package com.lastpass.lpandroid.domain.account.federated;

import android.text.TextUtils;
import android.util.Base64;
import com.lastpass.lpandroid.api.federated.AdfsApi;
import com.lastpass.lpandroid.api.federated.dto.AdfsAuthInfo;
import com.lastpass.lpandroid.api.federated.dto.AdfsLocalKeyPart;
import com.lastpass.lpandroid.app.Globals;
import com.lastpass.lpandroid.domain.LpLog;
import com.lastpass.lpandroid.domain.account.federated.FederatedLoginFlow;
import com.lastpass.lpandroid.domain.account.federated.exception.InvalidFederatedProviderException;
import com.lastpass.lpandroid.domain.account.federated.exception.InvalidFlowStateException;
import com.lastpass.lpandroid.model.account.AdfsSamlResponseParameters;
import com.lastpass.lpandroid.repository.account.RsaKeyRepository;
import com.lastpass.lpandroid.utils.security.CryptoUtils;
import java.security.KeyPair;
import java.security.PublicKey;
import javax.inject.Inject;
import kotlin.Metadata;
import kotlin.Unit;
import kotlin.jvm.functions.Function1;
import kotlin.jvm.functions.Function2;
import kotlin.jvm.internal.DefaultConstructorMarker;
import kotlin.jvm.internal.Intrinsics;
import kotlin.text.StringsKt__StringsJVMKt;
import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;
import retrofit2.Response;

@Metadata
/* loaded from: classes2.dex */
public final class AdfsFederatedLoginFlow extends FederatedLoginFlow {

    @NotNull
    private static final Companion l = new Companion(null);

    @Inject
    public RsaKeyRepository j;

    @Inject
    public AdfsApi k;

    @Metadata
    /* loaded from: classes2.dex */
    private static final class Companion {
        private Companion() {
        }

        public /* synthetic */ Companion(DefaultConstructorMarker defaultConstructorMarker) {
            this();
        }
    }

    private AdfsFederatedLoginFlow() {
        this("");
    }

    /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
    public AdfsFederatedLoginFlow(@NotNull String username) {
        super(username);
        Intrinsics.e(username, "username");
        Globals.a().Z(this);
    }

    private final void C() {
        LpLog.d("TagLogin", "Generating ADFS public key");
        FederatedLoginFlowData h = h();
        RsaKeyRepository rsaKeyRepository = this.j;
        if (rsaKeyRepository == null) {
            Intrinsics.u("rsaKeyRepository");
        }
        h.N(rsaKeyRepository.k());
        x();
    }

    private final void D() {
        LpLog.d("TagLogin", "ADFS: getting auth info");
        AdfsApi adfsApi = this.k;
        if (adfsApi == null) {
            Intrinsics.u("adfsApi");
        }
        String c2 = h().j().c();
        if (c2 == null) {
            c2 = "";
        }
        adfsApi.a(c2);
        AdfsApi adfsApi2 = this.k;
        if (adfsApi2 == null) {
            Intrinsics.u("adfsApi");
        }
        adfsApi2.G(h().b(), new FederatedLoginFlow.FederatedApiCallback<AdfsAuthInfo>() { // from class: com.lastpass.lpandroid.domain.account.federated.AdfsFederatedLoginFlow$getAdfsAuthInfo$1
            /* JADX INFO: Access modifiers changed from: package-private */
            {
                super();
            }

            @Override // com.lastpass.lpandroid.domain.account.federated.FederatedLoginFlow.FederatedApiCallback, com.lastpass.lpandroid.api.lmiapi.LmiApiCallback
            /* renamed from: e, reason: merged with bridge method [inline-methods] */
            public void d(@Nullable AdfsAuthInfo adfsAuthInfo, @Nullable Response<AdfsAuthInfo> response) {
                AdfsFederatedLoginFlow adfsFederatedLoginFlow = AdfsFederatedLoginFlow.this;
                if (adfsAuthInfo != null) {
                    adfsFederatedLoginFlow.H(adfsAuthInfo);
                    super.d(adfsAuthInfo, response);
                }
            }
        });
    }

    private final void E() {
        LpLog.d("TagLogin", "ADFS: getting local key part");
        AdfsApi adfsApi = this.k;
        if (adfsApi == null) {
            Intrinsics.u("adfsApi");
        }
        String c2 = h().j().c();
        if (c2 == null) {
            c2 = "";
        }
        adfsApi.a(c2);
        AdfsApi adfsApi2 = this.k;
        if (adfsApi2 == null) {
            Intrinsics.u("adfsApi");
        }
        adfsApi2.p(q(), F(), h().a(), new FederatedLoginFlow.FederatedApiCallback<AdfsLocalKeyPart>() { // from class: com.lastpass.lpandroid.domain.account.federated.AdfsFederatedLoginFlow$getAdfsLocalKeyPart$1
            /* JADX INFO: Access modifiers changed from: package-private */
            {
                super();
            }

