package com.schneider.nativesso.accountmanager;

import android.accounts.Account;
import android.accounts.AccountAuthenticatorResponse;
import android.accounts.AccountManager;
import android.accounts.AccountManagerCallback;
import android.accounts.AccountManagerFuture;
import android.accounts.AuthenticatorException;
import android.accounts.OperationCanceledException;
import android.app.Activity;
import android.content.Context;
import android.content.pm.ApplicationInfo;
import android.content.pm.PackageManager;
import android.net.Uri;
import android.os.Bundle;
import android.os.Handler;
import android.text.TextUtils;
import android.util.Log;
import com.amazonaws.http.HttpHeader;
import com.schneider.nativesso.BaseCredential;
import com.schneider.nativesso.ClientCredential;
import com.schneider.nativesso.ClientEndpointsConfiguration;
import com.schneider.nativesso.SSOAuthStateToken;
import com.schneider.nativesso.SSOClientAuthentication;
import com.schneider.nativesso.TokenStorage;
import com.schneider.nativesso.accountmanager.Authenticator;
import com.schneider.nativesso.lollipopconnection.HttpClientHelper;
import com.se.module.seidms.R;
import com.se.module.seidms.helpers.SignatureHelper;
import com.se.module.seidms.profile.ProfileStorage;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import net.openid.appauth.AuthState;
import net.openid.appauth.AuthorizationException;
import net.openid.appauth.AuthorizationRequest;
import net.openid.appauth.AuthorizationResponse;
import net.openid.appauth.AuthorizationService;
import net.openid.appauth.AuthorizationServiceConfiguration;
import net.openid.appauth.ClientAuthentication;
import net.openid.appauth.TokenRequest;
import net.openid.appauth.TokenResponse;
import okhttp3.Call;
import okhttp3.Callback;
import okhttp3.MediaType;
import okhttp3.OkHttpClient;
import okhttp3.Request;
import okhttp3.RequestBody;
import okhttp3.Response;
import org.json.JSONException;
import org.json.JSONObject;

/* loaded from: classes3.dex */
public class AuthenticatorHelper {
    private static final String REDIRECT_ON_LOAD_KEY = "redirectOnLoad";
    private static final String SILENT_SSO_FAILED_ERROR = "SilentSSO request failed ";
    private static final String TAG = "AuthenticatorHelper";

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: com.schneider.nativesso.accountmanager.AuthenticatorHelper$2, reason: invalid class name */
    /* loaded from: classes3.dex */
    public static class AnonymousClass2 implements OnIPlanetDirectoryTokenReceivedCallback {
        final /* synthetic */ Activity val$activity;
        final /* synthetic */ AuthorizationRequest val$authRequest;
        final /* synthetic */ AuthorizationService val$authorizationService;
        final /* synthetic */ OnSilentSsoPerformedCallback val$callback;
        final /* synthetic */ BaseCredential val$clientCredential;
        final /* synthetic */ Context val$context;
        final /* synthetic */ ClientEndpointsConfiguration val$endpointsConfiguration;

        AnonymousClass2(OnSilentSsoPerformedCallback onSilentSsoPerformedCallback, AuthorizationService authorizationService, AuthorizationRequest authorizationRequest, BaseCredential baseCredential, ClientEndpointsConfiguration clientEndpointsConfiguration, Context context, Activity activity) {
            this.val$callback = onSilentSsoPerformedCallback;
            this.val$authorizationService = authorizationService;
            this.val$authRequest = authorizationRequest;
            this.val$clientCredential = baseCredential;
            this.val$endpointsConfiguration = clientEndpointsConfiguration;
            this.val$context = context;
            this.val$activity = activity;
        }

