package com.backbase.android.identity.client;

import android.content.Context;
import androidx.annotation.NonNull;
import androidx.annotation.Nullable;
import androidx.annotation.VisibleForTesting;
import com.backbase.android.Backbase;
import com.backbase.android.clients.auth.PasswordAuthListener;
import com.backbase.android.clients.auth.oauth2.BBOAuth2AuthClient;
import com.backbase.android.clients.auth.oauth2.OAuth2AuthClientListener;
import com.backbase.android.configurations.BBIdentityConfiguration;
import com.backbase.android.core.networking.error.ErrorResponseResolver;
import com.backbase.android.core.utils.BBLogger;
import com.backbase.android.core.utils.DoNotObfuscate;
import com.backbase.android.core.utils.StringUtils;
import com.backbase.android.identity.BBAuthenticator;
import com.backbase.android.identity.BBIdentityAuthenticatorsProvider;
import com.backbase.android.identity.BBLeanAuthRenderable;
import com.backbase.android.identity.client.BBDeviceAuthClient;
import com.backbase.android.identity.client.BBIdentityAuthClient;
import com.backbase.android.identity.common.flow.BBIdentityFlowHandlerListener;
import com.backbase.android.identity.device.BBDeviceAuthenticator;
import com.backbase.android.identity.fido.BBFidoAuthenticator;
import com.backbase.android.identity.fido.biometric.BBBiometricAuthenticator;
import com.backbase.android.identity.fido.biometric.BBBiometricPromptAuthenticator;
import com.backbase.android.identity.fido.flow.registration.FidoUafRegistrationListener;
import com.backbase.android.identity.inputrequired.BBInputRequiredAuthenticator;
import com.backbase.android.identity.oobconfirmations.oobauth.BBOutOfBandAuthSessionAuthenticator;
import com.backbase.android.identity.otp.BBIdentityOtpAuthenticationReason;
import com.backbase.android.identity.otp.BBOtpAuthenticator;
import com.backbase.android.identity.otp.OtpAuthenticationReason;
import com.backbase.android.identity.reauth.BBReAuthAuthenticator;
import com.backbase.android.identity.requiredactions.BBTermsAndConditionsAuthenticator;
import com.backbase.android.identity.requiredactions.BBUpdatePasswordAuthenticator;
import com.backbase.android.identity.resolver.BBIdentityChallengesResolver;
import com.backbase.android.identity.utils.BBUrlProtocolHandlerUtils;
import com.backbase.android.rendering.inner.BBRendererCache;
import com.backbase.android.utils.net.NetworkConnector;
import com.backbase.android.utils.net.NetworkConnectorBuilder;
import com.backbase.android.utils.net.request.RequestListener;
import com.backbase.android.utils.net.request.RequestMethods;
import com.backbase.android.utils.net.response.Response;
import java.net.URL;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import y9.f;

@DoNotObfuscate
/* loaded from: classes11.dex */
public class BBIdentityAuthClient extends BBOAuth2AuthClient implements BBDeviceAuthClient, BBIdentityAuthenticatorsProvider {
    private static final String HEADER_CACHE_CONTROL = "cache-control";
    private static final String HEADER_CACHE_CONTROL_VALUE = "no-cache";
    private static final String HEADER_FIDO_TOKEN = "X-Fido-Token";
    private static final String OAUTH_AUTH_ENDPOINT = "auth/realms/__REALM__/protocol/openid-connect/token";
    private static final String OAUTH_LOGOUT_ENDPOINT = "auth/realms/__REALM__/protocol/openid-connect/logout";
    private static final String PARAM_ACR_VALUES = "acr_values";
    private static final String PARAM_DEVICE_ID = "device_id";
    private static final String REALM_TOKEN = "__REALM__";
    private static final String TAG = "BBIdentityAuthClient";
    private List<BBAuthenticator> authenticators;

    @NonNull
    private final String baseUrl;

    @NonNull
    private final String realm;
    private UsernameProvider usernameProvider;

    @VisibleForTesting
    /* loaded from: classes11.dex */
    public class a implements BBIdentityFlowHandlerListener {

