package com.google.identitytoolkit;

import com.google.common.annotations.VisibleForTesting;
import com.google.common.base.Optional;
import com.google.common.base.Preconditions;
import com.google.common.collect.ImmutableSet;
import com.google.common.collect.Lists;
import com.google.gson.JsonObject;
import com.google.identitytoolkit.GitkitUser;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.UnsupportedEncodingException;
import java.net.URLEncoder;
import java.nio.ByteBuffer;
import java.nio.charset.StandardCharsets;
import java.nio.file.Files;
import java.nio.file.Paths;
import java.security.SignatureException;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import java.util.logging.Logger;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import org.json.JSONArray;
import org.json.JSONException;
import org.json.JSONObject;

/* loaded from: input_file:com/google/identitytoolkit/GitkitClient.class */
public class GitkitClient {

    @VisibleForTesting
    static final String GITKIT_API_BASE = "https://www.googleapis.com/identitytoolkit/v3/relyingparty/";
    private static final Logger logger = Logger.getLogger(GitkitClient.class.getName());
    private final JsonTokenHelper tokenHelper;
    private final RpcHelper rpcHelper;
    private final String widgetUrl;
    private final String cookieName;

    /* loaded from: input_file:com/google/identitytoolkit/GitkitClient$Builder.class */
    public static class Builder {
        private String clientId;
        private String widgetUrl;
        private String serviceAccountEmail;
        private InputStream keyStream;
        private String serverApiKey;
        private HttpSender httpSender = new HttpSender();
        private String cookieName = "gtoken";

        public Builder setGoogleClientId(String str) {
            this.clientId = str;
            return this;
        }

        public Builder setWidgetUrl(String str) {
            this.widgetUrl = str;
            return this;
        }

        public Builder setKeyStream(InputStream inputStream) {
            this.keyStream = inputStream;
            return this;
        }

        public Builder setServiceAccountEmail(String str) {
            this.serviceAccountEmail = str;
            return this;
        }

        public Builder setCookieName(String str) {
            this.cookieName = str;
            return this;
        }

        public Builder setHttpSender(HttpSender httpSender) {
            this.httpSender = httpSender;
            return this;
        }

        public Builder setServerApiKey(String str) {
            this.serverApiKey = str;
            return this;
        }

        public GitkitClient build() {
            return new GitkitClient(this.clientId, this.serviceAccountEmail, this.keyStream, this.widgetUrl, this.cookieName, this.httpSender, this.serverApiKey);
        }
    }

    /* loaded from: input_file:com/google/identitytoolkit/GitkitClient$OobAction.class */
    public enum OobAction {
        RESET_PASSWORD,
        CHANGE_EMAIL
    }

    /* loaded from: input_file:com/google/identitytoolkit/GitkitClient$OobResponse.class */
    public class OobResponse {
        private static final String SUCCESS_RESPONSE = "{\"success\": true}";
        private static final String ERROR_PREFIX = "{\"error\": \"";
        private final String email;
        private final String newEmail;
        private final Optional<String> oobUrl;
        private final OobAction oobAction;
        private final String responseBody;
        private final String recipient;

        /* JADX WARN: Illegal instructions before constructor call */
        /*
            Code decompiled incorrectly, please refer to instructions dump.
            To view partially-correct add '--show-bad-code' argument
        */
        public OobResponse(com.google.identitytoolkit.GitkitClient r12, java.lang.String r13) {
            /*
                r11 = this;
                r0 = r11
                r1 = r12
                r2 = 0
                r3 = 0
                com.google.common.base.Optional r4 = com.google.common.base.Optional.absent()
                r5 = 0
                java.lang.String r6 = "{\"error\": \""
                java.lang.String r6 = java.lang.String.valueOf(r6)
                java.lang.String r6 = java.lang.String.valueOf(r6)
                r14 = r6
                r6 = r13
                java.lang.String r6 = java.lang.String.valueOf(r6)
                java.lang.String r6 = java.lang.String.valueOf(r6)
                r15 = r6
                java.lang.StringBuilder r6 = new java.lang.StringBuilder
                r7 = r6
                r8 = 3
                r9 = r14
                int r9 = r9.length()
                int r8 = r8 + r9
                r9 = r15
                int r9 = r9.length()
                int r8 = r8 + r9
                r7.<init>(r8)
                r7 = r14
                java.lang.StringBuilder r6 = r6.append(r7)
                r7 = r15
                java.lang.StringBuilder r6 = r6.append(r7)
                java.lang.String r7 = "\" }"
                java.lang.StringBuilder r6 = r6.append(r7)
                java.lang.String r6 = r6.toString()
                r0.<init>(r2, r3, r4, r5, r6)
                return
            */
            throw new UnsupportedOperationException("Method not decompiled: com.google.identitytoolkit.GitkitClient.OobResponse.<init>(com.google.identitytoolkit.GitkitClient, java.lang.String):void");
        }

