package nl.q42.widm.data.local;

import android.app.Application;
import android.content.Context;
import android.content.SharedPreferences;
import android.security.keystore.KeyGenParameterSpec;
import androidx.security.crypto.EncryptedSharedPreferences;
import androidx.security.crypto.MasterKey;
import androidx.security.crypto.MasterKeys;
import com.google.crypto.tink.Aead;
import com.google.crypto.tink.DeterministicAead;
import com.google.crypto.tink.KeysetHandle;
import com.google.crypto.tink.aead.AeadConfig;
import com.google.crypto.tink.daead.DeterministicAeadConfig;
import com.google.crypto.tink.integration.android.AndroidKeysetManager;
import com.google.crypto.tink.integration.android.AndroidKeystoreKmsClient;
import io.github.aakira.napier.Napier;
import io.github.aakira.napier.atomic.AtomicMutableList;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.ProviderException;
import java.util.Arrays;
import java.util.Map;
import javax.crypto.KeyGenerator;
import javax.inject.Singleton;
import kotlin.Metadata;
import kotlin.Pair;
import kotlin.collections.CollectionsKt;
import kotlin.collections.MapsKt;
import kotlin.jvm.functions.Function0;
import kotlin.jvm.internal.Intrinsics;
import kotlinx.coroutines.flow.Flow;
import kotlinx.coroutines.flow.MutableStateFlow;
import kotlinx.coroutines.flow.StateFlowKt;
import nl.q42.widm.data.local.model.IdentityEntity;

@Singleton
@Metadata(d1 = {"\u0000\f\n\u0002\u0018\u0002\n\u0002\u0010\u0000\n\u0002\b\u0002\b\u0001\u0018\u00002\u00020\u0001:\u0001\u0002¨\u0006\u0003"}, d2 = {"Lnl/q42/widm/data/local/IdentityLocalDataSource;", "", "Companion", "data_release"}, k = 1, mv = {1, 9, 0})
/* loaded from: classes2.dex */
public final class IdentityLocalDataSource {

    /* renamed from: a, reason: collision with root package name */
    public final EncryptedSharedPreferences f15073a;
    public final MutableStateFlow b;

    /* renamed from: c, reason: collision with root package name */
    public final Flow f15074c;
    public IdentityEntity d;

    @Metadata(d1 = {"\u0000\u0010\n\u0002\u0018\u0002\n\u0002\u0010\u0000\n\u0002\u0010\u000e\n\u0002\b\u0005\b\u0086\u0003\u0018\u00002\u00020\u0001R\u0014\u0010\u0003\u001a\u00020\u00028\u0002X\u0082T¢\u0006\u0006\n\u0004\b\u0003\u0010\u0004R\u0014\u0010\u0005\u001a\u00020\u00028\u0002X\u0082T¢\u0006\u0006\n\u0004\b\u0005\u0010\u0004R\u0014\u0010\u0006\u001a\u00020\u00028\u0002X\u0082T¢\u0006\u0006\n\u0004\b\u0006\u0010\u0004¨\u0006\u0007"}, d2 = {"Lnl/q42/widm/data/local/IdentityLocalDataSource$Companion;", "", "", "IDENTITY_TOKEN", "Ljava/lang/String;", "PREFS_FILE", "USER_TOKEN", "data_release"}, k = 1, mv = {1, 9, 0})
    /* loaded from: classes2.dex */
    public static final class Companion {
    }

