package com.auth0.android.authentication.storage;

import android.app.Activity;
import android.app.KeyguardManager;
import android.content.Context;
import android.content.Intent;
import android.os.Build;
import android.support.annotation.IntRange;
import android.support.annotation.NonNull;
import android.support.annotation.Nullable;
import android.support.annotation.RequiresApi;
import android.support.annotation.VisibleForTesting;
import android.text.TextUtils;
import android.util.Base64;
import android.util.Log;
import com.auth0.android.authentication.AuthenticationAPIClient;
import com.auth0.android.authentication.AuthenticationException;
import com.auth0.android.callback.AuthenticationCallback;
import com.auth0.android.callback.BaseCallback;
import com.auth0.android.request.internal.GsonProvider;
import com.auth0.android.result.Credentials;
import com.google.gson.Gson;

@RequiresApi(api = 21)
/* loaded from: classes.dex */
public class SecureCredentialsManager {

    /* renamed from: a, reason: collision with root package name */
    private static final String f1707a = "SecureCredentialsManager";
    private final AuthenticationAPIClient b;
    private final Storage c;
    private final a d;
    private final Gson e;
    private boolean f;
    private int g;
    private Activity h;
    private BaseCallback<Credentials, CredentialsManagerException> i;
    private Intent j;

    public SecureCredentialsManager(@NonNull Context context, @NonNull AuthenticationAPIClient authenticationAPIClient, @NonNull Storage storage) {
        this(authenticationAPIClient, storage, new a(context, storage, "com.auth0.key"));
    }

    @VisibleForTesting
    SecureCredentialsManager(@NonNull AuthenticationAPIClient authenticationAPIClient, @NonNull Storage storage, @NonNull a aVar) {
        this.g = -1;
        this.b = authenticationAPIClient;
        this.c = storage;
        this.d = aVar;
        this.e = GsonProvider.buildGson();
        this.f = false;
    }

    private void a(final BaseCallback<Credentials, CredentialsManagerException> baseCallback) {
        try {
            final Credentials credentials = (Credentials) this.e.fromJson(new String(this.d.c(Base64.decode(this.c.retrieveString("com.auth0.credentials"), 0))), Credentials.class);
            if ((TextUtils.isEmpty(credentials.getAccessToken()) && TextUtils.isEmpty(credentials.getIdToken())) || credentials.getExpiresAt() == null) {
                baseCallback.onFailure(new CredentialsManagerException("No Credentials were previously set."));
                this.i = null;
            } else if (credentials.getExpiresAt().getTime() > a()) {
                baseCallback.onSuccess(credentials);
                this.i = null;
            } else if (credentials.getRefreshToken() == null) {
                baseCallback.onFailure(new CredentialsManagerException("No Credentials were previously set."));
                this.i = null;
            } else {
                Log.d(f1707a, "Credentials have expired. Renewing them now...");
                this.b.renewAuth(credentials.getRefreshToken()).start(new AuthenticationCallback<Credentials>() { // from class: com.auth0.android.authentication.storage.SecureCredentialsManager.1
                    @Override // com.auth0.android.callback.Callback
                    /* renamed from: a, reason: merged with bridge method [inline-methods] */
                    public void onFailure(AuthenticationException authenticationException) {
                        baseCallback.onFailure(new CredentialsManagerException("An error occurred while trying to use the Refresh Token to renew the Credentials.", authenticationException));
                        SecureCredentialsManager.this.i = null;
                    }

                    @Override // com.auth0.android.callback.BaseCallback
                    /* renamed from: a, reason: merged with bridge method [inline-methods] */
                    public void onSuccess(Credentials credentials2) {
                        Credentials credentials3 = new Credentials(credentials2.getIdToken(), credentials2.getAccessToken(), credentials2.getType(), credentials.getRefreshToken(), credentials2.getExpiresAt(), credentials2.getScope());
                        SecureCredentialsManager.this.saveCredentials(credentials3);
                        baseCallback.onSuccess(credentials3);
                        SecureCredentialsManager.this.i = null;
                    }
                });
            }
        } catch (CryptoException e) {
            baseCallback.onFailure(new CredentialsManagerException("An error occurred while decrypting the existing credentials.", e));
        }
    }

