package com.unitedinternet.portal.authentication.login;

import android.accounts.AccountManager;
import android.content.Context;
import com.unitedinternet.portal.android.lib.authenticator.EncryptHelper;
import com.unitedinternet.portal.android.lib.authenticator.oauth2client.JsonOAuth2ClientFactoryFactory;
import com.unitedinternet.portal.android.lib.authenticator.oauth2client.OAuth2ClientFactory;
import com.unitedinternet.portal.android.lib.oauth2.OAuth2Authenticator;
import com.unitedinternet.portal.android.lib.oauth2.exceptions.AccountLockedException;
import com.unitedinternet.portal.android.lib.oauth2.exceptions.AccountNotFoundPasswordWrongException;
import com.unitedinternet.portal.android.lib.oauth2.exceptions.IpBlockedException;
import com.unitedinternet.portal.android.lib.oauth2.exceptions.OAuth2LoginException;
import com.unitedinternet.portal.android.lib.oauth2.exceptions.TokenLimitExceededException;
import com.unitedinternet.portal.android.lib.oauth2.exceptions.UseAuthorizationCodeGrantException;
import com.unitedinternet.portal.android.mail.account.interfaces.AccountInterfaceJava;
import com.unitedinternet.portal.android.onlinestorage.crashtracking.BreadcrumbCategory;
import com.unitedinternet.portal.authentication.AuthenticationModule;
import com.unitedinternet.portal.authentication.AuthenticationModuleAdapter;
import com.unitedinternet.portal.authentication.appmon.AuthAppMonEvents;
import com.unitedinternet.portal.authentication.authenticator.Authenticator;
import com.unitedinternet.portal.authentication.authenticator.OAuthCredentialStore;
import com.unitedinternet.portal.authentication.login.authcodegrant.AuthorizationCodeGrantHandler;
import com.unitedinternet.portal.authentication.network.AuthConstants;
import com.unitedinternet.portal.core.restmail.RESTStore;
import dagger.Lazy;
import dagger.Reusable;
import java.io.IOException;
import java.net.URI;
import java.net.URISyntaxException;
import java.security.GeneralSecurityException;
import java.security.cert.CertificateException;
import javax.net.ssl.SSLHandshakeException;
import kotlin.Metadata;
import kotlin.Unit;
import kotlin.coroutines.Continuation;
import kotlin.jvm.internal.DefaultConstructorMarker;
import kotlin.jvm.internal.Intrinsics;
import kotlin.text.StringsKt__StringsJVMKt;
import okhttp3.OkHttpClient;
import okhttp3.Request;
import org.dmfs.httpessentials.exceptions.ProtocolError;
import org.dmfs.httpessentials.exceptions.ProtocolException;
import org.dmfs.oauth2.client.OAuth2AccessToken;
import timber.log.Timber;

