package com.amazonaws.mobile.client.internal.oauth2;

import android.content.ComponentName;
import android.content.Context;
import android.net.Uri;
import android.os.Bundle;
import androidx.browser.customtabs.b;
import androidx.browser.customtabs.c;
import androidx.browser.customtabs.e;
import androidx.browser.customtabs.f;
import com.amazonaws.mobile.client.AWSMobileClient;
import com.amazonaws.mobile.client.Callback;
import com.amazonaws.mobile.client.internal.oauth2.OAuth2Constants;
import com.amazonaws.mobileconnectors.cognitoauth.util.Pkce;
import com.facebook.internal.ServerProtocol;
import com.stripe.android.model.PaymentMethodOptionsParams;
import defpackage.r11;
import java.net.URL;
import java.util.Map;

/* loaded from: classes2.dex */
public class OAuth2Client {
    final AWSMobileClient a;
    final e b;
    final Context c;
    b f;
    f g;
    Callback<AuthorizeResponse> j;
    String k;
    private String l;
    private String m;
    private String n;
    private String o;
    private Callback<Void> p;
    private boolean q;
    boolean e = true;
    PKCEMode i = PKCEMode.S256;
    private final OAuth2ClientStore d = new OAuth2ClientStore(this);
    r11 h = new r11() { // from class: com.amazonaws.mobile.client.internal.oauth2.OAuth2Client.1
        @Override // defpackage.r11
        public void onNavigationEvent(int i, Bundle bundle) {
            super.onNavigationEvent(i, bundle);
            if (i != 6 || OAuth2Client.this.q) {
                return;
            }
            if (OAuth2Client.this.p != null) {
                OAuth2Client.this.p.onError(new Exception("User cancelled flow or flow interrupted."));
                OAuth2Client.this.p = null;
                return;
            }
            Callback<AuthorizeResponse> callback = OAuth2Client.this.j;
            if (callback != null) {
                callback.onError(new Exception("User cancelled flow or flow interrupted."));
                OAuth2Client.this.j = null;
            }
        }
    };

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: com.amazonaws.mobile.client.internal.oauth2.OAuth2Client$3, reason: invalid class name */
    /* loaded from: classes2.dex */
    public static /* synthetic */ class AnonymousClass3 {
        static final /* synthetic */ int[] a;

        static {
            int[] iArr = new int[PKCEMode.values().length];
            a = iArr;
            try {
                iArr[PKCEMode.S256.ordinal()] = 1;
            } catch (NoSuchFieldError unused) {
            }
            try {
                a[PKCEMode.NONE.ordinal()] = 2;
            } catch (NoSuchFieldError unused2) {
            }
        }
    }

    /* loaded from: classes2.dex */
    public enum PKCEMode {
        NONE(""),
        S256("S256");

        private String a;

        PKCEMode(String str) {
            this.a = str;
        }

        public boolean a(PKCEMode pKCEMode) {
            return pKCEMode.a.equals(this.a);
        }

        @Override // java.lang.Enum
        public String toString() {
            return this.a;
        }
    }

    public OAuth2Client(Context context, AWSMobileClient aWSMobileClient) {
        this.a = aWSMobileClient;
        this.c = context;
        e eVar = new e() { // from class: com.amazonaws.mobile.client.internal.oauth2.OAuth2Client.2
            @Override // androidx.browser.customtabs.e
            public void onCustomTabsServiceConnected(ComponentName componentName, b bVar) {
                OAuth2Client.this.f = bVar;
                bVar.f(0L);
                OAuth2Client oAuth2Client = OAuth2Client.this;
                oAuth2Client.g = oAuth2Client.f.d(oAuth2Client.h);
            }

            @Override // android.content.ServiceConnection
            public void onServiceDisconnected(ComponentName componentName) {
                OAuth2Client.this.f = null;
            }
        };
        this.b = eVar;
        b.a(context, "com.android.chrome", eVar);
    }