        public OobResponse(GitkitClient gitkitClient, String str, String str2, String str3, OobAction oobAction) {
            this(str, str2, Optional.of(str3), oobAction, SUCCESS_RESPONSE);
        }

        public OobResponse(String str, String str2, Optional<String> optional, OobAction oobAction, String str3) {
            this.email = str;
            this.newEmail = str2;
            this.oobUrl = optional;
            this.oobAction = oobAction;
            this.responseBody = str3;
            this.recipient = str2 == null ? str : str2;
        }

        public Optional<String> getOobUrl() {
            return this.oobUrl;
        }

        public OobAction getOobAction() {
            return this.oobAction;
        }

        public String getResponseBody() {
            return this.responseBody;
        }

        public String getEmail() {
            return this.email;
        }

        public String getNewEmail() {
            return this.newEmail;
        }

        public String getRecipient() {
            return this.recipient;
        }
    }

    public GitkitClient(String str, String str2, InputStream inputStream, String str3, String str4, HttpSender httpSender, String str5) {
        this.rpcHelper = new RpcHelper(httpSender, GITKIT_API_BASE, str2, inputStream);
        this.tokenHelper = new JsonTokenHelper(str, this.rpcHelper, str5);
        this.widgetUrl = str3;
        this.cookieName = str4;
    }

    public static GitkitClient createFromJson(String str) throws JSONException, IOException {
        JSONObject jSONObject = new JSONObject(StandardCharsets.UTF_8.decode(ByteBuffer.wrap(Files.readAllBytes(Paths.get(str, new String[0])))).toString());
        return new Builder().setGoogleClientId(jSONObject.getString("clientId")).setServiceAccountEmail(jSONObject.getString("serviceAccountEmail")).setKeyStream(new FileInputStream(jSONObject.getString("serviceAccountPrivateKeyFile"))).setWidgetUrl(jSONObject.getString("widgetUrl")).setCookieName(jSONObject.getString("cookieName")).setServerApiKey(jSONObject.optString("serverApiKey", null)).build();
    }

    public GitkitUser validateToken(String str) throws GitkitClientException {
        if (str == null) {
            return null;
        }
        try {
            JsonObject payloadAsJsonObject = this.tokenHelper.verifyAndDeserialize(str).getPayloadAsJsonObject();
            return new GitkitUser().setLocalId(payloadAsJsonObject.get(JsonTokenHelper.ID_TOKEN_USER_ID).getAsString()).setEmail(payloadAsJsonObject.get(JsonTokenHelper.ID_TOKEN_EMAIL).getAsString()).setCurrentProvider(payloadAsJsonObject.has(JsonTokenHelper.ID_TOKEN_PROVIDER) ? payloadAsJsonObject.get(JsonTokenHelper.ID_TOKEN_PROVIDER).getAsString() : null);
        } catch (SignatureException e) {
            throw new GitkitClientException(e);
        }
    }

    public GitkitUser validateTokenInRequest(HttpServletRequest httpServletRequest) throws GitkitClientException {
        Cookie[] cookies = httpServletRequest.getCookies();
        if (this.cookieName == null || cookies == null) {
            return null;
        }
        for (Cookie cookie : cookies) {
            if (this.cookieName.equals(cookie.getName())) {
                return validateToken(cookie.getValue());
            }
        }
        return null;
    }

