package com.callpod.android_apps.keeper.common.sso;

import android.content.Context;
import android.net.Uri;
import android.util.Base64;
import com.callpod.android_apps.keeper.common.api.RestTransmissionKeyProvider;
import com.callpod.android_apps.keeper.common.database.Database;
import com.callpod.android_apps.keeper.common.database.Settings;
import com.callpod.android_apps.keeper.common.enterprise.SsoHelper;
import com.callpod.android_apps.keeper.common.login.sso.SsoRedirectUrlParser;
import com.callpod.android_apps.keeper.common.sso.SsoTransmissionData;
import com.callpod.android_apps.keeper.common.util.UserLocale;
import com.callpod.android_apps.keeper.common.util.encryption.EncrypterFactory;
import com.callpod.android_apps.keeper.common.util.encryption.GCMEncrypterCreator;
import com.callpod.android_apps.keeper.common.util.encryption.SpongyRSAEncryptionUtil;
import com.keepersecurity.proto.Authentication;
import java.util.Set;
import kotlin.Metadata;
import kotlin.NoWhenBranchMatchedException;
import kotlin.collections.SetsKt;
import kotlin.jvm.JvmStatic;
import kotlin.jvm.internal.DefaultConstructorMarker;
import kotlin.jvm.internal.Intrinsics;

/* compiled from: SsoUrlBuilder.kt */
@Metadata(bv = {1, 0, 3}, d1 = {"\u0000\\\n\u0002\u0018\u0002\n\u0002\u0010\u0000\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0010\u000e\n\u0000\n\u0002\u0010\u0012\n\u0002\b\u0007\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0003\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0010\u0002\n\u0000\n\u0002\u0010\"\n\u0002\b\u0004\u0018\u0000 $2\u00020\u0001:\u0003$%&B\u0015\u0012\u0006\u0010\u0002\u001a\u00020\u0003\u0012\u0006\u0010\u0004\u001a\u00020\u0005¢\u0006\u0002\u0010\u0006J\u0010\u0010\u0007\u001a\u00020\b2\u0006\u0010\t\u001a\u00020\nH\u0002J \u0010\u000b\u001a\u00020\b2\u0006\u0010\f\u001a\u00020\b2\u0006\u0010\r\u001a\u00020\b2\b\u0010\u000e\u001a\u0004\u0018\u00010\bJ\u001e\u0010\u000f\u001a\u00020\b2\u0006\u0010\f\u001a\u00020\b2\u0006\u0010\r\u001a\u00020\b2\u0006\u0010\u000e\u001a\u00020\bJ\u001e\u0010\u0010\u001a\u00020\b2\u0006\u0010\f\u001a\u00020\b2\u0006\u0010\u0011\u001a\u00020\u00122\u0006\u0010\u0013\u001a\u00020\u0014J\u000e\u0010\u0015\u001a\u00020\b2\u0006\u0010\f\u001a\u00020\bJ\u0018\u0010\u0016\u001a\u00020\u00172\u0006\u0010\u0011\u001a\u00020\u00122\u0006\u0010\u0018\u001a\u00020\u0019H\u0002J*\u0010\u001a\u001a\u00020\u00172\u0006\u0010\u0011\u001a\u00020\u00122\u0006\u0010\u0018\u001a\u00020\u00192\b\u0010\u000e\u001a\u0004\u0018\u00010\b2\u0006\u0010\r\u001a\u00020\bH\u0002J\b\u0010\u001b\u001a\u00020\nH\u0002J\u0010\u0010\u001c\u001a\u00020\u001d2\u0006\u0010\u0013\u001a\u00020\u0014H\u0002J\b\u0010\u001e\u001a\u00020\u001fH\u0002J\u001e\u0010 \u001a\u00020!2\f\u0010\"\u001a\b\u0012\u0004\u0012\u00020\u00120#2\u0006\u0010\u0011\u001a\u00020\u0012H\u0002R\u000e\u0010\u0004\u001a\u00020\u0005X\u0082\u0004¢\u0006\u0002\n\u0000R\u000e\u0010\u0002\u001a\u00020\u0003X\u0082\u0004¢\u0006\u0002\n\u0000¨\u0006'"}, d2 = {"Lcom/callpod/android_apps/keeper/common/sso/SsoUrlBuilder;", "", "ssoTransmissionDataStorageProvider", "Lcom/callpod/android_apps/keeper/common/sso/SsoTransmissionDataStorageProvider;", "cloudSsoRestPayloadBuilder", "Lcom/callpod/android_apps/keeper/common/sso/CloudSsoRestPayloadBuilder;", "(Lcom/callpod/android_apps/keeper/common/sso/SsoTransmissionDataStorageProvider;Lcom/callpod/android_apps/keeper/common/sso/CloudSsoRestPayloadBuilder;)V", "base64EncodeToString", "", "input", "", "buildCloudSsoLogoutUrl", "url", "username", "idpSessionId", "buildSsoConnectLogoutUrl", "buildSsoLoginUrl", "ssoLoginUseCase", "Lcom/callpod/android_apps/keeper/common/enterprise/SsoHelper$SsoLoginUseCase;", "ssoServerType", "Lcom/callpod/android_apps/keeper/common/sso/SsoUrlBuilder$SsoServerType;", "buildSsoLoginUrlEmbedded", "createLoginCloudSsoRequestPayload", "Lcom/keepersecurity/proto/Authentication$ApiRequest;", "decryptionKey", "Lcom/callpod/android_apps/keeper/common/sso/SsoUrlBuilder$DecryptionKey$CloudSsoKey;", "createLogoutCloudSsoRequestPayload", "getCloudSsoTransmissionKey", "getDecryptionKey", "Lcom/callpod/android_apps/keeper/common/sso/SsoUrlBuilder$DecryptionKey;", "getSsoConnectKeyBytesPair", "Lcom/callpod/android_apps/keeper/common/util/encryption/SpongyRSAEncryptionUtil$KeyBytesPair;", "validateUseCase", "", "validUseCases", "", "Companion", "DecryptionKey", "SsoServerType", "common_gplayProductionRelease"}, k = 1, mv = {1, 4, 2})
/* loaded from: classes2.dex */
public final class SsoUrlBuilder {

