package com.otpless.main;

import android.app.Activity;
import android.app.PendingIntent;
import android.content.Intent;
import android.content.IntentSender;
import android.util.Base64;
import com.google.android.gms.fido.Fido;
import com.google.android.gms.fido.common.Transport;
import com.google.android.gms.fido.fido2.Fido2ApiClient;
import com.google.android.gms.fido.fido2.api.common.Attachment;
import com.google.android.gms.fido.fido2.api.common.AttestationConveyancePreference;
import com.google.android.gms.fido.fido2.api.common.AuthenticatorAssertionResponse;
import com.google.android.gms.fido.fido2.api.common.AuthenticatorAttestationResponse;
import com.google.android.gms.fido.fido2.api.common.AuthenticatorErrorResponse;
import com.google.android.gms.fido.fido2.api.common.AuthenticatorSelectionCriteria;
import com.google.android.gms.fido.fido2.api.common.PublicKeyCredential;
import com.google.android.gms.fido.fido2.api.common.PublicKeyCredentialCreationOptions;
import com.google.android.gms.fido.fido2.api.common.PublicKeyCredentialDescriptor;
import com.google.android.gms.fido.fido2.api.common.PublicKeyCredentialParameters;
import com.google.android.gms.fido.fido2.api.common.PublicKeyCredentialRequestOptions;
import com.google.android.gms.fido.fido2.api.common.PublicKeyCredentialRpEntity;
import com.google.android.gms.fido.fido2.api.common.PublicKeyCredentialUserEntity;
import com.google.android.gms.fido.fido2.api.common.ResidentKeyRequirement;
import com.google.android.gms.fido.u2f.api.common.ClientData;
import com.google.android.gms.tasks.OnFailureListener;
import com.google.android.gms.tasks.OnSuccessListener;
import com.google.android.gms.tasks.Task;
import com.otpless.network.ApiCallback;
import com.otpless.utils.Utility;
import io.sentry.ProfilingTraceData;
import java.util.ArrayList;
import java.util.Objects;
import org.json.JSONArray;
import org.json.JSONException;
import org.json.JSONObject;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: classes4.dex */
public class OtplessWebAuthnManagerImpl implements OtplessWebAuthnManager {
    private static final int BASE64_FLAG = 11;
    private static final int WEBAUTHN_REGISTER_REQUEST_CODE = 9767357;
    private static final int WEBAUTHN_SIGNIN_REQUEST_CODE = 9767358;
    private final Activity activity;
    private ApiCallback<JSONObject> callback;
    private final Fido2ApiClient fidoApiClient;

    public OtplessWebAuthnManagerImpl(Activity activity) {
        this.fidoApiClient = Fido.getFido2ApiClient(activity);
        this.activity = activity;
    }

    private PublicKeyCredential convertIntentToPublicKeyCredential(Intent intent) throws Exception {
        if (intent == null) {
            throw new Exception("error intent data");
        }
        byte[] byteArrayExtra = intent.getByteArrayExtra(Fido.FIDO2_KEY_CREDENTIAL_EXTRA);
        if (byteArrayExtra == null) {
            throw new Exception("error byte array data");
        }
        PublicKeyCredential deserializeFromBytes = PublicKeyCredential.deserializeFromBytes(byteArrayExtra);
        if (!(deserializeFromBytes.getResponse() instanceof AuthenticatorErrorResponse)) {
            return deserializeFromBytes;
        }
        String obj = deserializeFromBytes.getResponse().toString();
        Utility.debugLog("public key credential register: " + obj);
        throw new Exception(obj);
    }

    private byte[] decodeBase64(String str) {
        return Base64.decode(str, 11);
    }

    private String encodeBase64(byte[] bArr) {
        return Base64.encodeToString(bArr, 11);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static /* synthetic */ void lambda$isPlatformAuthenticatorAvailable$4(ResultCallback resultCallback, Exception exc) {
        Utility.debugLog(exc);
        resultCallback.invoke(false);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static /* synthetic */ void lambda$register$1(ApiCallback apiCallback, Exception exc) {
        Utility.debugLog(exc);
        apiCallback.onError(exc);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static /* synthetic */ void lambda$signIn$3(ApiCallback apiCallback, Exception exc) {
        Utility.debugLog(exc);
        apiCallback.onError(exc);
    }