        @Override // com.schneider.nativesso.accountmanager.AuthenticatorHelper.OnIPlanetDirectoryTokenReceivedCallback
        public void onIPlanetDirectoryTokenReceived(String str, AuthorizationException authorizationException) {
            OnSilentSsoPerformedCallback onSilentSsoPerformedCallback;
            if (authorizationException == null || (onSilentSsoPerformedCallback = this.val$callback) == null) {
                AuthenticatorHelper.runChinaSilentSsoResponse(this.val$authorizationService, this.val$authRequest, str, this.val$clientCredential, new OnSilentSsoPerformedCallback() { // from class: com.schneider.nativesso.accountmanager.AuthenticatorHelper.2.1
                    @Override // com.schneider.nativesso.accountmanager.AuthenticatorHelper.OnSilentSsoPerformedCallback
                    public void onSilentSsoPerformed(final AuthState authState) {
                        AnonymousClass2.this.val$authorizationService.dispose();
                        if (authState.getAuthorizationException() == null) {
                            AuthenticatorHelper.createNewAccount(authState, AnonymousClass2.this.val$endpointsConfiguration, AnonymousClass2.this.val$clientCredential, AnonymousClass2.this.val$context, AnonymousClass2.this.val$activity, new OnAccountSavedCallback() { // from class: com.schneider.nativesso.accountmanager.AuthenticatorHelper.2.1.1
                                @Override // com.schneider.nativesso.accountmanager.AuthenticatorHelper.OnAccountSavedCallback
                                public void onAccountDenied() {
                                    if (AnonymousClass2.this.val$callback != null) {
                                        AnonymousClass2.this.val$callback.onSilentSsoPerformed(null);
                                    }
                                }

                                @Override // com.schneider.nativesso.accountmanager.AuthenticatorHelper.OnAccountSavedCallback
                                public void onAccountSaved() {
                                    if (AnonymousClass2.this.val$callback != null) {
                                        AnonymousClass2.this.val$callback.onSilentSsoPerformed(authState);
                                    }
                                }
                            });
                        }
                    }
                });
            } else {
                onSilentSsoPerformedCallback.onSilentSsoPerformed(AuthenticatorHelper.createAuthStateWithError(authorizationException));
            }
        }
    }

    /* loaded from: classes3.dex */
    public interface OnAccountSavedCallback {
        void onAccountDenied();

        void onAccountSaved();
    }

    /* loaded from: classes3.dex */
    public interface OnIPlanetDirectoryTokenReceivedCallback {
        void onIPlanetDirectoryTokenReceived(String str, AuthorizationException authorizationException);
    }

    /* loaded from: classes3.dex */
    public interface OnSilentSsoPerformedCallback {
        void onSilentSsoPerformed(AuthState authState);
    }

    public static SSOAuthStateToken authStateToSSOAuthState(Context context, AuthState authState) {
        if (authState.getAuthorizationException() != null) {
            return new SSOAuthStateToken(authState.getAuthorizationException());
        }
        SSOAuthStateToken sSOAuthStateToken = new SSOAuthStateToken(authState.getAccessToken(), authState.getIdToken(), authState.getRefreshToken());
        ProfileStorage.storeTokenIntoSharedPreferences(context, sSOAuthStateToken);
        String idToken = sSOAuthStateToken.getIdToken();
        if (idToken != null) {
            ProfileStorage.storeProfileIntoCIAMSharedPreferences(idToken, context);
        }
        return sSOAuthStateToken;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static void callSSORequest(final AuthorizationService authorizationService, final AuthorizationRequest authorizationRequest, final String str, final BaseCredential baseCredential, final OnSilentSsoPerformedCallback onSilentSsoPerformedCallback, Request request) {
        OkHttpClient defaultOkHttpClient = HttpClientHelper.getDefaultOkHttpClient();
        final String redirectUrl = baseCredential.getRedirectUrl();
        defaultOkHttpClient.newCall(request).enqueue(new Callback() { // from class: com.schneider.nativesso.accountmanager.AuthenticatorHelper.8
            @Override // okhttp3.Callback
            public void onFailure(Call call, IOException iOException) {
                Log.e(AuthenticatorHelper.TAG, "SilentSSO request failure: " + Arrays.toString(iOException.getStackTrace()));
                OnSilentSsoPerformedCallback.this.onSilentSsoPerformed(AuthenticatorHelper.createAuthStateWithError(new AuthorizationException(1, 0, AuthenticatorHelper.SILENT_SSO_FAILED_ERROR, iOException.getMessage(), null, null)));
            }

