package com.lastpass.lpandroid.domain.account.adfs;

import android.text.TextUtils;
import android.util.Base64;
import androidx.lifecycle.MutableLiveData;
import com.auth0.android.jwt.DecodeException;
import com.auth0.android.jwt.JWT;
import com.google.android.gms.common.Scopes;
import com.google.gson.annotations.Expose;
import com.lastpass.lpandroid.api.adfs.AdfsApi;
import com.lastpass.lpandroid.api.adfs.OpenIdApi;
import com.lastpass.lpandroid.api.adfs.dto.AdfsAuthInfo;
import com.lastpass.lpandroid.api.adfs.dto.AdfsLocalKeyPart;
import com.lastpass.lpandroid.api.adfs.dto.FederatedLoginType;
import com.lastpass.lpandroid.api.adfs.dto.OpenIdConfigurationResponse;
import com.lastpass.lpandroid.api.adfs.dto.OpenIdK1Extension;
import com.lastpass.lpandroid.api.adfs.dto.OpenIdK1Response;
import com.lastpass.lpandroid.api.adfs.dto.OpenIdK2Response;
import com.lastpass.lpandroid.api.lmiapi.LmiApiCallback;
import com.lastpass.lpandroid.di.AppComponent;
import com.lastpass.lpandroid.domain.LpLog;
import com.lastpass.lpandroid.domain.Preferences;
import com.lastpass.lpandroid.domain.account.LastPassUserAccount;
import com.lastpass.lpandroid.domain.account.security.Authenticator;
import com.lastpass.lpandroid.domain.encryption.Purgeable;
import com.lastpass.lpandroid.model.account.AdfsSamlResponseParameters;
import com.lastpass.lpandroid.repository.account.RsaKeyRepository;
import com.lastpass.lpandroid.utils.FormattingExtensionsKt;
import com.lastpass.lpandroid.utils.security.CryptoUtils;
import com.lastpass.lpandroid.utils.security.KeyGenerator;
import java.net.URLEncoder;
import java.nio.charset.Charset;
import java.nio.charset.StandardCharsets;
import java.security.KeyPair;
import java.security.PublicKey;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import javax.inject.Inject;
import kotlin.TypeCastException;
import kotlin.Unit;
import kotlin.collections.CollectionsKt;
import kotlin.collections.CollectionsKt__IterablesKt;
import kotlin.jvm.internal.DefaultConstructorMarker;
import kotlin.jvm.internal.Intrinsics;
import kotlin.text.StringsKt__StringsJVMKt;
import kotlin.text.StringsKt__StringsKt;
import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;
import retrofit2.Response;

/* loaded from: classes.dex */
public final class FederatedLoginFlow implements Purgeable {

    @Expose
    @NotNull
    private final String a;

    @Expose
    @NotNull
    private final MutableLiveData<FlowState> b;

    @Expose
    @NotNull
    private final MutableLiveData<Unit> c;

    @Expose
    @NotNull
    private final MutableLiveData<FederatedError> d;

    @Expose
    private final FederatedLoginFlowData e;

    @Inject
    @NotNull
    public Preferences f;

    @Inject
    @NotNull
    public RsaKeyRepository g;

    @Inject
    @NotNull
    public Authenticator h;

    @Inject
    @NotNull
    public AdfsApi i;

    @Inject
    @NotNull
    public OpenIdApi j;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes.dex */
    public class AdfsApiCallback<T> extends LmiApiCallback<T> {
        public AdfsApiCallback() {
        }

        @Override // com.lastpass.lpandroid.api.lmiapi.LmiApiCallback
        public void a(int i, @Nullable Throwable th, @Nullable Response<T> response) {
            FederatedLoginFlow$AdfsApiCallback$onError$1 federatedLoginFlow$AdfsApiCallback$onError$1 = FederatedLoginFlow$AdfsApiCallback$onError$1.f;
            LpLog.f("TagLogin", "ADFS api error " + i);
            FederatedLoginFlow.this.a(federatedLoginFlow$AdfsApiCallback$onError$1.a(i, th), th != null ? th.getMessage() : null);
        }

        @Override // com.lastpass.lpandroid.api.lmiapi.LmiApiCallback
        public void a(@Nullable T t, @Nullable Response<T> response) {
            FederatedLoginFlow.this.z();
        }
    }

    /* loaded from: classes.dex */
    public static final class Companion {
        private Companion() {
        }

        public /* synthetic */ Companion(DefaultConstructorMarker defaultConstructorMarker) {
            this();
        }
    }

    /* loaded from: classes.dex */
    public static abstract class ErrorType {

        /* loaded from: classes.dex */
        public static final class ConnectionFailed extends ErrorType {
            public static final ConnectionFailed a = new ConnectionFailed();

            private ConnectionFailed() {
                super(null);
            }
        }

        /* loaded from: classes.dex */
        public static final class DifferentUserLoggedIn extends ErrorType {

            @Expose
            @NotNull
            private final String a;

            @Expose
            private final int b;

            /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
            public DifferentUserLoggedIn(@NotNull String foundUserName, int i) {
                super(null);
                Intrinsics.b(foundUserName, "foundUserName");
                this.a = foundUserName;
                this.b = i;
            }

            public final int a() {
                return this.b;
            }

            public boolean equals(@Nullable Object obj) {
                if (this != obj) {
                    if (obj instanceof DifferentUserLoggedIn) {
                        DifferentUserLoggedIn differentUserLoggedIn = (DifferentUserLoggedIn) obj;
                        if (Intrinsics.a((Object) this.a, (Object) differentUserLoggedIn.a)) {
                            if (this.b == differentUserLoggedIn.b) {
                            }
                        }
                    }
                    return false;
                }
                return true;
            }

            public int hashCode() {
                String str = this.a;
                return ((str != null ? str.hashCode() : 0) * 31) + this.b;
            }

