package com.intuit.spc.authorization.handshake.internal.transactions.requestaccesstoken;

import com.facebook.AccessToken;
import com.intuit.spc.authorization.AuthorizationClient;
import com.intuit.spc.authorization.handshake.internal.BasicNameValuePair;
import com.intuit.spc.authorization.handshake.internal.Logger;
import com.intuit.spc.authorization.handshake.internal.URLEncodedUtils;
import com.intuit.spc.authorization.handshake.internal.exception.AuthorizationServerError;
import com.intuit.spc.authorization.handshake.internal.exception.AuthorizationServerException;
import com.intuit.spc.authorization.handshake.internal.exception.IntuitAuthorizationException;
import com.intuit.spc.authorization.handshake.internal.exception.NetworkCommunicationException;
import com.intuit.spc.authorization.handshake.internal.http.HttpClient;
import com.intuit.spc.authorization.handshake.internal.security.SecureDataException;
import com.intuit.spc.authorization.handshake.internal.security.SecureDataTransaction;
import com.intuit.spc.authorization.handshake.internal.transactions.BaseAuthorizationTransaction;
import com.intuit.spc.authorization.handshake.internal.transactions.ServerErrorResponse;
import com.intuit.turbotaxuniversal.convoui.ConvoUIConstants;
import java.io.UnsupportedEncodingException;
import java.net.MalformedURLException;
import java.net.URL;
import java.nio.charset.StandardCharsets;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Calendar;
import java.util.Collection;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Locale;
import java.util.TimeZone;
import kotlin.Unit;
import kotlin.jvm.functions.Function1;
import org.apache.commons.lang3.StringUtils;

/* loaded from: classes3.dex */
public class RequestAccessTokenTransaction extends BaseAuthorizationTransaction {
    private Long mAccessTokenExpirationOverride;
    private String mNamespaceId;
    private String mPassword;
    private boolean mPersistAccessTokenResponseData;
    private String mRealmId;
    private Long mRefreshTokenExpirationOverride;
    private RequestAccessTokenResponse mRequestAccessTokenResponse;
    private boolean mRestrictedMode;
    private Collection<String> mScopes;
    private String mUserContextRealmId;
    private String mUserName;
    private boolean mValidateResponseToken;

    public RequestAccessTokenTransaction(AuthorizationClient authorizationClient) {
        super(authorizationClient);
        this.mRestrictedMode = false;
        this.mPersistAccessTokenResponseData = true;
        this.mValidateResponseToken = true;
    }

    private void storeAccessTokenResponseData(final RequestAccessTokenResponse requestAccessTokenResponse) throws SecureDataException {
        final Long l = this.mAccessTokenExpirationOverride;
        final Long l2 = this.mRefreshTokenExpirationOverride;
        final boolean z = this.mRestrictedMode;
        getSecureData().transactionAsync(new Function1<SecureDataTransaction, Unit>() { // from class: com.intuit.spc.authorization.handshake.internal.transactions.requestaccesstoken.RequestAccessTokenTransaction.1
            @Override // kotlin.jvm.functions.Function1
            public Unit invoke(SecureDataTransaction secureDataTransaction) {
                secureDataTransaction.setAccessToken(requestAccessTokenResponse.getAccessToken());
                if (l != null) {
                    Logger.getInstance().logInfo("Overriding access token expiration: " + l);
                    requestAccessTokenResponse.setExpiresIn(l);
                }
                Calendar calendar = Calendar.getInstance(TimeZone.getTimeZone("UTC"), Locale.US);
                secureDataTransaction.setAccessTokenValidStartDateTime(calendar.getTime());
                Calendar calendar2 = (Calendar) calendar.clone();
                calendar2.add(13, requestAccessTokenResponse.getExpiresIn().intValue());
                secureDataTransaction.setAccessTokenValidEndDateTime(calendar2.getTime());
                secureDataTransaction.setAccessTokenRestricted(z);
                if (requestAccessTokenResponse.getRefreshToken() != null && requestAccessTokenResponse.getRefreshToken().length() > 0) {
                    secureDataTransaction.setRefreshToken(requestAccessTokenResponse.getRefreshToken());
                    if (l2 != null) {
                        Logger.getInstance().logInfo("Overriding refresh token expiration: " + l2);
                        requestAccessTokenResponse.setRefreshTokenExpiresIn(l2);
                    }
                    secureDataTransaction.setRefreshTokenValidStartDateTime(calendar.getTime());
                    Calendar calendar3 = (Calendar) calendar.clone();
                    calendar3.add(13, requestAccessTokenResponse.getRefreshTokenExpiresIn().intValue());
                    secureDataTransaction.setRefreshTokenValidEndDateTime(calendar3.getTime());
                }
                return Unit.INSTANCE;
            }
        });
    }

