package com.fitbit.httpcore.oauth;

import android.text.TextUtils;
import com.fitbit.httpcore.HttpHeaderConstants;
import com.fitbit.httpcore.exceptions.AuthenticationException;
import com.fitbit.httpcore.exceptions.RefreshTokenInvalidException;
import com.fitbit.httpcore.exceptions.ServerCommunicationException;
import com.fitbit.httpcore.exceptions.UserLockException;
import com.fitbit.httpcore.exceptions.UserLockState;
import defpackage.C16405hms;
import defpackage.hOt;
import j$.nio.charset.StandardCharsets;
import java.io.IOException;
import okhttp3.Authenticator;
import okhttp3.Request;
import okhttp3.RequestBody;
import okhttp3.Response;
import okhttp3.ResponseBody;
import okhttp3.Route;
import org.json.JSONException;
import org.json.JSONObject;

/* compiled from: PG */
/* loaded from: classes4.dex */
public class OAuthAuthenticator implements Authenticator {
    @Override // okhttp3.Authenticator
    public Request authenticate(Route route, Response response) throws IOException {
        hOt.c("Authenticating for response: %s", response);
        hOt.c("Authentication Challenges: %s", response.b());
        if (responseCount(response) >= 3) {
            hOt.c("Request failed 3 times already. Giving up. %s", response);
            return null;
        }
        Request request = response.a;
        Object a = request.a();
        OAuthClient oAuthClient = a instanceof OAuthSignatureInfo ? OAuthManager.getOAuthClient(((OAuthSignatureInfo) a).getClientName()) : OAuthManager.getDefaultClient();
        Request.Builder e = request.e();
        String c = request.c(HttpHeaderConstants.AUTHORIZATION);
        if (c != null && c.startsWith("Basic")) {
            if (isRefreshRequest(request)) {
                return null;
            }
            JSONObject responseJson = getResponseJson(response);
            if (responseJson != null && UserLockState.isUserLockState(responseJson) != null) {
                handleUserLockState(responseJson);
            }
            return oAuthClient.signRequest(e).a();
        }
        if (oAuthClient instanceof OAuth2Client) {
            OAuth2Client oAuth2Client = (OAuth2Client) oAuthClient;
            AuthInfo authInfo = oAuth2Client.getAuthInfo();
            if (authInfo == null) {
                OAuthManager.triggerResetAuthorizationCallback(new AuthenticationException());
                return null;
            }
            if (authInfo.getRefreshToken() == null) {
                return null;
            }
            OAuthFSCHelper fscHelper = oAuth2Client.getFscHelper();
            if (fscHelper != null) {
                try {
                    fscHelper.tokenExchangeStarted(OAuthFSCHelper.AUTHENTICATOR_VIEW, OAuthFSCHelper.REGULAR_REFRESH_ELEMENT);
                } catch (IOException e2) {
                    if (fscHelper != null) {
                        fscHelper.tokenExchangeFailed(OAuthFSCHelper.AUTHENTICATOR_VIEW, OAuthFSCHelper.REGULAR_REFRESH_ELEMENT, e2);
                    }
                    if (oAuth2Client.getAuthInfo() == null) {
                        OAuthManager.triggerResetAuthorizationCallback(new RefreshTokenInvalidException(e2));
                    }
                    hOt.g(e2, "Token refresh failed with an IOException", new Object[0]);
                }
            }
            AuthInfo refreshToken = authInfo.isTokenExpired() ? oAuth2Client.refreshToken() : oAuth2Client.refreshToken(authInfo);
            if (refreshToken != null && !refreshToken.isTokenExpired()) {
                Request.Builder signRequest = oAuthClient.signRequest(e);
                if (fscHelper != null) {
                    fscHelper.tokenExchangeSuccessful(OAuthFSCHelper.AUTHENTICATOR_VIEW, OAuthFSCHelper.REGULAR_REFRESH_ELEMENT);
                }
                return signRequest.a();
            }
            if (fscHelper != null) {
                ServerCommunicationException.Builder builder = new ServerCommunicationException.Builder();
                builder.exceptionMessage("Token refresh failed, the token was empty or expired");
                fscHelper.tokenExchangeFailed(OAuthFSCHelper.AUTHENTICATOR_VIEW, OAuthFSCHelper.REGULAR_REFRESH_ELEMENT, builder.build());
            }
            if (oAuth2Client.getAuthInfo() == null) {
                OAuthManager.triggerResetAuthorizationCallback(new AuthenticationException());
            }
            hOt.f("Token refresh failed, the token was empty or expired", new Object[0]);
        }
        return null;
    }

    public JSONObject getResponseJson(Response response) throws ServerCommunicationException {
        try {
            ResponseBody responseBody = response.g;
            if (responseBody == null) {
                throw new IOException("ResponseBody is null.");
            }
            String string = responseBody.string();
            if (TextUtils.isEmpty(string)) {
                throw new IOException("ResponseBody is empty.");
            }
            return new JSONObject(string);
        } catch (IOException | JSONException e) {
            hOt.g(e, "Bad server response.", new Object[0]);
            ServerCommunicationException.Builder builder = new ServerCommunicationException.Builder();
            builder.throwable(e);
            throw builder.build();
        }
    }

    public void handleUserLockState(JSONObject jSONObject) throws IOException {
        try {
            throw new UserLockException(jSONObject.getString(ResponseProcessor.MFA_USER_MESSAGE), jSONObject.getString("userMessageTitle"), UserLockState.fromString(jSONObject.optString("code")), jSONObject.has("resetPasswordToken") ? jSONObject.getString("resetPasswordToken") : null, jSONObject.has("timestamp") ? Long.valueOf(jSONObject.getLong("timestamp")) : null);
        } catch (JSONException e) {
            hOt.g(e, "Response for User Lock is malformed.", new Object[0]);
            ServerCommunicationException.Builder builder = new ServerCommunicationException.Builder();
            builder.throwable(e);
            throw builder.build();
        }
    }

    public boolean isRefreshRequest(Request request) {
        RequestBody requestBody = request.d;
        if (requestBody != null) {
            try {
                C16405hms c16405hms = new C16405hms();
                requestBody.writeTo(c16405hms);
                String r = c16405hms.r(StandardCharsets.UTF_8);
                if (!TextUtils.isEmpty(r)) {
                    for (String str : r.split("&")) {
                        if (TextUtils.equals(String.format("%s=%s", OAuthConstants.GRANT_TYPE, OAuthConstants.REFRESH_TOKEN), str)) {
                            return true;
                        }
                    }
                }
            } catch (IOException e) {
                hOt.g(e, "refresh token verification failed", new Object[0]);
            }
        }
        return false;
    }

    public int responseCount(Response response) {
        int i = 1;
        while (true) {
            response = response.j;
            if (response == null) {
                return i;
            }
            i++;
        }
    }
}