            @Override // com.lastpass.lpandroid.domain.account.federated.FederatedLoginFlow.FederatedApiCallback, com.lastpass.lpandroid.api.lmiapi.LmiApiCallback
            /* renamed from: e, reason: merged with bridge method [inline-methods] */
            public void d(@Nullable AdfsLocalKeyPart adfsLocalKeyPart, @Nullable Response<AdfsLocalKeyPart> response) {
                AdfsFederatedLoginFlow.this.h().C(Base64.decode(adfsLocalKeyPart != null ? adfsLocalKeyPart.a() : null, 0));
                if (AdfsFederatedLoginFlow.this.h().i() == null) {
                    throw new IllegalArgumentException("Emtpy local key");
                }
                super.d(adfsLocalKeyPart, response);
            }
        });
    }

    private final String F() {
        CryptoUtils cryptoUtils = CryptoUtils.f14513a;
        byte[] g = h().g();
        Intrinsics.c(g);
        byte[] h = h().h();
        Intrinsics.c(h);
        String encodeToString = Base64.encodeToString(cryptoUtils.f(cryptoUtils.h(g, h)), 2);
        Intrinsics.d(encodeToString, "Base64.encodeToString(fl…sha256(), Base64.NO_WRAP)");
        return encodeToString;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public final void H(AdfsAuthInfo adfsAuthInfo) {
        if (h().j().g() != 2) {
            h().A(Base64.decode(adfsAuthInfo.b(), 0));
            if (h().g() == null) {
                throw new IllegalArgumentException("Emtpy k1");
            }
        }
        h().B(Base64.decode(adfsAuthInfo.c(), 0));
        if (h().h() == null) {
            throw new IllegalArgumentException("Emtpy k2");
        }
        h().u(adfsAuthInfo.a());
        if (TextUtils.isEmpty(h().a())) {
            throw new IllegalArgumentException("Emtpy authSessionId");
        }
    }

    private final boolean I(AdfsSamlResponseParameters adfsSamlResponseParameters) {
        if (adfsSamlResponseParameters == null) {
            return false;
        }
        FederatedLoginFlowData h = h();
        RsaKeyRepository rsaKeyRepository = this.j;
        if (rsaKeyRepository == null) {
            Intrinsics.u("rsaKeyRepository");
        }
        byte[] a2 = adfsSamlResponseParameters.a();
        KeyPair t = h().t();
        Intrinsics.c(t);
        h.A(rsaKeyRepository.h(a2, t.getPrivate()));
        if (h().g() == null) {
            LpLog.E("TagLogin", "Failed to decrypt SAML k1");
            return false;
        }
        CryptoUtils cryptoUtils = CryptoUtils.f14513a;
        byte[] b2 = adfsSamlResponseParameters.b();
        byte[] g = h().g();
        Intrinsics.c(g);
        if (cryptoUtils.a(b2, cryptoUtils.f(g)) == 0) {
            return true;
        }
        LpLog.E("TagLogin", "Failed to verify k1 signature");
        h().A(null);
        return false;
    }

    private final void J() {
        LpLog.d("TagLogin", "Uploading ADFS public key");
        if (h().t() == null) {
            throw new IllegalStateException("Keypair null");
        }
        AdfsApi adfsApi = this.k;
        if (adfsApi == null) {
            Intrinsics.u("adfsApi");
        }
        String c2 = h().j().c();
        if (c2 == null) {
            c2 = "";
        }
        adfsApi.a(c2);
        AdfsApi adfsApi2 = this.k;
        if (adfsApi2 == null) {
            Intrinsics.u("adfsApi");
        }
        String q = q();
        KeyPair t = h().t();
        Intrinsics.c(t);
        PublicKey publicKey = t.getPublic();
        Intrinsics.d(publicKey, "flowData.zeroKnowledgeKeyPair!!.public");
        String encodeToString = Base64.encodeToString(publicKey.getEncoded(), 2);
        Intrinsics.d(encodeToString, "Base64.encodeToString(fl….encoded, Base64.NO_WRAP)");
        adfsApi2.i(q, encodeToString, new FederatedLoginFlow.FederatedApiCallback());
    }

    protected void B() {
        LpLog.d("TagLogin", "Assembling master password from federated key elements");
        FederatedLoginFlowData h = h();
        CryptoUtils cryptoUtils = CryptoUtils.f14513a;
        byte[] g = h().g();
        Intrinsics.c(g);
        byte[] h2 = h().h();
        Intrinsics.c(h2);
        byte[] h3 = cryptoUtils.h(g, h2);
        byte[] i = h().i();
        Intrinsics.c(i);
        h.E(cryptoUtils.f(cryptoUtils.h(h3, i)));
        w();
    }