    public GitkitUser getUserByToken(String str) throws GitkitClientException, GitkitServerException {
        GitkitUser validateToken = validateToken(str);
        if (validateToken == null) {
            throw new GitkitClientException("invalid gitkit token");
        }
        try {
            return jsonToUser(this.rpcHelper.getAccountInfo(str).getJSONArray("users").getJSONObject(0)).setCurrentProvider(validateToken.getCurrentProvider());
        } catch (JSONException e) {
            throw new GitkitServerException(e);
        }
    }

    public GitkitUser getUserByEmail(String str) throws GitkitClientException, GitkitServerException {
        Preconditions.checkNotNull(str);
        try {
            return jsonToUser(this.rpcHelper.getAccountInfoByEmail(str).getJSONArray("users").getJSONObject(0));
        } catch (JSONException e) {
            throw new GitkitServerException(e);
        }
    }

    public GitkitUser getUserByLocalId(String str) throws GitkitClientException, GitkitServerException {
        Preconditions.checkNotNull(str);
        try {
            return jsonToUser(this.rpcHelper.getAccountInfoById(str).getJSONArray("users").getJSONObject(0));
        } catch (JSONException e) {
            throw new GitkitServerException(e);
        }
    }

    public Iterator<GitkitUser> getAllUsers() {
        return getAllUsers(null);
    }

    public Iterator<GitkitUser> getAllUsers(final Integer num) {
        return new DownloadIterator<GitkitUser>() { // from class: com.google.identitytoolkit.GitkitClient.1
            private String nextPageToken = null;

            @Override // com.google.identitytoolkit.DownloadIterator
            protected Iterator<GitkitUser> getNextResults() {
                try {
                    JSONObject downloadAccount = GitkitClient.this.rpcHelper.downloadAccount(this.nextPageToken, num);
                    this.nextPageToken = downloadAccount.has("nextPageToken") ? downloadAccount.getString("nextPageToken") : null;
                    if (downloadAccount.has("users")) {
                        return GitkitClient.this.jsonToList(downloadAccount.getJSONArray("users")).iterator();
                    }
                } catch (GitkitClientException e) {
                    GitkitClient.logger.warning(e.getMessage());
                } catch (GitkitServerException e2) {
                    GitkitClient.logger.warning(e2.getMessage());
                } catch (JSONException e3) {
                    GitkitClient.logger.warning(e3.getMessage());
                }
                return ImmutableSet.of().iterator();
            }
        };
    }

    public GitkitUser updateUser(GitkitUser gitkitUser) throws GitkitClientException, GitkitServerException {
        try {
            return jsonToUser(this.rpcHelper.updateAccount(gitkitUser));
        } catch (JSONException e) {
            throw new GitkitServerException(e);
        }
    }

    public void uploadUsers(String str, byte[] bArr, List<GitkitUser> list) throws GitkitServerException, GitkitClientException {
        this.rpcHelper.uploadAccount(str, bArr, list);
    }

    public void deleteUser(GitkitUser gitkitUser) throws GitkitServerException, GitkitClientException {
        deleteUser(gitkitUser.getLocalId());
    }

    public void deleteUser(String str) throws GitkitServerException, GitkitClientException {
        this.rpcHelper.deleteAccount(str);
    }

    public OobResponse getOobResponse(HttpServletRequest httpServletRequest) throws GitkitServerException {
        return getOobResponse(httpServletRequest, lookupCookie(httpServletRequest, this.cookieName));
    }

    public OobResponse getOobResponse(HttpServletRequest httpServletRequest, String str) throws GitkitServerException {
        try {
            String parameter = httpServletRequest.getParameter("action");
            if ("resetPassword".equals(parameter)) {
                return new OobResponse(this, httpServletRequest.getParameter(JsonTokenHelper.ID_TOKEN_EMAIL), null, buildOobLink(httpServletRequest, buildPasswordResetRequest(httpServletRequest), parameter), OobAction.RESET_PASSWORD);
            }
            if (!"changeEmail".equals(parameter)) {
                return new OobResponse(this, "unknown request");
            }
            if (str == null) {
                return new OobResponse(this, "login is required");
            }
            return new OobResponse(this, httpServletRequest.getParameter("oldEmail"), httpServletRequest.getParameter("newEmail"), buildOobLink(httpServletRequest, buildChangeEmailRequest(httpServletRequest, str), parameter), OobAction.CHANGE_EMAIL);
        } catch (GitkitClientException e) {
            return new OobResponse(this, e.getMessage());
        } catch (JSONException e2) {
            throw new GitkitServerException(e2);
        }
    }