            @NotNull
            public String toString() {
                return "DifferentUserLoggedIn(foundUserName=" + this.a + ", provider=" + this.b + ")";
            }
        }

        /* loaded from: classes.dex */
        public static final class GeneralFailure extends ErrorType {
            public static final GeneralFailure a = new GeneralFailure();

            private GeneralFailure() {
                super(null);
            }
        }

        /* loaded from: classes.dex */
        public static final class LoginFailed extends ErrorType {
            public static final LoginFailed a = new LoginFailed();

            private LoginFailed() {
                super(null);
            }
        }

        private ErrorType() {
        }

        public /* synthetic */ ErrorType(DefaultConstructorMarker defaultConstructorMarker) {
            this();
        }
    }

    /* loaded from: classes.dex */
    public static abstract class FlowState {

        /* loaded from: classes.dex */
        public static final class AdfsAuthInfo extends FlowState {
            public AdfsAuthInfo() {
                super(null);
            }
        }

        /* loaded from: classes.dex */
        public static final class AdfsLocalKey extends FlowState {
            public AdfsLocalKey() {
                super(null);
            }
        }

        /* loaded from: classes.dex */
        public static final class Finished extends FlowState {

            @Expose
            private final boolean a;

            public Finished(boolean z) {
                super(null);
                this.a = z;
            }

            public final boolean a() {
                return this.a;
            }

            public boolean equals(@Nullable Object obj) {
                if (this != obj) {
                    if (obj instanceof Finished) {
                        if (this.a == ((Finished) obj).a) {
                        }
                    }
                    return false;
                }
                return true;
            }

            public int hashCode() {
                boolean z = this.a;
                if (z) {
                    return 1;
                }
                return z ? 1 : 0;
            }

            @NotNull
            public String toString() {
                return "Finished(success=" + this.a + ")";
            }
        }

        /* loaded from: classes.dex */
        public static final class NotFederatedUser extends FlowState {
            public NotFederatedUser() {
                super(null);
            }
        }

        /* loaded from: classes.dex */
        public static final class OpenIdK1 extends FlowState {
            public OpenIdK1() {
                super(null);
            }
        }

        /* loaded from: classes.dex */
        public static final class OpenIdK2 extends FlowState {
            public OpenIdK2() {
                super(null);
            }
        }

        /* loaded from: classes.dex */
        public static final class RetrieveOpenIdConfig extends FlowState {
            public RetrieveOpenIdConfig() {
                super(null);
            }
        }

        /* loaded from: classes.dex */
        public static final class Undefined extends FlowState {
            public Undefined() {
                super(null);
            }
        }

        /* loaded from: classes.dex */
        public static final class UserLogin extends FlowState {
            public UserLogin() {
                super(null);
            }
        }

        /* loaded from: classes.dex */
        public static final class ZeroKnowledgeGenerateKeys extends FlowState {
            public ZeroKnowledgeGenerateKeys() {
                super(null);
            }
        }

        /* loaded from: classes.dex */
        public static final class ZeroKnowledgeUploadPublicKey extends FlowState {
            public ZeroKnowledgeUploadPublicKey() {
                super(null);
            }
        }

        private FlowState() {
        }

        public /* synthetic */ FlowState(DefaultConstructorMarker defaultConstructorMarker) {
            this();
        }
    }

    static {
        new Companion(null);
    }

    private FederatedLoginFlow() {
        this("");
    }

    public FederatedLoginFlow(@NotNull String username) {
        Intrinsics.b(username, "username");
        int length = username.length() - 1;
        int i = 0;
        boolean z = false;
        while (i <= length) {
            boolean z2 = username.charAt(!z ? i : length) <= ' ';
            if (z) {
                if (!z2) {
                    break;
                } else {
                    length--;
                }
            } else if (z2) {
                i++;
            } else {
                z = true;
            }
        }
        this.a = username.subSequence(i, length + 1).toString();
        this.b = new MutableLiveData<>();
        this.c = new MutableLiveData<>();
        this.d = new MutableLiveData<>();
        this.e = new FederatedLoginFlowData(null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, 32767, null);
        this.b.b((MutableLiveData<FlowState>) new FlowState.Undefined());
        AppComponent.U().a(this);
        AppComponent U = AppComponent.U();
        Intrinsics.a((Object) U, "AppComponent.get()");
        U.F().a(this);
    }

    private final void A() {
        String d = this.e.i().d();
        if (d == null || d.length() == 0) {
            LpLog.f("TagLogin", "Empty connect authority");
            a();
            return;
        }
        OpenIdApi openIdApi = this.j;
        if (openIdApi == null) {
            Intrinsics.d("openIdApi");
            throw null;
        }
        String d2 = this.e.i().d();
        if (d2 != null) {
            openIdApi.d(d2, new AdfsApiCallback<OpenIdConfigurationResponse>() { // from class: com.lastpass.lpandroid.domain.account.adfs.FederatedLoginFlow$retrieveOpenIdConfiguration$1
                /* JADX INFO: Access modifiers changed from: package-private */
                {
                    super();
                }

                public void a(@Nullable OpenIdConfigurationResponse openIdConfigurationResponse, @Nullable Response<OpenIdConfigurationResponse> response) {
                    FederatedLoginFlowData federatedLoginFlowData;
                    String str;
                    FederatedLoginFlowData federatedLoginFlowData2;
                    String b;
                    String a = openIdConfigurationResponse != null ? openIdConfigurationResponse.a() : null;
                    if (a == null || a.length() == 0) {
                        throw new IllegalStateException("Failed to retrieve openid authority url");
                    }
                    federatedLoginFlowData = FederatedLoginFlow.this.e;
                    String str2 = "";
                    if (openIdConfigurationResponse == null || (str = openIdConfigurationResponse.a()) == null) {
                        str = "";
                    }
                    federatedLoginFlowData.f(str);
                    federatedLoginFlowData2 = FederatedLoginFlow.this.e;
                    if (openIdConfigurationResponse != null && (b = openIdConfigurationResponse.b()) != null) {
                        str2 = b;
                    }
                    federatedLoginFlowData2.g(str2);
                    super.a((FederatedLoginFlow$retrieveOpenIdConfiguration$1) openIdConfigurationResponse, (Response<FederatedLoginFlow$retrieveOpenIdConfiguration$1>) response);
                }

