package com.rch.oauth;

import com.rch.oauth.exceptions.AuthOptionsException;
import com.rch.oauth.interfaces.AuthApiInterface;
import com.rch.oauth.models.ClientCredentialsFlow;
import com.rch.oauth.models.PasswordFlow;
import com.rch.oauth.models.RefreshTokenFlow;
import com.rch.oauth.models.TokenResponse;
import com.rch.oauth.models.UserInfo;
import java.io.IOException;
import java.util.logging.Logger;
import java.util.prefs.Preferences;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.X509TrustManager;
import okhttp3.Interceptor;
import okhttp3.OkHttpClient;
import retrofit2.Response;
import retrofit2.Retrofit;
import retrofit2.converter.gson.GsonConverterFactory;

/* loaded from: classes2.dex */
public class OAuth2Client {
    private static final String ACCESS_TOKEN = "ACCESS_TOKEN_";
    private static Logger LOGGER = Logger.getLogger(OAuth2Client.class.getName());
    private static final String REFRESH_TOKEN = "REFRESH_TOKEN_";
    private final OAuth2Options options;
    private Preferences pref;
    private SSLSocketFactory sslSocketFactory;
    private X509TrustManager trustManager;

    public OAuth2Client(OAuth2Options oAuth2Options) {
        this.trustManager = null;
        this.sslSocketFactory = null;
        this.options = oAuth2Options;
        this.pref = Preferences.systemNodeForPackage(OAuth2Client.class);
    }

    public OAuth2Client(OAuth2Options oAuth2Options, SSLSocketFactory sSLSocketFactory, X509TrustManager x509TrustManager) {
        this.trustManager = null;
        this.sslSocketFactory = null;
        this.options = oAuth2Options;
        this.pref = Preferences.systemNodeForPackage(OAuth2Client.class);
        this.sslSocketFactory = sSLSocketFactory;
        this.trustManager = x509TrustManager;
    }

    private String getAccessToken() {
        return this.pref.get(ACCESS_TOKEN + this.options.AuthorityUrl, "");
    }

    private String getRefreshToken() {
        return this.pref.get(REFRESH_TOKEN + this.options.AuthorityUrl, "");
    }

    private UserInfo getUserInfo(Boolean bool) throws AuthOptionsException, IOException {
        if (this.options.UserInfoEndpoint == null || this.options.UserInfoEndpoint.isEmpty()) {
            LOGGER.severe("OAuthOptions.UserInfoEndpoint is null or empty");
            throw new AuthOptionsException("You need to specify a UserInfoEndpoint in OAuthOptions");
        }
        if (!isAuthenticated().booleanValue()) {
            LOGGER.severe("User is not authenticated");
        }
        LOGGER.info("Getting User Info for authenticated User");
        Response<UserInfo> execute = ((AuthApiInterface) HttpClientFactory(AuthApiInterface.class, getAccessToken(), getRefreshToken())).getUserInfo(this.options.UserInfoEndpoint).execute();
        if (execute.isSuccessful()) {
            LOGGER.info("GetUserInfo response is successful");
            return execute.body();
        }
        if (execute.code() == 401 && bool.booleanValue()) {
            LOGGER.warning("GetUserInfo failed with \"unauthorized\" error. Retry");
            return getUserInfo(false);
        }
        LOGGER.warning("GetUserInfo response failed with status: " + execute.code());
        return null;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void setAccessToken(String str) {
        this.pref.put(ACCESS_TOKEN + this.options.AuthorityUrl, str);
    }

    private void setRefreshToken(String str) {
        this.pref.put(REFRESH_TOKEN + this.options.AuthorityUrl, str);
    }

    public void Authorize() throws Exception {
        throw new Exception("Not implemented");
    }

    protected <T> T HttpClientFactory(Class<T> cls, final String str, final String str2) {
        OkHttpClient.Builder builder = new OkHttpClient.Builder();
        SSLSocketFactory sSLSocketFactory = this.sslSocketFactory;
        if (sSLSocketFactory != null) {
            X509TrustManager x509TrustManager = this.trustManager;
            if (x509TrustManager != null) {
                builder.sslSocketFactory(sSLSocketFactory, x509TrustManager);
            } else {
                builder.sslSocketFactory(sSLSocketFactory);
            }
        }
        return (T) new Retrofit.Builder().baseUrl(this.options.AuthorityUrl).client(str == null ? builder.build() : builder.addInterceptor(new Interceptor() { // from class: com.rch.oauth.OAuth2Client.1
            @Override // okhttp3.Interceptor
            public okhttp3.Response intercept(Interceptor.Chain chain) throws IOException {
                okhttp3.Response proceed = chain.proceed(chain.request().newBuilder().addHeader("Authorization", "Bearer " + str).build());
                if (proceed.code() == 401) {
                    OAuth2Client.LOGGER.warning("Request is not Authorized");
                    OAuth2Client.this.setAccessToken("");
                    OAuth2Client.LOGGER.info("AccessToken removed");
                    if (str2 != null) {
                        OAuth2Client.LOGGER.warning("Triggering RefreshToken()");
                        try {
                            OAuth2Client.this.RefreshToken(new RefreshTokenFlow(str2));
                        } catch (AuthOptionsException e) {
                            e.printStackTrace();
                        }
                    }
                }
                return proceed;
            }
        }).build()).addConverterFactory(GsonConverterFactory.create()).build().create(cls);
    }

