package com.imgur.mobile.engine.authentication;

import android.accounts.NetworkErrorException;
import android.content.ContentValues;
import android.content.SharedPreferences;
import android.database.sqlite.SQLiteConstraintException;
import android.net.Uri;
import android.text.TextUtils;
import android.util.Base64;
import android.widget.Toast;
import com.activeandroid.query.From;
import com.activeandroid.query.Select;
import com.facebook.login.LoginManager;
import com.imgur.mobile.ImgurApplication;
import com.imgur.mobile.R;
import com.imgur.mobile.common.ui.intentfilter.ImgurUrlRouter;
import com.imgur.mobile.common.web.EndpointConfig;
import com.imgur.mobile.engine.db.AccountModel;
import com.imgur.mobile.engine.db.PostModel;
import com.imgur.mobile.util.AccountUtils;
import com.imgur.mobile.util.AppboyHelper;
import com.imgur.mobile.util.CrashlyticsUtils;
import com.imgur.mobile.util.ImgurSharedPrefs;
import com.imgur.mobile.util.PerfMetrics;
import com.imgur.mobile.util.ResponseUtils;
import com.imgur.mobile.util.RxUtils;
import com.squareup.sqlbrite.BriteDatabase;
import java.io.IOException;
import java.security.MessageDigest;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.concurrent.atomic.AtomicInteger;
import javax.crypto.Cipher;
import javax.crypto.spec.SecretKeySpec;
import okhttp3.Request;
import retrofit2.Response;
import t.d;
import t.n.b;
import t.n.e;
import t.n.f;
import u.a.a;

/* loaded from: classes3.dex */
public class ImgurAuth {
    private static final String AUTH_BEARER_PREFIX = "Bearer ";
    public static final String AUTH_CLIENT_ID_PREFIX = "Client-ID ";
    public static final String FIRST_PARTY_ACCOUNT_IMGUR = "imgur";
    public static final String GRANT_TYPE_PASSWORD = "password";
    private static final String GRANT_TYPE_REFRESH = "refresh_token";
    public static final String HEADER_AUTHORIZATION = "Authorization";
    public static final String HEADER_HINT_CAN_SKIP_AUTH = "Dont-Use-Bearer-Token: true";
    public static final String HEADER_NAME_CAN_SKIP_AUTH = "Dont-Use-Bearer-Token";
    static final String PREF_CURRENT_LOGGED_IN_ACCOUNT_ID = "account_id";
    static final String PREF_CURRENT_LOGGED_IN_USER = "account_username";
    private static final String PREF_USER_HAS_EXPLICITLY_LOGGED_OUT = "com.imgur.mobile.PREF_USER_HAS_EXPLICITLY_LOGGED_OUT";
    public static final int REQUEST_CODE_LOGIN = 42000;
    public static final String RESPONSE_TYPE_TOKEN = "token";
    public static final String THIRD_PARTY_ACCOUNT_FACEBOOK = "facebook";
    public static final String THIRD_PARTY_ACCOUNT_GOOGLE = "google";
    public static final String THIRD_PARTY_ACCOUNT_TWITTER = "twitter";
    public static final String THIRD_PARTY_ACCOUNT_YAHOO = "yahoo";
    static final String USERDATA_THIRD_PARTY_TYPE = "com.imgur.mobile.engine.auth.USERDATA_THIRD_PARTY_TYPE";
    String accessToken;
    long accountId;
    private List<AuthListener> authListeners;
    RefreshAttemptTracker refreshTracker;
    boolean shouldRefreshAccessToken;
    String username;
    private static final ThreadLocal<Boolean> CURRENT_THREAD_REFRESHING_AUTH_TOKEN = new ThreadLocal<Boolean>() { // from class: com.imgur.mobile.engine.authentication.ImgurAuth.1
        /* JADX INFO: Access modifiers changed from: protected */
        /* JADX WARN: Can't rename method to resolve collision */
        @Override // java.lang.ThreadLocal
        public Boolean initialValue() {
            return Boolean.FALSE;
        }
    };
    private static final AtomicInteger NUM_THREADS_WAITING_FOR_AUTH_TOKEN = new AtomicInteger(0);