                @Override // com.lastpass.lpandroid.domain.account.adfs.FederatedLoginFlow.AdfsApiCallback, com.lastpass.lpandroid.api.lmiapi.LmiApiCallback
                public /* bridge */ /* synthetic */ void a(Object obj, Response response) {
                    a((OpenIdConfigurationResponse) obj, (Response<OpenIdConfigurationResponse>) response);
                }
            });
        } else {
            Intrinsics.a();
            throw null;
        }
    }

    private final void B() {
        LpLog.a("TagLogin", "Uploading ADFS public key");
        if (this.e.o() == null) {
            throw new IllegalStateException("Keypair null");
        }
        AdfsApi adfsApi = this.i;
        if (adfsApi == null) {
            Intrinsics.d("adfsApi");
            throw null;
        }
        String c = this.e.i().c();
        if (c == null) {
            c = "";
        }
        adfsApi.a(c);
        AdfsApi adfsApi2 = this.i;
        if (adfsApi2 == null) {
            Intrinsics.d("adfsApi");
            throw null;
        }
        String str = this.a;
        KeyPair o = this.e.o();
        if (o == null) {
            Intrinsics.a();
            throw null;
        }
        PublicKey publicKey = o.getPublic();
        Intrinsics.a((Object) publicKey, "flowData.zeroKnowledgeKeyPair!!.public");
        String encodeToString = Base64.encodeToString(publicKey.getEncoded(), 2);
        Intrinsics.a((Object) encodeToString, "Base64.encodeToString(fl….encoded, Base64.NO_WRAP)");
        adfsApi2.a(str, encodeToString, new AdfsApiCallback());
    }

    /* JADX INFO: Access modifiers changed from: private */
    public final boolean C() {
        return !(this.e.d().length() == 0) && Intrinsics.a((Object) this.e.d(), (Object) this.e.c());
    }

    private final ErrorType D() {
        String a;
        boolean c;
        boolean c2;
        boolean a2;
        try {
            JWT jwt = new JWT(this.e.e());
            if (jwt.a(10L)) {
                LpLog.f("TagLogin", "JWT expired");
                return ErrorType.LoginFailed.a;
            }
            if (!Intrinsics.a((Object) (jwt.c() != null ? FormattingExtensionsKt.b(r4) : null), (Object) FormattingExtensionsKt.b(this.e.m()))) {
                LpLog.f("TagLogin", "Invalid issuer");
                return ErrorType.LoginFailed.a;
            }
            List<String> a3 = jwt.a();
            if (a3 != null && a3.contains(g().e())) {
                List<String> a4 = jwt.a();
                if ((a4 != null ? a4.size() : 0) > 1 && jwt.b().containsKey("azp")) {
                    LpLog.f("TagLogin", "Missing azp");
                    return ErrorType.LoginFailed.a;
                }
                if (jwt.b().containsKey("azp")) {
                    String a5 = jwt.a("azp").a();
                    if (a5 != null) {
                        String e = g().e();
                        if (e == null) {
                            Intrinsics.a();
                            throw null;
                        }
                        a2 = StringsKt__StringsKt.a((CharSequence) a5, (CharSequence) e, false, 2, (Object) null);
                        if (!a2) {
                        }
                    }
                    LpLog.f("TagLogin", "Invalid azp");
                    return ErrorType.LoginFailed.a;
                }
                if (jwt.b().containsKey("nonce") && !(!Intrinsics.a((Object) jwt.a("nonce").a(), (Object) FormattingExtensionsKt.a(this.e.k())))) {
                    if (jwt.b().containsKey(Scopes.EMAIL)) {
                        c2 = StringsKt__StringsJVMKt.c(jwt.a(Scopes.EMAIL).a(), this.a, true);
                        if (c2) {
                            return null;
                        }
                    }
                    if (jwt.b().containsKey("preferred_username")) {
                        c = StringsKt__StringsJVMKt.c(jwt.a("preferred_username").a(), this.a, true);
                        if (c) {
                            return null;
                        }
                    }
                    LpLog.f("TagLogin", "username is different");
                    if (jwt.b().containsKey(Scopes.EMAIL)) {
                        a = jwt.a(Scopes.EMAIL).a();
                        if (a != null) {
                        }
                        a = "";
                    } else {
                        a = jwt.a("preferred_username").a();
                        if (a != null) {
                        }
                        a = "";
                    }
                    Intrinsics.a((Object) a, "if(jwt.claims.containsKe…ername\").asString() ?: \"\"");
                    Integer f = this.e.i().f();
                    return new ErrorType.DifferentUserLoggedIn(a, f != null ? f.intValue() : 0);
                }
                LpLog.f("TagLogin", "Invalid nonce");
                return ErrorType.LoginFailed.a;
            }
            LpLog.f("TagLogin", "Invalid audience");
            return ErrorType.LoginFailed.a;
        } catch (DecodeException unused) {
            return ErrorType.LoginFailed.a;
        }
    }