    public void RefreshToken(RefreshTokenFlow refreshTokenFlow) throws AuthOptionsException, IOException {
        if (this.options.TokenEndpoint == null || this.options.TokenEndpoint.isEmpty()) {
            LOGGER.severe("OAuthOptions.TokenEndpoint is null or empty");
            throw new AuthOptionsException("You need to specify a TokenEndpoint in OAuthOptions");
        }
        LOGGER.info("Getting token for username: " + refreshTokenFlow.username);
        Response<TokenResponse> execute = ((AuthApiInterface) HttpClientFactory(AuthApiInterface.class, null, null)).getToken(this.options.TokenEndpoint, refreshTokenFlow.mapFields()).execute();
        if (!execute.isSuccessful()) {
            setRefreshToken("");
            LOGGER.info("RefreshToken removed");
            LOGGER.warning("GetToken response failed with status: " + execute.code());
            return;
        }
        LOGGER.info("GetToken response is successful");
        TokenResponse body = execute.body();
        setAccessToken(body.access_token);
        LOGGER.info("AccessToken is " + body.access_token);
    }

    public void getToken(ClientCredentialsFlow clientCredentialsFlow) throws AuthOptionsException, IOException {
        if (this.options.TokenEndpoint == null || this.options.TokenEndpoint.isEmpty()) {
            LOGGER.severe("OAuthOptions.TokenEndpoint is null or empty");
            throw new AuthOptionsException("You need to specify a TokenEndpoint in OAuthOptions");
        }
        LOGGER.info("Getting token for username: " + clientCredentialsFlow.username);
        Response<TokenResponse> execute = ((AuthApiInterface) HttpClientFactory(AuthApiInterface.class, null, null)).getToken(this.options.TokenEndpoint, clientCredentialsFlow.mapFields()).execute();
        if (!execute.isSuccessful()) {
            LOGGER.warning("GetToken response failed with status: " + execute.code());
            return;
        }
        LOGGER.info("GetToken response is successful");
        TokenResponse body = execute.body();
        setAccessToken(body.access_token);
        LOGGER.info("AccessToken is " + body.access_token);
    }

    public void getToken(PasswordFlow passwordFlow) throws AuthOptionsException, IOException {
        if (this.options.TokenEndpoint == null || this.options.TokenEndpoint.isEmpty()) {
            LOGGER.severe("OAuthOptions.TokenEndpoint is null or empty");
            throw new AuthOptionsException("You need to specify a TokenEndpoint in OAuthOptions");
        }
        LOGGER.info("Getting token for username: " + passwordFlow.username);
        Response<TokenResponse> execute = ((AuthApiInterface) HttpClientFactory(AuthApiInterface.class, null, null)).getToken(this.options.TokenEndpoint, passwordFlow.mapFields()).execute();
        if (!execute.isSuccessful()) {
            LOGGER.warning("GetToken response failed with status: " + execute.code());
            return;
        }
        LOGGER.info("GetToken response is successful");
        TokenResponse body = execute.body();
        setAccessToken(body.access_token);
        LOGGER.info("AccessToken is " + body.access_token);
        setRefreshToken(body.refresh_token);
        LOGGER.info("RefreshToken is " + body.refresh_token);
    }

    public UserInfo getUserInfo() throws AuthOptionsException, IOException {
        return getUserInfo(true);
    }

    public Boolean isAuthenticated() {
        return Boolean.valueOf(!getAccessToken().isEmpty());
    }

    public void logout() throws AuthOptionsException {
        if (this.options.LogOutEndpoint == null || this.options.LogOutEndpoint.isEmpty()) {
            LOGGER.severe("OAuthOptions.LogOutEndpoint is null or empty");
            throw new AuthOptionsException("You need to specify a LogOutEndpoint in OAuthOptions");
        }
        if (!isAuthenticated().booleanValue()) {
            LOGGER.severe("User is not authenticated");
            return;
        }
        LOGGER.info("Logout authenticated User");
        try {
            Response<Object> execute = ((AuthApiInterface) HttpClientFactory(AuthApiInterface.class, getAccessToken(), null)).logout(this.options.LogOutEndpoint).execute();
            if (execute.isSuccessful()) {
                LOGGER.info("Logout successful");
            } else {
                LOGGER.warning("Logout failed with status: " + execute.code());
            }
        } catch (IOException unused) {
            LOGGER.warning("Logout connection closed");
        }
        setAccessToken("");
        setRefreshToken("");
    }
}
