package com.lastpass.lpandroid.domain.account.adfs;

import android.arch.lifecycle.MutableLiveData;
import android.text.TextUtils;
import android.util.Base64;
import com.auth0.android.jwt.DecodeException;
import com.auth0.android.jwt.JWT;
import com.google.gson.annotations.Expose;
import com.lastpass.lpandroid.api.adfs.AdfsApi;
import com.lastpass.lpandroid.api.adfs.OpenIdApi;
import com.lastpass.lpandroid.api.adfs.dto.AdfsAuthInfo;
import com.lastpass.lpandroid.api.adfs.dto.AdfsLocalKeyPart;
import com.lastpass.lpandroid.api.adfs.dto.AdfsLoginType;
import com.lastpass.lpandroid.api.adfs.dto.OpenIdConfigurationResponse;
import com.lastpass.lpandroid.api.adfs.dto.OpenIdK1Extension;
import com.lastpass.lpandroid.api.adfs.dto.OpenIdK1Response;
import com.lastpass.lpandroid.api.adfs.dto.OpenIdK2Response;
import com.lastpass.lpandroid.api.lmiapi.LmiApiCallback;
import com.lastpass.lpandroid.di.AppComponent;
import com.lastpass.lpandroid.domain.LpLog;
import com.lastpass.lpandroid.domain.Preferences;
import com.lastpass.lpandroid.domain.account.LastPassUserAccount;
import com.lastpass.lpandroid.domain.account.security.Authenticator;
import com.lastpass.lpandroid.domain.encryption.Purgeable;
import com.lastpass.lpandroid.model.account.AdfsSamlResponseParameters;
import com.lastpass.lpandroid.repository.account.RsaKeyRepository;
import com.lastpass.lpandroid.utils.FormattingExtensionsKt;
import com.lastpass.lpandroid.utils.security.CryptoUtils;
import com.lastpass.lpandroid.utils.security.KeyGenerator;
import java.net.URLEncoder;
import java.nio.charset.StandardCharsets;
import java.security.KeyPair;
import java.security.PublicKey;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import javax.inject.Inject;
import kotlin.Unit;
import kotlin.collections.CollectionsKt;
import kotlin.collections.CollectionsKt__IterablesKt;
import kotlin.jvm.internal.DefaultConstructorMarker;
import kotlin.jvm.internal.Intrinsics;
import kotlin.text.StringsKt__StringsJVMKt;
import kotlin.text.StringsKt__StringsKt;
import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;
import retrofit2.Response;

/* loaded from: classes2.dex */
public final class AdfsLoginFlow implements Purgeable {
    public static final Companion a = new Companion(null);

    @Expose
    @NotNull
    private final String b;

    @Expose
    @NotNull
    private final MutableLiveData<FlowState> c;

    @Expose
    @NotNull
    private final MutableLiveData<Unit> d;

    @Expose
    @NotNull
    private final MutableLiveData<AdfsError> e;

    @Expose
    private final AdfsLoginFlowData f;

    @Inject
    @NotNull
    public Preferences g;

    @Inject
    @NotNull
    public RsaKeyRepository h;

    @Inject
    @NotNull
    public Authenticator i;

    @Inject
    @NotNull
    public AdfsApi j;

    @Inject
    @NotNull
    public OpenIdApi k;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes2.dex */
    public class AdfsApiCallback<T> extends LmiApiCallback<T> {
        public AdfsApiCallback() {
        }

        @Override // com.lastpass.lpandroid.api.lmiapi.LmiApiCallback
        public void a(int i, @Nullable Throwable th, @Nullable Response<T> response) {
            AdfsLoginFlow$AdfsApiCallback$onError$1 adfsLoginFlow$AdfsApiCallback$onError$1 = AdfsLoginFlow$AdfsApiCallback$onError$1.b;
            LpLog.f("TagLogin", "ADFS api error " + i);
            AdfsLoginFlow.this.a(adfsLoginFlow$AdfsApiCallback$onError$1.a(i, th), th != null ? th.getMessage() : null);
        }

        @Override // com.lastpass.lpandroid.api.lmiapi.LmiApiCallback
        public void a(@Nullable T t, @Nullable Response<T> response) {
            AdfsLoginFlow.this.z();
        }
    }

    /* loaded from: classes2.dex */
    public static final class Companion {
        private Companion() {
        }

        public /* synthetic */ Companion(DefaultConstructorMarker defaultConstructorMarker) {
            this();
        }
    }

    /* loaded from: classes2.dex */
    public static abstract class ErrorType {

        /* loaded from: classes2.dex */
        public static final class ConnectionFailed extends ErrorType {
            public static final ConnectionFailed a = new ConnectionFailed();

            private ConnectionFailed() {
                super(null);
            }
        }

        /* loaded from: classes2.dex */
        public static final class DifferentUserLoggedIn extends ErrorType {

            @Expose
            @NotNull
            private final String a;

