package at.asitplus.common.saml;

import androidx.work.PeriodicWorkRequest;
import at.asitplus.authclient.ProcessStrategy;
import at.asitplus.authclient.SamlCompletionStrategy;
import at.asitplus.authclient.SamlProcessStrategy;
import at.asitplus.common.ContextAdapter;
import at.asitplus.common.Error;
import at.asitplus.common.exception.general.AuthenticationException;
import at.asitplus.utils.KeyStoreService;
import at.asitplus.utils.SimpleCookieJar;
import at.asitplus.utils.constants.SamlConstants;
import com.nimbusds.jose.JWSObject;
import com.nimbusds.jwt.JWTClaimsSet;
import java.util.Date;
import java.util.HashMap;
import okhttp3.Cookie;
import okhttp3.Headers;
import okhttp3.HttpUrl;
import org.json.JSONException;
import org.json.JSONObject;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: classes.dex */
public class SamlJwtAuthnStrategy extends SamlProcessStrategy {
    public static final Logger g = LoggerFactory.getLogger((Class<?>) SamlJwtAuthnStrategy.class);
    public final KeyStoreService d;
    public final Error e;
    public final ContextAdapter f;

    /* loaded from: classes.dex */
    public interface SignChallengeCallback {
        void setCookieAndLoadUrl(HttpUrl httpUrl, Cookie cookie);
    }

    public SamlJwtAuthnStrategy(KeyStoreService keyStoreService, Error error, ContextAdapter contextAdapter, SamlCompletionStrategy samlCompletionStrategy) {
        super(samlCompletionStrategy);
        this.d = keyStoreService;
        this.e = error;
        this.f = contextAdapter;
    }

    public static /* synthetic */ void a(ProcessStrategy.Callback callback, HttpUrl httpUrl, Cookie cookie) {
        callback.setCookie(httpUrl, cookie);
        callback.resume(httpUrl.getUrl(), SamlConstants.METHOD_GET, new HashMap());
    }

    public final void a(Throwable th) {
        AuthenticationException build = AuthenticationException.build(th, this.f);
        g.error("error", (Throwable) build);
        this.e.error(build);
    }

    /* renamed from: b, reason: merged with bridge method [inline-methods] */
    public final void a(HttpUrl httpUrl, JSONObject jSONObject, final ProcessStrategy.Callback callback) {
        g.debug("startJwtAuth: {}", jSONObject.toString());
        try {
            signChallenge(jSONObject.getString("challenge"), httpUrl, this.f.getAppName(), new SignChallengeCallback() { // from class: at.asitplus.common.saml.-$$Lambda$By25dweX42f0P9HfHbp-QNcAwYE
                @Override // at.asitplus.common.saml.SamlJwtAuthnStrategy.SignChallengeCallback
                public final void setCookieAndLoadUrl(HttpUrl httpUrl2, Cookie cookie) {
                    SamlJwtAuthnStrategy.a(ProcessStrategy.Callback.this, httpUrl2, cookie);
                }
            });
        } catch (JSONException e) {
            a(e);
        }
    }

    @Override // at.asitplus.authclient.SamlProcessStrategy, at.asitplus.authclient.ProcessStrategy
    public void fillCookieJar(SimpleCookieJar simpleCookieJar) {
        simpleCookieJar.addCookie(String.format("%s=%s", SamlConstants.COOKIE_KEY_JWTIDP, SamlConstants.JWTIDP_VALUE_SEND_CHALLENGE));
    }

    @Override // at.asitplus.authclient.SamlProcessStrategy, at.asitplus.authclient.ProcessStrategy
    public boolean handleResponse(final HttpUrl httpUrl, String str, String str2, Headers headers, int i, final ProcessStrategy.Callback callback, Error error) throws Exception {
        g.debug("handleResponse: {}", str);
        if (str == null || str2 == null || !str2.trim().startsWith("{")) {
            return super.handleResponse(httpUrl, str, str2, headers, i, callback, error);
        }
        try {
            final JSONObject jSONObject = new JSONObject(str2);
            if (jSONObject.has("action") && jSONObject.getString("action").equals("challenge")) {
                new Thread(new Runnable() { // from class: at.asitplus.common.saml.-$$Lambda$SamlJwtAuthnStrategy$zXDBib5p_JGSVDUsJvfNmHXf48I
                    @Override // java.lang.Runnable
                    public final void run() {
                        SamlJwtAuthnStrategy.this.a(httpUrl, jSONObject, callback);
                    }
                }).start();
                return true;
            }
            return super.handleResponse(httpUrl, str, str2, headers, i, callback, error);
        } catch (JSONException unused) {
            return super.handleResponse(httpUrl, str, str2, headers, i, callback, error);
        }
    }

    public void signChallenge(String str, final HttpUrl httpUrl, String str2, final SignChallengeCallback signChallengeCallback) {
        g.debug("signChallenge: '{}', from '{}'", str, httpUrl);
        this.d.signJwsForSamlAuth(str2, new JWTClaimsSet.Builder().issuer("https://app.oesterreich.gv.at").issueTime(new Date()).claim("challenge", str).build(), new KeyStoreService.SignJwsCallback() { // from class: at.asitplus.common.saml.-$$Lambda$-17ydc5q3ufr8KUAz0GvaenPghc
            @Override // at.asitplus.utils.KeyStoreService.SignJwsCallback
            public final void success(JWSObject jWSObject) {
                signChallengeCallback.setCookieAndLoadUrl(r0, new Cookie.Builder().name(SamlConstants.COOKIE_KEY_JWTIDP).value(jWSObject.serialize()).domain(HttpUrl.this.host()).path("/").expiresAt(System.currentTimeMillis() + PeriodicWorkRequest.MIN_PERIODIC_FLEX_MILLIS).httpOnly().build());
            }
        }, new KeyStoreService.CallbackError() { // from class: at.asitplus.common.saml.-$$Lambda$ITiWkD0CGiszbIueSwUQ78plit8
            @Override // at.asitplus.utils.KeyStoreService.CallbackError
            public final void error(Throwable th) {
                SamlJwtAuthnStrategy.this.a(th);
            }
        });
    }
}
