package com.genexus.android.core.common;

import android.net.Uri;
import android.util.Pair;
import com.caverock.androidsvg.SVGParser;
import com.genexus.android.core.actions.UIContext;
import com.genexus.android.core.activities.ActivityLauncher;
import com.genexus.android.core.base.metadata.GenexusApplication;
import com.genexus.android.core.base.metadata.IViewDefinition;
import com.genexus.android.core.base.model.Entity;
import com.genexus.android.core.base.services.IHttpService;
import com.genexus.android.core.base.services.ISecureAppPreferences;
import com.genexus.android.core.base.services.ServiceResponse;
import com.genexus.android.core.base.services.Services;
import com.genexus.android.core.base.services.UrlBuilder;
import com.genexus.android.core.base.utils.ResultDetail;
import com.genexus.android.core.base.utils.Strings;
import com.genexus.android.core.common.security.ApplicationSessionEvent;
import com.genexus.android.core.providers.EntityDataProvider;
import com.genexus.android.gam.GAMHelper;
import com.genexus.android.gam.GAMUser;
import java.util.ArrayList;
import java.util.LinkedHashMap;
import java.util.Map;
import kotlin.Metadata;
import kotlin.jvm.internal.Intrinsics;
import kotlin.text.Regex;
import kotlin.text.StringsKt;
import kotlin.time.Duration;
import kotlin.time.DurationKt;
import kotlin.time.DurationUnit;
import org.apache.xerces.impl.xs.SchemaSymbols;
import org.json.JSONObject;