    private PublicKeyCredentialCreationOptions makePublicKeyCreationOption(JSONObject jSONObject) throws JSONException, Attachment.UnsupportedAttachmentException, ResidentKeyRequirement.UnsupportedResidentKeyRequirementException, Transport.UnsupportedTransportException, AttestationConveyancePreference.UnsupportedAttestationConveyancePreferenceException {
        PublicKeyCredentialCreationOptions.Builder builder = new PublicKeyCredentialCreationOptions.Builder();
        JSONObject jSONObject2 = jSONObject.getJSONObject("user");
        builder.setUser(new PublicKeyCredentialUserEntity(decodeBase64(jSONObject2.getString("id")), jSONObject2.getString("name"), "", jSONObject2.getString("displayName")));
        JSONObject jSONObject3 = jSONObject.getJSONObject("rp");
        builder.setRp(new PublicKeyCredentialRpEntity(jSONObject3.getString("id"), jSONObject3.getString("name"), null));
        builder.setChallenge(decodeBase64(jSONObject.getString(ClientData.KEY_CHALLENGE)));
        long optLong = jSONObject.optLong(ProfilingTraceData.TRUNCATION_REASON_TIMEOUT, 0L);
        if (optLong != 0) {
            builder.setTimeoutSeconds(Double.valueOf(optLong));
        }
        ArrayList arrayList = new ArrayList();
        JSONArray jSONArray = jSONObject.getJSONArray("pubKeyCredParams");
        for (int i = 0; i < jSONArray.length(); i++) {
            JSONObject jSONObject4 = jSONArray.getJSONObject(i);
            arrayList.add(new PublicKeyCredentialParameters(jSONObject4.getString("type"), jSONObject4.getInt("alg")));
        }
        builder.setParameters(arrayList);
        JSONObject optJSONObject = jSONObject.optJSONObject("authenticatorSelection");
        if (optJSONObject != null) {
            AuthenticatorSelectionCriteria.Builder builder2 = new AuthenticatorSelectionCriteria.Builder();
            builder2.setRequireResidentKey(Boolean.valueOf(optJSONObject.optBoolean("requireResidentKey", false)));
            String optString = optJSONObject.optString("residentKeyRequirement");
            if (!optString.isEmpty()) {
                builder2.setResidentKeyRequirement(ResidentKeyRequirement.fromString(optString));
            }
            if (!optJSONObject.optString("authenticatorAttachment").isEmpty()) {
                builder2.setAttachment(Attachment.fromString(optJSONObject.getString("authenticatorAttachment")));
            }
            builder.setAuthenticatorSelection(builder2.build());
        }
        JSONArray optJSONArray = jSONObject.optJSONArray("excludeCredentials");
        if (optJSONArray != null) {
            ArrayList arrayList2 = new ArrayList();
            for (int i2 = 0; i2 < optJSONArray.length(); i2++) {
                JSONObject jSONObject5 = optJSONArray.getJSONObject(i2);
                ArrayList arrayList3 = new ArrayList();
                JSONArray optJSONArray2 = jSONObject5.optJSONArray("transports");
                if (optJSONArray2 != null) {
                    int length = optJSONArray2.length();
                    for (int i3 = 0; i3 < length; i3++) {
                        arrayList3.add(Transport.fromString(optJSONArray2.getString(i3)));
                    }
                }
                arrayList2.add(new PublicKeyCredentialDescriptor(jSONObject5.getString("type"), decodeBase64(jSONObject5.getString("id")), arrayList3));
            }
            builder.setExcludeList(arrayList2);
        }
        String optString2 = jSONObject.optString("attestation", "");
        if (!optString2.isEmpty()) {
            builder.setAttestationConveyancePreference(AttestationConveyancePreference.fromString(optString2));
        }
        return builder.build();
    }

    private PublicKeyCredentialRequestOptions makePublicKeyRequestOption(JSONObject jSONObject) throws JSONException, Transport.UnsupportedTransportException {
        PublicKeyCredentialRequestOptions.Builder builder = new PublicKeyCredentialRequestOptions.Builder();
        builder.setChallenge(decodeBase64(jSONObject.getString(ClientData.KEY_CHALLENGE)));
        JSONArray optJSONArray = jSONObject.optJSONArray("allowCredentials");
        if (optJSONArray != null) {
            ArrayList arrayList = new ArrayList();
            int length = optJSONArray.length();
            for (int i = 0; i < length; i++) {
                JSONObject jSONObject2 = optJSONArray.getJSONObject(i);
                ArrayList arrayList2 = new ArrayList();
                JSONArray optJSONArray2 = jSONObject2.optJSONArray("transports");
                if (optJSONArray2 != null) {
                    int length2 = optJSONArray2.length();
                    for (int i2 = 0; i2 < length2; i2++) {
                        arrayList2.add(Transport.fromString(optJSONArray2.getString(i2)));
                    }
                }
                arrayList.add(new PublicKeyCredentialDescriptor(jSONObject2.getString("type"), decodeBase64(jSONObject2.getString("id")), arrayList2));
            }
            builder.setAllowList(arrayList);
        }
        builder.setRpId(jSONObject.getString("rpId"));
        long optLong = jSONObject.optLong(ProfilingTraceData.TRUNCATION_REASON_TIMEOUT, 0L);
        if (optLong != 0) {
            builder.setTimeoutSeconds(Double.valueOf(optLong));
        }
        return builder.build();
    }