            @Override // okhttp3.Callback
            public void onResponse(Call call, Response response) throws IOException {
                try {
                    if (!response.isSuccessful()) {
                        OnSilentSsoPerformedCallback.this.onSilentSsoPerformed(AuthenticatorHelper.createAuthStateWithError(new AuthorizationException(1, response.code(), AuthenticatorHelper.SILENT_SSO_FAILED_ERROR, response.toString(), null, null)));
                        throw new IOException(AuthenticatorHelper.SILENT_SSO_FAILED_ERROR + response);
                    }
                    Log.d(AuthenticatorHelper.TAG, "SilentSSO response received");
                    String str2 = redirectUrl + "?[-a-zA-Z0-9+&@#/%?=~_|!:,.;]*[-a-zA-Z0-9+&@#/%=~_|]";
                    String string = response.body().string();
                    Log.d(AuthenticatorHelper.TAG, "body : " + string);
                    Matcher matcher = Pattern.compile(str2).matcher(string);
                    if (!matcher.find()) {
                        String sSOResponseRedirectUrl = AuthenticatorHelper.getSSOResponseRedirectUrl(string);
                        if (sSOResponseRedirectUrl != null) {
                            AuthenticatorHelper.callSSORequest(authorizationService, authorizationRequest, str, baseCredential, OnSilentSsoPerformedCallback.this, new Request.Builder().addHeader("Cookie", "sid=" + str).url(sSOResponseRedirectUrl).build());
                            return;
                        } else {
                            Log.d(AuthenticatorHelper.TAG, "Matches not found for redirectUri [" + redirectUrl + "] while Silent SSO in body:\n" + string);
                            OnSilentSsoPerformedCallback.this.onSilentSsoPerformed(AuthenticatorHelper.createAuthStateWithError(new AuthorizationException(1, 0, "Silent SSO failed Matches not found for redirectUri [" + redirectUrl + "] ", "Matches not found for redirectUri [" + redirectUrl + "] while Silent SSO in body:\n" + string, null, null)));
                            return;
                        }
                    }
                    Log.d(AuthenticatorHelper.TAG, "Silent SSO callback received");
                    String group = matcher.toMatchResult().group();
                    final AuthorizationResponse build = new AuthorizationResponse.Builder(authorizationRequest).fromUri(Uri.parse(group)).build();
                    if (build.authorizationCode == null) {
                        OnSilentSsoPerformedCallback.this.onSilentSsoPerformed(AuthenticatorHelper.createAuthStateWithError(new AuthorizationException(1, response.code(), AuthenticatorHelper.SILENT_SSO_FAILED_ERROR, build.additionalParameters.containsKey("error") ? build.additionalParameters.get("error") : response.toString(), null, null)));
                        throw new IOException(AuthenticatorHelper.SILENT_SSO_FAILED_ERROR + group);
                    }
                    ClientAuthentication clientAuthentication = SSOClientAuthentication.getClientAuthentication(baseCredential.getClientSecret(), baseCredential.getClientAuthenticationType());
                    TokenRequest removeScope = AuthenticatorHelper.removeScope(build.createTokenExchangeRequest(), authorizationRequest.configuration);
                    Log.d(AuthenticatorHelper.TAG, "clientAuth : " + clientAuthentication);
                    authorizationService.performTokenRequest(removeScope, clientAuthentication, new AuthorizationService.TokenResponseCallback() { // from class: com.schneider.nativesso.accountmanager.AuthenticatorHelper.8.1
                        @Override // net.openid.appauth.AuthorizationService.TokenResponseCallback
                        public void onTokenRequestCompleted(TokenResponse tokenResponse, AuthorizationException authorizationException) {
                            if (tokenResponse != null) {
                                Log.d(AuthenticatorHelper.TAG, "SilentSSO exchange token success: " + tokenResponse.accessToken);
                            } else {
                                Log.e(AuthenticatorHelper.TAG, "SilentSSO exchange token failed: " + Arrays.toString(authorizationException.getStackTrace()));
                            }
                            OnSilentSsoPerformedCallback.this.onSilentSsoPerformed(new AuthState(build, tokenResponse, authorizationException));
                        }
                    });
                } catch (Exception e) {
                    Log.e(AuthenticatorHelper.TAG, AuthenticatorHelper.SILENT_SSO_FAILED_ERROR + Arrays.toString(e.getStackTrace()));
                }
            }
        });
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static AuthState createAuthStateWithError(AuthorizationException authorizationException) {
        return new AuthState(null, authorizationException);
    }