/* compiled from: OAuth2LoginController.kt */
@Reusable
@Metadata(d1 = {"\u0000^\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0003\n\u0002\u0018\u0002\n\u0000\n\u0002\u0010\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0010\u000e\n\u0002\b\u0007\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0005\b\u0007\u0018\u0000 (2\u00020\u0001:\u0001(B'\b\u0007\u0012\b\b\u0001\u0010\u0002\u001a\u00020\u0003\u0012\f\u0010\u0004\u001a\b\u0012\u0004\u0012\u00020\u00060\u0005\u0012\u0006\u0010\u0007\u001a\u00020\b¢\u0006\u0002\u0010\tJ\u0010\u0010\u0010\u001a\u00020\u00112\u0006\u0010\u0012\u001a\u00020\u0013H\u0007J\u0018\u0010\u0014\u001a\u00020\u00112\u0006\u0010\u0015\u001a\u00020\u00162\u0006\u0010\u0017\u001a\u00020\u0016H\u0003J(\u0010\u0018\u001a\u00020\u00112\u0006\u0010\u0012\u001a\u00020\u00132\u0006\u0010\u0019\u001a\u00020\u00162\u0006\u0010\u001a\u001a\u00020\u00162\u0006\u0010\u001b\u001a\u00020\u0016H\u0002J\u0010\u0010\u001c\u001a\u00020\u00162\u0006\u0010\u001d\u001a\u00020\u001eH\u0002J\u0010\u0010\u001f\u001a\u00020\u00112\u0006\u0010 \u001a\u00020!H\u0002J!\u0010\"\u001a\u00020\u00112\u0006\u0010\u0012\u001a\u00020\u00132\u0006\u0010#\u001a\u00020$H\u0097@ø\u0001\u0000¢\u0006\u0002\u0010%J)\u0010\"\u001a\u00020\u00112\u0006\u0010\u0012\u001a\u00020\u00132\u0006\u0010\u0019\u001a\u00020\u00162\u0006\u0010\u001a\u001a\u00020\u0016H\u0097@ø\u0001\u0000¢\u0006\u0002\u0010&J \u0010'\u001a\u00020\u00112\u0006\u0010\u0012\u001a\u00020\u00132\u0006\u0010\u0019\u001a\u00020\u00162\u0006\u0010\u001a\u001a\u00020\u0016H\u0002R\u0014\u0010\n\u001a\u00020\u000b8BX\u0082\u0004¢\u0006\u0006\u001a\u0004\b\f\u0010\rR\u0014\u0010\u0004\u001a\b\u0012\u0004\u0012\u00020\u00060\u0005X\u0082\u0004¢\u0006\u0002\n\u0000R\u000e\u0010\u0007\u001a\u00020\bX\u0082\u0004¢\u0006\u0002\n\u0000R\u000e\u0010\u000e\u001a\u00020\u000fX\u0082\u0004¢\u0006\u0002\n\u0000R\u000e\u0010\u0002\u001a\u00020\u0003X\u0082\u0004¢\u0006\u0002\n\u0000\u0082\u0002\u0004\n\u0002\b\u0019¨\u0006)"}, d2 = {"Lcom/unitedinternet/portal/authentication/login/OAuth2LoginController;", "Lcom/unitedinternet/portal/authentication/login/RestLoginController;", "okHttpClient", "Lokhttp3/OkHttpClient;", "authorizationCodeGrantHandler", "Ldagger/Lazy;", "Lcom/unitedinternet/portal/authentication/login/authcodegrant/AuthorizationCodeGrantHandler;", BreadcrumbCategory.CONTEXT, "Landroid/content/Context;", "(Lokhttp3/OkHttpClient;Ldagger/Lazy;Landroid/content/Context;)V", "authenticationModuleAdapter", "Lcom/unitedinternet/portal/authentication/AuthenticationModuleAdapter;", "getAuthenticationModuleAdapter", "()Lcom/unitedinternet/portal/authentication/AuthenticationModuleAdapter;", "jsonOAuth2ClientFactoryFactory", "Lcom/unitedinternet/portal/android/lib/authenticator/oauth2client/JsonOAuth2ClientFactoryFactory;", "deleteRefreshToken", "", "account", "Lcom/unitedinternet/portal/android/mail/account/interfaces/AccountInterfaceJava;", "deleteToken", "tokenEndpoint", "", "refreshToken", "doLoginAndSaveToken", AuthConstants.HEADER_USERNAME, AuthConstants.HEADER_PASSWORD, "eueBrand", "encodeToken", "accessToken", "Lorg/dmfs/oauth2/client/OAuth2AccessToken;", "handleOAuth2LoginException", "e", "Lcom/unitedinternet/portal/android/lib/oauth2/exceptions/OAuth2LoginException;", "login", "authorizationCodeContainer", "Lcom/unitedinternet/portal/authentication/login/authcodegrant/AuthorizationCodeContainer;", "(Lcom/unitedinternet/portal/android/mail/account/interfaces/AccountInterfaceJava;Lcom/unitedinternet/portal/authentication/login/authcodegrant/AuthorizationCodeContainer;Lkotlin/coroutines/Continuation;)Ljava/lang/Object;", "(Lcom/unitedinternet/portal/android/mail/account/interfaces/AccountInterfaceJava;Ljava/lang/String;Ljava/lang/String;Lkotlin/coroutines/Continuation;)Ljava/lang/Object;", "loginToOAuth2", "Companion", "authentication_webdeRelease"}, k = 1, mv = {1, 8, 0}, xi = 48)
/* loaded from: classes4.dex */
public final class OAuth2LoginController implements RestLoginController {