        /* renamed from: a, reason: collision with root package name */
        @NonNull
        public final BBDeviceAuthClient.BBDeviceAuthClientAuthenticationListener f10758a;

        /* renamed from: b, reason: collision with root package name */
        @NonNull
        public final String f10759b;

        /* renamed from: c, reason: collision with root package name */
        @Nullable
        public Map<String, String> f10760c;

        public a(@NonNull String str, @Nullable Map<String, String> map, @NonNull BBDeviceAuthClient.BBDeviceAuthClientAuthenticationListener bBDeviceAuthClientAuthenticationListener) {
            this.f10759b = str;
            this.f10760c = map;
            this.f10758a = bBDeviceAuthClientAuthenticationListener;
        }

        @Override // com.backbase.android.identity.common.flow.BBIdentityFlowHandlerListener
        public void onIdentityFlowCompleted(@NonNull Response response) {
            List<String> list = response.getHeaders().get(BBIdentityAuthClient.HEADER_FIDO_TOKEN);
            if (list == null || list.isEmpty()) {
                this.f10758a.onDeviceAuthenticationFailure(new Response(0, "Fido Token was not present at the end of authentication"));
                return;
            }
            String str = list.get(0);
            if (this.f10760c == null) {
                this.f10760c = new HashMap();
            }
            this.f10760c.put(BBIdentityAuthClient.HEADER_FIDO_TOKEN, str);
            BBIdentityAuthClient.this.l(this.f10759b.toCharArray(), "".toCharArray(), false, false, this.f10760c, null, this.f10758a, new String[0]);
        }

        @Override // com.backbase.android.identity.common.flow.BBIdentityFlowHandlerListener
        public void onIdentityFlowError(@NonNull Response response) {
            this.f10758a.onDeviceAuthenticationFailure(response);
        }
    }

    @VisibleForTesting
    /* loaded from: classes11.dex */
    public static class b implements PasswordAuthListener {

        /* renamed from: a, reason: collision with root package name */
        public final char[] f10762a;

        /* renamed from: b, reason: collision with root package name */
        public final char[] f10763b;

        /* renamed from: c, reason: collision with root package name */
        public final boolean f10764c;

        /* renamed from: d, reason: collision with root package name */
        public final boolean f10765d;

        /* renamed from: e, reason: collision with root package name */
        public final Map<String, String> f10766e;

        /* renamed from: f, reason: collision with root package name */
        public final Map<String, String> f10767f;
        public final PasswordAuthListener g;

        /* renamed from: h, reason: collision with root package name */
        public final String[] f10768h;

        /* renamed from: i, reason: collision with root package name */
        public final f f10769i;

        /* renamed from: j, reason: collision with root package name */
        public BBIdentityAuthClient f10770j;

        public b(char[] cArr, char[] cArr2, boolean z11, boolean z12, Map<String, String> map, Map<String, String> map2, PasswordAuthListener passwordAuthListener, f fVar, String... strArr) {
            this.f10762a = cArr;
            this.f10763b = cArr2;
            this.f10764c = z11;
            this.f10765d = z12;
            this.f10766e = map;
            this.f10767f = map2;
            this.g = passwordAuthListener;
            this.f10769i = fVar;
            this.f10768h = strArr;
        }

        @Override // com.backbase.android.clients.auth.PasswordAuthListener
        public void onAuthError(@NonNull Response response) {
            BBIdentityOtpAuthenticationReason.INSTANCE.removeOtpAuthenticationReason();
            this.g.onAuthError(response);
        }

        @Override // com.backbase.android.clients.auth.PasswordAuthListener
        public boolean onAuthRequiresAction(@NonNull Response response) {
            this.f10769i.b(new String(this.f10762a));
            if (response.getResponseCode() != 204) {
                return false;
            }
            if (this.g.onAuthRequiresAction(response)) {
                return true;
            }
            this.f10770j.l(this.f10762a, this.f10763b, this.f10764c, this.f10765d, this.f10766e, this.f10767f, this.g, this.f10768h);
            return true;
        }

