package com.locapos.locapos.login.api.http;

import android.content.Context;
import android.os.SystemClock;
import com.google.gson.GsonBuilder;
import com.locapos.locapos.ApplicationState;
import com.locapos.locapos.commons.ServiceType;
import com.locapos.locapos.config.ConfigRepository;
import com.locapos.locapos.db.entity.AssignedUserGroup;
import com.locapos.locapos.db.entity.User;
import com.locapos.locapos.logging.Logger;
import com.locapos.locapos.login.AuthorizationException;
import com.locapos.locapos.login.api.AccessToken;
import com.locapos.locapos.login.api.LoginService;
import com.locapos.locapos.login.api.TenantCredentials;
import com.locapos.locapos.login.api.TokenJson;
import com.locapos.locapos.login.api.UnauthedHelper;
import com.locapos.locapos.transaction.model.data.type.TransactionType;
import com.locapos.locapos.user.RightsRepository;
import com.locapos.locapos.webservice.users.UserManagement;
import com.locapos.locapos.webservice.users.UsersJsonConverter;
import java.io.IOException;
import java.util.Iterator;
import java.util.List;
import java.util.Locale;
import java.util.concurrent.TimeUnit;
import okhttp3.Authenticator;
import okhttp3.Interceptor;
import okhttp3.OkHttpClient;
import okhttp3.Request;
import okhttp3.Response;
import okhttp3.Route;
import retrofit2.Retrofit;
import retrofit2.converter.gson.GsonConverterFactory;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: classes3.dex */
public class HttpClientHelper {
    private static final Object AQUIRE_TOKEN_LOCK = new Object();
    private static final String AUTHORIZATION = "AUTHORIZATION";
    private final HttpLoginService httpLoginService;
    private final Logger logger;
    private OkHttpClient okHttpClient;
    private final HttpUtil httpUtil = new HttpUtil();
    private final ConfigRepository configRepository = ConfigRepository.getInstance();
    private AccessTokenHolder accessTokenHolder = new AccessTokenHolder(null, 0);

    /* JADX INFO: Access modifiers changed from: package-private */
    public HttpClientHelper(Retrofit retrofit3, Logger logger) {
        this.httpLoginService = new HttpLoginService((LoginService) retrofit3.create(LoginService.class));
        this.logger = logger;
    }

    private void addAuthorizationHeader(Request.Builder builder) {
        builder.header(AUTHORIZATION, this.accessTokenHolder.formatTokenForHeader());
    }

    private void addLanguageHeader(Request.Builder builder) {
        builder.header("Accept-Language", Locale.getDefault().getLanguage());
    }

    private void addUnAuthorizedHeader(Request.Builder builder) {
        builder.header(AUTHORIZATION, "INVALID_TOKEN");
    }

    private synchronized void authenticateIfAccessTokenNotValid() throws AuthorizationException {
        if (!this.accessTokenHolder.isTokenValidAndNotExpired()) {
            AccessToken refreshToken = new RefreshTokenHelper(this.accessTokenHolder, this.httpLoginService, getTenantCredentials()).refreshToken();
            if (refreshToken != null) {
                UnauthedHelper.resetGracePeriod();
            }
            this.accessTokenHolder = new AccessTokenHolder(refreshToken, SystemClock.elapsedRealtime());
        }
    }

    private Interceptor authorizationInterceptor() {
        return new Interceptor() { // from class: com.locapos.locapos.login.api.http.-$$Lambda$HttpClientHelper$0ZhWBbgb3YxxowjsdwutNrEjqmQ
            @Override // okhttp3.Interceptor
            public final Response intercept(Interceptor.Chain chain) {
                return HttpClientHelper.this.lambda$authorizationInterceptor$2$HttpClientHelper(chain);
            }
        };
    }

    private void authorize(Request.Builder builder) {
        addAuthorizationHeader(builder);
        addLanguageHeader(builder);
        TokenJson formatAccessTokenToJson = this.accessTokenHolder.formatAccessTokenToJson();
        if (formatAccessTokenToJson != null) {
            updateUserRights(formatAccessTokenToJson);
        }
    }

    private Authenticator createAuthenticator(final Context context) {
        return new Authenticator() { // from class: com.locapos.locapos.login.api.http.-$$Lambda$HttpClientHelper$Ez7KEjTKzmqNFXDHjhNNOSTbmTE
            @Override // okhttp3.Authenticator
            public final Request authenticate(Route route, Response response) {
                return HttpClientHelper.this.lambda$createAuthenticator$0$HttpClientHelper(context, route, response);
            }
        };
    }

    private OkHttpClient createAuthorizedHttpClient(Context context) {
        return new OkHttpClient.Builder().addInterceptor(authorizationInterceptor()).authenticator(createAuthenticator(context)).readTimeout(60L, TimeUnit.SECONDS).writeTimeout(30L, TimeUnit.SECONDS).connectTimeout(30L, TimeUnit.SECONDS).build();
    }

    private void fakeApiCall(Long l, UserManagement userManagement) {
        try {
            userManagement.getUser(l, "").execute();
        } catch (Exception unused) {
        }
    }

    private TenantCredentials getTenantCredentials() {
        return new TenantCredentials(this.httpUtil.getConfigValue(ConfigRepository.TENANT), this.httpUtil.getConfigValue(ConfigRepository.CASH_REGISTER_USER), this.httpUtil.getConfigValue(ConfigRepository.CASH_REGISTER_PSW_COLUMN));
    }

    private UserManagement getUserManagement() {
        return (UserManagement) new Retrofit.Builder().baseUrl(ServiceType.STANDARD.getHost()).client(this.okHttpClient).addConverterFactory(GsonConverterFactory.create(new GsonBuilder().registerTypeAdapter(List.class, new UsersJsonConverter()).create())).build().create(UserManagement.class);
    }

