package com.callpod.android_apps.keeper.login.sso;

import android.content.Intent;
import android.net.Uri;
import com.callpod.android_apps.keeper.common.enterprise.SsoHelper;
import com.callpod.android_apps.keeper.common.enterprise.SsoLoginToken;
import com.callpod.android_apps.keeper.common.enterprise.SsoProviderDescription;
import com.callpod.android_apps.keeper.common.login.sso.SsoRedirectUrlParser;
import com.callpod.android_apps.keeper.common.login.sso.SsoUrlParseResult;
import com.callpod.android_apps.keeper.common.sso.SsoTransmissionData;
import com.callpod.android_apps.keeper.common.subfolders.EncrypterCreator;
import com.callpod.android_apps.keeper.common.subfolders.EncrypterCreatorImpl;
import com.callpod.android_apps.keeper.common.util.StringUtil;
import com.callpod.android_apps.keeper.common.util.encryption.GCMEncrypter;
import com.callpod.android_apps.keeper.common.util.encryption.SpongyRSAEncryptionUtil;
import com.callpod.android_apps.keeper.common.util.extensions.ApiUtilsKt;
import com.callpod.android_apps.keeper.login.sso.ParsedSsoLoginTokenResult;
import com.keepersecurity.proto.SsoCloud;
import java.nio.charset.Charset;
import java.nio.charset.StandardCharsets;
import kotlin.Metadata;
import kotlin.NoWhenBranchMatchedException;
import kotlin.Result;
import kotlin.ResultKt;
import kotlin.jvm.internal.DefaultConstructorMarker;
import kotlin.jvm.internal.Intrinsics;
import kotlin.text.StringsKt;
import org.json.JSONObject;

/* compiled from: SsoLoginTokenParser.kt */
@Metadata(bv = {1, 0, 3}, d1 = {"\u0000d\n\u0002\u0018\u0002\n\u0002\u0010\u0000\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0010\u0012\n\u0000\n\u0002\u0010\u000e\n\u0002\b\u0003\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0003\n\u0002\u0018\u0002\n\u0002\b\u0003\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0004\u0018\u0000 %2\u00020\u0001:\u0002%&B\u0019\u0012\b\b\u0002\u0010\u0002\u001a\u00020\u0003\u0012\b\b\u0002\u0010\u0004\u001a\u00020\u0005¢\u0006\u0002\u0010\u0006J\u0012\u0010\u0007\u001a\u0004\u0018\u00010\b2\u0006\u0010\t\u001a\u00020\nH\u0002J\u001c\u0010\u000b\u001a\u0004\u0018\u00010\b2\b\u0010\f\u001a\u0004\u0018\u00010\n2\u0006\u0010\r\u001a\u00020\u000eH\u0002J\u001a\u0010\u000f\u001a\u0004\u0018\u00010\b2\u0006\u0010\r\u001a\u00020\u00102\u0006\u0010\u0011\u001a\u00020\bH\u0002J\u001a\u0010\u000f\u001a\u0004\u0018\u00010\b2\u0006\u0010\r\u001a\u00020\u00122\u0006\u0010\u0011\u001a\u00020\bH\u0002J\u0012\u0010\u0013\u001a\u0004\u0018\u00010\n2\u0006\u0010\u0014\u001a\u00020\nH\u0002J\u001a\u0010\u0015\u001a\u0004\u0018\u00010\u00162\u0006\u0010\r\u001a\u00020\u00102\u0006\u0010\u0017\u001a\u00020\nH\u0002J\u0018\u0010\u0018\u001a\u0004\u0018\u00010\u00162\u0006\u0010\r\u001a\u00020\u000e2\u0006\u0010\u0017\u001a\u00020\nJ\u0012\u0010\u0019\u001a\u00020\u001a2\b\u0010\u0014\u001a\u0004\u0018\u00010\nH\u0002J\u001a\u0010\u001b\u001a\u00020\u001c2\b\u0010\u001d\u001a\u0004\u0018\u00010\u001e2\b\u0010\u001f\u001a\u0004\u0018\u00010 J\u0018\u0010\u001b\u001a\u00020\u001c2\u0006\u0010!\u001a\u00020\n2\u0006\u0010\u001f\u001a\u00020 H\u0002J\u0010\u0010\"\u001a\u00020#2\u0006\u0010$\u001a\u00020\nH\u0002R\u000e\u0010\u0004\u001a\u00020\u0005X\u0082\u0004¢\u0006\u0002\n\u0000R\u000e\u0010\u0002\u001a\u00020\u0003X\u0082\u0004¢\u0006\u0002\n\u0000¨\u0006'"}, d2 = {"Lcom/callpod/android_apps/keeper/login/sso/SsoLoginTokenParser;", "", "ssoRedirectUrlParser", "Lcom/callpod/android_apps/keeper/common/login/sso/SsoRedirectUrlParser;", "encryptionCreatorImpl", "Lcom/callpod/android_apps/keeper/common/subfolders/EncrypterCreator;", "(Lcom/callpod/android_apps/keeper/common/login/sso/SsoRedirectUrlParser;Lcom/callpod/android_apps/keeper/common/subfolders/EncrypterCreator;)V", "base64Decode", "", "input", "", "decodeAndDecrypt", "encodedCipherText", "decryptionKey", "Lcom/callpod/android_apps/keeper/login/sso/SsoLoginTokenParser$DecryptionKey;", "decrypt", "Lcom/callpod/android_apps/keeper/login/sso/SsoLoginTokenParser$DecryptionKey$AesKey;", "cipherText", "Lcom/callpod/android_apps/keeper/login/sso/SsoLoginTokenParser$DecryptionKey$RsaKey;", "encodedErrorTokenToErrorString", "errorToken", "encodedLoginTokenToSsoCloudResponse", "Lcom/callpod/android_apps/keeper/common/enterprise/SsoLoginToken;", "loginToken", "encodedLoginTokenToSsoLoginToken", "errorTokenToJson", "Lorg/json/JSONObject;", "parseIntentDataForSsoRedirect", "Lcom/callpod/android_apps/keeper/login/sso/ParsedSsoLoginTokenResult;", "intent", "Landroid/content/Intent;", "ssoTransmissionData", "Lcom/callpod/android_apps/keeper/common/sso/SsoTransmissionData;", "redirectUrl", "parseRedirectUrl", "Lcom/callpod/android_apps/keeper/common/login/sso/SsoUrlParseResult;", "url", "Companion", "DecryptionKey", "login_gplayProductionRelease"}, k = 1, mv = {1, 4, 2})
/* loaded from: classes2.dex */
public final class SsoLoginTokenParser {
    private static final String TAG = SsoLoginTokenParser.class.getSimpleName();
    private final EncrypterCreator encryptionCreatorImpl;
    private final SsoRedirectUrlParser ssoRedirectUrlParser;