        @Override // com.backbase.android.clients.auth.PasswordAuthListener
        public void onAuthSuccess(@Nullable Map<String, List<String>> map) {
            BBIdentityOtpAuthenticationReason.INSTANCE.removeOtpAuthenticationReason();
            this.g.onAuthSuccess(map);
        }
    }

    public BBIdentityAuthClient(@NonNull Context context, @NonNull String str) {
        super(null, Backbase.getInstance().getConfiguration().getExperienceConfiguration().getIdentityConfig().getClientId(), str);
        this.authenticators = new ArrayList();
        this.usernameProvider = null;
        BBIdentityConfiguration identityConfig = Backbase.getInstance().getConfiguration().getExperienceConfiguration().getIdentityConfig();
        this.baseUrl = StringUtils.guaranteeOneSlashAtEndOfUrl(identityConfig.getBaseURL());
        this.realm = identityConfig.getRealm();
        this.tokenEndpoint = m();
        registerAuthErrorResolver(BBIdentityChallengesResolver.buildChain(context.getApplicationContext(), this, new ErrorResponseResolver[0]));
        BBUrlProtocolHandlerUtils.setUrlStreamHandlerFactory();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public /* synthetic */ void k(BBIdentityAuthClientListener bBIdentityAuthClientListener, Response response) {
        if (response.isErrorResponse()) {
            bBIdentityAuthClientListener.oAuth2AuthClientTokenInvalidateFailed(response);
        } else {
            super.invalidateTokens((OAuth2AuthClientListener) bBIdentityAuthClientListener);
        }
    }

    @Nullable
    private URL m() {
        try {
            return new URL(this.baseUrl + OAUTH_AUTH_ENDPOINT.replace(REALM_TOKEN, this.realm));
        } catch (Exception unused) {
            BBLogger.error(TAG, "Cannot create oauth auth endpoint URL");
            return null;
        }
    }

    public void addAuthenticator(@NonNull BBAuthenticator bBAuthenticator) throws AuthenticatorAlreadyExistsException {
        if (this.authenticators.contains(bBAuthenticator)) {
            throw new AuthenticatorAlreadyExistsException(bBAuthenticator.getClass().getSimpleName());
        }
        if ((bBAuthenticator instanceof BBBiometricAuthenticator) || (bBAuthenticator instanceof BBBiometricPromptAuthenticator)) {
            for (BBAuthenticator bBAuthenticator2 : this.authenticators) {
                if ((bBAuthenticator2 instanceof BBBiometricAuthenticator) || (bBAuthenticator2 instanceof BBBiometricPromptAuthenticator)) {
                    throw new AuthenticatorAlreadyExistsException("Biometric authenticator already added.");
                }
            }
        }
        this.authenticators.add(bBAuthenticator);
        BBRendererCache.getInstance().putItem(bBAuthenticator);
    }

    public void addAuthenticator(@NonNull BBDeviceAuthenticator bBDeviceAuthenticator) throws AuthenticatorAlreadyExistsException {
        addAuthenticator((BBAuthenticator) bBDeviceAuthenticator);
    }

    public void addAuthenticator(@NonNull BBFidoAuthenticator bBFidoAuthenticator) throws AuthenticatorAlreadyExistsException {
        if (getDeviceAuthenticator() == null) {
            throw new IllegalStateException("Device authenticator is not registered. Register device authenticator first.");
        }
        addAuthenticator((BBAuthenticator) bBFidoAuthenticator);
        bBFidoAuthenticator.setDeviceAuthenticator(getDeviceAuthenticator());
    }

    @Override // com.backbase.android.clients.auth.oauth2.BBOAuth2AuthClient, com.backbase.android.clients.auth.PasswordAuthClient
    public void authenticate(@NonNull char[] cArr, @NonNull char[] cArr2, @Nullable Map<String, String> map, @Nullable Map<String, String> map2, @NonNull PasswordAuthListener passwordAuthListener, @Nullable String... strArr) {
        BBIdentityOtpAuthenticationReason.INSTANCE.setOtpAuthenticationReason(OtpAuthenticationReason.REGISTRATION);
        l(cArr, cArr2, true, true, map, map2, passwordAuthListener, strArr);
    }

