package com.lastpass.lpandroid.domain.account.federated;

import android.text.TextUtils;
import android.util.Base64;
import androidx.compose.runtime.internal.StabilityInferred;
import com.lastpass.lpandroid.api.federated.AdfsApi;
import com.lastpass.lpandroid.api.federated.dto.AdfsAuthInfo;
import com.lastpass.lpandroid.api.federated.dto.AdfsLocalKeyPart;
import com.lastpass.lpandroid.app.Globals;
import com.lastpass.lpandroid.domain.LpLog;
import com.lastpass.lpandroid.domain.account.federated.FederatedLoginFlow;
import com.lastpass.lpandroid.domain.account.federated.exception.InvalidFederatedProviderException;
import com.lastpass.lpandroid.domain.account.federated.exception.InvalidFlowStateException;
import com.lastpass.lpandroid.model.account.AdfsSamlResponseParameters;
import com.lastpass.lpandroid.repository.account.RsaKeyRepository;
import com.lastpass.lpandroid.utils.security.CryptoUtils;
import java.security.KeyPair;
import javax.inject.Inject;
import kotlin.Metadata;
import kotlin.Unit;
import kotlin.jvm.functions.Function1;
import kotlin.jvm.functions.Function2;
import kotlin.jvm.internal.DefaultConstructorMarker;
import kotlin.jvm.internal.Intrinsics;
import kotlin.text.StringsKt__StringsJVMKt;
import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;
import retrofit2.Response;

@StabilityInferred
@Metadata
/* loaded from: classes2.dex */
public final class AdfsFederatedLoginFlow extends FederatedLoginFlow {

    /* renamed from: l, reason: collision with root package name */
    @NotNull
    private static final Companion f22175l = new Companion(null);

    /* renamed from: m, reason: collision with root package name */
    public static final int f22176m = 8;

    /* renamed from: j, reason: collision with root package name */
    @Inject
    public RsaKeyRepository f22177j;

    /* renamed from: k, reason: collision with root package name */
    @Inject
    public AdfsApi f22178k;

    @Metadata
    /* loaded from: classes2.dex */
    private static final class Companion {
        private Companion() {
        }

        public /* synthetic */ Companion(DefaultConstructorMarker defaultConstructorMarker) {
            this();
        }
    }

    private AdfsFederatedLoginFlow() {
        this("");
    }

    /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
    public AdfsFederatedLoginFlow(@NotNull String username) {
        super(username);
        Intrinsics.h(username, "username");
        Globals.a().O(this);
    }

    private final void D() {
        LpLog.d("TagLogin", "Generating ADFS public key");
        i().N(I().k());
        y();
    }

    private final void F() {
        LpLog.d("TagLogin", "ADFS: getting auth info");
        AdfsApi E = E();
        String c2 = i().j().c();
        if (c2 == null) {
            c2 = "";
        }
        E.a(c2);
        E().G(i().b(), new FederatedLoginFlow.FederatedApiCallback<AdfsAuthInfo>() { // from class: com.lastpass.lpandroid.domain.account.federated.AdfsFederatedLoginFlow$getAdfsAuthInfo$1
            /* JADX INFO: Access modifiers changed from: package-private */
            {
                super();
            }

            @Override // com.lastpass.lpandroid.domain.account.federated.FederatedLoginFlow.FederatedApiCallback, com.lastpass.lpandroid.api.lmiapi.LmiApiCallback
            /* renamed from: f, reason: merged with bridge method [inline-methods] */
            public void d(@Nullable AdfsAuthInfo adfsAuthInfo, @Nullable Response<AdfsAuthInfo> response) {
                AdfsFederatedLoginFlow adfsFederatedLoginFlow = AdfsFederatedLoginFlow.this;
                if (adfsAuthInfo == null) {
                    return;
                }
                adfsFederatedLoginFlow.K(adfsAuthInfo);
                super.d(adfsAuthInfo, response);
            }
        });
    }

    private final void G() {
        LpLog.d("TagLogin", "ADFS: getting local key part");
        AdfsApi E = E();
        String c2 = i().j().c();
        if (c2 == null) {
            c2 = "";
        }
        E.a(c2);
        E().p(r(), H(), i().a(), new FederatedLoginFlow.FederatedApiCallback<AdfsLocalKeyPart>() { // from class: com.lastpass.lpandroid.domain.account.federated.AdfsFederatedLoginFlow$getAdfsLocalKeyPart$1
            /* JADX INFO: Access modifiers changed from: package-private */
            {
                super();
            }