    private JSONObject makeRegistrationCompleteJson(PublicKeyCredential publicKeyCredential) throws Exception {
        AuthenticatorAttestationResponse authenticatorAttestationResponse = (AuthenticatorAttestationResponse) publicKeyCredential.getResponse();
        JSONObject jSONObject = new JSONObject();
        jSONObject.put("clientDataJSON", encodeBase64(authenticatorAttestationResponse.getClientDataJSON()));
        jSONObject.put("attestationObject", encodeBase64(authenticatorAttestationResponse.getAttestationObject()));
        JSONObject jSONObject2 = new JSONObject();
        jSONObject2.put("id", publicKeyCredential.getId());
        jSONObject2.put("rawId", encodeBase64(publicKeyCredential.getRawId()));
        jSONObject2.put("type", publicKeyCredential.getType());
        jSONObject2.put("response", jSONObject);
        return jSONObject2;
    }

    private JSONObject makeSignInCompleteJson(PublicKeyCredential publicKeyCredential) throws Exception {
        AuthenticatorAssertionResponse authenticatorAssertionResponse = (AuthenticatorAssertionResponse) publicKeyCredential.getResponse();
        String encodeBase64 = authenticatorAssertionResponse.getUserHandle() != null ? encodeBase64(authenticatorAssertionResponse.getUserHandle()) : null;
        JSONObject jSONObject = new JSONObject();
        jSONObject.put("clientDataJSON", encodeBase64(authenticatorAssertionResponse.getClientDataJSON()));
        jSONObject.put("authenticatorData", encodeBase64(authenticatorAssertionResponse.getAuthenticatorData()));
        jSONObject.put("signature", encodeBase64(authenticatorAssertionResponse.getSignature()));
        if (encodeBase64 != null) {
            jSONObject.put("userHandle", encodeBase64);
        }
        JSONObject jSONObject2 = new JSONObject();
        jSONObject2.put("id", publicKeyCredential.getId());
        jSONObject2.put("rawId", encodeBase64(publicKeyCredential.getRawId()));
        jSONObject2.put("type", publicKeyCredential.getType());
        jSONObject2.put("response", jSONObject);
        return jSONObject2;
    }

    @Override // com.otpless.main.OtplessWebAuthnManager
    public void isPlatformAuthenticatorAvailable(final ResultCallback<Boolean, Void> resultCallback) {
        Task<Boolean> isUserVerifyingPlatformAuthenticatorAvailable = this.fidoApiClient.isUserVerifyingPlatformAuthenticatorAvailable();
        Objects.requireNonNull(resultCallback);
        isUserVerifyingPlatformAuthenticatorAvailable.addOnSuccessListener(new OnSuccessListener() { // from class: com.otpless.main.OtplessWebAuthnManagerImpl$$ExternalSyntheticLambda0
            @Override // com.google.android.gms.tasks.OnSuccessListener
            public final void onSuccess(Object obj) {
                ResultCallback.this.invoke((Boolean) obj);
            }
        }).addOnFailureListener(new OnFailureListener() { // from class: com.otpless.main.OtplessWebAuthnManagerImpl$$ExternalSyntheticLambda1
            @Override // com.google.android.gms.tasks.OnFailureListener
            public final void onFailure(Exception exc) {
                OtplessWebAuthnManagerImpl.lambda$isPlatformAuthenticatorAvailable$4(ResultCallback.this, exc);
            }
        });
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: lambda$register$0$com-otpless-main-OtplessWebAuthnManagerImpl, reason: not valid java name */
    public /* synthetic */ void m3173lambda$register$0$comotplessmainOtplessWebAuthnManagerImpl(ApiCallback apiCallback, PendingIntent pendingIntent) {
        try {
            this.activity.startIntentSenderForResult(pendingIntent.getIntentSender(), WEBAUTHN_REGISTER_REQUEST_CODE, null, 0, 0, 0);
        } catch (IntentSender.SendIntentException e) {
            Utility.debugLog(e);
            apiCallback.onError(e);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: lambda$signIn$2$com-otpless-main-OtplessWebAuthnManagerImpl, reason: not valid java name */
    public /* synthetic */ void m3174lambda$signIn$2$comotplessmainOtplessWebAuthnManagerImpl(ApiCallback apiCallback, PendingIntent pendingIntent) {
        try {
            this.activity.startIntentSenderForResult(pendingIntent.getIntentSender(), WEBAUTHN_SIGNIN_REQUEST_CODE, null, 0, 0, 0);
        } catch (IntentSender.SendIntentException e) {
            Utility.debugLog(e);
            apiCallback.onError(e);
        }
    }

