package com.ibm.bluemix.appid.android.internal.tokenmanager;

import android.util.Base64;
import com.ibm.bluemix.appid.android.api.AppID;
import com.ibm.bluemix.appid.android.api.AuthorizationException;
import com.ibm.bluemix.appid.android.api.AuthorizationListener;
import com.ibm.bluemix.appid.android.api.TokenResponseListener;
import com.ibm.bluemix.appid.android.api.tokens.AccessToken;
import com.ibm.bluemix.appid.android.api.tokens.IdentityToken;
import com.ibm.bluemix.appid.android.internal.OAuthManager;
import com.ibm.bluemix.appid.android.internal.config.Config;
import com.ibm.bluemix.appid.android.internal.network.AppIDRequest;
import com.ibm.bluemix.appid.android.internal.registrationmanager.RegistrationManager;
import com.ibm.bluemix.appid.android.internal.tokens.AccessTokenImpl;
import com.ibm.bluemix.appid.android.internal.tokens.IdentityTokenImpl;
import com.ibm.mobilefirstplatform.clientsdk.android.core.api.Response;
import com.ibm.mobilefirstplatform.clientsdk.android.core.api.ResponseListener;
import com.ibm.mobilefirstplatform.clientsdk.android.core.internal.BaseRequest;
import com.ibm.mobilefirstplatform.clientsdk.android.logger.api.Logger;
import java.security.PrivateKey;
import java.security.Signature;
import java.util.HashMap;
import org.json.JSONObject;

/* loaded from: classes.dex */
public class TokenManager {
    private static final String AUTHORIZATION_HEADER = "Authorization";
    private static final String CLIENT_ID = "client_id";
    private static final String CODE = "code";
    private static final String ERROR_CODE = "error";
    private static final String ERROR_DESCRIPTION = "error_description";
    private static final String GRANT_TYPE = "grant_type";
    private static final String GRANT_TYPE_AUTH_CODE = "authorization_code";
    private static final String GRANT_TYPE_PASSWORD = "password";
    private static final String INVALID_GRANT = "invalid_grant";
    private static final String OAUTH_TOKEN_PATH = "/token";
    private static final String PASSWORD = "password";
    private static final String REDIRECT_URI = "redirect_uri";
    private static final String USERNAME = "username";
    private static final Logger logger = Logger.getLogger(Logger.INTERNAL_PREFIX + TokenManager.class.getName());
    private final AppID appId;
    private AccessToken latestAccessToken;
    private IdentityToken latestIdentityToken;
    private final RegistrationManager registrationManager;

    public TokenManager(OAuthManager oAuthManager) {
        this.appId = oAuthManager.getAppId();
        this.registrationManager = oAuthManager.getRegistrationManager();
    }

    private String createAuthenticationHeader(String str) throws Exception {
        PrivateKey privateKey = this.registrationManager.getPrivateKey();
        Signature signature = Signature.getInstance("SHA256withRSA");
        signature.initSign(privateKey);
        signature.update(str.getBytes());
        return "Basic " + Base64.encodeToString((str + ":" + Base64.encodeToString(signature.sign(), 2)).getBytes(), 2);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void extractTokens(Response response, TokenResponseListener tokenResponseListener) {
        logger.debug("Extracting tokens from server response");
        try {
            JSONObject jSONObject = new JSONObject(response.getResponseText());
            String string = jSONObject.getString("access_token");
            String string2 = jSONObject.getString("id_token");
            try {
                AccessTokenImpl accessTokenImpl = new AccessTokenImpl(string);
                try {
                    IdentityTokenImpl identityTokenImpl = new IdentityTokenImpl(string2);
                    this.latestAccessToken = accessTokenImpl;
                    this.latestIdentityToken = identityTokenImpl;
                    tokenResponseListener.onAuthorizationSuccess(accessTokenImpl, identityTokenImpl);
                } catch (RuntimeException e) {
                    clearStoredTokens();
                    logger.error("Failed to parse id_token", e);
                    tokenResponseListener.onAuthorizationFailure(new AuthorizationException("Failed to parse id_token"));
                }
            } catch (RuntimeException e2) {
                logger.error("Failed to parse access_token", e2);
                tokenResponseListener.onAuthorizationFailure(new AuthorizationException("Failed to parse access_token"));
            }
        } catch (Exception e3) {
            logger.error("Failed to parse server response", e3);
            tokenResponseListener.onAuthorizationFailure(new AuthorizationException("Failed to parse server response"));
        }
    }