    private void validateRequestAccessTokenResponse(RequestAccessTokenResponse requestAccessTokenResponse) throws NetworkCommunicationException {
        if (requestAccessTokenResponse.getTokenType() == null || !requestAccessTokenResponse.getTokenType().equalsIgnoreCase("bearer")) {
            throw NetworkCommunicationException.createInvalidResponseValueException("token_type", requestAccessTokenResponse.getTokenType());
        }
        if (requestAccessTokenResponse.getAccessToken() == null || requestAccessTokenResponse.getAccessToken().length() <= 0) {
            throw NetworkCommunicationException.createMissingResponseValueException("access_token");
        }
        if (requestAccessTokenResponse.getExpiresIn() == null || requestAccessTokenResponse.getExpiresIn().longValue() <= 0) {
            throw NetworkCommunicationException.createMissingResponseValueException(AccessToken.EXPIRES_IN_KEY);
        }
        if (shouldValidateResponseToken()) {
            validateResponseToken(requestAccessTokenResponse);
        }
    }

    private void validateResponseToken(RequestAccessTokenResponse requestAccessTokenResponse) throws NetworkCommunicationException {
        if (requestAccessTokenResponse.getRefreshToken() != null && requestAccessTokenResponse.getRefreshToken().length() > 0) {
            if (requestAccessTokenResponse.getRefreshTokenExpiresIn() == null || requestAccessTokenResponse.getRefreshTokenExpiresIn().longValue() <= 0) {
                throw NetworkCommunicationException.createMissingResponseValueException("x_refresh_token_expires_in");
            }
        }
    }

    protected void addNamespaceContent(ArrayList<BasicNameValuePair> arrayList) {
        String namespaceId = getNamespaceId();
        if (namespaceId == null || namespaceId.length() <= 0) {
            return;
        }
        arrayList.add(new BasicNameValuePair("x_namespace_id", namespaceId));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void addRealmContent(ArrayList<BasicNameValuePair> arrayList) {
        String realmId = getRealmId();
        String userContextRealmId = getUserContextRealmId();
        if (realmId != null && realmId.length() > 0) {
            arrayList.add(new BasicNameValuePair("x_realm_id", realmId));
        }
        if (userContextRealmId == null || userContextRealmId.length() <= 0) {
            return;
        }
        arrayList.add(new BasicNameValuePair("x_user_context_realm_id", userContextRealmId));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void addScopeContent(ArrayList<BasicNameValuePair> arrayList) {
        Collection<String> scopes = getScopes();
        if (scopes == null || scopes.size() <= 0) {
            return;
        }
        StringBuilder sb = new StringBuilder();
        Iterator<String> it = scopes.iterator();
        while (it.hasNext()) {
            sb.append(it.next() + StringUtils.SPACE);
        }
        arrayList.add(new BasicNameValuePair("scope", sb.toString().trim()));
    }

    @Override // com.intuit.spc.authorization.handshake.internal.transactions.HttpTransaction
    public HttpClient.Request generateRequest(URL url) throws UnsupportedEncodingException, MalformedURLException {
        URL url2 = new URL(url.toString() + "oauth2/v1/tokens/bearer");
        HashMap hashMap = new HashMap();
        hashMap.put("Authorization", getClientBasicAuthorizationHeader());
        hashMap.put("Content-Type", "application/x-www-form-urlencoded;charset=UTF-8");
        ArrayList<BasicNameValuePair> arrayList = new ArrayList<>();
        if (getUserName() != null) {
            arrayList.add(new BasicNameValuePair("grant_type", "password"));
            arrayList.add(new BasicNameValuePair(ConvoUIConstants.GLANCE_USER_NAME_KEY, getUserName()));
            arrayList.add(new BasicNameValuePair("password", getPassword()));
        } else {
            arrayList.add(new BasicNameValuePair("grant_type", "client_credentials"));
        }
        addScopeContent(arrayList);
        addRealmContent(arrayList);
        addNamespaceContent(arrayList);
        return new HttpClient.Request("RequestAccessToken", url2, HttpClient.Request.Method.POST, hashMap, URLEncodedUtils.INSTANCE.format(arrayList).getBytes(StandardCharsets.UTF_8));
    }