    public IdentityLocalDataSource(Application application) {
        MasterKey.Builder builder = new MasterKey.Builder(application);
        if (builder.b != null) {
            throw new IllegalArgumentException("KeyScheme set after setting a KeyGenParamSpec");
        }
        KeyGenParameterSpec build = new KeyGenParameterSpec.Builder(builder.f7608a, 3).setBlockModes("GCM").setEncryptionPaddings("NoPadding").setKeySize(256).build();
        builder.b = build;
        if (build == null) {
            throw new NullPointerException("KeyGenParameterSpec was null after build() check");
        }
        Object obj = MasterKeys.f7610a;
        if (build.getKeySize() != 256) {
            throw new IllegalArgumentException("invalid key size, want 256 bits got " + build.getKeySize() + " bits");
        }
        if (!Arrays.equals(build.getBlockModes(), new String[]{"GCM"})) {
            throw new IllegalArgumentException("invalid block mode, want GCM got " + Arrays.toString(build.getBlockModes()));
        }
        if (build.getPurposes() != 3) {
            throw new IllegalArgumentException("invalid purposes mode, want PURPOSE_ENCRYPT | PURPOSE_DECRYPT got " + build.getPurposes());
        }
        if (!Arrays.equals(build.getEncryptionPaddings(), new String[]{"NoPadding"})) {
            throw new IllegalArgumentException("invalid padding mode, want NoPadding got " + Arrays.toString(build.getEncryptionPaddings()));
        }
        if (build.isUserAuthenticationRequired() && build.getUserAuthenticationValidityDurationSeconds() < 1) {
            throw new IllegalArgumentException("per-operation authentication is not supported (UserAuthenticationValidityDurationSeconds must be >0)");
        }
        synchronized (MasterKeys.f7610a) {
            String keystoreAlias = build.getKeystoreAlias();
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            if (!keyStore.containsAlias(keystoreAlias)) {
                try {
                    KeyGenerator keyGenerator = KeyGenerator.getInstance("AES", "AndroidKeyStore");
                    keyGenerator.init(build);
                    keyGenerator.generateKey();
                } catch (ProviderException e) {
                    throw new GeneralSecurityException(e.getMessage(), e);
                }
            }
        }
        String keystoreAlias2 = build.getKeystoreAlias();
        EncryptedSharedPreferences.PrefKeyEncryptionScheme prefKeyEncryptionScheme = EncryptedSharedPreferences.PrefKeyEncryptionScheme.f7606c;
        EncryptedSharedPreferences.PrefValueEncryptionScheme prefValueEncryptionScheme = EncryptedSharedPreferences.PrefValueEncryptionScheme.f7607c;
        DeterministicAeadConfig.register();
        AeadConfig.register();
        Context applicationContext = application.getApplicationContext();
        KeysetHandle keysetHandle = new AndroidKeysetManager.Builder().withKeyTemplate(prefKeyEncryptionScheme.a()).withSharedPref(applicationContext, "__androidx_security_crypto_encrypted_prefs_key_keyset__", "identityWidm").withMasterKeyUri(AndroidKeystoreKmsClient.PREFIX + keystoreAlias2).build().getKeysetHandle();
        KeysetHandle keysetHandle2 = new AndroidKeysetManager.Builder().withKeyTemplate(prefValueEncryptionScheme.a()).withSharedPref(applicationContext, "__androidx_security_crypto_encrypted_prefs_value_keyset__", "identityWidm").withMasterKeyUri(AndroidKeystoreKmsClient.PREFIX + keystoreAlias2).build().getKeysetHandle();
        this.f15073a = new EncryptedSharedPreferences(applicationContext.getSharedPreferences("identityWidm", 0), (Aead) keysetHandle2.getPrimitive(Aead.class), (DeterministicAead) keysetHandle.getPrimitive(DeterministicAead.class));
        MutableStateFlow a2 = StateFlowKt.a(a());
        this.b = a2;
        this.f15074c = a2;
    }

    public final IdentityEntity a() {
        IdentityEntity identityEntity = this.d;
        if (identityEntity != null) {
            return identityEntity;
        }
        EncryptedSharedPreferences encryptedSharedPreferences = this.f15073a;
        if (!encryptedSharedPreferences.contains("userToken") || !encryptedSharedPreferences.contains("identityToken")) {
            return null;
        }
        String string = encryptedSharedPreferences.getString("userToken", null);
        Intrinsics.d(string);
        String string2 = encryptedSharedPreferences.getString("identityToken", null);
        Intrinsics.d(string2);
        IdentityEntity identityEntity2 = new IdentityEntity(string, string2);
        this.d = identityEntity2;
        return identityEntity2;
    }

    public final Map b() {
        IdentityEntity a2 = a();
        if (a2 != null) {
            return MapsKt.h(new Pair("Authorization", CollectionsKt.M("Bearer " + a2.b)));
        }
        AtomicMutableList atomicMutableList = Napier.f11932a;
        Napier.d(null, new Function0<String>() { // from class: nl.q42.widm.data.local.IdentityLocalDataSource$getIdentityAuthHeaders$2$1
            @Override // kotlin.jvm.functions.Function0
            public final /* bridge */ /* synthetic */ Object G() {
                return "Cannot build user auth headers without Identity";
            }
        }, 3);
        return MapsKt.d();
    }

    public final Map c() {
        IdentityEntity a2 = a();
        if (a2 != null) {
            return MapsKt.h(new Pair("Authorization", CollectionsKt.M("Bearer " + a2.f15192a)));
        }
        AtomicMutableList atomicMutableList = Napier.f11932a;
        Napier.d(null, new Function0<String>() { // from class: nl.q42.widm.data.local.IdentityLocalDataSource$getUserAuthHeaders$2$1
            @Override // kotlin.jvm.functions.Function0
            public final /* bridge */ /* synthetic */ Object G() {
                return "Cannot build user auth headers without Identity";
            }
        }, 3);
        return MapsKt.d();
    }

    public final void d(IdentityEntity identity) {
        Intrinsics.g(identity, "identity");
        SharedPreferences.Editor edit = this.f15073a.edit();
        edit.putString("userToken", identity.f15192a);
        edit.putString("identityToken", identity.b);
        edit.apply();
        this.d = identity;
        this.b.setValue(identity);
    }
}