    /* renamed from: Companion, reason: from kotlin metadata */
    public static final Companion INSTANCE = new Companion(null);
    private static final IllegalStateException transmissionStorageProviderInvalidStateException = new IllegalStateException("transmission encryption data not found,SsoTransmissionDataStorageProvider either wasn't initialized or was initialized for the wrong sso server type");
    private final CloudSsoRestPayloadBuilder cloudSsoRestPayloadBuilder;
    private final SsoTransmissionDataStorageProvider ssoTransmissionDataStorageProvider;

    /* compiled from: SsoUrlBuilder.kt */
    @Metadata(bv = {1, 0, 3}, d1 = {"\u0000(\n\u0002\u0018\u0002\n\u0002\u0010\u0000\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\b\u0086\u0003\u0018\u00002\u00020\u0001B\u0007\b\u0002¢\u0006\u0002\u0010\u0002J\u0018\u0010\u0006\u001a\u00020\u00072\u0006\u0010\b\u001a\u00020\t2\u0006\u0010\n\u001a\u00020\u000bH\u0007R\u0012\u0010\u0003\u001a\u00060\u0004j\u0002`\u0005X\u0082\u0004¢\u0006\u0002\n\u0000¨\u0006\f"}, d2 = {"Lcom/callpod/android_apps/keeper/common/sso/SsoUrlBuilder$Companion;", "", "()V", "transmissionStorageProviderInvalidStateException", "Ljava/lang/IllegalStateException;", "Lkotlin/IllegalStateException;", "create", "Lcom/callpod/android_apps/keeper/common/sso/SsoUrlBuilder;", "context", "Landroid/content/Context;", "ssoTransmissionDataStorageProvider", "Lcom/callpod/android_apps/keeper/common/sso/SsoTransmissionDataStorageProvider;", "common_gplayProductionRelease"}, k = 1, mv = {1, 4, 2})
    /* loaded from: classes2.dex */
    public static final class Companion {
        private Companion() {
        }

        public /* synthetic */ Companion(DefaultConstructorMarker defaultConstructorMarker) {
            this();
        }