    /* compiled from: SsoLoginTokenParser.kt */
    @Metadata(bv = {1, 0, 3}, d1 = {"\u0000\u0016\n\u0002\u0018\u0002\n\u0002\u0010\u0000\n\u0002\b\u0003\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0000\b6\u0018\u00002\u00020\u0001:\u0002\u0003\u0004B\u0007\b\u0002¢\u0006\u0002\u0010\u0002\u0082\u0001\u0002\u0005\u0006¨\u0006\u0007"}, d2 = {"Lcom/callpod/android_apps/keeper/login/sso/SsoLoginTokenParser$DecryptionKey;", "", "()V", "AesKey", "RsaKey", "Lcom/callpod/android_apps/keeper/login/sso/SsoLoginTokenParser$DecryptionKey$RsaKey;", "Lcom/callpod/android_apps/keeper/login/sso/SsoLoginTokenParser$DecryptionKey$AesKey;", "login_gplayProductionRelease"}, k = 1, mv = {1, 4, 2})
    /* loaded from: classes2.dex */
    public static abstract class DecryptionKey {

        /* compiled from: SsoLoginTokenParser.kt */
        @Metadata(bv = {1, 0, 3}, d1 = {"\u0000\u0012\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0000\n\u0002\u0010\u0012\n\u0002\b\u0004\u0018\u00002\u00020\u0001B\r\u0012\u0006\u0010\u0002\u001a\u00020\u0003¢\u0006\u0002\u0010\u0004R\u0011\u0010\u0002\u001a\u00020\u0003¢\u0006\b\n\u0000\u001a\u0004\b\u0005\u0010\u0006¨\u0006\u0007"}, d2 = {"Lcom/callpod/android_apps/keeper/login/sso/SsoLoginTokenParser$DecryptionKey$AesKey;", "Lcom/callpod/android_apps/keeper/login/sso/SsoLoginTokenParser$DecryptionKey;", "transmissionKey", "", "([B)V", "getTransmissionKey", "()[B", "login_gplayProductionRelease"}, k = 1, mv = {1, 4, 2})
        /* loaded from: classes2.dex */
        public static final class AesKey extends DecryptionKey {
            private final byte[] transmissionKey;

