package oracle.idm.mobile;

import android.text.TextUtils;
import android.util.Base64;
import android.util.Log;
import java.io.UnsupportedEncodingException;
import java.util.Map;
import oracle.idm.mobile.OAuthConnectionsUtil;
import oracle.idm.mobile.OMAuthenticationContext;
import org.json.JSONException;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: classes.dex */
public abstract class OAuthMSDYCRService extends OAuthAuthenticationService {
    private static final String AMPERSAND = "&";
    private static final String TAG = OAuthMSDYCRService.class.getName();
    protected String mIdenityClaimString;

    /* JADX INFO: Access modifiers changed from: protected */
    public OAuthMSDYCRService(OMAuthenticationServiceManager oMAuthenticationServiceManager, OMCredentialCollector oMCredentialCollector) {
        super(oMAuthenticationServiceManager, oMCredentialCollector);
    }

    private String getClientID() {
        return ((OMOAuthMobileSecurityConfiguration) this.mss.getMobileSecurityConfig()).getOAuthClientID();
    }

    private boolean isValid(OMAuthenticationContext oMAuthenticationContext, boolean z, boolean z2) throws OMMobileSecurityException {
        return isValid(oMAuthenticationContext, z);
    }

    private void updatePayloadWithClientID(StringBuilder sb) {
        sb.append("client_id=");
        sb.append(getClientID());
        sb.append(AMPERSAND);
    }

    private void updatePayloadWithDeviceProfile(StringBuilder sb) throws UnsupportedEncodingException, JSONException {
        sb.append("oracle_device_profile=");
        sb.append(Base64.encodeToString(getIdentityClaims().getBytes("UTF-8"), 2));
        sb.append(AMPERSAND);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String getPayloadForClientAssertionThreeLegged(Map<String, Object> map) throws UnsupportedEncodingException, JSONException {
        StringBuilder sb = new StringBuilder();
        sb.append("grant_type=");
        sb.append("authorization_code");
        sb.append(AMPERSAND);
        sb.append("code=");
        sb.append((String) map.get(OAuthConnectionsUtil.OAuthResponseParameters.CODE.getValue()));
        sb.append(AMPERSAND);
        updatePayloadWithClientID(sb);
        updatePayloadWithDeviceProfile(sb);
        sb.append("redirect_uri=");
        sb.append(((OMOAuthMobileSecurityConfiguration) this.asm.getMobileSecurityService().getMobileSecurityConfig()).getOAuthRedirectEndpoint());
        if (this.enableReqResVerbose) {
            Log.d(TAG, "--> Request for CLIENT ASSERTION THREE-LEGGED :" + sb.toString());
        }
        return sb.toString();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String getPayloadForClientAssertionTwoLegged(Map<String, Object> map) throws UnsupportedEncodingException, JSONException {
        StringBuilder sb = new StringBuilder();
        sb.append("grant_type=");
        sb.append("password");
        sb.append(AMPERSAND);
        sb.append("username=");
        sb.append((String) map.get("username"));
        sb.append(AMPERSAND);
        sb.append("password=");
        sb.append((String) map.get("password"));
        sb.append(AMPERSAND);
        updatePayloadWithClientID(sb);
        sb.append("oracle_pre_authz_code=");
        sb.append((String) map.get("OAuthMSPreAuthZCodeParam"));
        sb.append(AMPERSAND);
        updatePayloadWithDeviceProfile(sb);
        sb.append("oracle_requested_assertions=");
        sb.append("urn:ietf:params:oauth:client-assertion-type:jwt-bearer");
        if (this.enableReqResVerbose) {
            Log.d(TAG, "--> Request for CLIENT ASSERTION TWO-LEGGED :" + sb.toString());
        }
        return sb.toString();
    }