    private boolean isAuthorized(User user) {
        if (user == null) {
            return false;
        }
        Iterator<AssignedUserGroup> it = user.getAssignedUserGroup().iterator();
        while (it.hasNext()) {
            if (AssignedUserGroup.INSTANCE.getALLOWED_USER_GROUPS().contains(it.next().userGroup())) {
                return true;
            }
        }
        return false;
    }

    private void makeAccessTokenNull() {
        this.accessTokenHolder = new AccessTokenHolder(null, SystemClock.elapsedRealtime());
    }

    private void unAuthorizeTokenAndGoBackToLogin(final Context context) {
        this.httpUtil.runOnUiThread(new Runnable() { // from class: com.locapos.locapos.login.api.http.-$$Lambda$HttpClientHelper$kGwAhJqgaO36wCx8gDZPFHuBGyA
            @Override // java.lang.Runnable
            public final void run() {
                ((ApplicationState) context.getApplicationContext()).unauthorizedAccess();
            }
        });
        this.accessTokenHolder = new AccessTokenHolder(null, SystemClock.elapsedRealtime());
    }

    private void updateUserRights(TokenJson tokenJson) {
        RightsRepository.getInstance().setLoyaltyRights(tokenJson.getResourceAccess().hasLoyaltyRights());
        RightsRepository.getInstance().setCrmRights(tokenJson.getResourceAccess().hasCrmRights());
        RightsRepository.getInstance().setQrCodeRights(tokenJson.getResourceAccess().hasQrCodeRights());
        RightsRepository.getInstance().setZvtRights(tokenJson.getResourceAccess().hasZvtRights());
        RightsRepository.getInstance().setScanProductsRights(tokenJson.getResourceAccess().hasScanProductsRights());
        RightsRepository.getInstance().setInvoiceManagementRights(tokenJson.getResourceAccess().hasPayByInvoiceRights());
        RightsRepository.getInstance().setMultipleBasketFeatureRights(tokenJson.getResourceAccess().hasMultipleBasketFeatureRights());
        RightsRepository.getInstance().setDragAndDropFeatureRights(tokenJson.getResourceAccess().hasDragAndDropFeatureRights());
        RightsRepository.getInstance().setVoucherRights(tokenJson.getResourceAccess().hasVoucherRights());
        RightsRepository.getInstance().setProductActivationRights(tokenJson.getResourceAccess().hasProductActivationRights());
        RightsRepository.getInstance().setFiskalyRights(tokenJson.getResourceAccess().hasFiskalyRights());
        RightsRepository.getInstance().setReadOnlyRights(tokenJson.getResourceAccess().hasReadOnlyRights());
        if (tokenJson.getResourceAccess().hasPayByInvoiceRights()) {
            return;
        }
        TransactionType.getManualTransactionTypes().remove(TransactionType.INVOICE_DOWN_PAYMENT);
    }

    public void clearAndGetNewAccessToken() throws AuthorizationException {
        makeAccessTokenNull();
        authenticateIfAccessTokenNotValid();
    }

    public retrofit2.Response<?> getLoginStatus(String str, String str2, String str3) throws AuthorizationException {
        return this.httpLoginService.getLoginStatus(str, str2, str3);
    }

    public OkHttpClient getOkHttpClient(Context context) {
        if (this.okHttpClient == null) {
            this.okHttpClient = createAuthorizedHttpClient(context);
        }
        return this.okHttpClient;
    }

    public User getUser(Long l) throws IOException {
        UserManagement userManagement = getUserManagement();
        makeAccessTokenNull();
        fakeApiCall(l, userManagement);
        TokenJson formatAccessTokenToJson = this.accessTokenHolder.formatAccessTokenToJson();
        if (formatAccessTokenToJson != null) {
            return userManagement.getUser(l, formatAccessTokenToJson.getUserId()).execute().body();
        }
        return null;
    }

    public boolean isLoggedInUserAuthorized(Long l) {
        try {
            return isAuthorized(getUser(l));
        } catch (IOException unused) {
            return false;
        }
    }

    public /* synthetic */ Response lambda$authorizationInterceptor$2$HttpClientHelper(Interceptor.Chain chain) throws IOException {
        Request request = chain.request();
        Request.Builder header = request.newBuilder().header("Accept", "application/json");
        authenticateIfAccessTokenNotValid();
        if (this.accessTokenHolder.isTokenValidAndNotExpired()) {
            authorize(header);
        }
        return chain.proceed(header.method(request.method(), request.body()).build());
    }

    public /* synthetic */ Request lambda$createAuthenticator$0$HttpClientHelper(Context context, Route route, Response response) throws IOException {
        Request request = response.request();
        if (this.accessTokenHolder.isAuthTokenInvalid(request.headers().get(AUTHORIZATION))) {
            unAuthorizeTokenAndGoBackToLogin(context);
            this.logger.report(new AuthorizationException(getTenantCredentials().getTenantId(), response));
            return null;
        }
        synchronized (AQUIRE_TOKEN_LOCK) {
            this.accessTokenHolder = new AccessTokenHolder(null, SystemClock.elapsedRealtime());
            authenticateIfAccessTokenNotValid();
            Request.Builder newBuilder = request.newBuilder();
            if (this.accessTokenHolder.isTokenValidAndNotExpired()) {
                authorize(newBuilder);
            } else {
                UnauthedHelper.recordUnauthedCall();
                if (UnauthedHelper.isInGracePeriod()) {
                    return null;
                }
                addUnAuthorizedHeader(newBuilder);
            }
            return newBuilder.build();
        }
    }
}