    /* renamed from: Companion, reason: from kotlin metadata */
    public static final Companion INSTANCE = new Companion(null);
    private final Lazy<AuthorizationCodeGrantHandler> authorizationCodeGrantHandler;
    private final Context context;
    private final JsonOAuth2ClientFactoryFactory jsonOAuth2ClientFactoryFactory;
    private final OkHttpClient okHttpClient;

    /* compiled from: OAuth2LoginController.kt */
    @Metadata(d1 = {"\u0000\u0018\n\u0002\u0018\u0002\n\u0002\u0010\u0000\n\u0002\b\u0002\n\u0002\u0010\u000b\n\u0000\n\u0002\u0010\u000e\n\u0000\b\u0086\u0003\u0018\u00002\u00020\u0001B\u0007\b\u0002¢\u0006\u0002\u0010\u0002J\u0010\u0010\u0003\u001a\u00020\u00042\u0006\u0010\u0005\u001a\u00020\u0006H\u0002¨\u0006\u0007"}, d2 = {"Lcom/unitedinternet/portal/authentication/login/OAuth2LoginController$Companion;", "", "()V", "isPossibleGmxComAlias", "", "email", "", "authentication_webdeRelease"}, k = 1, mv = {1, 8, 0}, xi = 48)
    /* loaded from: classes4.dex */
    public static final class Companion {
        private Companion() {
        }

        public /* synthetic */ Companion(DefaultConstructorMarker defaultConstructorMarker) {
            this();
        }

        /* JADX INFO: Access modifiers changed from: private */
        public final boolean isPossibleGmxComAlias(String email) {
            boolean endsWith$default;
            boolean endsWith$default2;
            boolean endsWith$default3;
            endsWith$default = StringsKt__StringsJVMKt.endsWith$default(email, "@gmx.com", false, 2, null);
            if (!endsWith$default) {
                endsWith$default2 = StringsKt__StringsJVMKt.endsWith$default(email, "@gmx.us", false, 2, null);
                if (!endsWith$default2) {
                    endsWith$default3 = StringsKt__StringsJVMKt.endsWith$default(email, "@gmx.tm", false, 2, null);
                    if (!endsWith$default3) {
                        return false;
                    }
                }
            }
            return true;
        }
    }

    public OAuth2LoginController(OkHttpClient okHttpClient, Lazy<AuthorizationCodeGrantHandler> authorizationCodeGrantHandler, Context context) {
        Intrinsics.checkNotNullParameter(okHttpClient, "okHttpClient");
        Intrinsics.checkNotNullParameter(authorizationCodeGrantHandler, "authorizationCodeGrantHandler");
        Intrinsics.checkNotNullParameter(context, "context");
        this.okHttpClient = okHttpClient;
        this.authorizationCodeGrantHandler = authorizationCodeGrantHandler;
        this.context = context;
        this.jsonOAuth2ClientFactoryFactory = new JsonOAuth2ClientFactoryFactory(new OAuthCredentialStore(), context.getResources());
    }

    private final void deleteToken(String tokenEndpoint, String refreshToken) {
        try {
            this.okHttpClient.newCall(Request.Builder.delete$default(new Request.Builder().url(tokenEndpoint).addHeader(Authenticator.KEY_REFRESH_TOKEN, refreshToken), null, 1, null).build()).execute();
        } catch (IOException e) {
            Timber.INSTANCE.e(e, "Could not delete token", new Object[0]);
        }
    }

