package com.kttdevelopment.mal4j;

import com.kttdevelopment.mal4j.APIStruct;
import com.kttdevelopment.mal4j.Java9;
import com.kttdevelopment.mal4j.Json;
import com.sun.net.httpserver.HttpExchange;
import com.sun.net.httpserver.HttpHandler;
import com.sun.net.httpserver.HttpServer;
import java.awt.Desktop;
import java.io.IOException;
import java.net.InetSocketAddress;
import java.net.URI;
import java.net.URISyntaxException;
import java.nio.charset.StandardCharsets;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.util.Base64;
import java.util.HashMap;
import java.util.Map;
import java.util.Objects;
import java.util.concurrent.CountDownLatch;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.Executors;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.atomic.AtomicReference;
import java.util.function.Consumer;
import java.util.logging.Logger;
import java.util.regex.Pattern;
import java.util.zip.GZIPOutputStream;
import kotlin.UByte;
import kotlin.text.Typography;
import org.apache.commons.codec.digest.MessageDigestAlgorithms;

/* loaded from: classes2.dex */
public final class MyAnimeListAuthenticator {
    private static final String authState = "&state=%s";
    private static final String authUrl = "https://myanimelist.net/v1/oauth2/authorize?response_type=code&client_id=%s&code_challenge=%s&code_challenge_method=plain";
    private static final String redirectURI = "&redirect_uri=%s";
    private final MyAnimeListAuthenticationService authService;
    private final String authorizationCode;
    private final String client_id;
    private final String client_secret;
    private final String pkce;
    private AccessToken token;
    private static final Pattern allowedPKCE = Pattern.compile("[\\w\\-.~]*");
    private static final AuthResponseHandler defaultHandler = new AuthResponseHandler() { // from class: com.kttdevelopment.mal4j.MyAnimeListAuthenticator.1
        private static final String FAIL = "&#10060;";
        private static final String HTML = "<!DOCTYPE html><html><head><title>MyAnimeList Authenticator</title><style>html,body{width:100%;height:100%;-webkit-user-select: none;-ms-user-select: none;user-select: none;}body{display:flex;align-items:center;justify-content:center;background-color:#2E51A2;margin:0px;*{width:100%}}*{font-family:Helvetica,Arial,sans-serif;color:white;text-align:center}</style></head><body><div><h1>Authentication {{ state }}</h1><p title=\"{{ hint }}\">{{ message }}</p></div></body></html>";
        private static final String OK = "&#10004;&#65039;";

        @Override // com.kttdevelopment.mal4j.AuthResponseHandler
        public final String getResponse(String str, String str2, String str3, String str4) {
            String str5;
            String str6 = str == null ? "Failed &#10060;" : "Completed &#10004;&#65039;";
            if (str2 == null) {
                str2 = "";
            }
            if (str == null) {
                StringBuilder append = new StringBuilder().append("<b>").append(str2.substring(0, 1).toUpperCase()).append(str2.substring(1).replace('_', ' ')).append("</b>: ");
                if (str3 == null) {
                    str3 = "";
                }
                str5 = append.append(str3).toString();
            } else {
                str5 = "You may now close the window.";
            }
            String replace = HTML.replace("{{ state }}", str6);
            if (str4 == null) {
                str4 = "";
            }
            return replace.replace("{{ hint }}", str4).replace("{{ message }}", str5);
        }
    };

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes2.dex */
    public static final class AuthHandler implements HttpHandler {
        private final transient AtomicReference<String> auth;
        private final AuthResponseHandler handler;
        private final CountDownLatch latch;
        private final transient AtomicReference<String> state;

        private AuthHandler(CountDownLatch countDownLatch) {
            this(countDownLatch, MyAnimeListAuthenticator.defaultHandler);
        }

        private AuthHandler(CountDownLatch countDownLatch, AuthResponseHandler authResponseHandler) {
            this.auth = new AtomicReference<>();
            this.state = new AtomicReference<>();
            this.latch = countDownLatch;
            this.handler = authResponseHandler == null ? MyAnimeListAuthenticator.defaultHandler : authResponseHandler;
        }

        private Map<String, String> parseWwwFormEnc(String str) {
            HashMap hashMap = new HashMap();
            for (String str2 : str.split("&")) {
                if (str2.contains("=")) {
                    String[] split = str2.split("=");
                    hashMap.put(Java9.URLDecoder.decode(split[0], StandardCharsets.UTF_8), split.length == 2 ? Java9.URLDecoder.decode(split[1], StandardCharsets.UTF_8) : null);
                }
            }
            return hashMap;
        }