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes3.dex */
    public static class RefreshAttemptTracker {
        private static final String EVENT_REFRESH_TOKEN_EXPIRED = "Refresh Token Expired";
        int refreshAttempts;
        boolean refreshTokenExpired;

        private RefreshAttemptTracker() {
        }

        boolean isTokenExpired() {
            boolean z;
            synchronized (this) {
                z = this.refreshTokenExpired;
            }
            return z;
        }

        void onRefreshFailure(int i2) {
            synchronized (this) {
                if (!this.refreshTokenExpired) {
                    int i3 = this.refreshAttempts + 1;
                    this.refreshAttempts = i3;
                    if (i3 >= 3 || i2 == 400) {
                        this.refreshAttempts = 0;
                        this.refreshTokenExpired = true;
                        a.b("Token expired: Signing user out", new Object[0]);
                        PerfMetrics.logEvent(EVENT_REFRESH_TOKEN_EXPIRED, null);
                        AccountUtils.wipeDatabaseUserData();
                        d.defer(new e<d<Object>>() { // from class: com.imgur.mobile.engine.authentication.ImgurAuth.RefreshAttemptTracker.1
                            @Override // t.n.e
                            public d<Object> call() {
                                ImgurApplication.component().imgurAuth().logout();
                                Toast.makeText(ImgurApplication.getAppContext(), R.string.auth_refresh_token_expired, 1).show();
                                return d.just(null);
                            }
                        }).subscribeOn(t.l.c.a.b()).subscribe();
                    }
                }
            }
        }

        void resetRefreshCount() {
            synchronized (this) {
                this.refreshAttempts = 0;
                this.refreshTokenExpired = false;
            }
        }
    }

    public ImgurAuth(SharedPreferences sharedPreferences, BriteDatabase briteDatabase) {
        if (sharedPreferences.getBoolean("com.imgur.mobile.PREF_NEEDS_ACCOUNT_MANAGER_MIGRATION", true)) {
            d.defer(new AccountManagerMigrator(this, sharedPreferences, briteDatabase)).compose(RxUtils.applyDatabaseReadSchedulers()).subscribe(new b<Long>() { // from class: com.imgur.mobile.engine.authentication.ImgurAuth.2
                @Override // t.n.b
                public void call(Long l2) {
                    ImgurAuth.this.accountId = l2.longValue();
                }
            }, new b<Throwable>() { // from class: com.imgur.mobile.engine.authentication.ImgurAuth.3
                @Override // t.n.b
                public void call(Throwable th) {
                    a.b("Failed to migrate AccountManager accounts to Accounts DB table", new Object[0]);
                }
            });
            sharedPreferences.edit().putBoolean("com.imgur.mobile.PREF_NEEDS_ACCOUNT_MANAGER_MIGRATION", false).apply();
        }
        String username = getUsername();
        this.username = username;
        if (TextUtils.isEmpty(username)) {
            this.accountId = -1L;
        } else {
            this.accountId = sharedPreferences.getLong("account_id", -1L);
        }
        this.refreshTracker = new RefreshAttemptTracker();
    }

    private void cacheCurrentUser() {
        SharedPreferences.Editor edit = ImgurApplication.component().sharedPrefs().edit();
        edit.putString(PREF_CURRENT_LOGGED_IN_USER, this.username);
        edit.putLong("account_id", this.accountId);
        edit.apply();
    }

    private void cleanUpAfterLogout() {
        ImgurSharedPrefs.clearPrefsOnLogout();
        clearDatabaseAccountData();
        LoginManager.getInstance().logOut();
    }

    private void clearDatabaseAccountData() {
        BriteDatabase briteDatabase = ImgurApplication.component().briteDatabase();
        ContentValues contentValues = new ContentValues();
        contentValues.put("vote", (Integer) 0);
        contentValues.put(PostModel.IS_FAVORITE, Boolean.FALSE);
        briteDatabase.update("post", contentValues, null, new String[0]);
    }

    private String getAccessToken() {
        if (isLoggedIn()) {
            if (!TextUtils.isEmpty(this.accessToken)) {
                return this.accessToken;
            }
            From where = new Select().from(AccountModel.class).where("account_id=?", Long.valueOf(this.accountId));
            try {
                List list = (List) ImgurApplication.component().briteDatabase().createQuery(AccountModel.TABLE_NAME, where.toSql(), where.getArguments()).mapToList(AccountModel.getMapFunc()).toBlocking().b();
                if (list != null && list.size() > 0) {
                    String str = ((AccountModel) list.get(0)).accessToken;
                    this.accessToken = str;
                    return str;
                }
            } catch (Exception unused) {
                return null;
            }
        }
        return null;
    }