    private final void doLoginAndSaveToken(AccountInterfaceJava account, String username, String password, String eueBrand) throws ProtocolException, ProtocolError, IOException, URISyntaxException, OAuth2LoginException, GeneralSecurityException {
        OAuth2ClientFactory oAuth2ClientFactory = this.jsonOAuth2ClientFactoryFactory.oAuth2ClientFactory(eueBrand);
        Intrinsics.checkNotNullExpressionValue(oAuth2ClientFactory, "jsonOAuth2ClientFactoryF…h2ClientFactory(eueBrand)");
        OAuth2AccessToken loginWithUsernamePassword = new OAuth2Authenticator(oAuth2ClientFactory, this.okHttpClient).loginWithUsernamePassword(username, password, eueBrand);
        Intrinsics.checkNotNullExpressionValue(loginWithUsernamePassword, "oAuth2Authenticator.logi…name, password, eueBrand)");
        String encodeToken = encodeToken(loginWithUsernamePassword);
        AccountManager.get(this.context).setUserData(account.lambda$getLazyAndroidAccount$0(this.context), Authenticator.KEY_REFRESH_TOKEN, encodeToken);
        String uri = new URI(RESTStore.SCHEME, encodeToken, eueBrand, 80, null, null, null).toString();
        Intrinsics.checkNotNullExpressionValue(uri, "URI(\"rest\", encodedToken…l, null, null).toString()");
        account.setStoreUri(uri);
    }

    private final String encodeToken(OAuth2AccessToken accessToken) throws GeneralSecurityException {
        EncryptHelper.Companion companion = EncryptHelper.INSTANCE;
        Context applicationContext = this.context.getApplicationContext();
        Intrinsics.checkNotNullExpressionValue(applicationContext, "context.applicationContext");
        String encryptBase64Unsafe = EncryptHelper.Companion.getInstance$default(companion, applicationContext, null, null, 6, null).encryptBase64Unsafe(accessToken.refreshToken().toString());
        if (encryptBase64Unsafe != null) {
            return encryptBase64Unsafe;
        }
        throw new GeneralSecurityException("Failed to encrypt token");
    }

    private final AuthenticationModuleAdapter getAuthenticationModuleAdapter() {
        return AuthenticationModule.getAuthenticationComponent().provideModuleAdapter();
    }

    private final void handleOAuth2LoginException(OAuth2LoginException e) throws AutomaticAccountSetupException {
        if (e instanceof AccountNotFoundPasswordWrongException) {
            throw new AutomaticAccountSetupException(0);
        }
        if (e instanceof AccountLockedException ? true : e instanceof TokenLimitExceededException) {
            throw new AutomaticAccountSetupException(4);
        }
        if (e instanceof IpBlockedException) {
            throw new AutomaticAccountSetupException(10);
        }
        if (e instanceof UseAuthorizationCodeGrantException) {
            throw new AutomaticAccountSetupException(8, ((UseAuthorizationCodeGrantException) e).getEueBrand());
        }
    }

    private final void loginToOAuth2(AccountInterfaceJava account, String username, String password) throws ProtocolException, ProtocolError, IOException, URISyntaxException, OAuth2LoginException, GeneralSecurityException {
        try {
            String euebrand = account.getEuebrand();
            Intrinsics.checkNotNullExpressionValue(euebrand, "account.euebrand");
            doLoginAndSaveToken(account, username, password, euebrand);
        } catch (OAuth2LoginException e) {
            Timber.INSTANCE.i(e, "Error while login into oAuth", new Object[0]);
            if (!(e instanceof AccountNotFoundPasswordWrongException) || !INSTANCE.isPossibleGmxComAlias(username)) {
                throw e;
            }
            doLoginAndSaveToken(account, username, password, AccountInterfaceJava.BRAND_GMXNET);
            account.setEuebrand(AccountInterfaceJava.BRAND_GMXNET);
        }
    }

    public final void deleteRefreshToken(AccountInterfaceJava account) {
        Intrinsics.checkNotNullParameter(account, "account");
        OAuth2ClientFactory oAuth2ClientFactory = this.jsonOAuth2ClientFactoryFactory.oAuth2ClientFactory(account.getEuebrand());
        Intrinsics.checkNotNullExpressionValue(oAuth2ClientFactory, "jsonOAuth2ClientFactoryF…Factory(account.euebrand)");
        String str = oAuth2ClientFactory.tokenEndpoint();
        Intrinsics.checkNotNullExpressionValue(str, "clientFactory.tokenEndpoint()");
        String userData = AccountManager.get(this.context).getUserData(account.lambda$getLazyAndroidAccount$0(this.context), Authenticator.KEY_REFRESH_TOKEN);
        if (userData == null || userData.length() == 0) {
            Timber.INSTANCE.i("Refresh token was already removed cant delete", new Object[0]);
            return;
        }
        EncryptHelper.Companion companion = EncryptHelper.INSTANCE;
        Context applicationContext = this.context.getApplicationContext();
        Intrinsics.checkNotNullExpressionValue(applicationContext, "context.applicationContext");
        String decryptBase64 = EncryptHelper.Companion.getInstance$default(companion, applicationContext, null, null, 6, null).decryptBase64(userData);
        if (decryptBase64 != null) {
            deleteToken(str, decryptBase64);
        }
    }