    @Override // com.lastpass.lpandroid.domain.account.federated.FederatedLoginFlow
    @NotNull
    /* renamed from: G, reason: merged with bridge method [inline-methods] */
    public Void o(@Nullable String str, @NotNull Function2<? super String, ? super String, Unit> onSuccess, @NotNull Function1<? super FederatedLoginFlow.ErrorType, Unit> onError) {
        Intrinsics.e(onSuccess, "onSuccess");
        Intrinsics.e(onError, "onError");
        throw new IllegalStateException("Getting OpenID tokens is illegal in the ADFS flow.");
    }

    @Override // com.lastpass.lpandroid.domain.account.federated.FederatedLoginFlow
    @NotNull
    protected String b() {
        boolean n;
        if ((i().e() instanceof FederatedLoginFlow.FlowState.Undefined) || (i().e() instanceof FederatedLoginFlow.FlowState.NotFederatedUser)) {
            throw new IllegalStateException("Invalid state");
        }
        StringBuilder sb = new StringBuilder();
        sb.append(h().j().c());
        String c2 = h().j().c();
        if (c2 != null) {
            n = StringsKt__StringsJVMKt.n(c2, "/", false, 2, null);
            if (!n) {
                sb.append("/");
            }
        }
        sb.append("auth/saml2/");
        String b2 = h().j().b();
        if (b2 == null) {
            b2 = "";
        }
        sb.append(b2);
        String sb2 = sb.toString();
        Intrinsics.d(sb2, "stringBuilder.toString()");
        return sb2;
    }

    @Override // com.lastpass.lpandroid.domain.account.federated.FederatedLoginFlow
    protected void r() {
        FederatedProvider a2 = FederatedLoginFlowFactoryKt.a(j());
        if (Intrinsics.a(a2, Adfs.f12185a)) {
            LpLog.d("TagLogin", "Init Federated login type: ADFS");
            i().o(new FederatedLoginFlow.FlowState.UserLogin());
        } else if (Intrinsics.a(a2, AdfsZeroKnowledge.f12202a)) {
            LpLog.d("TagLogin", "Init Federated login type: ADFS (ZeroKnowledge)");
            i().o(new FederatedLoginFlow.FlowState.ZeroKnowledgeGenerateKeys());
            C();
        } else {
            throw new InvalidFederatedProviderException("The " + FederatedLoginFlowFactoryKt.a(j()).getClass().getSimpleName() + " is invalid for an ADFS provider.");
        }
    }

    @Override // com.lastpass.lpandroid.domain.account.federated.FederatedLoginFlow
    protected void x() {
        LpLog.d("TagLogin", "Federated state " + i().e() + " completed");
        FederatedLoginFlow.FlowState e = i().e();
        if (e instanceof FederatedLoginFlow.FlowState.Undefined) {
            r();
        } else if (e instanceof FederatedLoginFlow.FlowState.ZeroKnowledgeGenerateKeys) {
            i().o(new FederatedLoginFlow.FlowState.ZeroKnowledgeUploadPublicKey());
            J();
        } else if (e instanceof FederatedLoginFlow.FlowState.ZeroKnowledgeUploadPublicKey) {
            i().o(new FederatedLoginFlow.FlowState.UserLogin());
        } else if (e instanceof FederatedLoginFlow.FlowState.UserLogin) {
            i().o(new FederatedLoginFlow.FlowState.AdfsAuthInfo());
            D();
        } else if (e instanceof FederatedLoginFlow.FlowState.AdfsAuthInfo) {
            i().o(new FederatedLoginFlow.FlowState.AdfsLocalKey());
            E();
        } else {
            if (!(e instanceof FederatedLoginFlow.FlowState.AdfsLocalKey)) {
                throw new InvalidFlowStateException("The " + i().e() + " state is invalid for the " + FederatedLoginFlowFactoryKt.a(j()).getClass().getSimpleName());
            }
            B();
            i().o(new FederatedLoginFlow.FlowState.Finished(true));
        }
        LpLog.d("TagLogin", "Enter Federated state: " + i().e());
    }

    @Override // com.lastpass.lpandroid.domain.account.federated.FederatedLoginFlow
    public void y(@NotNull UserLoginData userLoginData) {
        Intrinsics.e(userLoginData, "userLoginData");
        LpLog.d("TagLogin", "ADFS user login completed");
        if (!(i().e() instanceof FederatedLoginFlow.FlowState.UserLogin) && !(i().e() instanceof FederatedLoginFlow.FlowState.Finished)) {
            throw new IllegalStateException("Invalid state");
        }
        AdfsUserLoginData adfsUserLoginData = (AdfsUserLoginData) userLoginData;
        if (adfsUserLoginData.b().length() == 0) {
            v(FederatedLoginFlow.ErrorType.LoginFailed.f12218a, "Missing auth token");
            return;
        }
        h().v(adfsUserLoginData.b());
        if (h().j().g() == 2 && !I(adfsUserLoginData.a())) {
            v(FederatedLoginFlow.ErrorType.LoginFailed.f12218a, "Missing auth token");
        } else {
            x();
        }
    }
}