/* compiled from: SecurityHelper.kt */
@Metadata(d1 = {"\u0000°\u0001\n\u0002\u0018\u0002\n\u0002\u0010\u0000\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0010\u000e\n\u0002\b\n\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0004\n\u0002\u0018\u0002\n\u0002\u0010\u000b\n\u0002\b\u0005\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0003\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0002\b\u0003\n\u0002\u0010\u0002\n\u0002\b\u0007\n\u0002\u0018\u0002\n\u0002\b\u0005\n\u0002\u0010$\n\u0002\b\u0005\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0000\n\u0002\u0010\b\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0005\n\u0002\u0010\t\n\u0002\b\u0017\b\u0016\u0018\u0000 k2\u00020\u0001:\u0006jklmnoB\r\u0012\u0006\u0010\u0002\u001a\u00020\u0003¢\u0006\u0002\u0010\u0004J\u0014\u0010!\u001a\u0006\u0012\u0002\b\u00030\"2\b\u0010#\u001a\u0004\u0018\u00010\u0006J\u0014\u0010$\u001a\b\u0012\u0004\u0012\u00020%0\"2\u0006\u0010&\u001a\u00020'J&\u0010$\u001a\b\u0012\u0004\u0012\u00020%0\"2\u0006\u0010&\u001a\u00020'2\u0006\u0010(\u001a\u00020\u00192\u0006\u0010)\u001a\u00020\u0019H\u0002J&\u0010*\u001a\u0010\u0012\u0004\u0012\u00020\u0019\u0012\u0006\u0012\u0004\u0018\u00010\u00060+2\b\u0010,\u001a\u0004\u0018\u00010-2\u0006\u0010.\u001a\u00020/J&\u0010*\u001a\b\u0012\u0004\u0012\u00020%0\"2\b\u0010,\u001a\u0004\u0018\u00010-2\u0006\u0010.\u001a\u0002002\u0006\u0010&\u001a\u00020'J4\u00101\u001a\u00020\u00192\b\u00102\u001a\u0004\u0018\u00010\u00062\b\u0010\u0005\u001a\u0004\u0018\u00010\u00062\u0006\u0010\f\u001a\u00020\u00062\u0006\u0010(\u001a\u00020\u00192\u0006\u0010)\u001a\u00020\u0019H\u0002J>\u00103\u001a\u0002042\b\u00102\u001a\u0004\u0018\u00010\u00062\b\u0010\u0007\u001a\u0004\u0018\u00010\u00062\b\u00105\u001a\u0004\u0018\u00010\u00062\u0006\u0010\f\u001a\u00020\u00062\u0006\u0010(\u001a\u00020\u00192\u0006\u0010)\u001a\u00020\u0019H\u0002J(\u00106\u001a\u0002042\u0006\u00102\u001a\u00020\u00062\u0006\u0010\u0007\u001a\u00020\u00062\u0006\u0010\f\u001a\u00020\u00062\u0006\u00107\u001a\u00020\u0006H\u0002J\u0014\u00108\u001a\b\u0012\u0004\u0012\u00020%0\"2\u0006\u0010&\u001a\u00020'J\u0018\u00109\u001a\u00020\u00192\u0006\u0010:\u001a\u00020-2\b\u0010;\u001a\u0004\u0018\u00010<J\u0010\u0010=\u001a\u00020\u00192\u0006\u00105\u001a\u00020\u0006H\u0014J\u0010\u0010>\u001a\u00020\u00062\b\u0010\f\u001a\u0004\u0018\u00010\u0006J\u0006\u0010?\u001a\u000204J&\u0010@\u001a\u00020\u00192\u0014\u0010A\u001a\u0010\u0012\u0004\u0012\u00020\u0006\u0012\u0006\u0012\u0004\u0018\u00010\u00060B2\u0006\u0010)\u001a\u00020\u0019H\u0002JF\u0010C\u001a\u0010\u0012\u0004\u0012\u00020\u0006\u0012\u0006\u0012\u0004\u0018\u00010\u00060B2\b\u0010D\u001a\u0004\u0018\u00010\u00062\b\u0010E\u001a\u0004\u0018\u00010\u00062\b\u0010F\u001a\u0004\u0018\u00010\u00062\b\u00105\u001a\u0004\u0018\u00010\u00062\b\u0010G\u001a\u0004\u0018\u00010HJ\b\u0010I\u001a\u00020\u0006H\u0002J\b\u0010J\u001a\u0004\u0018\u00010KJ\u0010\u0010L\u001a\u0002042\u0006\u0010:\u001a\u00020-H\u0014J,\u0010M\u001a\u00020N2\u0006\u0010:\u001a\u00020-2\u0006\u0010O\u001a\u00020P2\b\u0010Q\u001a\u0004\u0018\u00010\u00062\b\u0010R\u001a\u0004\u0018\u00010SH\u0016J\u000e\u0010T\u001a\u00020\u00192\u0006\u0010\u0005\u001a\u00020KJ\u0006\u0010U\u001a\u000204J\u0006\u0010V\u001a\u000204J!\u0010W\u001a\u0002042\b\u0010X\u001a\u0004\u0018\u00010Y2\b\u0010Z\u001a\u0004\u0018\u00010PH\u0002¢\u0006\u0002\u0010[J\u0012\u0010\\\u001a\u0002042\b\u0010]\u001a\u0004\u0018\u00010\u0006H\u0002J&\u0010^\u001a\u0002042\b\u0010\f\u001a\u0004\u0018\u00010\u00062\b\u0010\u0007\u001a\u0004\u0018\u00010\u00062\b\u00105\u001a\u0004\u0018\u00010\u0006H\u0002J\u0012\u0010_\u001a\u0002042\b\u00102\u001a\u0004\u0018\u00010\u0006H\u0002J\u001a\u0010`\u001a\u0002042\u0006\u0010a\u001a\u00020\u00062\b\u0010b\u001a\u0004\u0018\u00010\u0006H\u0002J\b\u0010c\u001a\u000204H\u0002J\u0006\u0010d\u001a\u00020\u0019JQ\u0010e\u001a\u00020\u00192\b\u0010\f\u001a\u0004\u0018\u00010\u00062\b\u0010\u0007\u001a\u0004\u0018\u00010\u00062\b\u00105\u001a\u0004\u0018\u00010\u00062\b\u00102\u001a\u0004\u0018\u00010\u00062\b\u0010]\u001a\u0004\u0018\u00010\u00062\b\u0010X\u001a\u0004\u0018\u00010Y2\b\u0010Z\u001a\u0004\u0018\u00010P¢\u0006\u0002\u0010fJ\u0018\u0010\n\u001a\u0002042\b\u0010\r\u001a\u0004\u0018\u00010\u00062\u0006\u0010\u0007\u001a\u00020\u0006J\b\u0010g\u001a\u00020\u0019H\u0002J\u0006\u0010h\u001a\u00020\u0019J\b\u0010i\u001a\u00020\u0019H\u0004J\u0010\u0010i\u001a\u00020'2\b\u00105\u001a\u0004\u0018\u00010\u0006R$\u0010\u0007\u001a\u00020\u00062\u0006\u0010\u0005\u001a\u00020\u0006@BX\u0086\u000e¢\u0006\u000e\n\u0000\u001a\u0004\b\b\u0010\t\"\u0004\b\n\u0010\u000bR$\u0010\r\u001a\u00020\u00062\u0006\u0010\f\u001a\u00020\u0006@BX\u0086\u000e¢\u0006\u000e\n\u0000\u001a\u0004\b\u000e\u0010\t\"\u0004\b\u000f\u0010\u000bR\u000e\u0010\u0002\u001a\u00020\u0003X\u0082\u0004¢\u0006\u0002\n\u0000R\u000e\u0010\u0010\u001a\u00020\u0011X\u0082\u0004¢\u0006\u0002\n\u0000R$\u0010\u0014\u001a\u0004\u0018\u00010\u00132\b\u0010\u0012\u001a\u0004\u0018\u00010\u00138F@BX\u0086\u000e¢\u0006\b\n\u0000\u001a\u0004\b\u0015\u0010\u0016R\u0014\u0010\u0017\u001a\b\u0012\u0004\u0012\u00020\u00190\u0018X\u0082\u0004¢\u0006\u0002\n\u0000R\u0011\u0010\u001a\u001a\u00020\u00198F¢\u0006\u0006\u001a\u0004\b\u001a\u0010\u001bR\u0011\u0010\u001c\u001a\u00020\u00198F¢\u0006\u0006\u001a\u0004\b\u001c\u0010\u001bR\u0011\u0010\u001d\u001a\u00020\u00198F¢\u0006\u0006\u001a\u0004\b\u001d\u0010\u001bR\u0016\u0010\u001e\u001a\n  *\u0004\u0018\u00010\u001f0\u001fX\u0082\u0004¢\u0006\u0002\n\u0000¨\u0006p"}, d2 = {"Lcom/genexus/android/core/common/SecurityHelper;", "", "app", "Lcom/genexus/android/core/base/metadata/GenexusApplication;", "(Lcom/genexus/android/core/base/metadata/GenexusApplication;)V", SchemaSymbols.ATTVAL_TOKEN, "", "accessToken", "getAccessToken", "()Ljava/lang/String;", "setAccessToken", "(Ljava/lang/String;)V", "tokenType", "accessTokenType", "getAccessTokenType", "setAccessTokenType", "gam", "Lcom/genexus/android/gam/GAMHelper;", "<set-?>", "Lcom/genexus/android/gam/GAMUser;", "gamUser", "getGamUser", "()Lcom/genexus/android/gam/GAMUser;", "insideAutomaticLogin", "Ljava/lang/ThreadLocal;", "", "isAnonymousUser", "()Z", "isBiometricsUsed", "isLoggedIn", "storage", "Lcom/genexus/android/core/base/services/ISecureAppPreferences;", "kotlin.jvm.PlatformType", "afterExternalLogin", "Lcom/genexus/android/core/base/utils/ResultDetail;", "resultUri", "afterLogin", "Lcom/genexus/android/core/common/SecurityHelper$LoginStatus;", "response", "Lcom/genexus/android/core/base/services/ServiceResponse;", "isAutomatic", "isAnonymous", "afterLoginBiometrics", "Landroid/util/Pair;", "context", "Lcom/genexus/android/core/actions/UIContext;", "f", "Lcom/genexus/android/core/common/SecurityHelper$IDecryptString;", "Lcom/genexus/android/core/common/SecurityHelper$IEncryptString;", "afterLoginCommon", "userId", "afterLoginCommonNormal", "", "refreshToken", "afterLoginCommonTokens", "secureTokens", "afterLoginFail", "callLoginIfNecessary", "from", "definition", "Lcom/genexus/android/core/base/metadata/IViewDefinition;", "canRecoverFromAppSecurityError", "checkTokenType", "clearLoginInformation", "doAutomaticLogin", "oauthParameters", "", "getOauthParameters", SVGParser.XML_STYLESHEET_ATTR_TYPE, "user", SecurityHelper.TYPE_STANDARD, "additionalParameters", "Lcom/genexus/android/core/base/model/Entity;", "getSavedRefreshToken", "getSavedToken", "Lcom/genexus/android/core/common/ApplicationToken;", "goToLogin", "handleSecurityError", "Lcom/genexus/android/core/common/SecurityHelper$Handled;", "statusCode", "", "statusMessage", "authErrorStatus", "Lcom/genexus/android/core/common/SecurityHelper$AuthorizationErrorStatus;", "isTokenTimeValid", "logout", "logoutLocal", "persistExpiresIn", "startMillis", "", "expiresIn", "(Ljava/lang/Long;Ljava/lang/Integer;)V", "persistScope", SecurityHelper.FIELD_SCOPE, "persistTokens", "persistUserGuid", "putSecure", "fieldName", "fieldValue", "resetAccessToken", "restoreLoginInformation", "saveLoginInformation", "(Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;Ljava/lang/Long;Ljava/lang/Integer;)Z", "tryAnonymousLogin", "tryAutomaticLogin", "tryRenewLogin", "AuthorizationErrorStatus", "Companion", "Handled", "IDecryptString", "IEncryptString", "LoginStatus", "FlexibleClient_release"}, k = 1, mv = {1, 7, 1}, xi = 48)
/* loaded from: classes.dex */
public class SecurityHelper {
    public static final String DEFAULT_TOKEN_TYPE = "OAuth";
    public static final String FIELD_ACCESS_TOKEN = "access_token";
    public static final String FIELD_EXPIRES_IN = "expires_in";
    public static final String FIELD_GRANT_TYPE = "grant_type";
    public static final String FIELD_REFRESH_TOKEN = "refresh_token";
    public static final String FIELD_SCOPE = "scope";
    private static final String FIELD_TOKENS = "tokens";
    private static final String FIELD_TOKEN_START_MILLIS = "token_start_millis";
    public static final String FIELD_TYPE_TOKEN = "token_type";
    public static final String FIELD_USER_ID = "user_guid";
    private static final String FLAG_DISABLE_ANONYMOUS = "disable_anonymous_login";
    private static final String FLAG_IS_ANONYMOUS = "is_anonymous_user";
    private static final String TOKENS_SEPARATOR = ";";
    private static final String TYPE_ANONYMOUS = "device";
    public static final String TYPE_CREATE = "authorization";
    public static final String TYPE_RENEW = "refresh_token";
    public static final String TYPE_STANDARD = "password";
    private String accessToken;
    private String accessTokenType;
    private final GenexusApplication app;
    private final GAMHelper gam;
    private GAMUser gamUser;
    private final ThreadLocal<Boolean> insideAutomaticLogin;
    private final ISecureAppPreferences storage;