            /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
            public AesKey(byte[] transmissionKey) {
                super(null);
                Intrinsics.checkNotNullParameter(transmissionKey, "transmissionKey");
                this.transmissionKey = transmissionKey;
            }

            public final byte[] getTransmissionKey() {
                return this.transmissionKey;
            }
        }

        /* compiled from: SsoLoginTokenParser.kt */
        @Metadata(bv = {1, 0, 3}, d1 = {"\u0000\u0012\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0000\n\u0002\u0010\u0012\n\u0002\b\u0004\u0018\u00002\u00020\u0001B\r\u0012\u0006\u0010\u0002\u001a\u00020\u0003¢\u0006\u0002\u0010\u0004R\u0011\u0010\u0002\u001a\u00020\u0003¢\u0006\b\n\u0000\u001a\u0004\b\u0005\u0010\u0006¨\u0006\u0007"}, d2 = {"Lcom/callpod/android_apps/keeper/login/sso/SsoLoginTokenParser$DecryptionKey$RsaKey;", "Lcom/callpod/android_apps/keeper/login/sso/SsoLoginTokenParser$DecryptionKey;", "privateKey", "", "([B)V", "getPrivateKey", "()[B", "login_gplayProductionRelease"}, k = 1, mv = {1, 4, 2})
        /* loaded from: classes2.dex */
        public static final class RsaKey extends DecryptionKey {
            private final byte[] privateKey;

            /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
            public RsaKey(byte[] privateKey) {
                super(null);
                Intrinsics.checkNotNullParameter(privateKey, "privateKey");
                this.privateKey = privateKey;
            }

            public final byte[] getPrivateKey() {
                return this.privateKey;
            }
        }

        private DecryptionKey() {
        }

        public /* synthetic */ DecryptionKey(DefaultConstructorMarker defaultConstructorMarker) {
            this();
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    public SsoLoginTokenParser() {
        this(null, 0 == true ? 1 : 0, 3, 0 == true ? 1 : 0);
    }

    public SsoLoginTokenParser(SsoRedirectUrlParser ssoRedirectUrlParser, EncrypterCreator encryptionCreatorImpl) {
        Intrinsics.checkNotNullParameter(ssoRedirectUrlParser, "ssoRedirectUrlParser");
        Intrinsics.checkNotNullParameter(encryptionCreatorImpl, "encryptionCreatorImpl");
        this.ssoRedirectUrlParser = ssoRedirectUrlParser;
        this.encryptionCreatorImpl = encryptionCreatorImpl;
    }

    public /* synthetic */ SsoLoginTokenParser(SsoRedirectUrlParser ssoRedirectUrlParser, EncrypterCreatorImpl encrypterCreatorImpl, int i, DefaultConstructorMarker defaultConstructorMarker) {
        this((i & 1) != 0 ? new SsoRedirectUrlParser() : ssoRedirectUrlParser, (i & 2) != 0 ? new EncrypterCreatorImpl() : encrypterCreatorImpl);
    }

    private final byte[] base64Decode(String input) {
        return SsoRedirectUrlParser.INSTANCE.base64Decode(input);
    }

    private final byte[] decodeAndDecrypt(String encodedCipherText, DecryptionKey decryptionKey) {
        byte[] base64Decode;
        String str = encodedCipherText;
        if ((str == null || StringsKt.isBlank(str)) || (base64Decode = base64Decode(encodedCipherText)) == null) {
            return null;
        }
        if (decryptionKey instanceof DecryptionKey.RsaKey) {
            return decrypt((DecryptionKey.RsaKey) decryptionKey, base64Decode);
        }
        if (decryptionKey instanceof DecryptionKey.AesKey) {
            return decrypt((DecryptionKey.AesKey) decryptionKey, base64Decode);
        }
        throw new NoWhenBranchMatchedException();
    }

    private final byte[] decrypt(DecryptionKey.AesKey decryptionKey, byte[] cipherText) {
        try {
            return this.encryptionCreatorImpl.createEncrypter(decryptionKey.getTransmissionKey()).decrypt(cipherText);
        } catch (Exception unused) {
            return null;
        }
    }

    private final byte[] decrypt(DecryptionKey.RsaKey decryptionKey, byte[] cipherText) {
        try {
            return SpongyRSAEncryptionUtil.decryptWithPrivateKey(decryptionKey.getPrivateKey(), cipherText);
        } catch (Exception unused) {
            return null;
        }
    }