    @Override // com.backbase.android.identity.client.BBDeviceAuthClient
    @Deprecated
    public void authenticateRegisteredDevice(@NonNull Context context, @NonNull String str, @NonNull BBDeviceAuthClient.BBDeviceAuthClientAuthenticationListener bBDeviceAuthClientAuthenticationListener) {
        authenticateRegisteredDevice(context, str, null, bBDeviceAuthClientAuthenticationListener);
    }

    @Override // com.backbase.android.identity.client.BBDeviceAuthClient
    public void authenticateRegisteredDevice(@NonNull Context context, @NonNull String str, @Nullable Map<String, String> map, @NonNull BBDeviceAuthClient.BBDeviceAuthClientAuthenticationListener bBDeviceAuthClientAuthenticationListener) {
        rr.a aVar = new rr.a(context.getApplicationContext(), this);
        aVar.setListener(new a(str, map, bBDeviceAuthClientAuthenticationListener));
        aVar.O(str);
    }

    @Override // com.backbase.android.identity.BBIdentityAuthenticatorsProvider
    public final /* synthetic */ BBFidoAuthenticator findFidoAuthenticatorByAAID(String str) {
        return s9.a.a(this, str);
    }

    @Nullable
    public BBLeanAuthRenderable getAuthenticatorRenderable(@NonNull String str) {
        for (BBAuthenticator bBAuthenticator : this.authenticators) {
            if (bBAuthenticator.getClass().getSimpleName().equals(str)) {
                return (BBLeanAuthRenderable) bBAuthenticator.getRenderableItem();
            }
        }
        return null;
    }

    @Nullable
    public String getClientSecret() {
        return this.clientSecret;
    }

    @Override // com.backbase.android.identity.BBIdentityAuthenticatorsProvider
    @Nullable
    public BBDeviceAuthenticator getDeviceAuthenticator() {
        List<BBAuthenticator> list = this.authenticators;
        if (list == null) {
            return null;
        }
        for (BBAuthenticator bBAuthenticator : list) {
            if (bBAuthenticator instanceof BBDeviceAuthenticator) {
                return (BBDeviceAuthenticator) bBAuthenticator;
            }
        }
        return null;
    }

    @Override // com.backbase.android.identity.BBIdentityAuthenticatorsProvider
    @NonNull
    public List<BBFidoAuthenticator> getFidoAuthenticators() {
        ArrayList arrayList = new ArrayList();
        List<BBAuthenticator> list = this.authenticators;
        if (list != null) {
            for (BBAuthenticator bBAuthenticator : list) {
                if (bBAuthenticator instanceof BBFidoAuthenticator) {
                    arrayList.add((BBFidoAuthenticator) bBAuthenticator);
                }
            }
        }
        return arrayList;
    }

    @Override // com.backbase.android.identity.BBIdentityAuthenticatorsProvider
    @Nullable
    public BBInputRequiredAuthenticator getInputRequiredAuthenticator() {
        List<BBAuthenticator> list = this.authenticators;
        if (list == null) {
            return null;
        }
        for (BBAuthenticator bBAuthenticator : list) {
            if (bBAuthenticator instanceof BBInputRequiredAuthenticator) {
                return (BBInputRequiredAuthenticator) bBAuthenticator;
            }
        }
        return null;
    }

    @Override // com.backbase.android.identity.BBIdentityAuthenticatorsProvider
    @Nullable
    public BBOtpAuthenticator getOtpAuthenticator() {
        List<BBAuthenticator> list = this.authenticators;
        if (list == null) {
            return null;
        }
        for (BBAuthenticator bBAuthenticator : list) {
            if (bBAuthenticator instanceof BBOtpAuthenticator) {
                return (BBOtpAuthenticator) bBAuthenticator;
            }
        }
        return null;
    }