    protected String getPayloadForRefreshingClientAssertion(String str) throws UnsupportedEncodingException, JSONException {
        StringBuilder sb = new StringBuilder();
        updatePayloadWithClientID(sb);
        sb.append("grant_type=");
        sb.append("refresh_token");
        sb.append(AMPERSAND);
        sb.append("refresh_token=");
        sb.append(str);
        sb.append(AMPERSAND);
        updatePayloadWithDeviceProfile(sb);
        if (this.enableReqResVerbose) {
            Log.d(TAG, "--> Request for Refreshing CLIENT ASSERTION :" + sb.toString());
        }
        return sb.toString();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean isClientAssertionValid(OMAuthenticationContext oMAuthenticationContext) throws OMMobileSecurityException {
        if (this.asm.retrieveClientAssertion() != null) {
            return isValid(oMAuthenticationContext, false, true);
        }
        return false;
    }

    @Override // oracle.idm.mobile.OAuthAuthenticationService, oracle.idm.mobile.AuthenticationService
    public boolean isValid(OMAuthenticationContext oMAuthenticationContext, boolean z) throws OMMobileSecurityException {
        if (oMAuthenticationContext.getAuthenticationProvider() != OMAuthenticationContext.AuthenticationProvider.OAUTH20 && (this.asm.getOAuthConnUtil() == null || this.asm.getOAuthConnUtil().getOAuthType() != OAuthConnectionsUtil.OAuthType.MSOAUTH)) {
            return true;
        }
        if (z) {
        }
        OAuthMSToken retrieveClientAssertion = this.asm.retrieveClientAssertion();
        boolean isTokenExpired = retrieveClientAssertion != null ? retrieveClientAssertion.isTokenExpired() : false;
        Log.d(TAG, "isValid = " + (!isTokenExpired));
        return !isTokenExpired;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // oracle.idm.mobile.OAuthAuthenticationService, oracle.idm.mobile.AuthenticationService
    public void logout(OMAuthenticationContext oMAuthenticationContext, boolean z, boolean z2, boolean z3, boolean z4) {
        if (oMAuthenticationContext.getAuthenticationProvider() != OMAuthenticationContext.AuthenticationProvider.OAUTH20) {
            return;
        }
        if ((this.asm.getOAuthConnUtil() == null || this.asm.getOAuthConnUtil().getOAuthType() == OAuthConnectionsUtil.OAuthType.MSOAUTH) && z2 && z4) {
            this.asm.removeClientAssertion();
            Log.d(TAG, "Client Assertion Removed from Store.");
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void onClientAssertion(String str, OMAuthenticationContext oMAuthenticationContext) throws JSONException {
        OAuthMSToken oAuthMSToken = new OAuthMSToken(str);
        if (oAuthMSToken != null) {
            Log.d(TAG, "Client Assertion acquired!");
            this.asm.setClientAssertion(oAuthMSToken);
            OAuthMSToken userAssertionToken = oAuthMSToken.getUserAssertionToken();
            if (userAssertionToken == null || TextUtils.isEmpty(userAssertionToken.getValue())) {
                Log.d(TAG, "User Assertion not acquired!");
            } else {
                Log.d(TAG, "User Assertion acquired!");
                oMAuthenticationContext.getTokens().put(OMSecurityConstants.OM_OAUTH_USER_ASSERTION_TOKEN, userAssertionToken);
            }
            oMAuthenticationContext.setStatus(OMAuthenticationContext.AuthContextStatus.OAUTH_DYCR_DONE);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // oracle.idm.mobile.AuthenticationService
    public void validateInput(OMAuthenticationRequest oMAuthenticationRequest, OMAuthenticationContext oMAuthenticationContext) throws OMMobileSecurityException {
        if (oMAuthenticationContext.getInputParams() != null && !oMAuthenticationContext.getInputParams().containsKey("OAuthMSPreAuthZCodeParam")) {
            throw new OMMobileSecurityException(OMErrorCode.OAUH_MS_PRE_AUHZ_CODE_INVALID, (String) null, this.asm.getApplicationContext());
        }
        super.validateInput(oMAuthenticationRequest, oMAuthenticationContext);
    }
}