    public static void createNewAccount(AuthState authState, ClientEndpointsConfiguration clientEndpointsConfiguration, BaseCredential baseCredential, Context context, Activity activity, final OnAccountSavedCallback onAccountSavedCallback) {
        AccountManager.get(context).addAccount(context.getString(R.string.seidms_account_type), authState.getLastAuthorizationResponse().request.clientId, null, getAddAccountBundle(clientEndpointsConfiguration, authState, baseCredential, activity), activity, new AccountManagerCallback<Bundle>() { // from class: com.schneider.nativesso.accountmanager.AuthenticatorHelper.1
            @Override // android.accounts.AccountManagerCallback
            public void run(AccountManagerFuture<Bundle> accountManagerFuture) {
                try {
                    accountManagerFuture.getResult();
                    OnAccountSavedCallback.this.onAccountSaved();
                } catch (AuthenticatorException e) {
                    e = e;
                    Log.e(AuthenticatorHelper.TAG, "Failed to create new account for the account manager" + Arrays.toString(e.getStackTrace()));
                } catch (OperationCanceledException e2) {
                    OnAccountSavedCallback.this.onAccountDenied();
                    Log.e(AuthenticatorHelper.TAG, "Failed to create new account for the account manager" + Arrays.toString(e2.getStackTrace()));
                } catch (IOException e3) {
                    e = e3;
                    Log.e(AuthenticatorHelper.TAG, "Failed to create new account for the account manager" + Arrays.toString(e.getStackTrace()));
                }
            }
        }, new Handler());
    }

    public static Account getAccount(Context context) {
        Account[] accountsByType = AccountManager.get(context).getAccountsByType(context.getString(R.string.seidms_account_type));
        if (accountsByType.length != 0) {
            return accountsByType[0];
        }
        return null;
    }

    public static Bundle getAddAccountBundle(ClientEndpointsConfiguration clientEndpointsConfiguration, AuthState authState, BaseCredential baseCredential, Context context) {
        Bundle bundle = new Bundle();
        bundle.putString(Authenticator.KEY_CLIENT_AUTH_STATE, authState.jsonSerializeString());
        bundle.putString(Authenticator.KEY_CLIENT_ENDPOINTS, clientEndpointsConfiguration.jsonSerialize().toString());
        bundle.putString("KEY_OPTIONS_CLIENT_CREDENTIALS", baseCredential.jsonSerialize().toString());
        bundle.putString(Authenticator.KEY_OPTION_SECURITY, Authenticator.KEY_OPTION_SECURITY_SAFE);
        bundle.putStringArrayList("KEY_SIGNATURES", new ArrayList<>(SignatureHelper.INSTANCE.getApplicationSignature(context.getPackageName(), context)));
        bundle.putString("EXTRA_CLIENT_APP_NAME", getClientAppName(context));
        return bundle;
    }

    public static AccountManagerData getAuthState(Account account, String str, AccountManager accountManager, Boolean bool) {
        Log.d(TAG, "getAuthState using authState String provided");
        String userData = accountManager.getUserData(account, str);
        if (!bool.booleanValue() || !TextUtils.isEmpty(userData)) {
            return new AccountManagerData(userData, null, str, null);
        }
        Log.d(TAG, "no authState String found for " + str + ", try to use tokenStorage");
        try {
            TokenStorage jsonDeserialize = TokenStorage.jsonDeserialize(accountManager.getUserData(account, "KEY_TOKEN_STORAGE"));
            String firstStoredClientId = jsonDeserialize.getFirstStoredClientId();
            String str2 = jsonDeserialize.getTokensMap().get(firstStoredClientId + "_KEY_OPTIONS_CLIENT_CREDENTIALS");
            Log.d(TAG, "Token storage user data found, client ID : " + firstStoredClientId);
            return new AccountManagerData(accountManager.getUserData(account, firstStoredClientId), null, firstStoredClientId, str2);
        } catch (JSONException e) {
            Log.e(TAG, "getAuthState : Application is not authorized" + e);
            return null;
        }
    }

    public static String getAuthToken(Account account, String str, AccountManager accountManager, Boolean bool) {
        Log.d(TAG, "get AuthToken using authTokenType provided");
        String peekAuthToken = accountManager.peekAuthToken(account, str);
        if (!bool.booleanValue() || !TextUtils.isEmpty(peekAuthToken)) {
            return peekAuthToken;
        }
        Log.d(TAG, "no AuthToken found for " + str + ", try to use tokenStorage");
        try {
            String firstStoredClientId = TokenStorage.jsonDeserialize(accountManager.getUserData(account, "KEY_TOKEN_STORAGE")).getFirstStoredClientId();
            Log.d(TAG, "Token storage user data found, client ID : " + firstStoredClientId);
            return accountManager.peekAuthToken(account, firstStoredClientId);
        } catch (JSONException e) {
            Log.e(TAG, "getAuthToken : Application is not authorized" + e);
            return peekAuthToken;
        }
    }