    private final String a(String str) {
        JWT jwt = new JWT(str);
        if (jwt.b().containsKey("LastPassK1")) {
            return jwt.a("LastPassK1").a();
        }
        return null;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public final void a(AdfsAuthInfo adfsAuthInfo) {
        if (this.e.i().g() != 2) {
            this.e.a(Base64.decode(adfsAuthInfo.b(), 0));
            if (this.e.f() == null) {
                throw new IllegalArgumentException("Emtpy k1");
            }
        }
        this.e.b(Base64.decode(adfsAuthInfo.c(), 0));
        if (this.e.g() == null) {
            throw new IllegalArgumentException("Emtpy k2");
        }
        this.e.a(adfsAuthInfo.a());
        if (TextUtils.isEmpty(this.e.a())) {
            throw new IllegalArgumentException("Emtpy authSessionId");
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public final void a(FederatedLoginType federatedLoginType) {
        this.e.a(federatedLoginType);
        if (this.e.i().h()) {
            LpLog.a("TagLogin", "User is federated, type " + federatedLoginType.g());
            Preferences preferences = this.f;
            if (preferences == null) {
                Intrinsics.d("preferences");
                throw null;
            }
            preferences.b("login_identity_guid", federatedLoginType.b());
            Preferences preferences2 = this.f;
            if (preferences2 == null) {
                Intrinsics.d("preferences");
                throw null;
            }
            preferences2.b("login_identity_provider", federatedLoginType.c());
            Preferences preferences3 = this.f;
            if (preferences3 == null) {
                Intrinsics.d("preferences");
                throw null;
            }
            preferences3.a("login_login_type", federatedLoginType.g());
            Preferences preferences4 = this.f;
            if (preferences4 == null) {
                Intrinsics.d("preferences");
                throw null;
            }
            Long a = federatedLoginType.a();
            preferences4.a("login_federated_company_id", a != null ? a.longValue() : 0L);
            Preferences preferences5 = this.f;
            if (preferences5 == null) {
                Intrinsics.d("preferences");
                throw null;
            }
            Integer f = federatedLoginType.f();
            preferences5.a("login_federated_provider", f != null ? f.intValue() : 0);
            Preferences preferences6 = this.f;
            if (preferences6 == null) {
                Intrinsics.d("preferences");
                throw null;
            }
            preferences6.b("login_openid_authority", federatedLoginType.d());
            Preferences preferences7 = this.f;
            if (preferences7 == null) {
                Intrinsics.d("preferences");
                throw null;
            }
            preferences7.b("login_openid_clientid", federatedLoginType.e());
            boolean z = true;
            if (federatedLoginType.g() == 1 || federatedLoginType.g() == 2) {
                String b = federatedLoginType.b();
                if (!(b == null || b.length() == 0)) {
                    String c = federatedLoginType.c();
                    if (c != null && c.length() != 0) {
                        z = false;
                    }
                    if (!z) {
                        return;
                    }
                }
                throw new IllegalArgumentException("Empty provider url or guid");
            }
            if (federatedLoginType.g() == 3) {
                String d = federatedLoginType.d();
                if (!(d == null || d.length() == 0)) {
                    String e = federatedLoginType.e();
                    if (e != null && e.length() != 0) {
                        z = false;
                    }
                    if (!z) {
                        this.e.h("https://accounts.lastpass.com/federated/oidcredirect.html");
                        return;
                    }
                }
                throw new IllegalArgumentException("Empty connect authority or client id");
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public final void a(ErrorType errorType, String str) {
        this.b.b((MutableLiveData<FlowState>) new FlowState.Finished(false));
        MutableLiveData<FederatedError> mutableLiveData = this.d;
        if (str == null) {
            str = "";
        }
        mutableLiveData.b((MutableLiveData<FederatedError>) new FederatedError(errorType, str));
    }

    private final boolean a(AdfsSamlResponseParameters adfsSamlResponseParameters) {
        if (adfsSamlResponseParameters == null) {
            return false;
        }
        FederatedLoginFlowData federatedLoginFlowData = this.e;
        RsaKeyRepository rsaKeyRepository = this.g;
        if (rsaKeyRepository == null) {
            Intrinsics.d("rsaKeyRepository");
            throw null;
        }
        byte[] a = adfsSamlResponseParameters.a();
        KeyPair o = this.e.o();
        if (o == null) {
            Intrinsics.a();
            throw null;
        }
        federatedLoginFlowData.a(rsaKeyRepository.b(a, o.getPrivate()));
        if (this.e.f() == null) {
            LpLog.f("TagLogin", "Failed to decrypt SAML k1");
            return false;
        }
        CryptoUtils cryptoUtils = CryptoUtils.a;
        byte[] b = adfsSamlResponseParameters.b();
        CryptoUtils cryptoUtils2 = CryptoUtils.a;
        byte[] f = this.e.f();
        if (f == null) {
            Intrinsics.a();
            throw null;
        }
        if (cryptoUtils.a(b, cryptoUtils2.a(f)) == 0) {
            return true;
        }
        LpLog.f("TagLogin", "Failed to verify k1 signature");
        this.e.a((byte[]) null);
        return false;
    }

    private final void o() {
        LpLog.a("TagLogin", "Assembling master password from federated key elements");
        if (this.e.i().g() == 3) {
            FederatedLoginFlowData federatedLoginFlowData = this.e;
            CryptoUtils cryptoUtils = CryptoUtils.a;
            byte[] f = federatedLoginFlowData.f();
            if (f == null) {
                Intrinsics.a();
                throw null;
            }
            byte[] g = this.e.g();
            if (g == null) {
                Intrinsics.a();
                throw null;
            }
            federatedLoginFlowData.d(cryptoUtils.a(cryptoUtils.b(f, g)));
        } else {
            FederatedLoginFlowData federatedLoginFlowData2 = this.e;
            CryptoUtils cryptoUtils2 = CryptoUtils.a;
            byte[] f2 = federatedLoginFlowData2.f();
            if (f2 == null) {
                Intrinsics.a();
                throw null;
            }
            byte[] g2 = this.e.g();
            if (g2 == null) {
                Intrinsics.a();
                throw null;
            }
            byte[] b = cryptoUtils2.b(f2, g2);
            byte[] h = this.e.h();
            if (h == null) {
                Intrinsics.a();
                throw null;
            }
            federatedLoginFlowData2.d(cryptoUtils2.a(cryptoUtils2.b(b, h)));
        }
        this.e.c((byte[]) null);
        this.e.a((byte[]) null);
        this.e.b((byte[]) null);
        this.e.e("");
        this.e.b("");
    }