    private String getRefreshToken() {
        if (isLoggedIn()) {
            From where = new Select().from(AccountModel.class).where("account_id=?", Long.valueOf(this.accountId));
            try {
                List list = (List) ImgurApplication.component().briteDatabase().createQuery(AccountModel.TABLE_NAME, where.toSql(), where.getArguments()).mapToList(AccountModel.getMapFunc()).toBlocking().b();
                if (list != null && list.size() > 0) {
                    return decryptToken(((AccountModel) list.get(0)).refreshToken, ((AccountModel) list.get(0)).accountId);
                }
            } catch (Exception unused) {
            }
        }
        return null;
    }

    private boolean isAnyThreadRefreshingAuthToken() {
        return NUM_THREADS_WAITING_FOR_AUTH_TOKEN.get() > 0;
    }

    private boolean isCurrentThreadRefreshingAuthToken() {
        return Boolean.TRUE.equals(CURRENT_THREAD_REFRESHING_AUTH_TOKEN.get());
    }

    private void logRefreshTokenFailure(int i2, String str) {
        Map<String, Object> userInfoMap = CrashlyticsUtils.getUserInfoMap();
        userInfoMap.put("status_code", Integer.valueOf(i2));
        userInfoMap.put("response_body", str);
        try {
            userInfoMap.put("username_refresh_token_snippet", getUsername() + " - " + getRefreshToken().substring(0, 6));
        } catch (Exception e) {
            a.c(e, "Couldn't access refresh token from DB", new Object[0]);
        }
        ImgurApplication.component().events().logCustom(R.string.crashlytics_event_refresh_token_failure, userInfoMap);
    }

    private void setCurrentThreadRefreshingAuthToken(boolean z) {
        if (Boolean.valueOf(z).equals(CURRENT_THREAD_REFRESHING_AUTH_TOKEN.get())) {
            return;
        }
        CURRENT_THREAD_REFRESHING_AUTH_TOKEN.set(Boolean.valueOf(z));
        if (z) {
            NUM_THREADS_WAITING_FOR_AUTH_TOKEN.incrementAndGet();
        } else {
            NUM_THREADS_WAITING_FOR_AUTH_TOKEN.decrementAndGet();
        }
    }

    private void setUserHasLoggedOutFlag() {
        ImgurApplication.component().sharedPrefs().edit().putBoolean(PREF_USER_HAS_EXPLICITLY_LOGGED_OUT, true).apply();
    }

    private void setUsername(String str) {
        this.username = str;
        ImgurSharedPrefs.getDefaultPrefs().edit().putString(PREF_CURRENT_LOGGED_IN_USER, str).apply();
    }

    private void uncacheUser() {
        SharedPreferences.Editor edit = ImgurApplication.component().sharedPrefs().edit();
        edit.remove(PREF_CURRENT_LOGGED_IN_USER);
        edit.remove("account_id");
        edit.apply();
    }

    private void updateUserAccessToken(long j2, String str) {
        this.accessToken = str;
        ImgurApplication.component().briteDatabase().update(AccountModel.TABLE_NAME, new AccountModel.Builder().accountId(j2).accessToken(str).build(), "account_id=?", String.valueOf(j2));
    }

    public void addAuthListener(AuthListener authListener) {
        if (this.authListeners == null) {
            this.authListeners = new ArrayList();
        }
        this.authListeners.add(authListener);
    }

    public Request.Builder applyAuthorizationHeader(Request.Builder builder, String str, Uri uri) {
        if (ImgurUrlRouter.isImgurHost(uri)) {
            builder.removeHeader(HEADER_AUTHORIZATION);
            if (TextUtils.isEmpty(str)) {
                builder.addHeader(HEADER_AUTHORIZATION, AUTH_CLIENT_ID_PREFIX + EndpointConfig.getClientId());
            } else {
                builder.addHeader(HEADER_AUTHORIZATION, AUTH_BEARER_PREFIX + str);
            }
        }
        return builder;
    }