    @Override // com.otpless.main.OtplessWebAuthnManager
    public boolean onActivityResult(int i, int i2, Intent intent) {
        switch (i) {
            case WEBAUTHN_REGISTER_REQUEST_CODE /* 9767357 */:
                if (i2 != -1) {
                    this.callback.onError(new Exception("User cancelled"));
                    return true;
                }
                try {
                    this.callback.onSuccess(makeRegistrationCompleteJson(convertIntentToPublicKeyCredential(intent)));
                } catch (Exception e) {
                    this.callback.onError(e);
                }
                return true;
            case WEBAUTHN_SIGNIN_REQUEST_CODE /* 9767358 */:
                if (i2 != -1) {
                    this.callback.onError(new Exception("User cancelled"));
                    return true;
                }
                try {
                    this.callback.onSuccess(makeSignInCompleteJson(convertIntentToPublicKeyCredential(intent)));
                } catch (Exception e2) {
                    this.callback.onError(e2);
                }
                return true;
            default:
                return false;
        }
    }

    @Override // com.otpless.main.OtplessWebAuthnManager
    public void register(JSONObject jSONObject, final ApiCallback<JSONObject> apiCallback) throws JSONException, Attachment.UnsupportedAttachmentException, ResidentKeyRequirement.UnsupportedResidentKeyRequirementException, Transport.UnsupportedTransportException, AttestationConveyancePreference.UnsupportedAttestationConveyancePreferenceException {
        this.callback = apiCallback;
        this.fidoApiClient.getRegisterPendingIntent(makePublicKeyCreationOption(jSONObject)).addOnSuccessListener(new OnSuccessListener() { // from class: com.otpless.main.OtplessWebAuthnManagerImpl$$ExternalSyntheticLambda4
            @Override // com.google.android.gms.tasks.OnSuccessListener
            public final void onSuccess(Object obj) {
                OtplessWebAuthnManagerImpl.this.m3173lambda$register$0$comotplessmainOtplessWebAuthnManagerImpl(apiCallback, (PendingIntent) obj);
            }
        }).addOnFailureListener(new OnFailureListener() { // from class: com.otpless.main.OtplessWebAuthnManagerImpl$$ExternalSyntheticLambda5
            @Override // com.google.android.gms.tasks.OnFailureListener
            public final void onFailure(Exception exc) {
                OtplessWebAuthnManagerImpl.lambda$register$1(ApiCallback.this, exc);
            }
        });
    }

    @Override // com.otpless.main.OtplessWebAuthnManager
    public void signIn(JSONObject jSONObject, final ApiCallback<JSONObject> apiCallback) throws JSONException, Transport.UnsupportedTransportException {
        this.callback = apiCallback;
        this.fidoApiClient.getSignPendingIntent(makePublicKeyRequestOption(jSONObject)).addOnSuccessListener(new OnSuccessListener() { // from class: com.otpless.main.OtplessWebAuthnManagerImpl$$ExternalSyntheticLambda2
            @Override // com.google.android.gms.tasks.OnSuccessListener
            public final void onSuccess(Object obj) {
                OtplessWebAuthnManagerImpl.this.m3174lambda$signIn$2$comotplessmainOtplessWebAuthnManagerImpl(apiCallback, (PendingIntent) obj);
            }
        }).addOnFailureListener(new OnFailureListener() { // from class: com.otpless.main.OtplessWebAuthnManagerImpl$$ExternalSyntheticLambda3
            @Override // com.google.android.gms.tasks.OnFailureListener
            public final void onFailure(Exception exc) {
                OtplessWebAuthnManagerImpl.lambda$signIn$3(ApiCallback.this, exc);
            }
        });
    }
}