        @JvmStatic
        public final SsoUrlBuilder create(Context context, SsoTransmissionDataStorageProvider ssoTransmissionDataStorageProvider) {
            Intrinsics.checkNotNullParameter(context, "context");
            Intrinsics.checkNotNullParameter(ssoTransmissionDataStorageProvider, "ssoTransmissionDataStorageProvider");
            return new SsoUrlBuilder(ssoTransmissionDataStorageProvider, new CloudSsoRestPayloadBuilder(new RestTransmissionKeyProvider(new Settings(Database.getDB(context.getApplicationContext()), EncrypterFactory.INSTANCE)), new GCMEncrypterCreator(), UserLocale.INSTANCE));
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* compiled from: SsoUrlBuilder.kt */
    @Metadata(bv = {1, 0, 3}, d1 = {"\u0000\u0016\n\u0002\u0018\u0002\n\u0002\u0010\u0000\n\u0002\b\u0003\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0000\b2\u0018\u00002\u00020\u0001:\u0002\u0003\u0004B\u0007\b\u0002¢\u0006\u0002\u0010\u0002\u0082\u0001\u0002\u0005\u0006¨\u0006\u0007"}, d2 = {"Lcom/callpod/android_apps/keeper/common/sso/SsoUrlBuilder$DecryptionKey;", "", "()V", "CloudSsoKey", "SsoConnectKey", "Lcom/callpod/android_apps/keeper/common/sso/SsoUrlBuilder$DecryptionKey$SsoConnectKey;", "Lcom/callpod/android_apps/keeper/common/sso/SsoUrlBuilder$DecryptionKey$CloudSsoKey;", "common_gplayProductionRelease"}, k = 1, mv = {1, 4, 2})
    /* loaded from: classes2.dex */
    public static abstract class DecryptionKey {

        /* compiled from: SsoUrlBuilder.kt */
        @Metadata(bv = {1, 0, 3}, d1 = {"\u0000\u0012\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0000\n\u0002\u0010\u0012\n\u0002\b\u0004\u0018\u00002\u00020\u0001B\r\u0012\u0006\u0010\u0002\u001a\u00020\u0003¢\u0006\u0002\u0010\u0004R\u0011\u0010\u0002\u001a\u00020\u0003¢\u0006\b\n\u0000\u001a\u0004\b\u0005\u0010\u0006¨\u0006\u0007"}, d2 = {"Lcom/callpod/android_apps/keeper/common/sso/SsoUrlBuilder$DecryptionKey$CloudSsoKey;", "Lcom/callpod/android_apps/keeper/common/sso/SsoUrlBuilder$DecryptionKey;", "transmissionKey", "", "([B)V", "getTransmissionKey", "()[B", "common_gplayProductionRelease"}, k = 1, mv = {1, 4, 2})
        /* loaded from: classes2.dex */
        public static final class CloudSsoKey extends DecryptionKey {
            private final byte[] transmissionKey;

            /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
            public CloudSsoKey(byte[] transmissionKey) {
                super(null);
                Intrinsics.checkNotNullParameter(transmissionKey, "transmissionKey");
                this.transmissionKey = transmissionKey;
            }

            public final byte[] getTransmissionKey() {
                return this.transmissionKey;
            }
        }