    /* compiled from: SecurityHelper.kt */
    @Metadata(d1 = {"\u0000\u0014\n\u0002\u0018\u0002\n\u0002\u0010\u0000\n\u0002\b\u0002\n\u0002\u0010\u000b\n\u0002\b\u0005\u0018\u00002\u00020\u0001B\u0005¢\u0006\u0002\u0010\u0002R\u001a\u0010\u0003\u001a\u00020\u0004X\u0086\u000e¢\u0006\u000e\n\u0000\u001a\u0004\b\u0005\u0010\u0006\"\u0004\b\u0007\u0010\b¨\u0006\t"}, d2 = {"Lcom/genexus/android/core/common/SecurityHelper$AuthorizationErrorStatus;", "", "()V", "authorizationErrorOccurred", "", "getAuthorizationErrorOccurred", "()Z", "setAuthorizationErrorOccurred", "(Z)V", "FlexibleClient_release"}, k = 1, mv = {1, 7, 1}, xi = 48)
    /* loaded from: classes.dex */
    public static final class AuthorizationErrorStatus {
        private boolean authorizationErrorOccurred;

        public final boolean getAuthorizationErrorOccurred() {
            return this.authorizationErrorOccurred;
        }

        public final void setAuthorizationErrorOccurred(boolean z) {
            this.authorizationErrorOccurred = z;
        }
    }