    @Override // com.backbase.android.identity.BBIdentityAuthenticatorsProvider
    @Nullable
    public BBOutOfBandAuthSessionAuthenticator getOutOfBandAuthSessionAuthenticator() {
        List<BBAuthenticator> list = this.authenticators;
        if (list == null) {
            return null;
        }
        for (BBAuthenticator bBAuthenticator : list) {
            if (bBAuthenticator instanceof BBOutOfBandAuthSessionAuthenticator) {
                return (BBOutOfBandAuthSessionAuthenticator) bBAuthenticator;
            }
        }
        return null;
    }

    @Override // com.backbase.android.identity.BBIdentityAuthenticatorsProvider
    @Nullable
    public BBReAuthAuthenticator getReAuthAuthenticator() {
        List<BBAuthenticator> list = this.authenticators;
        if (list == null) {
            return null;
        }
        for (BBAuthenticator bBAuthenticator : list) {
            if (bBAuthenticator instanceof BBReAuthAuthenticator) {
                return (BBReAuthAuthenticator) bBAuthenticator;
            }
        }
        return null;
    }

    @Override // com.backbase.android.identity.BBIdentityAuthenticatorsProvider
    @Nullable
    public BBTermsAndConditionsAuthenticator getTermsAndConditionsAuthenticator() {
        List<BBAuthenticator> list = this.authenticators;
        if (list == null) {
            return null;
        }
        for (BBAuthenticator bBAuthenticator : list) {
            if (bBAuthenticator instanceof BBTermsAndConditionsAuthenticator) {
                return (BBTermsAndConditionsAuthenticator) bBAuthenticator;
            }
        }
        return null;
    }

    @Override // com.backbase.android.identity.BBIdentityAuthenticatorsProvider
    @Nullable
    public BBUpdatePasswordAuthenticator getUpdatePasswordAuthenticator() {
        List<BBAuthenticator> list = this.authenticators;
        if (list == null) {
            return null;
        }
        for (BBAuthenticator bBAuthenticator : list) {
            if (bBAuthenticator instanceof BBUpdatePasswordAuthenticator) {
                return (BBUpdatePasswordAuthenticator) bBAuthenticator;
            }
        }
        return null;
    }

    @Nullable
    public UsernameProvider getUsernameProvider() {
        return this.usernameProvider;
    }

    @Override // com.backbase.android.clients.auth.oauth2.BBOAuth2AuthClient, com.backbase.android.clients.auth.oauth2.OAuth2AuthClient
    public void invalidateTokens(@NonNull OAuth2AuthClientListener oAuth2AuthClientListener) {
        invalidateTokens((BBIdentityAuthClientListener) oAuth2AuthClientListener);
    }

    public void invalidateTokens(@NonNull BBIdentityAuthClientListener bBIdentityAuthClientListener) {
        Map<String, String> map = this.authTokens;
        if (map == null || map.isEmpty()) {
            bBIdentityAuthClientListener.oAuth2AuthClientTokenInvalidateFailed(new Response(0, "No tokens were stored."));
            return;
        }
        NetworkConnector n4 = n();
        if (n4 == null) {
            bBIdentityAuthClientListener.oAuth2AuthClientTokenInvalidateFailed(new Response(0, "Logout URL isn't valid"));
        } else {
            getServerRequestWorker(n4, j(bBIdentityAuthClientListener)).start();
        }
    }

    @Override // com.backbase.android.identity.client.BBDeviceAuthClient
    public final /* synthetic */ boolean isDeviceRegistered(BBIdentityAuthenticatorsProvider bBIdentityAuthenticatorsProvider) {
        return t9.a.b(this, bBIdentityAuthenticatorsProvider);
    }

    @NonNull
    @VisibleForTesting
    public RequestListener<Response> j(final BBIdentityAuthClientListener bBIdentityAuthClientListener) {
        return new RequestListener() { // from class: t9.c
            @Override // com.backbase.android.utils.net.request.RequestListener
            public final /* synthetic */ void onCancelled(String str) {
                tk.a.a(this, str);
            }

            @Override // com.backbase.android.utils.net.request.RequestListener
            public final void onRequestDone(Object obj) {
                BBIdentityAuthClient.this.k(bBIdentityAuthClientListener, (Response) obj);
            }
        };
    }