    private final String p() {
        boolean a;
        if ((this.b.a() instanceof FlowState.Undefined) || (this.b.a() instanceof FlowState.NotFederatedUser)) {
            throw new IllegalStateException("Invalid state");
        }
        StringBuilder sb = new StringBuilder();
        sb.append(this.e.i().c());
        String c = this.e.i().c();
        if (c != null) {
            a = StringsKt__StringsJVMKt.a(c, "/", false, 2, null);
            if (!a) {
                sb.append("/");
            }
        }
        sb.append("auth/saml2/");
        String b = this.e.i().b();
        if (b == null) {
            b = "";
        }
        sb.append(b);
        String sb2 = sb.toString();
        Intrinsics.a((Object) sb2, "stringBuilder.toString()");
        return sb2;
    }

    private final String q() {
        if ((this.b.a() instanceof FlowState.Undefined) || (this.b.a() instanceof FlowState.NotFederatedUser)) {
            throw new IllegalStateException("Invalid state");
        }
        return FormattingExtensionsKt.d(FormattingExtensionsKt.b(this.e.l())) + "?client_id=" + URLEncoder.encode(this.e.i().e(), StandardCharsets.UTF_8.name()) + "&login_hint=" + URLEncoder.encode(this.a, StandardCharsets.UTF_8.name()) + "&redirect_uri=" + URLEncoder.encode("https://accounts.lastpass.com/federated/oidcredirect.html", StandardCharsets.UTF_8.name()) + "&response_type=" + URLEncoder.encode("id_token token", StandardCharsets.UTF_8.name()) + "&scope=" + URLEncoder.encode("openid email profile", StandardCharsets.UTF_8.name()) + "&state=" + URLEncoder.encode(FormattingExtensionsKt.a(this.e.k()), StandardCharsets.UTF_8.name()) + "&nonce=" + URLEncoder.encode(FormattingExtensionsKt.a(this.e.k()), StandardCharsets.UTF_8.name());
    }

    private final void r() {
        this.e.e(KeyGenerator.a(32));
    }

    private final void s() {
        LpLog.a("TagLogin", "Generating ADFS public key");
        FederatedLoginFlowData federatedLoginFlowData = this.e;
        RsaKeyRepository rsaKeyRepository = this.g;
        if (rsaKeyRepository == null) {
            Intrinsics.d("rsaKeyRepository");
            throw null;
        }
        federatedLoginFlowData.a(rsaKeyRepository.a());
        z();
    }

    private final void t() {
        LpLog.a("TagLogin", "ADFS: getting auth info");
        AdfsApi adfsApi = this.i;
        if (adfsApi == null) {
            Intrinsics.d("adfsApi");
            throw null;
        }
        String c = this.e.i().c();
        if (c == null) {
            c = "";
        }
        adfsApi.a(c);
        AdfsApi adfsApi2 = this.i;
        if (adfsApi2 != null) {
            adfsApi2.c(this.e.b(), new AdfsApiCallback<AdfsAuthInfo>() { // from class: com.lastpass.lpandroid.domain.account.adfs.FederatedLoginFlow$getAdfsAuthInfo$1
                /* JADX INFO: Access modifiers changed from: package-private */
                {
                    super();
                }

                public void a(@Nullable AdfsAuthInfo adfsAuthInfo, @Nullable Response<AdfsAuthInfo> response) {
                    FederatedLoginFlow federatedLoginFlow = FederatedLoginFlow.this;
                    if (adfsAuthInfo != null) {
                        federatedLoginFlow.a(adfsAuthInfo);
                        super.a((FederatedLoginFlow$getAdfsAuthInfo$1) adfsAuthInfo, (Response<FederatedLoginFlow$getAdfsAuthInfo$1>) response);
                    }
                }

                @Override // com.lastpass.lpandroid.domain.account.adfs.FederatedLoginFlow.AdfsApiCallback, com.lastpass.lpandroid.api.lmiapi.LmiApiCallback
                public /* bridge */ /* synthetic */ void a(Object obj, Response response) {
                    a((AdfsAuthInfo) obj, (Response<AdfsAuthInfo>) response);
                }
            });
        } else {
            Intrinsics.d("adfsApi");
            throw null;
        }
    }

    private final void u() {
        LpLog.a("TagLogin", "ADFS: getting local key part");
        AdfsApi adfsApi = this.i;
        if (adfsApi == null) {
            Intrinsics.d("adfsApi");
            throw null;
        }
        String c = this.e.i().c();
        if (c == null) {
            c = "";
        }
        adfsApi.a(c);
        AdfsApi adfsApi2 = this.i;
        if (adfsApi2 != null) {
            adfsApi2.b(this.a, v(), this.e.a(), new AdfsApiCallback<AdfsLocalKeyPart>() { // from class: com.lastpass.lpandroid.domain.account.adfs.FederatedLoginFlow$getAdfsLocalKeyPart$1
                /* JADX INFO: Access modifiers changed from: package-private */
                {
                    super();
                }

                public void a(@Nullable AdfsLocalKeyPart adfsLocalKeyPart, @Nullable Response<AdfsLocalKeyPart> response) {
                    FederatedLoginFlowData federatedLoginFlowData;
                    FederatedLoginFlowData federatedLoginFlowData2;
                    federatedLoginFlowData = FederatedLoginFlow.this.e;
                    federatedLoginFlowData.c(Base64.decode(adfsLocalKeyPart != null ? adfsLocalKeyPart.a() : null, 0));
                    federatedLoginFlowData2 = FederatedLoginFlow.this.e;
                    if (federatedLoginFlowData2.h() == null) {
                        throw new IllegalArgumentException("Emtpy local key");
                    }
                    super.a((FederatedLoginFlow$getAdfsLocalKeyPart$1) adfsLocalKeyPart, (Response<FederatedLoginFlow$getAdfsLocalKeyPart$1>) response);
                }