    /* compiled from: SecurityHelper.kt */
    @Metadata(d1 = {"\u0000\f\n\u0002\u0018\u0002\n\u0002\u0010\u0010\n\u0002\b\u0006\b\u0086\u0001\u0018\u00002\b\u0012\u0004\u0012\u00020\u00000\u0001B\u0007\b\u0002¢\u0006\u0002\u0010\u0002j\u0002\b\u0003j\u0002\b\u0004j\u0002\b\u0005j\u0002\b\u0006¨\u0006\u0007"}, d2 = {"Lcom/genexus/android/core/common/SecurityHelper$Handled;", "", "(Ljava/lang/String;I)V", "NOT_HANDLED", "CALLED_ACTIVITY", "FINISHED_ACTIVITY", "RENEWED_TOKEN", "FlexibleClient_release"}, k = 1, mv = {1, 7, 1}, xi = 48)
    /* loaded from: classes.dex */
    public enum Handled {
        NOT_HANDLED,
        CALLED_ACTIVITY,
        FINISHED_ACTIVITY,
        RENEWED_TOKEN
    }

    /* compiled from: SecurityHelper.kt */
    @Metadata(d1 = {"\u0000\u0012\n\u0002\u0018\u0002\n\u0002\u0010\u0000\n\u0000\n\u0002\u0010\u000e\n\u0002\b\u0002\bf\u0018\u00002\u00020\u0001J\u0014\u0010\u0002\u001a\u0004\u0018\u00010\u00032\b\u0010\u0004\u001a\u0004\u0018\u00010\u0003H&¨\u0006\u0005"}, d2 = {"Lcom/genexus/android/core/common/SecurityHelper$IDecryptString;", "", "decrypt", "", "v", "FlexibleClient_release"}, k = 1, mv = {1, 7, 1}, xi = 48)
    /* loaded from: classes.dex */
    public interface IDecryptString {
        String decrypt(String v);
    }

    /* compiled from: SecurityHelper.kt */
    @Metadata(d1 = {"\u0000\u0012\n\u0002\u0018\u0002\n\u0002\u0010\u0000\n\u0000\n\u0002\u0010\u000e\n\u0002\b\u0002\bf\u0018\u00002\u00020\u0001J\u0014\u0010\u0002\u001a\u0004\u0018\u00010\u00032\b\u0010\u0004\u001a\u0004\u0018\u00010\u0003H&¨\u0006\u0005"}, d2 = {"Lcom/genexus/android/core/common/SecurityHelper$IEncryptString;", "", "encrypt", "", "v", "FlexibleClient_release"}, k = 1, mv = {1, 7, 1}, xi = 48)
    /* loaded from: classes.dex */
    public interface IEncryptString {
        String encrypt(String v);
    }

    /* compiled from: SecurityHelper.kt */
    @Metadata(d1 = {"\u0000\f\n\u0002\u0018\u0002\n\u0002\u0010\u0010\n\u0002\b\b\b\u0086\u0001\u0018\u00002\b\u0012\u0004\u0012\u00020\u00000\u0001B\u0007\b\u0002¢\u0006\u0002\u0010\u0002j\u0002\b\u0003j\u0002\b\u0004j\u0002\b\u0005j\u0002\b\u0006j\u0002\b\u0007j\u0002\b\b¨\u0006\t"}, d2 = {"Lcom/genexus/android/core/common/SecurityHelper$LoginStatus;", "", "(Ljava/lang/String;I)V", "SUCCESS", "FAILURE", "CHANGE_PASSWORD", "OTP_REQUIRED", "OTP_LINK", "TFA_REQUIRED", "FlexibleClient_release"}, k = 1, mv = {1, 7, 1}, xi = 48)
    /* loaded from: classes.dex */
    public enum LoginStatus {
        SUCCESS,
        FAILURE,
        CHANGE_PASSWORD,
        OTP_REQUIRED,
        OTP_LINK,
        TFA_REQUIRED
    }

    public SecurityHelper(GenexusApplication app) {
        Intrinsics.checkNotNullParameter(app, "app");
        this.app = app;
        this.insideAutomaticLogin = new ThreadLocal<>();
        ISecureAppPreferences secureAppPreferences = Services.Preferences.getSecureAppPreferences(app, AppPreferencesKeys.SECURITY_HELPER);
        this.storage = secureAppPreferences;
        this.gam = new GAMHelper(secureAppPreferences);
        this.accessToken = "";
        this.accessTokenType = DEFAULT_TOKEN_TYPE;
    }

    private final ResultDetail<LoginStatus> afterLogin(ServiceResponse response, boolean isAutomatic, boolean isAnonymous) {
        if (!response.getResponseOk()) {
            return afterLoginFail(response);
        }
        String str = response.get(FIELD_USER_ID);
        String str2 = response.get(FIELD_ACCESS_TOKEN);
        afterLoginCommonNormal(str, str2, response.get("refresh_token"), checkTokenType(response.get(FIELD_TYPE_TOKEN)), isAutomatic, isAnonymous);
        if (str2 == null) {
            Services.Log.error("Error reading server response: access_token is null");
            return afterLoginFail(response);
        }
        ResultDetail<LoginStatus> ok = ResultDetail.ok(LoginStatus.SUCCESS);
        Intrinsics.checkNotNullExpressionValue(ok, "ok(LoginStatus.SUCCESS)");
        return ok;
    }