        public final String getAuth() {
            return this.auth.get();
        }

        public final String getState() {
            return this.state.get();
        }

        public final void handle(HttpExchange httpExchange) throws IOException {
            Map<String, String> parseWwwFormEnc = parseWwwFormEnc(httpExchange.getRequestURI().getRawQuery());
            this.state.set(parseWwwFormEnc.get("state"));
            this.auth.set(parseWwwFormEnc.get("code"));
            httpExchange.getResponseHeaders().set("Accept-Encoding", "gzip");
            httpExchange.getResponseHeaders().set("Content-Encoding", "gzip");
            httpExchange.getResponseHeaders().set("Connection", "keep-alive");
            httpExchange.sendResponseHeaders(200, 0L);
            GZIPOutputStream gZIPOutputStream = new GZIPOutputStream(httpExchange.getResponseBody());
            try {
                gZIPOutputStream.write(this.handler.getResponse(parseWwwFormEnc.get("code"), parseWwwFormEnc.get("error"), parseWwwFormEnc.get("message"), parseWwwFormEnc.get("hint")).getBytes(StandardCharsets.UTF_8));
                gZIPOutputStream.finish();
                gZIPOutputStream.flush();
                gZIPOutputStream.close();
                this.latch.countDown();
            } catch (Throwable th) {
                try {
                    gZIPOutputStream.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
                throw th;
            }
        }
    }

    /* loaded from: classes2.dex */
    public static final class LocalServerBuilder {
        private final String client_id;
        private final String client_secret;
        private boolean openBrowser;
        private final int port;
        private String redirect_URI;
        private AuthResponseHandler responseHandler;
        private long timeout;
        private Consumer<String> urlCallback;

        public LocalServerBuilder(String str, int i) {
            this(str, null, i);
        }

        public LocalServerBuilder(String str, String str2, int i) {
            this.openBrowser = false;
            this.timeout = 180L;
            this.redirect_URI = null;
            this.responseHandler = null;
            this.urlCallback = null;
            Objects.requireNonNull(str, "Client ID must not be null");
            this.client_id = str;
            this.client_secret = str2;
            this.port = i;
        }

        public final MyAnimeListAuthenticator build() throws IOException {
            return new MyAnimeListAuthenticator(this.client_id, this.client_secret, this.port, this.responseHandler, this.urlCallback, this.openBrowser, this.timeout, this.redirect_URI);
        }

        public final LocalServerBuilder openBrowser() {
            return openBrowser(true);
        }

        public final LocalServerBuilder openBrowser(boolean z) {
            if (!MyAnimeListAuthenticator.canOpenBrowser()) {
                Logger.getGlobal().warning("System may not support openBrowser()");
            }
            this.openBrowser = z;
            return this;
        }

        public final LocalServerBuilder setRedirectURI(String str) {
            this.redirect_URI = str;
            return this;
        }

        public final LocalServerBuilder setResponseHandler(AuthResponseHandler authResponseHandler) {
            this.responseHandler = authResponseHandler;
            return this;
        }

        public final LocalServerBuilder setTimeout(int i) {
            this.timeout = i;
            return this;
        }

        public final LocalServerBuilder setURLCallback(Consumer<String> consumer) {
            this.urlCallback = consumer;
            return this;
        }

        public String toString() {
            return "LocalServerBuilder{port=" + this.port + ", openBrowser=" + this.openBrowser + ", timeout=" + this.timeout + ", redirect_URI='" + this.redirect_URI + "', responseHandler=" + this.responseHandler + '}';
        }
    }

    private MyAnimeListAuthenticator(String str, String str2, int i, AuthResponseHandler authResponseHandler, Consumer<String> consumer, boolean z, long j, String str3) throws IOException {
        MyAnimeListAuthenticationService create = MyAnimeListAuthenticationService.create();
        this.authService = create;
        String[] authenticateWithLocalServer = authenticateWithLocalServer(str, i, authResponseHandler, consumer, z, j, str3);
        this.client_id = str;
        this.client_secret = str2;
        String str4 = authenticateWithLocalServer[0];
        this.authorizationCode = str4;
        String str5 = authenticateWithLocalServer[1];
        this.pkce = str5;
        this.token = parseToken(create.getToken(str, str2, "authorization_code", str4, str5, str3));
    }

    public MyAnimeListAuthenticator(String str, String str2, String str3, String str4) {
        this(str, str2, str3, str4, null);
    }

    public MyAnimeListAuthenticator(String str, String str2, String str3, String str4, String str5) {
        MyAnimeListAuthenticationService create = MyAnimeListAuthenticationService.create();
        this.authService = create;
        Objects.requireNonNull(str, "Client ID must not be null");
        Objects.requireNonNull(str3, "Authorization code must not be null");
        Objects.requireNonNull(str4, "PKCE code challenge must not be null");
        if (str4.length() < 43 || str4.length() > 128) {
            throw new IllegalArgumentException("PKCE code challenge must be between 43 and 128 characters, was " + str4.length() + " characters");
        }
        if (!allowedPKCE.matcher(str4).matches()) {
            throw new IllegalArgumentException("PKCE code challenge contains illegal characters, only a-z , A-Z , 0-9 , _ , . , - , and ~ are allowed");
        }
        this.client_id = str;
        this.client_secret = str2;
        this.authorizationCode = str3;
        this.pkce = str4;
        this.token = parseToken(create.getToken(str, str2, "authorization_code", str3, str4, str5));
    }