    @VisibleForTesting
    long a() {
        return System.currentTimeMillis();
    }

    public boolean checkAuthenticationResult(int i, int i2) {
        if (i != this.g || this.i == null) {
            return false;
        }
        if (i2 == -1) {
            a(this.i);
            return true;
        }
        this.i.onFailure(new CredentialsManagerException("The user didn't pass the authentication challenge."));
        this.i = null;
        return true;
    }

    public void clearCredentials() {
        this.c.remove("com.auth0.credentials");
        this.c.remove("com.auth0.credentials_expires_at");
        this.c.remove("com.auth0.credentials_can_refresh");
        Log.d(f1707a, "Credentials were just removed from the storage");
    }

    public void getCredentials(@NonNull BaseCallback<Credentials, CredentialsManagerException> baseCallback) {
        if (!hasValidCredentials()) {
            baseCallback.onFailure(new CredentialsManagerException("No Credentials were previously set."));
        } else {
            if (!this.f) {
                a(baseCallback);
                return;
            }
            Log.d(f1707a, "Authentication is required to read the Credentials. Showing the LockScreen.");
            this.i = baseCallback;
            this.h.startActivityForResult(this.j, this.g);
        }
    }

    public boolean hasValidCredentials() {
        String retrieveString = this.c.retrieveString("com.auth0.credentials");
        Long retrieveLong = this.c.retrieveLong("com.auth0.credentials_expires_at");
        Boolean retrieveBoolean = this.c.retrieveBoolean("com.auth0.credentials_can_refresh");
        return (TextUtils.isEmpty(retrieveString) || retrieveLong == null || (retrieveLong.longValue() <= a() && (retrieveBoolean == null || !retrieveBoolean.booleanValue()))) ? false : true;
    }

    public boolean requireAuthentication(@NonNull Activity activity, @IntRange(from = 1, to = 255) int i, @Nullable String str, @Nullable String str2) {
        if (i < 1 || i > 255) {
            throw new IllegalArgumentException("Request code must a value between 1 and 255.");
        }
        KeyguardManager keyguardManager = (KeyguardManager) activity.getSystemService("keyguard");
        this.j = Build.VERSION.SDK_INT >= 21 ? keyguardManager.createConfirmDeviceCredentialIntent(str, str2) : null;
        this.f = ((Build.VERSION.SDK_INT >= 23 && keyguardManager.isDeviceSecure()) || (Build.VERSION.SDK_INT >= 21 && keyguardManager.isKeyguardSecure())) && this.j != null;
        if (this.f) {
            this.h = activity;
            this.g = i;
        }
        return this.f;
    }

    public void saveCredentials(@NonNull Credentials credentials) throws CredentialsManagerException {
        if ((TextUtils.isEmpty(credentials.getAccessToken()) && TextUtils.isEmpty(credentials.getIdToken())) || credentials.getExpiresAt() == null) {
            throw new CredentialsManagerException("Credentials must have a valid date of expiration and a valid access_token or id_token value.");
        }
        String json = this.e.toJson(credentials);
        long time = credentials.getExpiresAt().getTime();
        boolean z = !TextUtils.isEmpty(credentials.getRefreshToken());
        Log.e(f1707a, "Trying to encrypt the given data using the private key.");
        try {
            this.c.store("com.auth0.credentials", Base64.encodeToString(this.d.d(json.getBytes()), 0));
            this.c.store("com.auth0.credentials_expires_at", Long.valueOf(time));
            this.c.store("com.auth0.credentials_can_refresh", Boolean.valueOf(z));
        } catch (CryptoException e) {
            throw new CredentialsManagerException("An error occurred while encrypting the credentials.", e);
        }
    }
}