    private final boolean afterLoginCommon(String userId, String token, String tokenType, boolean isAutomatic, boolean isAnonymous) {
        setAccessTokenType(tokenType);
        String str = token;
        if (str != null && str.length() != 0) {
            setAccessToken(token);
        }
        if (!isAutomatic) {
            String string = this.storage.getString(FIELD_USER_ID, "");
            String str2 = userId;
            if (str2 == null || str2.length() == 0 || !StringsKt.equals(userId, string, true)) {
                EntityDataProvider.clearAllCaches();
            }
        }
        persistUserGuid(userId);
        this.storage.setBoolean(FLAG_IS_ANONYMOUS, isAnonymous);
        this.storage.setBoolean(FLAG_DISABLE_ANONYMOUS, !isAnonymous);
        IHttpService iHttpService = Services.HttpService;
        GenexusApplication genexusApplication = this.app;
        UrlBuilder urlBuilder = genexusApplication.UriMaker;
        JSONObject jSONFromUrl = iHttpService.getJSONFromUrl(genexusApplication, urlBuilder != null ? urlBuilder.getUserInformationUrl() : null);
        if (jSONFromUrl != null) {
            this.gam.afterLogin(jSONFromUrl);
            return true;
        }
        this.gam.afterLogin(userId, isAnonymous);
        return false;
    }

    private final void afterLoginCommonNormal(String userId, String accessToken, String refreshToken, String tokenType, boolean isAutomatic, boolean isAnonymous) {
        persistTokens(tokenType, accessToken, refreshToken);
        this.storage.remove(FIELD_TOKENS);
        afterLoginCommon(userId, accessToken, tokenType, isAutomatic, isAnonymous);
    }

    private final void afterLoginCommonTokens(String userId, String accessToken, String tokenType, String secureTokens) {
        putSecure(FIELD_TOKENS, secureTokens);
        this.storage.remove(FIELD_ACCESS_TOKEN);
        this.storage.remove("refresh_token");
        this.storage.remove(FIELD_TYPE_TOKEN);
        afterLoginCommon(userId, accessToken, tokenType, false, false);
    }

    private final boolean doAutomaticLogin(Map<String, String> oauthParameters, boolean isAnonymous) {
        IHttpService iHttpService = Services.HttpService;
        GenexusApplication genexusApplication = this.app;
        UrlBuilder urlBuilder = genexusApplication.UriMaker;
        ServiceResponse loginResponse = iHttpService.callAccessManager(genexusApplication, urlBuilder != null ? urlBuilder.getLoginUrl() : null, oauthParameters, null);
        Intrinsics.checkNotNullExpressionValue(loginResponse, "loginResponse");
        return afterLogin(loginResponse, true, isAnonymous).getResult();
    }

    private final String getSavedRefreshToken() {
        return this.storage.getString("refresh_token", "");
    }

    private final void persistExpiresIn(Long startMillis, Integer expiresIn) {
        if (startMillis == null || startMillis.longValue() <= 0 || expiresIn == null || expiresIn.intValue() <= 0) {
            return;
        }
        putSecure(FIELD_TOKEN_START_MILLIS, startMillis.toString());
        putSecure(FIELD_EXPIRES_IN, expiresIn.toString());
    }

    private final void persistScope(String scope) {
        putSecure(FIELD_SCOPE, scope);
    }

    private final void persistTokens(String tokenType, String accessToken, String refreshToken) {
        putSecure(FIELD_ACCESS_TOKEN, accessToken);
        putSecure("refresh_token", refreshToken);
        putSecure(FIELD_TYPE_TOKEN, tokenType);
    }

    private final void persistUserGuid(String userId) {
        putSecure(FIELD_USER_ID, userId);
    }

    private final void putSecure(String fieldName, String fieldValue) {
        if (fieldValue != null) {
            this.storage.setStringSecure(fieldName, fieldValue);
        }
    }

    private final void resetAccessToken() {
        setAccessToken(null, "");
    }

    private final void setAccessToken(String str) {
        String str2 = str;
        int length = str2.length() - 1;
        int i = 0;
        boolean z = false;
        while (i <= length) {
            boolean z2 = Intrinsics.compare((int) str2.charAt(!z ? i : length), 32) <= 0;
            if (z) {
                if (!z2) {
                    break;
                } else {
                    length--;
                }
            } else if (z2) {
                i++;
            } else {
                z = true;
            }
        }
        this.accessToken = str2.subSequence(i, length + 1).toString();
    }

    private final void setAccessTokenType(String str) {
        String str2 = str;
        int length = str2.length() - 1;
        int i = 0;
        boolean z = false;
        while (i <= length) {
            boolean z2 = Intrinsics.compare((int) str2.charAt(!z ? i : length), 32) <= 0;
            if (z) {
                if (!z2) {
                    break;
                } else {
                    length--;
                }
            } else if (z2) {
                i++;
            } else {
                z = true;
            }
        }
        this.accessTokenType = str2.subSequence(i, length + 1).toString();
    }

    private final boolean tryAnonymousLogin() {
        if (this.app.getEnableAnonymousUser()) {
            return doAutomaticLogin(getOauthParameters(TYPE_ANONYMOUS, null, null, null, null), true);
        }
        return false;
    }