            @Override // com.lastpass.lpandroid.domain.account.federated.FederatedLoginFlow.FederatedApiCallback, com.lastpass.lpandroid.api.lmiapi.LmiApiCallback
            /* renamed from: f, reason: merged with bridge method [inline-methods] */
            public void d(@Nullable AdfsLocalKeyPart adfsLocalKeyPart, @Nullable Response<AdfsLocalKeyPart> response) {
                AdfsFederatedLoginFlow.this.i().C(Base64.decode(adfsLocalKeyPart != null ? adfsLocalKeyPart.a() : null, 0));
                if (AdfsFederatedLoginFlow.this.i().i() == null) {
                    throw new IllegalArgumentException("Emtpy local key");
                }
                super.d(adfsLocalKeyPart, response);
            }
        });
    }

    private final String H() {
        CryptoUtils cryptoUtils = CryptoUtils.f24891a;
        byte[] g = i().g();
        Intrinsics.e(g);
        byte[] h2 = i().h();
        Intrinsics.e(h2);
        String encodeToString = Base64.encodeToString(cryptoUtils.g(cryptoUtils.j(g, h2)), 2);
        Intrinsics.g(encodeToString, "encodeToString(flowData.…sha256(), Base64.NO_WRAP)");
        return encodeToString;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public final void K(AdfsAuthInfo adfsAuthInfo) {
        if (i().j().g() != 2) {
            i().A(Base64.decode(adfsAuthInfo.b(), 0));
            if (i().g() == null) {
                throw new IllegalArgumentException("Emtpy k1");
            }
        }
        i().B(Base64.decode(adfsAuthInfo.c(), 0));
        if (i().h() == null) {
            throw new IllegalArgumentException("Emtpy k2");
        }
        i().u(adfsAuthInfo.a());
        if (TextUtils.isEmpty(i().a())) {
            throw new IllegalArgumentException("Emtpy authSessionId");
        }
    }

    private final boolean L(AdfsSamlResponseParameters adfsSamlResponseParameters) {
        if (adfsSamlResponseParameters == null) {
            return false;
        }
        FederatedLoginFlowData i2 = i();
        RsaKeyRepository I = I();
        byte[] a2 = adfsSamlResponseParameters.a();
        KeyPair t = i().t();
        Intrinsics.e(t);
        i2.A(I.h(a2, t.getPrivate()));
        if (i().g() == null) {
            LpLog.E("TagLogin", "Failed to decrypt SAML k1");
            return false;
        }
        CryptoUtils cryptoUtils = CryptoUtils.f24891a;
        byte[] b2 = adfsSamlResponseParameters.b();
        byte[] g = i().g();
        Intrinsics.e(g);
        if (cryptoUtils.b(b2, cryptoUtils.g(g)) == 0) {
            return true;
        }
        LpLog.E("TagLogin", "Failed to verify k1 signature");
        i().A(null);
        return false;
    }

    private final void M() {
        LpLog.d("TagLogin", "Uploading ADFS public key");
        if (i().t() == null) {
            throw new IllegalStateException("Keypair null");
        }
        AdfsApi E = E();
        String c2 = i().j().c();
        if (c2 == null) {
            c2 = "";
        }
        E.a(c2);
        AdfsApi E2 = E();
        String r = r();
        KeyPair t = i().t();
        Intrinsics.e(t);
        String encodeToString = Base64.encodeToString(t.getPublic().getEncoded(), 2);
        Intrinsics.g(encodeToString, "encodeToString(flowData.….encoded, Base64.NO_WRAP)");
        E2.i(r, encodeToString, new FederatedLoginFlow.FederatedApiCallback());
    }

    protected void C() {
        LpLog.d("TagLogin", "Assembling master password from federated key elements");
        FederatedLoginFlowData i2 = i();
        CryptoUtils cryptoUtils = CryptoUtils.f24891a;
        byte[] g = i().g();
        Intrinsics.e(g);
        byte[] h2 = i().h();
        Intrinsics.e(h2);
        byte[] j2 = cryptoUtils.j(g, h2);
        byte[] i3 = i().i();
        Intrinsics.e(i3);
        i2.E(cryptoUtils.g(cryptoUtils.j(j2, i3)));
        x();
    }

    @NotNull
    public final AdfsApi E() {
        AdfsApi adfsApi = this.f22178k;
        if (adfsApi != null) {
            return adfsApi;
        }
        Intrinsics.z("adfsApi");
        return null;
    }

    @NotNull
    public final RsaKeyRepository I() {
        RsaKeyRepository rsaKeyRepository = this.f22177j;
        if (rsaKeyRepository != null) {
            return rsaKeyRepository;
        }
        Intrinsics.z("rsaKeyRepository");
        return null;
    }

    @Override // com.lastpass.lpandroid.domain.account.federated.FederatedLoginFlow
    @NotNull
    /* renamed from: J, reason: merged with bridge method [inline-methods] */
    public Void p(@Nullable String str, @NotNull Function2<? super String, ? super String, Unit> onSuccess, @NotNull Function1<? super FederatedLoginFlow.ErrorType, Unit> onError) {
        Intrinsics.h(onSuccess, "onSuccess");
        Intrinsics.h(onError, "onError");
        throw new IllegalStateException("Getting OpenID tokens is illegal in the ADFS flow.");
    }