    private final String encodedErrorTokenToErrorString(String errorToken) {
        byte[] base64Decode = base64Decode(errorToken);
        if (base64Decode == null) {
            return null;
        }
        Charset charset = StandardCharsets.UTF_8;
        Intrinsics.checkNotNullExpressionValue(charset, "StandardCharsets.UTF_8");
        return new String(base64Decode, charset);
    }

    private final SsoLoginToken encodedLoginTokenToSsoCloudResponse(DecryptionKey.AesKey decryptionKey, String loginToken) {
        Object m44constructorimpl;
        byte[] base64Decode = base64Decode(loginToken);
        if (base64Decode == null) {
            return null;
        }
        GCMEncrypter gCMEncrypter = new GCMEncrypter(decryptionKey.getTransmissionKey());
        try {
            Result.Companion companion = Result.INSTANCE;
            m44constructorimpl = Result.m44constructorimpl(gCMEncrypter.decrypt(base64Decode));
        } catch (Throwable th) {
            Result.Companion companion2 = Result.INSTANCE;
            m44constructorimpl = Result.m44constructorimpl(ResultKt.createFailure(th));
        }
        if (Result.m50isFailureimpl(m44constructorimpl)) {
            m44constructorimpl = null;
        }
        byte[] bArr = (byte[]) m44constructorimpl;
        if (bArr == null) {
            return null;
        }
        SsoCloud.SsoCloudResponse parseFrom = SsoCloud.SsoCloudResponse.parseFrom(bArr);
        Intrinsics.checkNotNullExpressionValue(parseFrom, "SsoCloud.SsoCloudRespons…From(decryptedLoginToken)");
        SsoLoginToken.Builder email = new SsoLoginToken.Builder().setEmail(parseFrom.getEmail());
        byte[] byteArray = parseFrom.getEncryptedLoginToken().toByteArray();
        Intrinsics.checkNotNullExpressionValue(byteArray, "ssoCloudResponse.encryptedLoginToken.toByteArray()");
        return email.setLoginToken(ApiUtilsKt.base64Encode(byteArray)).setProviderName(parseFrom.getProviderName()).setSessionId(parseFrom.getIdpSessionId()).build();
    }

    private final JSONObject errorTokenToJson(String errorToken) {
        Object m44constructorimpl;
        if (errorToken == null) {
            return new JSONObject();
        }
        try {
            Result.Companion companion = Result.INSTANCE;
            m44constructorimpl = Result.m44constructorimpl(new JSONObject(errorToken));
        } catch (Throwable th) {
            Result.Companion companion2 = Result.INSTANCE;
            m44constructorimpl = Result.m44constructorimpl(ResultKt.createFailure(th));
        }
        if (Result.m47exceptionOrNullimpl(m44constructorimpl) != null) {
            m44constructorimpl = new JSONObject();
        }
        return (JSONObject) m44constructorimpl;
    }