    public final ResultDetail<?> afterExternalLogin(String resultUri) {
        Uri parse = Uri.parse(resultUri);
        if (parse == null) {
            ResultDetail<?> FALSE = ResultDetail.FALSE;
            Intrinsics.checkNotNullExpressionValue(FALSE, "FALSE");
            return FALSE;
        }
        String queryParameter = parse.getQueryParameter(FIELD_USER_ID);
        String queryParameter2 = parse.getQueryParameter(FIELD_ACCESS_TOKEN);
        String queryParameter3 = parse.getQueryParameter("refresh_token");
        String checkTokenType = checkTokenType(parse.getQueryParameter(FIELD_TYPE_TOKEN));
        String str = queryParameter2;
        if (str == null || str.length() == 0) {
            ResultDetail<Void> error = ResultDetail.error(parse.getQueryParameter("error_message"));
            Intrinsics.checkNotNullExpressionValue(error, "{\n            // Read an…r(errorMessage)\n        }");
            return error;
        }
        afterLoginCommonNormal(queryParameter, queryParameter2, queryParameter3, checkTokenType, false, false);
        ResultDetail<?> resultDetail = ResultDetail.TRUE;
        Intrinsics.checkNotNullExpressionValue(resultDetail, "{\n            // Success…sultDetail.TRUE\n        }");
        return resultDetail;
    }

    public final ResultDetail<LoginStatus> afterLogin(ServiceResponse response) {
        Intrinsics.checkNotNullParameter(response, "response");
        return afterLogin(response, false, false);
    }

    public final Pair<Boolean, String> afterLoginBiometrics(UIContext context, IDecryptString f) {
        Intrinsics.checkNotNullParameter(f, "f");
        String decrypt = f.decrypt(this.storage.getString(FIELD_TOKENS, ""));
        if (decrypt == null || decrypt.length() == 0) {
            return new Pair<>(false, null);
        }
        BiometricsHelper.registerLifecycleObserver(context);
        String[] strArr = (String[]) new Regex(";").split(decrypt, 0).toArray(new String[0]);
        String str = strArr[0];
        String str2 = strArr[1];
        return new Pair<>(Boolean.valueOf(afterLoginCommon(str, str2, strArr[3], false, false)), strArr[2]);
    }

    public final ResultDetail<LoginStatus> afterLoginBiometrics(UIContext context, IEncryptString f, ServiceResponse response) {
        Intrinsics.checkNotNullParameter(f, "f");
        Intrinsics.checkNotNullParameter(response, "response");
        if (!response.getResponseOk()) {
            return afterLoginFail(response);
        }
        String userId = response.get(FIELD_USER_ID);
        String accessToken = response.get(FIELD_ACCESS_TOKEN);
        String str = response.get("refresh_token");
        String checkTokenType = checkTokenType(response.get(FIELD_TYPE_TOKEN));
        String encrypt = f.encrypt(userId + ';' + accessToken + ';' + str + ';' + checkTokenType);
        if (encrypt == null) {
            Services.Log.error("Failed to encrypt in afterLoginBiometrics");
            ResultDetail<LoginStatus> error = ResultDetail.error("", LoginStatus.FAILURE);
            Intrinsics.checkNotNullExpressionValue(error, "{\n            Services.L…Status.FAILURE)\n        }");
            return error;
        }
        BiometricsHelper.registerLifecycleObserver(context);
        Intrinsics.checkNotNullExpressionValue(userId, "userId");
        Intrinsics.checkNotNullExpressionValue(accessToken, "accessToken");
        afterLoginCommonTokens(userId, accessToken, checkTokenType, encrypt);
        ResultDetail<LoginStatus> ok = ResultDetail.ok(LoginStatus.SUCCESS);
        Intrinsics.checkNotNullExpressionValue(ok, "{\n            Biometrics…Status.SUCCESS)\n        }");
        return ok;
    }

    public final ResultDetail<LoginStatus> afterLoginFail(ServiceResponse response) {
        Intrinsics.checkNotNullParameter(response, "response");
        ArrayList arrayList = new ArrayList();
        String str = response.get("error_description");
        if (str != null && str.length() != 0) {
            arrayList.add(response.get("error_description"));
        }
        String str2 = response.ErrorMessage;
        if (str2 != null && str2.length() != 0) {
            arrayList.add(response.ErrorMessage);
        }
        String join = Services.Strings.join(arrayList, Strings.NEWLINE);
        int i = response.StatusCode;
        if (i == 5) {
            ResultDetail<LoginStatus> error = ResultDetail.error(join, LoginStatus.CHANGE_PASSWORD);
            Intrinsics.checkNotNullExpressionValue(error, "error(message, LoginStatus.CHANGE_PASSWORD)");
            return error;
        }
        if (i == 7) {
            ResultDetail<LoginStatus> error2 = ResultDetail.error(join, LoginStatus.OTP_REQUIRED);
            Intrinsics.checkNotNullExpressionValue(error2, "error(message, LoginStatus.OTP_REQUIRED)");
            return error2;
        }
        if (i == 8) {
            ResultDetail<LoginStatus> error3 = ResultDetail.error(join, LoginStatus.OTP_LINK);
            Intrinsics.checkNotNullExpressionValue(error3, "error(message, LoginStatus.OTP_LINK)");
            return error3;
        }
        if (i != 9) {
            ResultDetail<LoginStatus> error4 = ResultDetail.error(join, LoginStatus.FAILURE);
            Intrinsics.checkNotNullExpressionValue(error4, "error(message, LoginStatus.FAILURE)");
            return error4;
        }
        ResultDetail<LoginStatus> error5 = ResultDetail.error(join, LoginStatus.TFA_REQUIRED);
        Intrinsics.checkNotNullExpressionValue(error5, "error(message, LoginStatus.TFA_REQUIRED)");
        return error5;
    }