                @Override // com.lastpass.lpandroid.domain.account.adfs.FederatedLoginFlow.AdfsApiCallback, com.lastpass.lpandroid.api.lmiapi.LmiApiCallback
                public /* bridge */ /* synthetic */ void a(Object obj, Response response) {
                    a((AdfsLocalKeyPart) obj, (Response<AdfsLocalKeyPart>) response);
                }
            });
        } else {
            Intrinsics.d("adfsApi");
            throw null;
        }
    }

    private final String v() {
        CryptoUtils cryptoUtils = CryptoUtils.a;
        byte[] f = this.e.f();
        if (f == null) {
            Intrinsics.a();
            throw null;
        }
        byte[] g = this.e.g();
        if (g == null) {
            Intrinsics.a();
            throw null;
        }
        String encodeToString = Base64.encodeToString(cryptoUtils.a(cryptoUtils.b(f, g)), 2);
        Intrinsics.a((Object) encodeToString, "Base64.encodeToString(fl…sha256(), Base64.NO_WRAP)");
        return encodeToString;
    }

    private final void w() {
        if (this.e.f() != null) {
            FederatedLoginFlowData federatedLoginFlowData = this.e;
            byte[] f = federatedLoginFlowData.f();
            String encodeToString = Base64.encodeToString(f != null ? CryptoUtils.a.a(f) : null, 2);
            Intrinsics.a((Object) encodeToString, "Base64.encodeToString(fl…sha256(), Base64.NO_WRAP)");
            federatedLoginFlowData.c(encodeToString);
            z();
            return;
        }
        OpenIdApi openIdApi = this.j;
        if (openIdApi == null) {
            Intrinsics.d("openIdApi");
            throw null;
        }
        openIdApi.b("https://graph.microsoft.com");
        OpenIdApi openIdApi2 = this.j;
        if (openIdApi2 != null) {
            openIdApi2.b(this.e.b(), new AdfsApiCallback<OpenIdK1Response>() { // from class: com.lastpass.lpandroid.domain.account.adfs.FederatedLoginFlow$getOpenIdK1$1
                /* JADX INFO: Access modifiers changed from: package-private */
                {
                    super();
                }

                public void a(@Nullable OpenIdK1Response openIdK1Response, @Nullable Response<OpenIdK1Response> response) {
                    String str;
                    FederatedLoginFlowData federatedLoginFlowData2;
                    FederatedLoginFlowData federatedLoginFlowData3;
                    FederatedLoginFlowData federatedLoginFlowData4;
                    FederatedLoginFlowData federatedLoginFlowData5;
                    List<OpenIdK1Extension> a;
                    int a2;
                    if (openIdK1Response == null || (a = openIdK1Response.a()) == null) {
                        str = null;
                    } else {
                        a2 = CollectionsKt__IterablesKt.a(a, 10);
                        ArrayList arrayList = new ArrayList(a2);
                        Iterator<T> it = a.iterator();
                        while (it.hasNext()) {
                            arrayList.add(((OpenIdK1Extension) it.next()).a());
                        }
                        str = (String) CollectionsKt.e((List) arrayList);
                    }
                    if (str == null || str.length() == 0) {
                        throw new IllegalStateException("k1 not found in response");
                    }
                    federatedLoginFlowData2 = FederatedLoginFlow.this.e;
                    federatedLoginFlowData2.a(Base64.decode(str, 2));
                    federatedLoginFlowData3 = FederatedLoginFlow.this.e;
                    if (federatedLoginFlowData3.f() != null) {
                        federatedLoginFlowData4 = FederatedLoginFlow.this.e;
                        federatedLoginFlowData5 = FederatedLoginFlow.this.e;
                        byte[] f2 = federatedLoginFlowData5.f();
                        String encodeToString2 = Base64.encodeToString(f2 != null ? CryptoUtils.a.a(f2) : null, 2);
                        Intrinsics.a((Object) encodeToString2, "Base64.encodeToString(fl…sha256(), Base64.NO_WRAP)");
                        federatedLoginFlowData4.c(encodeToString2);
                    }
                    super.a((FederatedLoginFlow$getOpenIdK1$1) openIdK1Response, (Response<FederatedLoginFlow$getOpenIdK1$1>) response);
                }

                @Override // com.lastpass.lpandroid.domain.account.adfs.FederatedLoginFlow.AdfsApiCallback, com.lastpass.lpandroid.api.lmiapi.LmiApiCallback
                public /* bridge */ /* synthetic */ void a(Object obj, Response response) {
                    a((OpenIdK1Response) obj, (Response<OpenIdK1Response>) response);
                }
            });
        } else {
            Intrinsics.d("openIdApi");
            throw null;
        }
    }

    private final void x() {
        OpenIdApi openIdApi = this.j;
        if (openIdApi == null) {
            Intrinsics.d("openIdApi");
            throw null;
        }
        Preferences preferences = this.f;
        if (preferences == null) {
            Intrinsics.d("preferences");
            throw null;
        }
        Boolean d = preferences.d("debug_menu_use_test_push");
        Intrinsics.a((Object) d, "preferences.getBoolean(P…PREF_DEBUG_USE_TEST_PUSH)");
        openIdApi.a(d.booleanValue() ? "https://loginservice.dev.3amlabs.net/" : "https://accounts.lastpass.com/");
        OpenIdApi openIdApi2 = this.j;
        if (openIdApi2 == null) {
            Intrinsics.d("openIdApi");
            throw null;
        }
        Long a = this.e.i().a();
        openIdApi2.a(a != null ? a.longValue() : 0L, this.e.e(), new AdfsApiCallback<OpenIdK2Response>() { // from class: com.lastpass.lpandroid.domain.account.adfs.FederatedLoginFlow$getOpenIdK2$1
            /* JADX INFO: Access modifiers changed from: package-private */
            {
                super();
            }