    private static String getClientAppName(Context context) {
        ApplicationInfo applicationInfo;
        PackageManager packageManager = context.getPackageManager();
        try {
            applicationInfo = packageManager.getApplicationInfo(context.getPackageName(), 0);
        } catch (PackageManager.NameNotFoundException unused) {
            applicationInfo = null;
        }
        return (String) (applicationInfo != null ? packageManager.getApplicationLabel(applicationInfo) : "this application");
    }

    public static void getIPlanetDirectoryPro(String str, String str2, final OnIPlanetDirectoryTokenReceivedCallback onIPlanetDirectoryTokenReceivedCallback) {
        HttpClientHelper.getDefaultOkHttpClient().newCall(new Request.Builder().method("POST", RequestBody.create((MediaType) null, new byte[0])).addHeader(HttpHeader.CONTENT_LENGTH, "0").addHeader("Authorization", "Bearer " + str2).url(str + "/services/apexrest/oauth2iplanet").build()).enqueue(new Callback() { // from class: com.schneider.nativesso.accountmanager.AuthenticatorHelper.4
            @Override // okhttp3.Callback
            public void onFailure(Call call, IOException iOException) {
                OnIPlanetDirectoryTokenReceivedCallback.this.onIPlanetDirectoryTokenReceived(null, new AuthorizationException(1, 0, "Error while exchanging access the token to iPlanetDirectoryPro", iOException.getMessage(), null, iOException));
            }

            @Override // okhttp3.Callback
            public void onResponse(Call call, Response response) {
                try {
                    OnIPlanetDirectoryTokenReceivedCallback.this.onIPlanetDirectoryTokenReceived(new JSONObject(response.body().string()).getString("iPlanetDirectoryPro"), null);
                } catch (IOException | JSONException e) {
                    OnIPlanetDirectoryTokenReceivedCallback.this.onIPlanetDirectoryTokenReceived(null, new AuthorizationException(1, 0, "Error while exchanging access the token to iPlanetDirectoryPro", e.getMessage(), null, e));
                }
            }
        });
    }

    public static Bundle getLogoutBundle(Context context) {
        Bundle bundle = new Bundle();
        bundle.putInt("KEY_OPTION_ACTION", 4);
        bundle.putString(Authenticator.KEY_OPTION_SECURITY, Authenticator.KEY_OPTION_SECURITY_SAFE);
        bundle.putStringArrayList("KEY_SIGNATURES", new ArrayList<>(SignatureHelper.INSTANCE.getApplicationSignature(context.getPackageName(), context)));
        bundle.putString("EXTRA_CLIENT_APP_NAME", getClientAppName(context));
        return bundle;
    }

    public static Bundle getRefreshTokenBundle(ClientCredential clientCredential, Context context) {
        Bundle bundle = new Bundle();
        bundle.putInt("KEY_OPTION_ACTION", 2);
        bundle.putString("KEY_OPTIONS_CLIENT_CREDENTIALS", clientCredential.jsonSerialize().toString());
        bundle.putString(Authenticator.KEY_OPTION_SECURITY, Authenticator.KEY_OPTION_SECURITY_SAFE);
        bundle.putStringArrayList("KEY_SIGNATURES", new ArrayList<>(SignatureHelper.INSTANCE.getApplicationSignature(context.getPackageName(), context)));
        bundle.putString("EXTRA_CLIENT_APP_NAME", getClientAppName(context));
        return bundle;
    }

    public static String getSSOResponseRedirectUrl(String str) {
        if (str != null && str.contains(REDIRECT_ON_LOAD_KEY)) {
            Log.d(TAG, "getSSOResponseRedirectUrl body : " + str);
            Matcher matcher = Pattern.compile("window.location.replace\\('*(.*)'\\);").matcher(str);
            if (matcher.find()) {
                return matcher.toMatchResult().group(1);
            }
        }
        return null;
    }

    public static Bundle getSilentSsoBundle(ClientCredential clientCredential, Context context) {
        Bundle bundle = new Bundle();
        bundle.putString("KEY_OPTIONS_CLIENT_CREDENTIALS", clientCredential.jsonSerialize().toString());
        bundle.putString(Authenticator.KEY_OPTION_SECURITY, Authenticator.KEY_OPTION_SECURITY_SAFE);
        bundle.putString("EXTRA_CLIENT_APP_NAME", getClientAppName(context));
        bundle.putStringArrayList("KEY_SIGNATURES", new ArrayList<>(SignatureHelper.INSTANCE.getApplicationSignature(context.getPackageName(), context)));
        return bundle;
    }