    public final boolean callLoginIfNecessary(UIContext from, IViewDefinition definition) {
        Intrinsics.checkNotNullParameter(from, "from");
        if (definition != null ? definition.isSecure(this.app) : this.app.getIsSecure()) {
            if ((this.accessToken.length() > 0) || restoreLoginInformation() || this.app.getEnableAnonymousUser()) {
                return false;
            }
            goToLogin(from);
            return true;
        }
        return false;
    }

    protected boolean canRecoverFromAppSecurityError(String refreshToken) {
        Intrinsics.checkNotNullParameter(refreshToken, "refreshToken");
        if (StringsKt.isBlank(refreshToken)) {
            return false;
        }
        this.storage.remove("refresh_token");
        return doAutomaticLogin(getOauthParameters("refresh_token", null, null, refreshToken, null), isAnonymousUser());
    }

    public final String checkTokenType(String tokenType) {
        String str = tokenType;
        return (str == null || str.length() == 0) ? DEFAULT_TOKEN_TYPE : tokenType;
    }

    public final void clearLoginInformation() {
        this.storage.remove(FIELD_TOKENS);
        this.storage.remove(FIELD_ACCESS_TOKEN);
        this.storage.remove("refresh_token");
        this.storage.remove(FIELD_TYPE_TOKEN);
        this.storage.remove(FIELD_USER_ID);
        this.storage.remove(FIELD_EXPIRES_IN);
        this.storage.remove(FIELD_TOKEN_START_MILLIS);
        this.storage.remove(FIELD_SCOPE);
        this.storage.remove(FLAG_IS_ANONYMOUS);
        this.storage.remove(FLAG_DISABLE_ANONYMOUS);
        this.gam.afterLogout();
    }

    public final String getAccessToken() {
        return this.accessToken;
    }

    public final String getAccessTokenType() {
        return this.accessTokenType;
    }

    public final GAMUser getGamUser() {
        return this.gam.getUser();
    }

    public final Map<String, String> getOauthParameters(String type, String user, String password, String refreshToken, Entity additionalParameters) {
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        linkedHashMap.put("client_id", this.app.getClientId());
        linkedHashMap.put(FIELD_GRANT_TYPE, type);
        String str = refreshToken;
        if (str != null && str.length() != 0) {
            linkedHashMap.put("refresh_token", refreshToken);
        }
        String str2 = user;
        if (str2 != null && str2.length() != 0) {
            linkedHashMap.put("username", user);
            linkedHashMap.put(TYPE_STANDARD, password);
        }
        if (additionalParameters != null) {
            linkedHashMap.put("additional_parameters", additionalParameters.serialize((short) 2).toString());
        }
        linkedHashMap.put(FIELD_SCOPE, "FullControl");
        return linkedHashMap;
    }

    public final ApplicationToken getSavedToken() {
        String string = this.storage.getString(FIELD_ACCESS_TOKEN);
        if (string.length() == 0) {
            return null;
        }
        String string2 = this.storage.getString(FIELD_TYPE_TOKEN, DEFAULT_TOKEN_TYPE);
        String savedRefreshToken = getSavedRefreshToken();
        Integer intOrNull = StringsKt.toIntOrNull(this.storage.getString(FIELD_EXPIRES_IN));
        return new ApplicationToken(string2, string, savedRefreshToken, this.storage.getString(FIELD_USER_ID), this.storage.getString(FIELD_SCOPE), StringsKt.toLongOrNull(this.storage.getString(FIELD_TOKEN_START_MILLIS)), intOrNull);
    }

    protected void goToLogin(UIContext from) {
        Intrinsics.checkNotNullParameter(from, "from");
        if (isBiometricsUsed() && BiometricsHelper.isFingerprintAvailable(from)) {
            BiometricsHelper.startBiometricsActivity(from);
        } else {
            ActivityLauncher.callLogin(from);
        }
    }

    public Handled handleSecurityError(UIContext from, int statusCode, String statusMessage, AuthorizationErrorStatus authErrorStatus) {
        Intrinsics.checkNotNullParameter(from, "from");
        if (statusCode == 3) {
            goToLogin(from);
            return Handled.CALLED_ACTIVITY;
        }
        if (statusCode == 4) {
            String notAuthorizedObject = this.app.getNotAuthorizedObject();
            if (notAuthorizedObject.length() > 0) {
                String str = statusMessage;
                if (str != null && str.length() != 0) {
                    Services.Log.info(statusMessage);
                }
                if (authErrorStatus != null && authErrorStatus.getAuthorizationErrorOccurred()) {
                    from.getActivity().finish();
                    return Handled.FINISHED_ACTIVITY;
                }
                if (ActivityLauncher.call(from, this.app, notAuthorizedObject)) {
                    if (authErrorStatus != null) {
                        authErrorStatus.setAuthorizationErrorOccurred(true);
                    }
                    return Handled.CALLED_ACTIVITY;
                }
            }
        }
        return Handled.NOT_HANDLED;
    }

    public final boolean isAnonymousUser() {
        return this.app.getEnableAnonymousUser() && this.storage.getBoolean(FLAG_IS_ANONYMOUS, false);
    }

    public final boolean isBiometricsUsed() {
        if (!BiometricsHelper.isBiometricsEnabled()) {
            return false;
        }
        String string = this.storage.getString(FIELD_TOKENS, "");
        return !(string == null || string.length() == 0);
    }

    public final boolean isLoggedIn() {
        return this.accessToken.length() > 0;
    }