    private void retrieveTokens(HashMap<String, String> hashMap, final TokenResponseListener tokenResponseListener) {
        String str = Config.getOAuthServerUrl(this.appId) + OAUTH_TOKEN_PATH;
        String registrationDataString = this.registrationManager.getRegistrationDataString("client_id");
        AppIDRequest createAppIDRequest = createAppIDRequest(str, BaseRequest.POST);
        try {
            createAppIDRequest.addHeader(AUTHORIZATION_HEADER, createAuthenticationHeader(registrationDataString));
            createAppIDRequest.send(hashMap, new ResponseListener() { // from class: com.ibm.bluemix.appid.android.internal.tokenmanager.TokenManager.1
                @Override // com.ibm.mobilefirstplatform.clientsdk.android.core.api.ResponseListener
                public void onFailure(Response response, Throwable th, JSONObject jSONObject) {
                    TokenManager.logger.error("Failed to retrieve tokens from authorization server", th);
                    try {
                        if (response.getStatus() == 400) {
                            JSONObject jSONObject2 = new JSONObject(response.getResponseText());
                            if (TokenManager.INVALID_GRANT.equals(jSONObject2.getString("error"))) {
                                tokenResponseListener.onAuthorizationFailure(new AuthorizationException("Failed to retrieve tokens: " + jSONObject2.getString(TokenManager.ERROR_DESCRIPTION)));
                            }
                        }
                        tokenResponseListener.onAuthorizationFailure(new AuthorizationException("Failed to retrieve tokens"));
                    } catch (Exception e) {
                        TokenManager.logger.error("Failed to retrieve tokens from authorization server", th);
                        tokenResponseListener.onAuthorizationFailure(new AuthorizationException("Failed to retrieve tokens"));
                    }
                }

                @Override // com.ibm.mobilefirstplatform.clientsdk.android.core.api.ResponseListener
                public void onSuccess(Response response) {
                    TokenManager.this.extractTokens(response, tokenResponseListener);
                }
            });
        } catch (Exception e) {
            logger.error("Failed to create authentication header", e);
        }
    }

    public void clearStoredTokens() {
        this.latestAccessToken = null;
        this.latestIdentityToken = null;
    }

    AppIDRequest createAppIDRequest(String str, String str2) {
        return new AppIDRequest(str, str2);
    }

    public AccessToken getLatestAccessToken() {
        return this.latestAccessToken;
    }

    public IdentityToken getLatestIdentityToken() {
        return this.latestIdentityToken;
    }

    public void obtainTokens(String str, AuthorizationListener authorizationListener) {
        logger.debug("obtainTokens");
        String registrationDataString = this.registrationManager.getRegistrationDataString("client_id");
        String registrationDataString2 = this.registrationManager.getRegistrationDataString(RegistrationManager.REDIRECT_URIS, 0);
        HashMap<String, String> hashMap = new HashMap<>();
        hashMap.put(CODE, str);
        hashMap.put("client_id", registrationDataString);
        hashMap.put(GRANT_TYPE, GRANT_TYPE_AUTH_CODE);
        hashMap.put(REDIRECT_URI, registrationDataString2);
        retrieveTokens(hashMap, authorizationListener);
    }

    public void obtainTokens(String str, String str2, TokenResponseListener tokenResponseListener) {
        logger.debug("obtainTokens - with resource owner password");
        HashMap<String, String> hashMap = new HashMap<>();
        hashMap.put(USERNAME, str);
        hashMap.put("password", str2);
        hashMap.put(GRANT_TYPE, "password");
        retrieveTokens(hashMap, tokenResponseListener);
    }
}