        /* compiled from: SsoUrlBuilder.kt */
        @Metadata(bv = {1, 0, 3}, d1 = {"\u0000\u0012\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0004\u0018\u00002\u00020\u0001B\r\u0012\u0006\u0010\u0002\u001a\u00020\u0003¢\u0006\u0002\u0010\u0004R\u0011\u0010\u0002\u001a\u00020\u0003¢\u0006\b\n\u0000\u001a\u0004\b\u0005\u0010\u0006¨\u0006\u0007"}, d2 = {"Lcom/callpod/android_apps/keeper/common/sso/SsoUrlBuilder$DecryptionKey$SsoConnectKey;", "Lcom/callpod/android_apps/keeper/common/sso/SsoUrlBuilder$DecryptionKey;", "keyPair", "Lcom/callpod/android_apps/keeper/common/util/encryption/SpongyRSAEncryptionUtil$KeyBytesPair;", "(Lcom/callpod/android_apps/keeper/common/util/encryption/SpongyRSAEncryptionUtil$KeyBytesPair;)V", "getKeyPair", "()Lcom/callpod/android_apps/keeper/common/util/encryption/SpongyRSAEncryptionUtil$KeyBytesPair;", "common_gplayProductionRelease"}, k = 1, mv = {1, 4, 2})
        /* loaded from: classes2.dex */
        public static final class SsoConnectKey extends DecryptionKey {
            private final SpongyRSAEncryptionUtil.KeyBytesPair keyPair;

            /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
            public SsoConnectKey(SpongyRSAEncryptionUtil.KeyBytesPair keyPair) {
                super(null);
                Intrinsics.checkNotNullParameter(keyPair, "keyPair");
                this.keyPair = keyPair;
            }

            public final SpongyRSAEncryptionUtil.KeyBytesPair getKeyPair() {
                return this.keyPair;
            }
        }

        private DecryptionKey() {
        }

        public /* synthetic */ DecryptionKey(DefaultConstructorMarker defaultConstructorMarker) {
            this();
        }
    }

    /* compiled from: SsoUrlBuilder.kt */
    @Metadata(bv = {1, 0, 3}, d1 = {"\u0000\f\n\u0002\u0018\u0002\n\u0002\u0010\u0010\n\u0002\b\u0004\b\u0086\u0001\u0018\u00002\b\u0012\u0004\u0012\u00020\u00000\u0001B\u0007\b\u0002¢\u0006\u0002\u0010\u0002j\u0002\b\u0003j\u0002\b\u0004¨\u0006\u0005"}, d2 = {"Lcom/callpod/android_apps/keeper/common/sso/SsoUrlBuilder$SsoServerType;", "", "(Ljava/lang/String;I)V", "SsoConnect", "CloudSso", "common_gplayProductionRelease"}, k = 1, mv = {1, 4, 2})
    /* loaded from: classes2.dex */
    public enum SsoServerType {
        SsoConnect,
        CloudSso
    }

    @Metadata(bv = {1, 0, 3}, k = 3, mv = {1, 4, 2})
    /* loaded from: classes2.dex */
    public final /* synthetic */ class WhenMappings {
        public static final /* synthetic */ int[] $EnumSwitchMapping$0;

        static {
            int[] iArr = new int[SsoServerType.values().length];
            $EnumSwitchMapping$0 = iArr;
            iArr[SsoServerType.SsoConnect.ordinal()] = 1;
            iArr[SsoServerType.CloudSso.ordinal()] = 2;
        }
    }

    public SsoUrlBuilder(SsoTransmissionDataStorageProvider ssoTransmissionDataStorageProvider, CloudSsoRestPayloadBuilder cloudSsoRestPayloadBuilder) {
        Intrinsics.checkNotNullParameter(ssoTransmissionDataStorageProvider, "ssoTransmissionDataStorageProvider");
        Intrinsics.checkNotNullParameter(cloudSsoRestPayloadBuilder, "cloudSsoRestPayloadBuilder");
        this.ssoTransmissionDataStorageProvider = ssoTransmissionDataStorageProvider;
        this.cloudSsoRestPayloadBuilder = cloudSsoRestPayloadBuilder;
    }

    private final String base64EncodeToString(byte[] input) {
        return SsoRedirectUrlParser.INSTANCE.base64EncodeToString(input);
    }