    public final boolean isTokenTimeValid(ApplicationToken token) {
        Intrinsics.checkNotNullParameter(token, "token");
        String accessToken = token.getAccessToken();
        if (accessToken == null || accessToken.length() == 0) {
            return false;
        }
        Integer expiresIn = token.getExpiresIn();
        int intValue = expiresIn != null ? expiresIn.intValue() : 0;
        if (intValue <= 0) {
            return true;
        }
        Long startMillis = token.getStartMillis();
        long longValue = startMillis != null ? startMillis.longValue() : 0L;
        if (longValue <= 0) {
            return true;
        }
        Duration.Companion companion = Duration.INSTANCE;
        return System.currentTimeMillis() - longValue <= Duration.m1827getInWholeMillisecondsimpl(DurationKt.toDuration(intValue, DurationUnit.MINUTES));
    }

    public final void logout() {
        IHttpService iHttpService = Services.HttpService;
        GenexusApplication genexusApplication = this.app;
        UrlBuilder urlBuilder = genexusApplication.UriMaker;
        iHttpService.callAccessManager(genexusApplication, urlBuilder != null ? urlBuilder.getLogoutUrl() : null, null, null);
        logoutLocal();
    }

    public final void logoutLocal() {
        resetAccessToken();
        clearLoginInformation();
        Services.Application.getLifecycle().notifyApplicationSessionUpdated(ApplicationSessionEvent.LOGGED_OUT);
        EntityDataProvider.clearAllCaches();
    }

    public final boolean restoreLoginInformation() {
        if (this.app.getIsSecure() && this.accessToken.length() <= 0) {
            ApplicationToken savedToken = getSavedToken();
            String accessToken = savedToken != null ? savedToken.getAccessToken() : null;
            String str = accessToken;
            if (str != null && str.length() != 0) {
                setAccessToken(savedToken.getTokenType(), accessToken);
                this.gam.restoreUserData();
                return true;
            }
        }
        return false;
    }

    public final boolean saveLoginInformation(String tokenType, String accessToken, String refreshToken, String userId, String scope, Long startMillis, Integer expiresIn) {
        String str = accessToken;
        if (str == null || str.length() == 0) {
            return false;
        }
        persistTokens(tokenType, accessToken, refreshToken);
        persistUserGuid(userId);
        persistScope(scope);
        persistExpiresIn(startMillis, expiresIn);
        return true;
    }

    public final void setAccessToken(String accessTokenType, String accessToken) {
        Intrinsics.checkNotNullParameter(accessToken, "accessToken");
        setAccessToken(accessToken);
        setAccessTokenType(checkTokenType(accessTokenType));
    }

    /* JADX WARN: Code restructure failed: missing block: B:15:0x003a, code lost:
    
        if (tryAnonymousLogin() != false) goto L9;
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public final boolean tryAutomaticLogin() {
        /*
            r5 = this;
            java.lang.ThreadLocal<java.lang.Boolean> r0 = r5.insideAutomaticLogin
            java.lang.Object r0 = r0.get()
            java.lang.Boolean r0 = (java.lang.Boolean) r0
            r1 = 0
            java.lang.Boolean r2 = java.lang.Boolean.valueOf(r1)
            if (r0 == 0) goto L16
            boolean r0 = r0.booleanValue()
            if (r0 == 0) goto L16
            return r1
        L16:
            java.lang.ThreadLocal<java.lang.Boolean> r0 = r5.insideAutomaticLogin     // Catch: java.lang.Throwable -> L43
            r3 = 1
            java.lang.Boolean r4 = java.lang.Boolean.valueOf(r3)     // Catch: java.lang.Throwable -> L43
            r0.set(r4)     // Catch: java.lang.Throwable -> L43
            boolean r0 = r5.tryRenewLogin()     // Catch: java.lang.Throwable -> L43
            if (r0 == 0) goto L2c
        L26:
            java.lang.ThreadLocal<java.lang.Boolean> r0 = r5.insideAutomaticLogin
            r0.set(r2)
            return r3
        L2c:
            com.genexus.android.core.base.services.ISecureAppPreferences r0 = r5.storage     // Catch: java.lang.Throwable -> L43
            java.lang.String r4 = "disable_anonymous_login"
            boolean r0 = r0.getBoolean(r4, r1)     // Catch: java.lang.Throwable -> L43
            if (r0 != 0) goto L3d
            boolean r0 = r5.tryAnonymousLogin()     // Catch: java.lang.Throwable -> L43
            if (r0 == 0) goto L3d
            goto L26
        L3d:
            java.lang.ThreadLocal<java.lang.Boolean> r0 = r5.insideAutomaticLogin
            r0.set(r2)
            return r1
        L43:
            r0 = move-exception
            java.lang.ThreadLocal<java.lang.Boolean> r1 = r5.insideAutomaticLogin
            r1.set(r2)
            throw r0
        */
        throw new UnsupportedOperationException("Method not decompiled: com.genexus.android.core.common.SecurityHelper.tryAutomaticLogin():boolean");
    }

    public final ServiceResponse tryRenewLogin(String refreshToken) {
        Map<String, String> oauthParameters = getOauthParameters("refresh_token", null, null, refreshToken, null);
        IHttpService iHttpService = Services.HttpService;
        GenexusApplication genexusApplication = this.app;
        UrlBuilder urlBuilder = genexusApplication.UriMaker;
        ServiceResponse callAccessManager = iHttpService.callAccessManager(genexusApplication, urlBuilder != null ? urlBuilder.getLoginUrl() : null, oauthParameters, null);
        Intrinsics.checkNotNullExpressionValue(callAccessManager, "HttpService.callAccessMa…l, oauthParameters, null)");
        return callAccessManager;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public final boolean tryRenewLogin() {
        return canRecoverFromAppSecurityError(getSavedRefreshToken());
    }
}