    String decryptToken(String str, long j2) {
        String valueOf = String.valueOf(j2);
        byte[] decode = Base64.decode(str, 2);
        try {
            SecretKeySpec secretKeySpec = new SecretKeySpec(Arrays.copyOfRange(MessageDigest.getInstance("SHA-1").digest(valueOf.getBytes("UTF-8")), 0, 16), "AES");
            Cipher cipher = Cipher.getInstance("AES");
            cipher.init(2, secretKeySpec);
            return new String(cipher.doFinal(decode), "UTF-8");
        } catch (Exception e) {
            ImgurApplication.component().crashlytics().logException(e);
            throw new RuntimeException(e);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String encryptToken(String str, long j2) {
        try {
            SecretKeySpec secretKeySpec = new SecretKeySpec(Arrays.copyOfRange(MessageDigest.getInstance("SHA-1").digest(String.valueOf(j2).getBytes("UTF-8")), 0, 16), "AES");
            Cipher cipher = Cipher.getInstance("AES");
            cipher.init(1, secretKeySpec);
            return Base64.encodeToString(cipher.doFinal(str.getBytes("UTF-8")), 2);
        } catch (Exception e) {
            ImgurApplication.component().crashlytics().logException(e);
            throw new RuntimeException(e);
        }
    }

    public long getAccountId() {
        return this.accountId;
    }

    public List<AuthListener> getAuthListener() {
        return this.authListeners;
    }

    public String getAuthTokenBlocking() {
        if (!isLoggedIn()) {
            return null;
        }
        synchronized (this) {
            if (isAnyThreadRefreshingAuthToken() && !isCurrentThreadRefreshingAuthToken()) {
                try {
                    wait();
                } catch (InterruptedException e) {
                    a.e(e, "Encountered an error while waiting", new Object[0]);
                }
                return getAccessToken();
            }
            if (!this.shouldRefreshAccessToken) {
                return getAccessToken();
            }
            setCurrentThreadRefreshingAuthToken(true);
            try {
                try {
                    OAuthResponse requestNewAccessToken = requestNewAccessToken(getRefreshToken());
                    if (requestNewAccessToken == null) {
                        setCurrentThreadRefreshingAuthToken(false);
                        this.shouldRefreshAccessToken = false;
                        synchronized (this) {
                            notifyAll();
                        }
                        return null;
                    }
                    updateUserAccessToken(this.accountId, requestNewAccessToken.getAccessToken());
                    this.refreshTracker.resetRefreshCount();
                    String accessToken = getAccessToken();
                    setCurrentThreadRefreshingAuthToken(false);
                    this.shouldRefreshAccessToken = false;
                    synchronized (this) {
                        notifyAll();
                    }
                    return accessToken;
                } catch (Throwable th) {
                    setCurrentThreadRefreshingAuthToken(false);
                    this.shouldRefreshAccessToken = false;
                    synchronized (this) {
                        notifyAll();
                        throw th;
                    }
                }
            } catch (NetworkErrorException e2) {
                a.e(e2, "Could not get auth token", new Object[0]);
                setCurrentThreadRefreshingAuthToken(false);
                this.shouldRefreshAccessToken = false;
                synchronized (this) {
                    notifyAll();
                    return null;
                }
            }
        }
    }

    public List<AccountModel> getImgurAccounts() {
        From from = new Select().from(AccountModel.class);
        return (List) ImgurApplication.component().briteDatabase().createQuery(AccountModel.TABLE_NAME, from.toSql(), from.getArguments()).mapToList(AccountModel.getMapFunc()).toBlocking().b();
    }

    public List<AccountModel> getLoggedInImgurAccount() {
        if (!isLoggedIn()) {
            return null;
        }
        From where = new Select().from(AccountModel.class).where("username=?", getUsername());
        return (List) ImgurApplication.component().briteDatabase().createQuery(AccountModel.TABLE_NAME, where.toSql(), where.getArguments()).mapToList(AccountModel.getMapFunc()).toBlocking().b();
    }

    public String getUsername() {
        return TextUtils.isEmpty(this.username) ? ImgurSharedPrefs.getDefaultPrefs().getString(PREF_CURRENT_LOGGED_IN_USER, null) : this.username;
    }

    public boolean hasUserExplicitlyLoggedOut() {
        return ImgurApplication.component().sharedPrefs().getBoolean(PREF_USER_HAS_EXPLICITLY_LOGGED_OUT, false);
    }

    public void invalidateAccessToken() {
        this.shouldRefreshAccessToken = true;
    }

    public boolean isLoggedIn() {
        return !TextUtils.isEmpty(getUsername());
    }

    public boolean isLoggedInUser(String str) {
        return isLoggedIn() && str != null && str.equals(getUsername());
    }

