str, String str2, String[] strArr) {
        return getAuthorizationUrl(uri, str, str2, strArr, null, null);
    }

    public static URI getAuthorizationUrl(URI uri, String str, String str2, String[] strArr, String str3) {
        return getAuthorizationUrl(uri, str, str2, strArr, str3, null);
    }

    public static URI getAuthorizationUrl(URI uri, String str, String str2, String[] strArr, String str3, String str4) {
        StringBuilder sb = new StringBuilder(uri.toString());
        StringBuilder append = sb.append(OAUTH_AUTH_PATH);
        if (str4 == null) {
            str4 = TOUCH;
        }
        append.append(str4);
        sb.append(AND).append(RESPONSE_TYPE).append(EQUAL).append(str3 == null ? TOKEN : ACTIVATED_CLIENT_CODE);
        sb.append(AND).append("client_id").append(EQUAL).append(Uri.encode(str));
        sb.append(AND).append("scope").append(EQUAL).append(Uri.encode(computeScopeParameter(strArr)));
        sb.append(AND).append(REDIRECT_URI).append(EQUAL).append(str2);
        return URI.create(sb.toString());
    }

    private static List<NameValuePair> makeTokenEndpointParams(String str, String str2, String str3) {
        ArrayList arrayList = new ArrayList();
        arrayList.add(new BasicNameValuePair("grant_type", str));
        arrayList.add(new BasicNameValuePair("client_id", str2));
        arrayList.add(new BasicNameValuePair("csrf_token", Boolean.TRUE.toString()));
        if (str3 != null) {
            arrayList.add(new BasicNameValuePair(Constants.CLIENT_SECRET, str3));
        }
        return arrayList;
    }

    private static TokenEndpointResponse makeTokenEndpointRequest(HttpAccess httpAccess, URI uri, List<NameValuePair> list) throws OAuthFailedException, IOException {
        try {
            HttpAccess.Execution doPost = httpAccess.doPost(null, new URI(uri.toString() + "/services/oauth2/token"), new UrlEncodedFormEntity(list, "UTF-8"));
            int statusCode = doPost.response.getStatusLine().getStatusCode();
            if (statusCode == 200) {
                return new TokenEndpointResponse(doPost.response);
            }
            throw new OAuthFailedException(new TokenErrorResponse(doPost.response), statusCode);
        } catch (UnsupportedEncodingException e) {
            throw new RuntimeException(e);
        } catch (URISyntaxException e2) {
            throw new RuntimeException(e2);
        }
    }

    public static TokenEndpointResponse refreshAuthToken(HttpAccess httpAccess, URI uri, String str, String str2) throws OAuthFailedException, IOException {
        return refreshAuthToken(httpAccess, uri, str, str2, null);
    }

    public static TokenEndpointResponse refreshAuthToken(HttpAccess httpAccess, URI uri, String str, String str2, String str3) throws OAuthFailedException, IOException {
        List<NameValuePair> makeTokenEndpointParams = makeTokenEndpointParams(REFRESH_TOKEN, str, str3);
        makeTokenEndpointParams.add(new BasicNameValuePair(REFRESH_TOKEN, str2));
        makeTokenEndpointParams.add(new BasicNameValuePair(FORMAT, "json"));
        return makeTokenEndpointRequest(httpAccess, uri, makeTokenEndpointParams);
    }

    public static void revokeRefreshToken(HttpAccess httpAccess, URI uri, String str, String str2) {
        try {
            httpAccess.doGet(null, URI.create(uri.toString() + OAUTH_REVOKE_PATH + Uri.encode(str2)));
        } catch (IOException e) {
            Log.w("OAuth2:revokeRefreshToken", e);
        }
    }

    public static TokenEndpointResponse swapAuthCodeForTokens(HttpAccess httpAccess, URI uri, String str, String str2, String str3, String str4) throws IOException, URISyntaxException, OAuthFailedException {
        List<NameValuePair> makeTokenEndpointParams = makeTokenEndpointParams("authorization_code", str3, str);
        makeTokenEndpointParams.add(new BasicNameValuePair(CODE, str2));
        makeTokenEndpointParams.add(new BasicNameValuePair(REDIRECT_URI, str4));
        return makeTokenEndpointRequest(httpAccess, uri, makeTokenEndpointParams);
    }
}