    /* JADX WARN: Code restructure failed: missing block: B:18:0x00e2, code lost:
    
        if (r2 == true) goto L22;
     */
    @Override // com.unitedinternet.portal.authentication.login.RestLoginController
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public java.lang.Object login(com.unitedinternet.portal.android.mail.account.interfaces.AccountInterfaceJava r19, com.unitedinternet.portal.authentication.login.authcodegrant.AuthorizationCodeContainer r20, kotlin.coroutines.Continuation<? super kotlin.Unit> r21) throws com.unitedinternet.portal.authentication.login.AutomaticAccountSetupException, java.net.URISyntaxException {
        /*
            Method dump skipped, instructions count: 283
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.unitedinternet.portal.authentication.login.OAuth2LoginController.login(com.unitedinternet.portal.android.mail.account.interfaces.AccountInterfaceJava, com.unitedinternet.portal.authentication.login.authcodegrant.AuthorizationCodeContainer, kotlin.coroutines.Continuation):java.lang.Object");
    }

    @Override // com.unitedinternet.portal.authentication.login.RestLoginController
    public Object login(AccountInterfaceJava accountInterfaceJava, String str, String str2, Continuation<? super Unit> continuation) throws AutomaticAccountSetupException, URISyntaxException {
        try {
            loginToOAuth2(accountInterfaceJava, str, str2);
            getAuthenticationModuleAdapter().sendEvent(AuthAppMonEvents.INSTANCE.getOAUTH_LOGIN_SUCCESS());
        } catch (OAuth2LoginException e) {
            handleOAuth2LoginException(e);
        } catch (IOException e2) {
            Timber.INSTANCE.w(e2, "IOException while login into oAuth", new Object[0]);
            throw new AutomaticAccountSetupException(1);
        } catch (GeneralSecurityException e3) {
            Timber.INSTANCE.w(e3, "GeneralSecurityException while login into oAuth", new Object[0]);
            throw new AutomaticAccountSetupException(3);
        } catch (SSLHandshakeException e4) {
            Timber.INSTANCE.w(e4, "SSLHandshakeException while login into oAuth", new Object[0]);
            if (e4.getCause() instanceof CertificateException) {
                AuthenticationModuleAdapter.DefaultImpls.sendEvent$default(getAuthenticationModuleAdapter(), AuthAppMonEvents.INSTANCE.getOAUTH_LOGIN_SSL_DATE(), null, 2, null);
                throw new AutomaticAccountSetupException(7);
            }
            AuthenticationModuleAdapter.DefaultImpls.sendEvent$default(getAuthenticationModuleAdapter(), AuthAppMonEvents.INSTANCE.getOAUTH_LOGIN_SSL_HANDSHAKE(), null, 2, null);
            throw new AutomaticAccountSetupException(6);
        } catch (ProtocolError e5) {
            Timber.INSTANCE.w(e5, "Error while login into oAuth", new Object[0]);
            AuthenticationModuleAdapter.DefaultImpls.sendEvent$default(getAuthenticationModuleAdapter(), AuthAppMonEvents.INSTANCE.getOAUTH_LOGIN_WRONG_CREDENTIALS(), null, 2, null);
            throw new AutomaticAccountSetupException(0);
        } catch (ProtocolException e6) {
            Timber.INSTANCE.w(e6, "ProtocolException while login into oAuth", new Object[0]);
            AuthenticationModuleAdapter.DefaultImpls.sendEvent$default(getAuthenticationModuleAdapter(), AuthAppMonEvents.INSTANCE.getOAUTH_LOGIN_GENERIC(), null, 2, null);
            throw new AutomaticAccountSetupException(3);
        }
        return Unit.INSTANCE;
    }
}