            public void a(@Nullable OpenIdK2Response openIdK2Response, @Nullable Response<OpenIdK2Response> response) {
                FederatedLoginFlowData federatedLoginFlowData;
                FederatedLoginFlowData federatedLoginFlowData2;
                boolean C;
                String b = openIdK2Response != null ? openIdK2Response.b() : null;
                if (b == null || b.length() == 0) {
                    throw new IllegalStateException("k2 not found in response");
                }
                federatedLoginFlowData = FederatedLoginFlow.this.e;
                federatedLoginFlowData.b(Base64.decode(b, 2));
                federatedLoginFlowData2 = FederatedLoginFlow.this.e;
                String a2 = openIdK2Response.a();
                if (a2 == null) {
                    a2 = "";
                }
                federatedLoginFlowData2.d(a2);
                C = FederatedLoginFlow.this.C();
                if (!C) {
                    throw new IllegalArgumentException("Fragment ids mismatch");
                }
                super.a((FederatedLoginFlow$getOpenIdK2$1) openIdK2Response, (Response<FederatedLoginFlow$getOpenIdK2$1>) response);
            }

            @Override // com.lastpass.lpandroid.domain.account.adfs.FederatedLoginFlow.AdfsApiCallback, com.lastpass.lpandroid.api.lmiapi.LmiApiCallback
            public /* bridge */ /* synthetic */ void a(Object obj, Response response) {
                a((OpenIdK2Response) obj, (Response<OpenIdK2Response>) response);
            }
        });
    }

    private final void y() {
        int g = this.e.i().g();
        if (g == 1) {
            this.b.b((MutableLiveData<FlowState>) new FlowState.UserLogin());
            return;
        }
        if (g == 2) {
            this.b.b((MutableLiveData<FlowState>) new FlowState.ZeroKnowledgeGenerateKeys());
            s();
        } else {
            if (g != 3) {
                this.b.b((MutableLiveData<FlowState>) new FlowState.NotFederatedUser());
                return;
            }
            r();
            this.b.b((MutableLiveData<FlowState>) new FlowState.RetrieveOpenIdConfig());
            A();
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public final void z() {
        LpLog.a("TagLogin", "Federated state " + this.b.a() + " completed");
        FlowState a = this.b.a();
        if (a instanceof FlowState.Undefined) {
            y();
            return;
        }
        if (a instanceof FlowState.UserLogin) {
            if (this.e.i().g() == 3) {
                this.b.b((MutableLiveData<FlowState>) new FlowState.OpenIdK1());
                w();
                return;
            } else {
                this.b.b((MutableLiveData<FlowState>) new FlowState.AdfsAuthInfo());
                t();
                return;
            }
        }
        if (a instanceof FlowState.AdfsAuthInfo) {
            this.b.b((MutableLiveData<FlowState>) new FlowState.AdfsLocalKey());
            u();
            return;
        }
        if (a instanceof FlowState.AdfsLocalKey) {
            o();
            this.b.b((MutableLiveData<FlowState>) new FlowState.Finished(true));
            return;
        }
        if (a instanceof FlowState.ZeroKnowledgeGenerateKeys) {
            this.b.b((MutableLiveData<FlowState>) new FlowState.ZeroKnowledgeUploadPublicKey());
            B();
            return;
        }
        if (a instanceof FlowState.ZeroKnowledgeUploadPublicKey) {
            this.b.b((MutableLiveData<FlowState>) new FlowState.UserLogin());
            return;
        }
        if (a instanceof FlowState.RetrieveOpenIdConfig) {
            this.b.b((MutableLiveData<FlowState>) new FlowState.UserLogin());
            return;
        }
        if (a instanceof FlowState.OpenIdK1) {
            this.b.b((MutableLiveData<FlowState>) new FlowState.OpenIdK2());
            x();
        } else if (a instanceof FlowState.OpenIdK2) {
            o();
            this.b.b((MutableLiveData<FlowState>) new FlowState.Finished(true));
        }
    }

    public final void a() {
        this.b.b((MutableLiveData<FlowState>) new FlowState.Finished(false));
        this.c.b((MutableLiveData<Unit>) null);
    }

    public final void a(@NotNull String authToken, @Nullable AdfsSamlResponseParameters adfsSamlResponseParameters) {
        Intrinsics.b(authToken, "authToken");
        LpLog.a("TagLogin", "Federated user login completed");
        if (!(this.b.a() instanceof FlowState.UserLogin) && !(this.b.a() instanceof FlowState.Finished)) {
            throw new IllegalStateException("Invalid state");
        }
        if (authToken.length() == 0) {
            a(ErrorType.LoginFailed.a, "Missing auth token");
            return;
        }
        this.e.b(authToken);
        if (this.e.i().g() == 2 && !a(adfsSamlResponseParameters)) {
            a(ErrorType.LoginFailed.a, "Missing auth token");
        } else {
            z();
        }
    }

    public final void a(@NotNull String authToken, @NotNull String idToken) {
        byte[] bArr;
        Intrinsics.b(authToken, "authToken");
        Intrinsics.b(idToken, "idToken");
        LpLog.a("TagLogin", "OpenId user login completed");
        if (!(this.b.a() instanceof FlowState.UserLogin) && !(this.b.a() instanceof FlowState.Finished)) {
            throw new IllegalStateException("Invalid state");
        }
        if (!(authToken.length() == 0)) {
            if (!(idToken.length() == 0)) {
                this.e.e(idToken);
                try {
                    FederatedLoginFlowData federatedLoginFlowData = this.e;
                    String a = a(authToken);
                    if (a != null) {
                        Charset charset = StandardCharsets.UTF_8;
                        Intrinsics.a((Object) charset, "StandardCharsets.UTF_8");
                        if (a == null) {
                            throw new TypeCastException("null cannot be cast to non-null type java.lang.String");
                        }
                        bArr = a.getBytes(charset);
                        Intrinsics.a((Object) bArr, "(this as java.lang.String).getBytes(charset)");
                    } else {
                        bArr = null;
                    }
                    federatedLoginFlowData.a(bArr);
                } catch (DecodeException unused) {
                }
                this.e.b(authToken);
                ErrorType D = D();
                if (D == null) {
                    z();
                    return;
                }
                LpLog.f("TagLogin", "Invalid id token, validation failed " + D);
                a(D, "");
                return;
            }
        }
        a(ErrorType.LoginFailed.a, "Missing auth token or id token");
    }