    public void logout() {
        ImgurApplication.getInstance();
        this.username = null;
        this.accountId = -1L;
        this.accessToken = null;
        cleanUpAfterLogout();
        uncacheUser();
        setUserHasLoggedOutFlag();
        if (this.authListeners != null) {
            maybeCreateAppAuthListener();
            Iterator<AuthListener> it = this.authListeners.iterator();
            while (it.hasNext()) {
                it.next().onLogout();
            }
        }
    }

    public void maybeCreateAppAuthListener() {
        Iterator<AuthListener> it = this.authListeners.iterator();
        while (it.hasNext()) {
            if (it.next() instanceof ImgurApplication) {
                return;
            }
        }
        this.authListeners.add(ImgurApplication.getInstance());
    }

    public String parseAuthToken(Request request) {
        String header = request.header(HEADER_AUTHORIZATION);
        if (TextUtils.isEmpty(header) || !header.startsWith(AUTH_BEARER_PREFIX)) {
            return null;
        }
        return header.substring(7);
    }

    public void removeAuthListener(AuthListener authListener) {
        List<AuthListener> list = this.authListeners;
        if (list == null) {
            return;
        }
        list.remove(authListener);
    }

    public OAuthResponse requestNewAccessToken(String str) throws NetworkErrorException {
        try {
            if (this.refreshTracker.isTokenExpired()) {
                throw new IOException("Failed to get new access token");
            }
            Response<OAuthResponse> execute = ImgurApplication.component().privateApi().refreshToken("refresh_token", RESPONSE_TYPE_TOKEN, str).execute();
            if (ResponseUtils.isSuccessWithBody(execute)) {
                return execute.body();
            }
            logRefreshTokenFailure(execute.code(), ResponseUtils.getResponseBodyText(execute));
            this.refreshTracker.onRefreshFailure(execute.code());
            throw new IOException("Failed to get new access token");
        } catch (IOException e) {
            a.c(e, "Could not request new access token", new Object[0]);
            ImgurApplication.component().crashlytics().logException(e);
            throw new NetworkErrorException(e);
        }
    }

    public void saveAccountAndLogIn(String str, long j2, String str2, String str3, String str4) {
        if (isLoggedIn()) {
            logout();
        }
        if (TextUtils.isEmpty(str4)) {
            str4 = "imgur";
        }
        BriteDatabase briteDatabase = ImgurApplication.component().briteDatabase();
        ContentValues build = new AccountModel.Builder().username(str).accountId(j2).accessToken(str2).refreshToken(encryptToken(str3, j2)).accountType(str4).build();
        try {
            briteDatabase.insert(AccountModel.TABLE_NAME, build);
        } catch (SQLiteConstraintException unused) {
            briteDatabase.update(AccountModel.TABLE_NAME, build, 5, null, new String[0]);
        }
        this.accountId = j2;
        setUsername(str);
        cacheCurrentUser();
        this.refreshTracker.resetRefreshCount();
        ImgurSharedPrefs.getDefaultPrefs().edit().remove(ImgurApplication.getAppContext().getString(R.string.pref_show_mature_key)).apply();
        if (this.authListeners != null) {
            maybeCreateAppAuthListener();
            Iterator<AuthListener> it = this.authListeners.iterator();
            while (it.hasNext()) {
                it.next().onLogin();
            }
        }
    }

    public d<String> startLoginAttempt(String str, String str2) {
        return d.defer(new AttemptLoginFunc(str, str2)).map(new f<OAuthResponse, String>() { // from class: com.imgur.mobile.engine.authentication.ImgurAuth.4
            @Override // t.n.f
            public String call(OAuthResponse oAuthResponse) {
                if (oAuthResponse == null) {
                    return "";
                }
                ImgurAuth.this.saveAccountAndLogIn(oAuthResponse.getAccountUsername(), oAuthResponse.getAccountId(), oAuthResponse.getAccessToken(), oAuthResponse.getRefreshToken(), null);
                return oAuthResponse.getAccountUsername();
            }
        }).compose(RxUtils.applyApiRequestSchedulers());
    }

    public void updateUsername(String str) {
        setUsername(str);
        ImgurApplication.component().briteDatabase().update(AccountModel.TABLE_NAME, new AccountModel.Builder().username(str).build(), "account_id=?", String.valueOf(this.accountId));
        AppboyHelper.updateUser(ImgurApplication.getAppContext(), str, this.accountId);
    }
}