    @Override // com.lastpass.lpandroid.domain.account.federated.FederatedLoginFlow
    @NotNull
    protected String b() {
        boolean o2;
        if ((j().f() instanceof FederatedLoginFlow.FlowState.Undefined) || (j().f() instanceof FederatedLoginFlow.FlowState.NotFederatedUser)) {
            throw new IllegalStateException("Invalid state");
        }
        StringBuilder sb = new StringBuilder();
        sb.append(i().j().c());
        String c2 = i().j().c();
        boolean z = false;
        if (c2 != null) {
            o2 = StringsKt__StringsJVMKt.o(c2, "/", false, 2, null);
            if (!o2) {
                z = true;
            }
        }
        if (z) {
            sb.append("/");
        }
        sb.append("auth/saml2/");
        String b2 = i().j().b();
        if (b2 == null) {
            b2 = "";
        }
        sb.append(b2);
        String sb2 = sb.toString();
        Intrinsics.g(sb2, "stringBuilder.toString()");
        return sb2;
    }

    @Override // com.lastpass.lpandroid.domain.account.federated.FederatedLoginFlow
    protected void s() {
        FederatedProvider a2 = FederatedLoginFlowFactoryKt.a(k());
        if (Intrinsics.c(a2, Adfs.f22174a)) {
            LpLog.d("TagLogin", "Init Federated login type: ADFS");
            j().p(new FederatedLoginFlow.FlowState.UserLogin());
        } else if (Intrinsics.c(a2, AdfsZeroKnowledge.f22201a)) {
            LpLog.d("TagLogin", "Init Federated login type: ADFS (ZeroKnowledge)");
            j().p(new FederatedLoginFlow.FlowState.ZeroKnowledgeGenerateKeys());
            D();
        } else {
            throw new InvalidFederatedProviderException("The " + FederatedLoginFlowFactoryKt.a(k()).getClass().getSimpleName() + " is invalid for an ADFS provider.");
        }
    }

    @Override // com.lastpass.lpandroid.domain.account.federated.FederatedLoginFlow
    protected void y() {
        LpLog.d("TagLogin", "Federated state " + j().f() + " completed");
        FederatedLoginFlow.FlowState f2 = j().f();
        if (f2 instanceof FederatedLoginFlow.FlowState.Undefined) {
            s();
        } else if (f2 instanceof FederatedLoginFlow.FlowState.ZeroKnowledgeGenerateKeys) {
            j().p(new FederatedLoginFlow.FlowState.ZeroKnowledgeUploadPublicKey());
            M();
        } else if (f2 instanceof FederatedLoginFlow.FlowState.ZeroKnowledgeUploadPublicKey) {
            j().p(new FederatedLoginFlow.FlowState.UserLogin());
        } else if (f2 instanceof FederatedLoginFlow.FlowState.UserLogin) {
            j().p(new FederatedLoginFlow.FlowState.AdfsAuthInfo());
            F();
        } else if (f2 instanceof FederatedLoginFlow.FlowState.AdfsAuthInfo) {
            j().p(new FederatedLoginFlow.FlowState.AdfsLocalKey());
            G();
        } else {
            if (!(f2 instanceof FederatedLoginFlow.FlowState.AdfsLocalKey)) {
                throw new InvalidFlowStateException("The " + j().f() + " state is invalid for the " + FederatedLoginFlowFactoryKt.a(k()).getClass().getSimpleName());
            }
            C();
            j().p(new FederatedLoginFlow.FlowState.Finished(true));
        }
        LpLog.d("TagLogin", "Enter Federated state: " + j().f());
    }

    @Override // com.lastpass.lpandroid.domain.account.federated.FederatedLoginFlow
    public void z(@NotNull UserLoginData userLoginData) {
        Intrinsics.h(userLoginData, "userLoginData");
        LpLog.d("TagLogin", "ADFS user login completed");
        if (!(j().f() instanceof FederatedLoginFlow.FlowState.UserLogin) && !(j().f() instanceof FederatedLoginFlow.FlowState.Finished)) {
            throw new IllegalStateException("Invalid state");
        }
        AdfsUserLoginData adfsUserLoginData = (AdfsUserLoginData) userLoginData;
        if (adfsUserLoginData.b().length() == 0) {
            w(FederatedLoginFlow.ErrorType.LoginFailed.f22220a, "Missing auth token");
            return;
        }
        i().v(adfsUserLoginData.b());
        if (i().j().g() != 2 || L(adfsUserLoginData.a())) {
            y();
        } else {
            w(FederatedLoginFlow.ErrorType.LoginFailed.f22220a, "Missing auth token");
        }
    }
}