    public final void b() {
        boolean c;
        boolean c2;
        if (!(this.b.a() instanceof FlowState.Undefined) && !(this.b.a() instanceof FlowState.UserLogin)) {
            throw new IllegalStateException("Invalid state");
        }
        boolean z = false;
        if (this.a.length() == 0) {
            z();
            return;
        }
        LastPassUserAccount z2 = LastPassUserAccount.z();
        if (z2 != null) {
            c2 = StringsKt__StringsJVMKt.c(z2.l(), this.a, true);
            if (c2 && z2.s()) {
                z = true;
            }
        }
        String str = this.a;
        Preferences preferences = this.f;
        if (preferences == null) {
            Intrinsics.d("preferences");
            throw null;
        }
        c = StringsKt__StringsJVMKt.c(str, preferences.c("login_last_federated_email"), true);
        if (!z && !c) {
            AdfsApi adfsApi = this.i;
            if (adfsApi != null) {
                adfsApi.a(this.a, new AdfsApiCallback<FederatedLoginType>() { // from class: com.lastpass.lpandroid.domain.account.adfs.FederatedLoginFlow$checkLoginType$1
                    /* JADX INFO: Access modifiers changed from: package-private */
                    {
                        super();
                    }

                    public void a(@Nullable FederatedLoginType federatedLoginType, @Nullable Response<FederatedLoginType> response) {
                        FederatedLoginFlow federatedLoginFlow = FederatedLoginFlow.this;
                        if (federatedLoginType != null) {
                            federatedLoginFlow.a(federatedLoginType);
                            super.a((FederatedLoginFlow$checkLoginType$1) federatedLoginType, (Response<FederatedLoginFlow$checkLoginType$1>) response);
                        }
                    }

                    @Override // com.lastpass.lpandroid.domain.account.adfs.FederatedLoginFlow.AdfsApiCallback, com.lastpass.lpandroid.api.lmiapi.LmiApiCallback
                    public /* bridge */ /* synthetic */ void a(Object obj, Response response) {
                        a((FederatedLoginType) obj, (Response<FederatedLoginType>) response);
                    }
                });
                return;
            } else {
                Intrinsics.d("adfsApi");
                throw null;
            }
        }
        LpLog.a("TagLogin", "last user is federated");
        FederatedLoginFlowData federatedLoginFlowData = this.e;
        Preferences preferences2 = this.f;
        if (preferences2 == null) {
            Intrinsics.d("preferences");
            throw null;
        }
        int g = preferences2.g("login_login_type");
        Preferences preferences3 = this.f;
        if (preferences3 == null) {
            Intrinsics.d("preferences");
            throw null;
        }
        String c3 = preferences3.c("login_identity_guid");
        Preferences preferences4 = this.f;
        if (preferences4 == null) {
            Intrinsics.d("preferences");
            throw null;
        }
        String c4 = preferences4.c("login_identity_provider");
        Preferences preferences5 = this.f;
        if (preferences5 == null) {
            Intrinsics.d("preferences");
            throw null;
        }
        String c5 = preferences5.c("login_openid_authority");
        Preferences preferences6 = this.f;
        if (preferences6 == null) {
            Intrinsics.d("preferences");
            throw null;
        }
        String c6 = preferences6.c("login_openid_clientid");
        Preferences preferences7 = this.f;
        if (preferences7 == null) {
            Intrinsics.d("preferences");
            throw null;
        }
        Long valueOf = Long.valueOf(preferences7.h("login_federated_company_id"));
        Preferences preferences8 = this.f;
        if (preferences8 == null) {
            Intrinsics.d("preferences");
            throw null;
        }
        federatedLoginFlowData.a(new FederatedLoginType(g, c3, c4, c5, c6, valueOf, Integer.valueOf(preferences8.g("login_federated_provider"))));
        if (this.e.i().g() == 3) {
            this.e.h("https://accounts.lastpass.com/federated/oidcredirect.html");
        }
        z();
    }

    @NotNull
    public final String c() {
        return this.e.a();
    }

    @NotNull
    public final MutableLiveData<Unit> d() {
        return this.c;
    }

    @NotNull
    public final MutableLiveData<FederatedError> e() {
        return this.d;
    }

    @NotNull
    public final MutableLiveData<FlowState> f() {
        return this.b;
    }

    @NotNull
    public final FederatedLoginType g() {
        return this.e.i();
    }

    @Nullable
    public final byte[] h() {
        if (this.b.a() instanceof FlowState.Finished) {
            return this.e.j();
        }
        throw new IllegalStateException("Invalid state");
    }

    @NotNull
    public final String i() {
        return this.e.c();
    }

    @NotNull
    public final String j() {
        return this.e.d();
    }

    @NotNull
    public final String k() {
        return this.e.n();
    }

    @NotNull
    public final String l() {
        return g().g() != 3 ? p() : q();
    }

    @NotNull
    public final String m() {
        return this.a;
    }

    public final boolean n() {
        return this.e.i().h();
    }

    @Override // com.lastpass.lpandroid.domain.encryption.Purgeable
    public void purge() {
        this.e.d((byte[]) null);
        if (this.b.a() instanceof FlowState.Finished) {
            this.e.a((byte[]) null);
            this.e.b((byte[]) null);
            this.e.c((byte[]) null);
            this.e.a((KeyPair) null);
            this.e.a("");
            this.e.d("");
            this.e.c("");
            this.e.e("");
            this.e.b("");
            this.e.e((byte[]) null);
        }
    }
}