    public static Bundle getTokenBundle(Context context) {
        Bundle bundle = new Bundle();
        bundle.putInt("KEY_OPTION_ACTION", 3);
        bundle.putString(Authenticator.KEY_OPTION_SECURITY, Authenticator.KEY_OPTION_SECURITY_SAFE);
        bundle.putString("EXTRA_CLIENT_APP_NAME", getClientAppName(context));
        bundle.putStringArrayList("KEY_SIGNATURES", new ArrayList<>(SignatureHelper.INSTANCE.getApplicationSignature(context.getPackageName(), context)));
        return bundle;
    }

    public static Bundle getTokenFromAccountManager(Account account, String str, String str2, AccountManager accountManager, Boolean bool) {
        Bundle bundle;
        Log.d(TAG, "getTokenFromAccountManager ");
        String authToken = getAuthToken(account, str, accountManager, bool);
        String str3 = getAuthState(account, str, accountManager, bool).authState;
        if (TextUtils.isEmpty(str3)) {
            bundle = null;
        } else {
            bundle = new Bundle();
            bundle.putString("authAccount", account.name);
            bundle.putString("accountType", account.type);
            bundle.putString("authtoken", authToken);
            bundle.putString(Authenticator.KEY_CLIENT_AUTH_STATE, str3);
            bundle.putString(Authenticator.KEY_CLIENT_ENDPOINTS, str2);
        }
        Log.d(TAG, "getTokenFromAccountManager complete");
        return bundle;
    }

    public static void performSilentSSOAndSaveAccount(String str, final BaseCredential baseCredential, final ClientEndpointsConfiguration clientEndpointsConfiguration, final Context context, final Activity activity, final OnSilentSsoPerformedCallback onSilentSsoPerformedCallback) {
        AuthorizationRequest.Builder builder = new AuthorizationRequest.Builder(new AuthorizationServiceConfiguration(Uri.parse(clientEndpointsConfiguration.getAuthorizationEndpoint()), Uri.parse(clientEndpointsConfiguration.getTokenEndpoint())), baseCredential.getClientId(), "code", Uri.parse(baseCredential.getRedirectUrl()));
        if (clientEndpointsConfiguration.isChina()) {
            builder.setScope("openid profile uid web");
        }
        AuthorizationRequest build = builder.build();
        final AuthorizationService authorizationService = HttpClientHelper.getAuthorizationService(context);
        if (clientEndpointsConfiguration.isChina()) {
            getIPlanetDirectoryPro(clientEndpointsConfiguration.getAuthority(), str, new AnonymousClass2(onSilentSsoPerformedCallback, authorizationService, build, baseCredential, clientEndpointsConfiguration, context, activity));
        } else {
            runSilentSsoResponse(authorizationService, build, str, baseCredential, new OnSilentSsoPerformedCallback() { // from class: com.schneider.nativesso.accountmanager.AuthenticatorHelper.3
                @Override // com.schneider.nativesso.accountmanager.AuthenticatorHelper.OnSilentSsoPerformedCallback
                public void onSilentSsoPerformed(final AuthState authState) {
                    AuthorizationService.this.dispose();
                    if (authState.getAuthorizationException() == null) {
                        AuthenticatorHelper.createNewAccount(authState, clientEndpointsConfiguration, baseCredential, context, activity, new OnAccountSavedCallback() { // from class: com.schneider.nativesso.accountmanager.AuthenticatorHelper.3.1
                            @Override // com.schneider.nativesso.accountmanager.AuthenticatorHelper.OnAccountSavedCallback
                            public void onAccountDenied() {
                                if (onSilentSsoPerformedCallback != null) {
                                    onSilentSsoPerformedCallback.onSilentSsoPerformed(null);
                                }
                            }