    @VisibleForTesting
    public void l(@NonNull char[] cArr, @NonNull char[] cArr2, boolean z11, boolean z12, @Nullable Map<String, String> map, @Nullable Map<String, String> map2, @NonNull PasswordAuthListener passwordAuthListener, @Nullable String... strArr) {
        Map<String, String> hashMap = map2 == null ? new HashMap<>() : map2;
        hashMap.put("client_id", this.clientId);
        if (z11 && getDeviceAuthenticator() != null && getDeviceAuthenticator().getDeviceId() != null) {
            hashMap.put(PARAM_DEVICE_ID, getDeviceAuthenticator().getDeviceId());
        }
        if (z12 && hashMap.containsKey(PARAM_DEVICE_ID)) {
            hashMap.put(PARAM_ACR_VALUES, "authentication");
        }
        b bVar = new b(cArr, cArr2, z11, z12, map, hashMap, passwordAuthListener, f.a(), strArr);
        bVar.f10770j = this;
        super.authenticate(cArr, cArr2, map, hashMap, bVar, strArr);
    }

    @VisibleForTesting
    public NetworkConnector n() {
        URL url;
        String item = this.encryptedStorageComponent.getItem(BBOAuth2AuthClient.O_AUTH2_ACCESS_TOKEN_STORAGE_KEY);
        String item2 = this.encryptedStorageComponent.getItem(BBOAuth2AuthClient.O_AUTH2_REFRESH_TOKEN_STORAGE_KEY);
        try {
            url = new URL(this.baseUrl + OAUTH_LOGOUT_ENDPOINT.replace(REALM_TOKEN, this.realm));
        } catch (Exception unused) {
            BBLogger.error(TAG, "Cannot create oauth logout endpoint URL");
            url = null;
        }
        if (url == null) {
            return null;
        }
        NetworkConnectorBuilder networkConnectorBuilder = new NetworkConnectorBuilder(url.toString());
        networkConnectorBuilder.addRequestMethod(RequestMethods.POST);
        HashMap hashMap = new HashMap();
        hashMap.put("client_id", this.clientId);
        hashMap.put("client_secret", this.clientSecret);
        hashMap.put("refresh_token", item2);
        networkConnectorBuilder.addParameters(hashMap);
        HashMap hashMap2 = new HashMap();
        hashMap2.put("Authorization", "bearer " + item);
        hashMap2.put("Content-Type", "application/x-www-form-urlencoded");
        hashMap2.put(HEADER_CACHE_CONTROL, HEADER_CACHE_CONTROL_VALUE);
        networkConnectorBuilder.addHeaders(hashMap2);
        return networkConnectorBuilder.buildConnection();
    }

    public void removeAuthenticator(@NonNull Class<? extends BBAuthenticator> cls) {
        ArrayList arrayList = new ArrayList();
        for (BBAuthenticator bBAuthenticator : this.authenticators) {
            if (!cls.isInstance(bBAuthenticator)) {
                arrayList.add(bBAuthenticator);
            }
        }
        this.authenticators = arrayList;
    }

    public void reset() {
        if (getDeviceAuthenticator() != null) {
            getDeviceAuthenticator().reset();
        } else {
            BBLogger.error(TAG, "NOT calling reset() on device authenticator because it was never added!");
        }
        if (getFidoAuthenticators().isEmpty()) {
            BBLogger.error(TAG, "NOT calling reset() on any FIDO authenticator because none was ever added!");
            return;
        }
        Iterator<BBFidoAuthenticator> it2 = getFidoAuthenticators().iterator();
        while (it2.hasNext()) {
            it2.next().reset();
        }
    }

    public void setUsernameProvider(@NonNull UsernameProvider usernameProvider) {
        this.usernameProvider = usernameProvider;
    }

    public void startUAFRegistration(@NonNull Context context, @NonNull String str, @NonNull FidoUafRegistrationListener fidoUafRegistrationListener) {
        tr.b bVar = new tr.b(context.getApplicationContext(), this);
        bVar.setListener(fidoUafRegistrationListener);
        bVar.l(str, null);
    }
}