    public Long getAccessTokenExpirationOverride() {
        return this.mAccessTokenExpirationOverride;
    }

    public String getNamespaceId() {
        return this.mNamespaceId;
    }

    public String getPassword() {
        return this.mPassword;
    }

    public String getRealmId() {
        return this.mRealmId;
    }

    public Long getRefreshTokenExpirationOverride() {
        return this.mRefreshTokenExpirationOverride;
    }

    public RequestAccessTokenResponse getRequestAccessTokenResponse() {
        return this.mRequestAccessTokenResponse;
    }

    public boolean getRestrictedMode() {
        return this.mRestrictedMode;
    }

    public Collection<String> getScopes() {
        return this.mScopes;
    }

    public String getUserContextRealmId() {
        return this.mUserContextRealmId;
    }

    public String getUserName() {
        return this.mUserName;
    }

    @Override // com.intuit.spc.authorization.handshake.internal.transactions.HttpTransaction
    public void handleResponse(HttpClient.Response response) throws IntuitAuthorizationException {
        if (response.getError() != null || response.getStatusCode() != 200) {
            try {
                super.handleResponseError(response);
                return;
            } catch (AuthorizationServerException e) {
                if (e.getServerError() != AuthorizationServerError.INVALID_GRANT) {
                    throw e;
                }
                if (e.getServerErrorReason() != null && "account_lockout".equalsIgnoreCase(e.getServerErrorReason())) {
                    throw AuthorizationServerException.createAuthorizationServerException(getAndroidContext(), new ServerErrorResponse(response.getContent()), AuthorizationServerError.INVALID_GRANT);
                }
                throw e;
            }
        }
        validateResponseContentTypeIsJsonUtf8(response.getHeaders());
        validateResponseContent(response.getHeaders(), response.getContent());
        try {
            RequestAccessTokenResponse requestAccessTokenResponse = new RequestAccessTokenResponse(response.getContent());
            validateRequestAccessTokenResponse(requestAccessTokenResponse);
            if (!shouldPersistAccessTokenResponseData()) {
                setRequestAccessTokenResponse(requestAccessTokenResponse);
                return;
            }
            storeAccessTokenResponseData(requestAccessTokenResponse);
            if (requestAccessTokenResponse.getScope() == null || requestAccessTokenResponse.getScope().length() <= 0) {
                this.mScopes = new ArrayList();
            } else {
                this.mScopes = new ArrayList(Arrays.asList(requestAccessTokenResponse.getScope().split(StringUtils.SPACE)));
            }
        } catch (Exception unused) {
            Logger.getInstance().logError(String.format("Unexpected response content received: '%s'.", response.getContentText()));
            throw NetworkCommunicationException.createUnexpectedContentException(getAndroidContext());
        }
    }

    public void setAccessTokenExpirationOverride(Long l) {
        this.mAccessTokenExpirationOverride = l;
    }

    public void setNamespaceId(String str) {
        this.mNamespaceId = str;
    }

    public void setPassword(String str) {
        this.mPassword = str;
    }

    public void setPersistAccessTokenResponseData(boolean z) {
        this.mPersistAccessTokenResponseData = z;
    }

    public void setRealmId(String str) {
        this.mRealmId = str;
    }

    public void setRefreshTokenExpirationOverride(Long l) {
        this.mRefreshTokenExpirationOverride = l;
    }

    public void setRequestAccessTokenResponse(RequestAccessTokenResponse requestAccessTokenResponse) {
        this.mRequestAccessTokenResponse = requestAccessTokenResponse;
    }

    public void setRestrictedMode(boolean z) {
        this.mRestrictedMode = z;
    }

    public void setScopes(Collection<String> collection) {
        this.mScopes = collection;
    }

    public void setUserContextRealmId(String str) {
        this.mUserContextRealmId = str;
    }

    public void setUserName(String str) {
        this.mUserName = str;
    }

    public void setValidateResponseToken(boolean z) {
    }

    public boolean shouldPersistAccessTokenResponseData() {
        return this.mPersistAccessTokenResponseData;
    }

    public boolean shouldValidateResponseToken() {
        return this.mValidateResponseToken;
    }
}