    private static String[] authenticateWithLocalServer(String str, int i, AuthResponseHandler authResponseHandler, final Consumer<String> consumer, boolean z, long j, String str2) throws IOException {
        Objects.requireNonNull(str, "Client ID must not be null");
        String generatePKCECodeVerifier = generatePKCECodeVerifier();
        String generateSha256 = generateSha256(str + Typography.amp + generatePKCECodeVerifier);
        final String authorizationURL = getAuthorizationURL(str, generatePKCECodeVerifier, str2, generateSha256);
        if (consumer != null) {
            new Thread(new Runnable() { // from class: com.kttdevelopment.mal4j.MyAnimeListAuthenticator$$ExternalSyntheticLambda0
                @Override // java.lang.Runnable
                public final void run() {
                    consumer.accept(authorizationURL);
                }
            }).start();
        }
        ExecutorService newSingleThreadExecutor = Executors.newSingleThreadExecutor();
        CountDownLatch countDownLatch = new CountDownLatch(1);
        HttpServer create = HttpServer.create(new InetSocketAddress(i), 0);
        create.setExecutor(newSingleThreadExecutor);
        AuthHandler authHandler = new AuthHandler(countDownLatch, authResponseHandler);
        create.createContext("/", authHandler);
        create.start();
        if (z) {
            if (canOpenBrowser()) {
                try {
                    Desktop.getDesktop().browse(new URI(authorizationURL));
                } catch (URISyntaxException unused) {
                    newSingleThreadExecutor.shutdownNow();
                    create.stop(0);
                    throw new IllegalArgumentException("URL syntax was invalid (most likely the client id or redirect URI wasn't encoded correctly)");
                }
            } else {
                Logger.getGlobal().severe("Desktop is not supported on this operating system. Please go to this URL manually: '" + authorizationURL + "' or use a URL callback");
            }
        }
        try {
            countDownLatch.await(j, TimeUnit.SECONDS);
        } catch (InterruptedException unused2) {
        }
        newSingleThreadExecutor.shutdownNow();
        create.stop(0);
        if (authHandler.getAuth() == null) {
            throw new NullPointerException("Failed to authorize request (server was closed before a response could be received)");
        }
        if (generateSha256.equals(authHandler.getState())) {
            return new String[]{authHandler.getAuth(), generatePKCECodeVerifier};
        }
        throw new UnauthorizedAccessException("Failed to authorize request (packet was intercepted by an unauthorized source)");
    }

    public static boolean canOpenBrowser() {
        return Desktop.isDesktopSupported() && Desktop.getDesktop().isSupported(Desktop.Action.BROWSE);
    }

    private static String generatePKCECodeVerifier() {
        byte[] bArr = new byte[64];
        new SecureRandom().nextBytes(bArr);
        return Base64.getUrlEncoder().withoutPadding().encodeToString(bArr);
    }

    private static String generateSha256(String str) {
        try {
            byte[] digest = MessageDigest.getInstance(MessageDigestAlgorithms.SHA_256).digest(str.getBytes(StandardCharsets.UTF_8));
            StringBuilder sb = new StringBuilder(digest.length * 2);
            for (byte b : digest) {
                String hexString = Integer.toHexString(b & UByte.MAX_VALUE);
                if (hexString.length() == 1) {
                    sb.append('0');
                }
                sb.append(hexString);
            }
            return sb.toString();
        } catch (NoSuchAlgorithmException e) {
            throw new RuntimeException("An exception that should not have been thrown has been thrown, please report this to the maintainers of Mal4J", e);
        }
    }

    public static String getAuthorizationURL(String str, String str2) {
        return getAuthorizationURL(str, str2, null, null);
    }

    public static String getAuthorizationURL(String str, String str2, String str3) {
        return getAuthorizationURL(str, str2, str3, null);
    }

    public static String getAuthorizationURL(String str, String str2, String str3, String str4) {
        Objects.requireNonNull(str, "Client ID must not be null");
        Objects.requireNonNull(str2, "PKCE must not be null");
        return String.format(authUrl, str, str2) + (str3 != null ? String.format(redirectURI, Java9.URLEncoder.encode(str3, StandardCharsets.UTF_8)) : "") + (str4 != null ? String.format(authState, str4) : "");
    }

    private AccessToken parseToken(APIStruct.Response<Json.JsonObject> response) {
        Json.JsonObject body = response.body();
        if (response.code() == 200) {
            return new AccessToken(body.getString("token_type"), body.getLong("expires_in"), body.getString("access_token"), body.getString("refresh_token"));
        }
        if (response.code() == 401) {
            throw new InvalidTokenException("The OAuth token provided is either invalid or expired");
        }
        String string = body.getString("error");
        throw new HttpException(response.URL(), response.code(), string != null ? string.trim() : response.raw());
    }

    public final AccessToken getAccessToken() {
        return this.token;
    }

    public final AccessToken refreshAccessToken() {
        AccessToken parseToken = parseToken(this.authService.refreshToken(this.client_id, this.client_secret, "refresh_token", this.authorizationCode, this.pkce, this.token.getRefreshToken()));
        this.token = parseToken;
        return parseToken;
    }
}