    @JvmStatic
    public static final SsoUrlBuilder create(Context context, SsoTransmissionDataStorageProvider ssoTransmissionDataStorageProvider) {
        return INSTANCE.create(context, ssoTransmissionDataStorageProvider);
    }

    private final Authentication.ApiRequest createLoginCloudSsoRequestPayload(SsoHelper.SsoLoginUseCase ssoLoginUseCase, DecryptionKey.CloudSsoKey decryptionKey) {
        return this.cloudSsoRestPayloadBuilder.createEncryptedSsoCloudRequest(ssoLoginUseCase, decryptionKey.getTransmissionKey(), null, null);
    }

    private final Authentication.ApiRequest createLogoutCloudSsoRequestPayload(SsoHelper.SsoLoginUseCase ssoLoginUseCase, DecryptionKey.CloudSsoKey decryptionKey, String idpSessionId, String username) {
        return this.cloudSsoRestPayloadBuilder.createEncryptedSsoCloudRequest(ssoLoginUseCase, decryptionKey.getTransmissionKey(), idpSessionId, username);
    }

    private final byte[] getCloudSsoTransmissionKey() {
        SsoTransmissionData savedSsoTransmissionData = this.ssoTransmissionDataStorageProvider.getSavedSsoTransmissionData();
        if (savedSsoTransmissionData instanceof SsoTransmissionData.CloudSsoTransmissionData) {
            return ((SsoTransmissionData.CloudSsoTransmissionData) savedSsoTransmissionData).getTransmissionKey();
        }
        throw transmissionStorageProviderInvalidStateException;
    }

    private final DecryptionKey getDecryptionKey(SsoServerType ssoServerType) {
        int i = WhenMappings.$EnumSwitchMapping$0[ssoServerType.ordinal()];
        if (i == 1) {
            return new DecryptionKey.SsoConnectKey(getSsoConnectKeyBytesPair());
        }
        if (i == 2) {
            return new DecryptionKey.CloudSsoKey(getCloudSsoTransmissionKey());
        }
        throw new NoWhenBranchMatchedException();
    }

    private final SpongyRSAEncryptionUtil.KeyBytesPair getSsoConnectKeyBytesPair() {
        SsoTransmissionData savedSsoTransmissionData = this.ssoTransmissionDataStorageProvider.getSavedSsoTransmissionData();
        if (savedSsoTransmissionData instanceof SsoTransmissionData.SsoConnectTransmissionData) {
            return ((SsoTransmissionData.SsoConnectTransmissionData) savedSsoTransmissionData).getKeyBytesPair();
        }
        throw transmissionStorageProviderInvalidStateException;
    }

    private final void validateUseCase(Set<? extends SsoHelper.SsoLoginUseCase> validUseCases, SsoHelper.SsoLoginUseCase ssoLoginUseCase) {
        if (validUseCases.contains(ssoLoginUseCase)) {
            return;
        }
        throw new IllegalArgumentException(("invalid useCase '" + ssoLoginUseCase + '\'').toString());
    }

    public final String buildCloudSsoLogoutUrl(String url, String username, String idpSessionId) {
        Intrinsics.checkNotNullParameter(url, "url");
        Intrinsics.checkNotNullParameter(username, "username");
        DecryptionKey decryptionKey = getDecryptionKey(SsoServerType.CloudSso);
        Uri.Builder buildUpon = Uri.parse(url).buildUpon();
        SsoHelper.SsoLoginUseCase ssoLoginUseCase = SsoHelper.SsoLoginUseCase.Logout;
        if (!(decryptionKey instanceof DecryptionKey.CloudSsoKey)) {
            throw new IllegalStateException("incorrect decryption key type for cloud sso logout".toString());
        }
        buildUpon.appendQueryParameter(SsoHelper.SsoConnectProperties.PAYLOAD, Base64.encodeToString(createLogoutCloudSsoRequestPayload(ssoLoginUseCase, (DecryptionKey.CloudSsoKey) decryptionKey, idpSessionId, username).toByteArray(), 11));
        String uri = buildUpon.build().toString();
        Intrinsics.checkNotNullExpressionValue(uri, "builder.build().toString()");
        return uri;
    }

