package com.lnikkila.oidc;

import android.accounts.Account;
import android.accounts.AccountManager;
import android.accounts.AccountManagerCallback;
import android.accounts.AuthenticatorException;
import android.accounts.OperationCanceledException;
import android.app.Activity;
import android.content.Context;
import android.os.Build;
import android.os.Bundle;
import android.util.Log;
import com.google.api.client.auth.oauth2.TokenResponse;
import com.google.api.client.auth.openidconnect.IdTokenResponse;
import com.google.api.client.util.Preconditions;
import com.lnikkila.oidc.authenticator.Authenticator;
import com.lnikkila.oidc.security.AccountSensitiveDataStorageUtils;
import com.lnikkila.oidc.security.UserNotAuthenticatedWrapperException;
import java.io.IOException;

/* loaded from: classes2.dex */
public class OIDCAccountManager {
    private final Context context;
    private final AccountManager manager;
    private final AccountSensitiveDataStorageUtils secureStorage;
    private final String TAG = getClass().getSimpleName();
    Authenticator mAuthenticator = null;

    public OIDCAccountManager(Context context) {
        this.context = (Context) Preconditions.checkNotNull(context);
        this.manager = AccountManager.get(this.context);
        this.secureStorage = new AccountSensitiveDataStorageUtils(context);
    }

    private String getToken(Account account, String str, AccountManagerCallback<Bundle> accountManagerCallback) throws AuthenticatorException, UserNotAuthenticatedWrapperException, OperationCanceledException, IOException {
        return this.secureStorage.retrieveStringData(this.manager, account, str, accountManagerCallback);
    }

    private String getToken(String str, String str2, AccountManagerCallback<Bundle> accountManagerCallback) throws AuthenticatorException, UserNotAuthenticatedWrapperException, OperationCanceledException, IOException {
        return getToken(getAccountByName(str), str2, accountManagerCallback);
    }

    private void saveToken(Account account, String str, String str2) throws UserNotAuthenticatedWrapperException {
        this.secureStorage.storeStringData(this.manager, account, str, str2);
    }

    private void saveToken(String str, String str2, String str3) throws UserNotAuthenticatedWrapperException {
        saveToken(getAccountByName(str), str2, str3);
    }

    public void createAccount(Activity activity, AccountManagerCallback<Bundle> accountManagerCallback) {
        this.manager.addAccount(getAccountType(), Authenticator.TOKEN_TYPE_ID, null, null, activity, accountManagerCallback, null);
    }

    public String getAccessToken(Account account, AccountManagerCallback<Bundle> accountManagerCallback) throws AuthenticatorException, UserNotAuthenticatedWrapperException, OperationCanceledException, IOException {
        return getToken(account, Authenticator.TOKEN_TYPE_ACCESS, accountManagerCallback);
    }

    public String getAccessToken(String str, AccountManagerCallback<Bundle> accountManagerCallback) throws AuthenticatorException, UserNotAuthenticatedWrapperException, OperationCanceledException, IOException {
        return getToken(str, Authenticator.TOKEN_TYPE_ACCESS, accountManagerCallback);
    }

    public Account getAccountByName(String str) {
        if (str != null) {
            for (Account account : getAccounts()) {
                if (str.equals(account.name)) {
                    return account;
                }
            }
        }
        return null;
    }

    public AccountManager getAccountManager() {
        return this.manager;
    }

    public String getAccountType() {
        return this.context.getString(R.string.account_authenticator_type);
    }

    public Account[] getAccounts() {
        return this.manager.getAccountsByType(getAccountType());
    }

    public String getIdToken(String str, AccountManagerCallback<Bundle> accountManagerCallback) throws AuthenticatorException, UserNotAuthenticatedWrapperException, OperationCanceledException, IOException {
        return getToken(str, Authenticator.TOKEN_TYPE_ID, accountManagerCallback);
    }

    public String getRefreshToken(String str, AccountManagerCallback<Bundle> accountManagerCallback) throws AuthenticatorException, UserNotAuthenticatedWrapperException, OperationCanceledException, IOException {
        return getToken(str, Authenticator.TOKEN_TYPE_REFRESH, accountManagerCallback);
    }