    public void d(Uri uri, Callback<AuthorizeResponse> callback) {
        this.j = callback;
        try {
            Uri.Builder buildUpon = uri.buildUpon();
            int i = AnonymousClass3.a[this.i.ordinal()];
            if (i == 1) {
                String generateRandom = Pkce.generateRandom();
                String generateHash = Pkce.generateHash(generateRandom);
                this.d.d("proofKey", generateRandom);
                this.d.d("proofKeyHash", generateHash);
                buildUpon.appendQueryParameter(ServerProtocol.DIALOG_PARAM_CODE_CHALLENGE_METHOD, this.i.toString()).appendQueryParameter(ServerProtocol.DIALOG_PARAM_CODE_CHALLENGE, generateHash).build();
            } else if (i != 2) {
                throw new IllegalArgumentException("Unsupported PKCE mode was chosen, please choose another");
            }
            Uri build = buildUpon.build();
            String queryParameter = build.getQueryParameter("client_id");
            this.l = queryParameter;
            if (queryParameter == null) {
                throw new IllegalArgumentException("The authorize URI must contain a client_id");
            }
            String queryParameter2 = build.getQueryParameter(ServerProtocol.DIALOG_PARAM_REDIRECT_URI);
            if (queryParameter2 == null) {
                throw new IllegalArgumentException("The authorize URI must contain a redirect_uri");
            }
            this.d.d("signInRedirectUri", queryParameter2);
            Uri.parse(queryParameter2);
            if (build.getQueryParameter(ServerProtocol.DIALOG_PARAM_RESPONSE_TYPE) == null) {
                buildUpon.appendQueryParameter(ServerProtocol.DIALOG_PARAM_RESPONSE_TYPE, PaymentMethodOptionsParams.Blik.PARAM_CODE).build();
            }
            String queryParameter3 = build.getQueryParameter("state");
            this.k = queryParameter3;
            if (queryParameter3 == null) {
                String generateRandom2 = Pkce.generateRandom();
                this.k = generateRandom2;
                buildUpon.appendQueryParameter("state", generateRandom2).build();
            }
            this.d.d("state", this.k);
            e(buildUpon.build());
        } catch (Exception e) {
            callback.onError(e);
        }
    }

    public void e(Uri uri) {
        c a = new c.a(this.g).a();
        a.a.setPackage("com.android.chrome");
        a.a.addFlags(1073741824);
        a.a.addFlags(268435456);
        this.q = false;
        a.a(this.c, uri);
    }

    public void f(Uri uri, Map<String, String> map, Map<String, String> map2, String str, Callback<OAuth2Tokens> callback) {
        String b = this.d.b("proofKey");
        if (b == null && !this.i.a(PKCEMode.NONE)) {
            callback.onError(new Exception("Proof key could not be found from current session."));
        }
        try {
            if (map2.get("client_id") == null) {
                throw new IllegalArgumentException("The token exchange must contain a client_id");
            }
            if (map2.get(ServerProtocol.DIALOG_PARAM_REDIRECT_URI) == null) {
                throw new IllegalArgumentException("The token exchange must contain a redirect_uri");
            }
            if (map2.get(PaymentMethodOptionsParams.Blik.PARAM_CODE) == null) {
                if (str == null) {
                    throw new IllegalArgumentException("The token exchange must contain a code");
                }
                map2.put(PaymentMethodOptionsParams.Blik.PARAM_CODE, str);
            }
            if (map2.get("code_verifier") == null) {
                if (b == null) {
                    throw new IllegalStateException("The token exchange must contain a code verifier");
                }
                map2.put("code_verifier", b);
            }
            if (map2.get("grant_type") == null) {
                map2.put("grant_type", OAuth2Constants.GrantTypes.AUTHORIZATION_CODE.toString());
            }
            this.d.d("tokenUri", uri.toString());
            OAuth2Tokens b2 = HTTPUtil.b(HTTPUtil.a(new URL(uri.toString()), map, map2));
            this.d.c(b2);
            callback.onResult(b2);
        } catch (Exception e) {
            callback.onError(new Exception("Failed to exchange code for tokens", e));
        }
    }

    public void g(boolean z) {
        this.e = z;
        this.d.e(z);
    }

    public void h() {
        this.d.a();
        this.p = null;
        this.j = null;
        this.i = PKCEMode.S256;
        this.k = null;
        this.l = null;
        this.m = null;
        this.n = null;
        this.o = null;
    }

    public void i(Uri uri, Callback<Void> callback) {
        this.p = callback;
        String queryParameter = uri.getQueryParameter(ServerProtocol.DIALOG_PARAM_REDIRECT_URI);
        if (queryParameter == null) {
            throw new IllegalArgumentException("The sign-out URI must contain a redirect_uri");
        }
        this.d.d("signOutRedirectUri", queryParameter);
        Uri.parse(queryParameter);
        e(uri);
    }
}