    public final String buildSsoConnectLogoutUrl(String url, String username, String idpSessionId) {
        Intrinsics.checkNotNullParameter(url, "url");
        Intrinsics.checkNotNullParameter(username, "username");
        Intrinsics.checkNotNullParameter(idpSessionId, "idpSessionId");
        DecryptionKey decryptionKey = getDecryptionKey(SsoServerType.SsoConnect);
        Uri.Builder buildUpon = Uri.parse(url).buildUpon();
        SsoHelper.SsoLoginUseCase ssoLoginUseCase = SsoHelper.SsoLoginUseCase.Logout;
        if (!(decryptionKey instanceof DecryptionKey.SsoConnectKey)) {
            throw new IllegalStateException("incorrect decryption key type for sso connect logout".toString());
        }
        byte[] bArr = ((DecryptionKey.SsoConnectKey) decryptionKey).getKeyPair().publicKey;
        Intrinsics.checkNotNullExpressionValue(bArr, "decryptionKey.keyPair.publicKey");
        buildUpon.appendQueryParameter("key", base64EncodeToString(bArr));
        buildUpon.appendQueryParameter(SsoHelper.SsoConnectProperties.DEST, SsoHelper.getSsoDestForUseCase(ssoLoginUseCase));
        buildUpon.appendQueryParameter(SsoHelper.SsoConnectProperties.SESSION_ID, idpSessionId);
        buildUpon.appendQueryParameter("username", username);
        String uri = buildUpon.build().toString();
        Intrinsics.checkNotNullExpressionValue(uri, "builder.build().toString()");
        return uri;
    }

    public final String buildSsoLoginUrl(String url, SsoHelper.SsoLoginUseCase ssoLoginUseCase, SsoServerType ssoServerType) {
        Intrinsics.checkNotNullParameter(url, "url");
        Intrinsics.checkNotNullParameter(ssoLoginUseCase, "ssoLoginUseCase");
        Intrinsics.checkNotNullParameter(ssoServerType, "ssoServerType");
        validateUseCase(SetsKt.setOf((Object[]) new SsoHelper.SsoLoginUseCase[]{SsoHelper.SsoLoginUseCase.Login, SsoHelper.SsoLoginUseCase.RegistrationLogin, SsoHelper.SsoLoginUseCase.LoginForAdvancedSettings}), ssoLoginUseCase);
        DecryptionKey decryptionKey = getDecryptionKey(ssoServerType);
        Uri.Builder buildUpon = Uri.parse(url).buildUpon();
        if (decryptionKey instanceof DecryptionKey.SsoConnectKey) {
            byte[] bArr = ((DecryptionKey.SsoConnectKey) decryptionKey).getKeyPair().publicKey;
            Intrinsics.checkNotNullExpressionValue(bArr, "decryptionKey.keyPair.publicKey");
            buildUpon.appendQueryParameter("key", base64EncodeToString(bArr));
            buildUpon.appendQueryParameter(SsoHelper.SsoConnectProperties.DEST, SsoHelper.getSsoDestForUseCase(ssoLoginUseCase));
        } else if (decryptionKey instanceof DecryptionKey.CloudSsoKey) {
            buildUpon.appendQueryParameter(SsoHelper.SsoConnectProperties.PAYLOAD, Base64.encodeToString(createLoginCloudSsoRequestPayload(ssoLoginUseCase, (DecryptionKey.CloudSsoKey) decryptionKey).toByteArray(), 11));
        }
        String uri = buildUpon.build().toString();
        Intrinsics.checkNotNullExpressionValue(uri, "builder.build().toString()");
        return uri;
    }

    public final String buildSsoLoginUrlEmbedded(String url) {
        Intrinsics.checkNotNullParameter(url, "url");
        String uri = Uri.parse(url).buildUpon().appendQueryParameter(SsoHelper.SsoConnectProperties.EMBEDDED, "").build().toString();
        Intrinsics.checkNotNullExpressionValue(uri, "Uri.parse(url).buildUpon…      .build().toString()");
        return uri;
    }
}