    public void invalidateAccessToken(Account account) {
        if (account != null) {
            try {
                this.secureStorage.invalidateStringData(this.manager, account, getAccessToken(account, (AccountManagerCallback<Bundle>) null));
            } catch (AuthenticatorException | OperationCanceledException | UserNotAuthenticatedWrapperException | IOException e) {
                Log.w(this.TAG, String.format("Could not invalidate account %1$s AT", account.name), e);
            }
        }
    }

    public void invalidateAllAccountTokens(Account account) {
        if (account != null) {
            try {
                String idToken = getIdToken(account.name, null);
                String accessToken = getAccessToken(account.name, (AccountManagerCallback<Bundle>) null);
                String refreshToken = getRefreshToken(account.name, null);
                this.secureStorage.invalidateStringData(this.manager, account, idToken);
                this.secureStorage.invalidateStringData(this.manager, account, accessToken);
                this.secureStorage.invalidateStringData(this.manager, account, refreshToken);
            } catch (AuthenticatorException | OperationCanceledException | UserNotAuthenticatedWrapperException | IOException e) {
                Log.w(this.TAG, String.format("Could not invalidate account %1$s tokens", account.name), e);
            }
        }
    }

    public void invalidateAuthTokens(Account account) {
        if (account != null) {
            try {
                String idToken = getIdToken(account.name, null);
                String accessToken = getAccessToken(account.name, (AccountManagerCallback<Bundle>) null);
                this.secureStorage.invalidateStringData(this.manager, account, idToken);
                this.secureStorage.invalidateStringData(this.manager, account, accessToken);
            } catch (AuthenticatorException | OperationCanceledException | UserNotAuthenticatedWrapperException | IOException e) {
                Log.w(this.TAG, String.format("Could not invalidate account %1$s tokens", account.name), e);
            }
        }
    }

    public boolean isKeyPinRequired() {
        if (this.context != null) {
            return this.context.getResources().getBoolean(R.bool.oidc_encryptKeyAskPin);
        }
        return false;
    }

    public void refreshToken(Account account) throws Exception {
        String refreshToken = getRefreshToken(account.name, null);
        if (this.mAuthenticator != null) {
            this.mAuthenticator.refreshTokens2(account, refreshToken);
        }
    }

    public boolean removeAccount(Account account) {
        if (Build.VERSION.SDK_INT >= 22) {
            return this.manager.removeAccountExplicitly(account);
        }
        try {
            return this.manager.removeAccount(account, null, null).getResult().booleanValue();
        } catch (AuthenticatorException | OperationCanceledException | IOException e) {
            Log.w("LogoutTask", "Coudln't remove account using pre LOLIPOP remove call");
            return false;
        }
    }

    public boolean removeAccount(String str) {
        return removeAccount(getAccountByName(str));
    }

    public void saveTokens(Account account, TokenResponse tokenResponse) throws UserNotAuthenticatedWrapperException {
        if (tokenResponse instanceof IdTokenResponse) {
            saveToken(account, Authenticator.TOKEN_TYPE_ID, ((IdTokenResponse) tokenResponse).getIdToken());
        }
        saveToken(account, Authenticator.TOKEN_TYPE_ACCESS, tokenResponse.getAccessToken());
        saveToken(account, Authenticator.TOKEN_TYPE_REFRESH, tokenResponse.getRefreshToken());
    }

    public void saveTokens(String str, TokenResponse tokenResponse) throws UserNotAuthenticatedWrapperException {
        if (tokenResponse instanceof IdTokenResponse) {
            saveToken(str, Authenticator.TOKEN_TYPE_ID, ((IdTokenResponse) tokenResponse).getIdToken());
        }
        saveToken(str, Authenticator.TOKEN_TYPE_ACCESS, tokenResponse.getAccessToken());
        saveToken(str, Authenticator.TOKEN_TYPE_REFRESH, tokenResponse.getRefreshToken());
    }

    public void setAuthenticator(Authenticator authenticator) {
        this.mAuthenticator = authenticator;
    }
}