                            @Override // com.schneider.nativesso.accountmanager.AuthenticatorHelper.OnAccountSavedCallback
                            public void onAccountSaved() {
                                if (onSilentSsoPerformedCallback != null) {
                                    onSilentSsoPerformedCallback.onSilentSsoPerformed(authState);
                                }
                            }
                        });
                        return;
                    }
                    OnSilentSsoPerformedCallback onSilentSsoPerformedCallback2 = onSilentSsoPerformedCallback;
                    if (onSilentSsoPerformedCallback2 != null) {
                        onSilentSsoPerformedCallback2.onSilentSsoPerformed(authState);
                    }
                }
            });
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static Bundle refreshToken(AccountManager accountManager, final Account account, String str, final AccountAuthenticatorResponse accountAuthenticatorResponse, Bundle bundle, Context context) {
        AccountManagerData authState = getAuthState(account, str, accountManager, Boolean.valueOf(Authenticator.checkSignatures(context, bundle)));
        String str2 = authState.authState;
        if (TextUtils.isEmpty(str2)) {
            Log.e(TAG, "refreshToken: Application is not authorized");
            accountAuthenticatorResponse.onError(0, "AuthenticatorHelper:Application is not authorized");
            return null;
        }
        try {
            ClientCredential jsonDeserialize = authState.baseCredentialsJson == null ? ClientCredential.jsonDeserialize(bundle.getString("KEY_OPTIONS_CLIENT_CREDENTIALS")) : ClientCredential.jsonDeserialize(authState.baseCredentialsJson);
            Log.d(TAG, jsonDeserialize != null ? "" + jsonDeserialize.getClientId() : null);
            Log.d(TAG, jsonDeserialize != null ? "" + jsonDeserialize.getClientSecret() : null);
            refreshTokenAndUpdateStorage(AuthState.jsonDeserialize(str2), context, account, authState.clientID, jsonDeserialize, new Authenticator.OnTokenRefreshedCallback() { // from class: com.schneider.nativesso.accountmanager.AuthenticatorHelper.6
                @Override // com.schneider.nativesso.accountmanager.Authenticator.OnTokenRefreshedCallback
                public void onTokenRefreshed(AuthState authState2) {
                    if (authState2.getAuthorizationException() != null) {
                        accountAuthenticatorResponse.onError(0, authState2.getAuthorizationException().errorDescription);
                        return;
                    }
                    Bundle bundle2 = new Bundle();
                    bundle2.putString("authAccount", account.name);
                    bundle2.putString("accountType", account.type);
                    bundle2.putString("authtoken", authState2.getAccessToken());
                    bundle2.putString(Authenticator.KEY_CLIENT_AUTH_STATE, authState2.jsonSerializeString());
                    accountAuthenticatorResponse.onResult(bundle2);
                }
            });
            return null;
        } catch (JSONException e) {
            accountAuthenticatorResponse.onError(0, e.getMessage());
            return null;
        }
    }

    protected static void refreshTokenAndUpdateStorage(final AuthState authState, final Context context, final Account account, final String str, BaseCredential baseCredential, final Authenticator.OnTokenRefreshedCallback onTokenRefreshedCallback) {
        AuthorizationService authorizationService = HttpClientHelper.getAuthorizationService(context);
        authState.setNeedsTokenRefresh(true);
        authorizationService.performTokenRequest(removeScope(authState.createTokenRefreshRequest(), authState.getAuthorizationServiceConfiguration()), SSOClientAuthentication.getClientAuthentication(baseCredential.getClientSecret(), baseCredential.getClientAuthenticationType()), new AuthorizationService.TokenResponseCallback() { // from class: com.schneider.nativesso.accountmanager.AuthenticatorHelper.7
            @Override // net.openid.appauth.AuthorizationService.TokenResponseCallback
            public void onTokenRequestCompleted(TokenResponse tokenResponse, AuthorizationException authorizationException) {
                AuthState.this.update(tokenResponse, authorizationException);
                if (authorizationException == null) {
                    Authenticator.updateUserData(context, account, str, AuthState.this);
                }
                onTokenRefreshedCallback.onTokenRefreshed(AuthState.this);
            }
        });
        authorizationService.dispose();
    }

    public static TokenRequest removeScope(TokenRequest tokenRequest, AuthorizationServiceConfiguration authorizationServiceConfiguration) {
        return new TokenRequest.Builder(authorizationServiceConfiguration, tokenRequest.clientId).setAdditionalParameters(tokenRequest.additionalParameters).setAuthorizationCode(tokenRequest.authorizationCode).setClientId(tokenRequest.clientId).setCodeVerifier(tokenRequest.codeVerifier).setConfiguration(tokenRequest.configuration).setGrantType(tokenRequest.grantType).setRedirectUri(tokenRequest.redirectUri).setRefreshToken(tokenRequest.refreshToken).setScope(null).build();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static void runChinaSilentSsoResponse(final AuthorizationService authorizationService, final AuthorizationRequest authorizationRequest, String str, final BaseCredential baseCredential, final OnSilentSsoPerformedCallback onSilentSsoPerformedCallback) {
        final String redirectUrl = baseCredential.getRedirectUrl();
        HttpClientHelper.getDefaultOkHttpClient().newCall(new Request.Builder().addHeader("Cookie", "iPlanetDirectoryPro=" + str).url(authorizationRequest.toUri().toString()).build()).enqueue(new Callback() { // from class: com.schneider.nativesso.accountmanager.AuthenticatorHelper.5
            @Override // okhttp3.Callback
            public void onFailure(Call call, IOException iOException) {
                Log.e(AuthenticatorHelper.TAG, "SilentSSO request failure: " + Arrays.toString(iOException.getStackTrace()));
                OnSilentSsoPerformedCallback.this.onSilentSsoPerformed(AuthenticatorHelper.createAuthStateWithError(new AuthorizationException(1, 0, AuthenticatorHelper.SILENT_SSO_FAILED_ERROR, iOException.getMessage(), null, null)));
            }