    public static Builder newBuilder() {
        return new Builder();
    }

    private String lookupCookie(HttpServletRequest httpServletRequest, String str) {
        Cookie[] cookies = httpServletRequest.getCookies();
        if (cookies == null) {
            return null;
        }
        for (Cookie cookie : cookies) {
            if (str.equals(cookie.getName())) {
                return cookie.getValue();
            }
        }
        return null;
    }

    private String buildOobLink(HttpServletRequest httpServletRequest, JSONObject jSONObject, String str) throws GitkitClientException, GitkitServerException, JSONException {
        try {
            String string = this.rpcHelper.getOobCode(jSONObject).getString("oobCode");
            String valueOf = String.valueOf(String.valueOf(this.widgetUrl));
            String valueOf2 = String.valueOf(String.valueOf(str));
            String valueOf3 = String.valueOf(String.valueOf(URLEncoder.encode(string, "UTF-8")));
            return new StringBuilder(15 + valueOf.length() + valueOf2.length() + valueOf3.length()).append(valueOf).append("?mode=").append(valueOf2).append("&oobCode=").append(valueOf3).toString();
        } catch (UnsupportedEncodingException e) {
            throw new GitkitServerException(e);
        }
    }

    private JSONObject buildPasswordResetRequest(HttpServletRequest httpServletRequest) throws JSONException {
        return new JSONObject().put(JsonTokenHelper.ID_TOKEN_EMAIL, httpServletRequest.getParameter(JsonTokenHelper.ID_TOKEN_EMAIL)).put("userIp", httpServletRequest.getRemoteAddr()).put("challenge", httpServletRequest.getParameter("challenge")).put("captchaResp", httpServletRequest.getParameter("response")).put("requestType", "PASSWORD_RESET");
    }

    private JSONObject buildChangeEmailRequest(HttpServletRequest httpServletRequest, String str) throws JSONException {
        return new JSONObject().put(JsonTokenHelper.ID_TOKEN_EMAIL, httpServletRequest.getParameter("oldEmail")).put("userIp", httpServletRequest.getRemoteAddr()).put("newEmail", httpServletRequest.getParameter("newEmail")).put("idToken", str).put("requestType", "NEW_EMAIL_ACCEPT");
    }

    /* JADX INFO: Access modifiers changed from: private */
    public List<GitkitUser> jsonToList(JSONArray jSONArray) throws JSONException {
        LinkedList newLinkedList = Lists.newLinkedList();
        for (int i = 0; i < jSONArray.length(); i++) {
            newLinkedList.add(jsonToUser(jSONArray.getJSONObject(i)));
        }
        return newLinkedList;
    }

    private GitkitUser jsonToUser(JSONObject jSONObject) throws JSONException {
        GitkitUser providers = new GitkitUser().setLocalId(jSONObject.getString("localId")).setEmail(jSONObject.getString(JsonTokenHelper.ID_TOKEN_EMAIL)).setName(jSONObject.optString("displayName")).setPhotoUrl(jSONObject.optString("photoUrl")).setProviders(jSONObject.optJSONArray("providerUserInfo"));
        if (jSONObject.has("providerUserInfo")) {
            JSONArray jSONArray = jSONObject.getJSONArray("providerUserInfo");
            ArrayList arrayList = new ArrayList();
            for (int i = 0; i < jSONArray.length(); i++) {
                JSONObject jSONObject2 = jSONArray.getJSONObject(i);
                arrayList.add(new GitkitUser.ProviderInfo(jSONObject2.getString("providerId"), jSONObject2.getString("federatedId"), jSONObject2.optString("displayName"), jSONObject2.optString("photoUrl")));
            }
            providers.setProviders(arrayList);
        }
        return providers;
    }
}