    private final ParsedSsoLoginTokenResult parseIntentDataForSsoRedirect(String redirectUrl, SsoTransmissionData ssoTransmissionData) {
        DecryptionKey.AesKey aesKey;
        SsoLoginToken encodedLoginTokenToSsoCloudResponse;
        SsoHelper.SsoLoginUseCase findMatchingSsoLoginUseCase = SsoHelper.INSTANCE.findMatchingSsoLoginUseCase(redirectUrl);
        if (findMatchingSsoLoginUseCase == null) {
            return ParsedSsoLoginTokenResult.NotSsoLoginToken.INSTANCE;
        }
        SsoUrlParseResult parseRedirectUrl = parseRedirectUrl(redirectUrl);
        if (ssoTransmissionData instanceof SsoTransmissionData.SsoConnectTransmissionData) {
            byte[] bArr = ((SsoTransmissionData.SsoConnectTransmissionData) ssoTransmissionData).getKeyBytesPair().privateKey;
            Intrinsics.checkNotNullExpressionValue(bArr, "ssoTransmissionData.keyBytesPair.privateKey");
            aesKey = new DecryptionKey.RsaKey(bArr);
        } else {
            if (!(ssoTransmissionData instanceof SsoTransmissionData.CloudSsoTransmissionData)) {
                throw new NoWhenBranchMatchedException();
            }
            aesKey = new DecryptionKey.AesKey(((SsoTransmissionData.CloudSsoTransmissionData) ssoTransmissionData).getTransmissionKey());
        }
        SsoProviderDescription ssoProviderDescription = ssoTransmissionData.getSsoProviderDescription();
        if (parseRedirectUrl instanceof SsoUrlParseResult.Success) {
            SsoUrlParseResult.Success success = (SsoUrlParseResult.Success) parseRedirectUrl;
            String encodedLoginToken = success.getEncodedLoginToken();
            if (aesKey instanceof DecryptionKey.RsaKey) {
                encodedLoginTokenToSsoCloudResponse = encodedLoginTokenToSsoLoginToken(aesKey, encodedLoginToken);
            } else {
                if (!(aesKey instanceof DecryptionKey.AesKey)) {
                    throw new NoWhenBranchMatchedException();
                }
                encodedLoginTokenToSsoCloudResponse = encodedLoginTokenToSsoCloudResponse((DecryptionKey.AesKey) aesKey, encodedLoginToken);
            }
            SsoLoginToken ssoLoginToken = encodedLoginTokenToSsoCloudResponse;
            if (ssoLoginToken != null) {
                return new ParsedSsoLoginTokenResult.Success(success, ssoProviderDescription, encodedLoginToken, ssoLoginToken, findMatchingSsoLoginUseCase);
            }
        } else if (parseRedirectUrl instanceof SsoUrlParseResult.ErrorToken) {
            String encodedErrorToken = ((SsoUrlParseResult.ErrorToken) parseRedirectUrl).getEncodedErrorToken();
            return new ParsedSsoLoginTokenResult.ErrorToken(encodedErrorToken, errorTokenToJson(encodedErrorTokenToErrorString(encodedErrorToken)), ssoProviderDescription, findMatchingSsoLoginUseCase);
        }
        return ParsedSsoLoginTokenResult.NotSsoLoginToken.INSTANCE;
    }

    private final SsoUrlParseResult parseRedirectUrl(String url) {
        return this.ssoRedirectUrlParser.parseRedirectUrl(url);
    }

    public final SsoLoginToken encodedLoginTokenToSsoLoginToken(DecryptionKey decryptionKey, String loginToken) {
        String str;
        Intrinsics.checkNotNullParameter(decryptionKey, "decryptionKey");
        Intrinsics.checkNotNullParameter(loginToken, "loginToken");
        byte[] base64Decode = base64Decode(loginToken);
        String str2 = null;
        if (base64Decode == null) {
            return null;
        }
        Charset charset = StandardCharsets.UTF_8;
        Intrinsics.checkNotNullExpressionValue(charset, "StandardCharsets.UTF_8");
        SsoLoginToken parseSsoJsToken = SsoHelper.parseSsoJsToken(new String(base64Decode, charset));
        if (parseSsoJsToken == null) {
            return null;
        }
        if (StringUtil.notBlank(parseSsoJsToken.getPassword())) {
            byte[] decodeAndDecrypt = decodeAndDecrypt(parseSsoJsToken.getPassword(), decryptionKey);
            if (decodeAndDecrypt == null) {
                str = null;
            } else {
                Charset charset2 = StandardCharsets.UTF_8;
                Intrinsics.checkNotNullExpressionValue(charset2, "StandardCharsets.UTF_8");
                str = new String(decodeAndDecrypt, charset2);
            }
            parseSsoJsToken.setPassword(str);
        }
        if (StringUtil.notBlank(parseSsoJsToken.getNewPassword())) {
            byte[] decodeAndDecrypt2 = decodeAndDecrypt(parseSsoJsToken.getNewPassword(), decryptionKey);
            if (decodeAndDecrypt2 != null) {
                Charset charset3 = StandardCharsets.UTF_8;
                Intrinsics.checkNotNullExpressionValue(charset3, "StandardCharsets.UTF_8");
                str2 = new String(decodeAndDecrypt2, charset3);
            }
            parseSsoJsToken.setNewPassword(str2);
        }
        return parseSsoJsToken;
    }

    public final ParsedSsoLoginTokenResult parseIntentDataForSsoRedirect(Intent intent, SsoTransmissionData ssoTransmissionData) {
        Uri data;
        if (intent != null && ssoTransmissionData != null && (data = intent.getData()) != null) {
            String uri = data.toString();
            Intrinsics.checkNotNullExpressionValue(uri, "intentUriData.toString()");
            return parseIntentDataForSsoRedirect(uri, ssoTransmissionData);
        }
        return ParsedSsoLoginTokenResult.NotSsoLoginToken.INSTANCE;
    }
}