            @Override // okhttp3.Callback
            public void onResponse(Call call, Response response) throws IOException {
                String group;
                try {
                    if (response.isRedirect()) {
                        group = response.header("location");
                    } else {
                        if (!response.isSuccessful()) {
                            OnSilentSsoPerformedCallback.this.onSilentSsoPerformed(AuthenticatorHelper.createAuthStateWithError(new AuthorizationException(1, response.code(), "Silent SSO request failed", response.toString(), null, null)));
                            throw new IOException("Silent SSO request failed " + response);
                        }
                        Matcher matcher = Pattern.compile(redirectUrl + "?[-a-zA-Z0-9+&@#/%?=~_|!:,.;]*[-a-zA-Z0-9+&@#/%=~_|]").matcher(response.body().string());
                        group = matcher.find() ? matcher.toMatchResult().group() : null;
                    }
                    if (group == null) {
                        OnSilentSsoPerformedCallback.this.onSilentSsoPerformed(AuthenticatorHelper.createAuthStateWithError(new AuthorizationException(1, 0, "Silent SSO failed Matches not found for redirectUri [" + redirectUrl + "] ", "Not found redirectUri [" + redirectUrl + "] while Silent SSO in body:\n" + response.body().string(), null, null)));
                        return;
                    }
                    final AuthorizationResponse build = new AuthorizationResponse.Builder(authorizationRequest).fromUri(Uri.parse(group)).setScope(null).build();
                    if (build.authorizationCode == null) {
                        OnSilentSsoPerformedCallback.this.onSilentSsoPerformed(AuthenticatorHelper.createAuthStateWithError(new AuthorizationException(1, response.code(), AuthenticatorHelper.SILENT_SSO_FAILED_ERROR, build.additionalParameters.containsKey("error") ? build.additionalParameters.get("error") : response.toString(), null, null)));
                        throw new IOException(AuthenticatorHelper.SILENT_SSO_FAILED_ERROR + group);
                    }
                    authorizationService.performTokenRequest(AuthenticatorHelper.removeScope(build.createTokenExchangeRequest(), authorizationRequest.configuration), SSOClientAuthentication.getClientAuthentication(baseCredential.getClientSecret(), baseCredential.getClientAuthenticationType()), new AuthorizationService.TokenResponseCallback() { // from class: com.schneider.nativesso.accountmanager.AuthenticatorHelper.5.1
                        @Override // net.openid.appauth.AuthorizationService.TokenResponseCallback
                        public void onTokenRequestCompleted(TokenResponse tokenResponse, AuthorizationException authorizationException) {
                            if (tokenResponse != null) {
                                Log.d(AuthenticatorHelper.TAG, "SilentSSO exchange token success ");
                            } else {
                                Log.e(AuthenticatorHelper.TAG, "SilentSSO exchange token failed: " + Arrays.toString(authorizationException.getStackTrace()));
                            }
                            OnSilentSsoPerformedCallback.this.onSilentSsoPerformed(new AuthState(build, tokenResponse, authorizationException));
                        }
                    });
                } catch (Exception unused) {
                    Log.e(AuthenticatorHelper.TAG, AuthenticatorHelper.SILENT_SSO_FAILED_ERROR);
                }
            }
        });
    }

    private static void runSilentSsoResponse(AuthorizationService authorizationService, AuthorizationRequest authorizationRequest, String str, BaseCredential baseCredential, OnSilentSsoPerformedCallback onSilentSsoPerformedCallback) {
        callSSORequest(authorizationService, authorizationRequest, str, baseCredential, onSilentSsoPerformedCallback, new Request.Builder().addHeader("Cookie", "sid=" + str).url(authorizationRequest.toUri().toString()).build());
    }
}