            /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
            public DifferentUserLoggedIn(@NotNull String foundUserName) {
                super(null);
                Intrinsics.b(foundUserName, "foundUserName");
                this.a = foundUserName;
            }

            public boolean equals(@Nullable Object obj) {
                if (this != obj) {
                    return (obj instanceof DifferentUserLoggedIn) && Intrinsics.a((Object) this.a, (Object) ((DifferentUserLoggedIn) obj).a);
                }
                return true;
            }

            public int hashCode() {
                String str = this.a;
                if (str != null) {
                    return str.hashCode();
                }
                return 0;
            }

            @NotNull
            public String toString() {
                return "DifferentUserLoggedIn(foundUserName=" + this.a + ")";
            }
        }

        /* loaded from: classes2.dex */
        public static final class GeneralFailure extends ErrorType {
            public static final GeneralFailure a = new GeneralFailure();

            private GeneralFailure() {
                super(null);
            }
        }

        /* loaded from: classes2.dex */
        public static final class LoginFailed extends ErrorType {
            public static final LoginFailed a = new LoginFailed();

            private LoginFailed() {
                super(null);
            }
        }

        private ErrorType() {
        }

        public /* synthetic */ ErrorType(DefaultConstructorMarker defaultConstructorMarker) {
            this();
        }
    }

    /* loaded from: classes2.dex */
    public static abstract class FlowState {

        /* loaded from: classes2.dex */
        public static final class AuthInfo extends FlowState {
            public AuthInfo() {
                super(null);
            }
        }

        /* loaded from: classes2.dex */
        public static final class Finished extends FlowState {

            @Expose
            private final boolean a;

            public Finished(boolean z) {
                super(null);
                this.a = z;
            }

            public final boolean a() {
                return this.a;
            }

            public boolean equals(@Nullable Object obj) {
                if (this != obj) {
                    if (obj instanceof Finished) {
                        if (this.a == ((Finished) obj).a) {
                        }
                    }
                    return false;
                }
                return true;
            }

            public int hashCode() {
                boolean z = this.a;
                if (z) {
                    return 1;
                }
                return z ? 1 : 0;
            }

            @NotNull
            public String toString() {
                return "Finished(success=" + this.a + ")";
            }
        }

        /* loaded from: classes2.dex */
        public static final class LocalKey extends FlowState {
            public LocalKey() {
                super(null);
            }
        }

        /* loaded from: classes2.dex */
        public static final class NotFederatedUser extends FlowState {
            public NotFederatedUser() {
                super(null);
            }
        }

        /* loaded from: classes2.dex */
        public static final class OpenIdK1 extends FlowState {
            public OpenIdK1() {
                super(null);
            }
        }

        /* loaded from: classes2.dex */
        public static final class OpenIdK2 extends FlowState {
            public OpenIdK2() {
                super(null);
            }
        }

        /* loaded from: classes2.dex */
        public static final class RetrieveOpenIdConfig extends FlowState {
            public RetrieveOpenIdConfig() {
                super(null);
            }
        }

        /* loaded from: classes2.dex */
        public static final class Undefined extends FlowState {
            public Undefined() {
                super(null);
            }
        }

        /* loaded from: classes2.dex */
        public static final class UserLogin extends FlowState {
            public UserLogin() {
                super(null);
            }
        }

        /* loaded from: classes2.dex */
        public static final class ZeroKnowledgeGenerateKeys extends FlowState {
            public ZeroKnowledgeGenerateKeys() {
                super(null);
            }
        }

        /* loaded from: classes2.dex */
        public static final class ZeroKnowledgeUploadPublicKey extends FlowState {
            public ZeroKnowledgeUploadPublicKey() {
                super(null);
            }
        }

        private FlowState() {
        }

        public /* synthetic */ FlowState(DefaultConstructorMarker defaultConstructorMarker) {
            this();
        }
    }

    private AdfsLoginFlow() {
        this("");
    }

    public AdfsLoginFlow(@NotNull String username) {
        Intrinsics.b(username, "username");
        int length = username.length() - 1;
        int i = 0;
        boolean z = false;
        while (i <= length) {
            boolean z2 = username.charAt(!z ? i : length) <= ' ';
            if (z) {
                if (!z2) {
                    break;
                } else {
                    length--;
                }
            } else if (z2) {
                i++;
            } else {
                z = true;
            }
        }
        this.b = username.subSequence(i, length + 1).toString();
        this.c = new MutableLiveData<>();
        this.d = new MutableLiveData<>();
        this.e = new MutableLiveData<>();
        this.f = new AdfsLoginFlowData(null, null, null, null, null, null, null, null, null, null, null, null, null, null, null, 32767, null);
        this.c.setValue(new FlowState.Undefined());
        AppComponent.a().a(this);
        AppComponent a2 = AppComponent.a();
        Intrinsics.a((Object) a2, "AppComponent.get()");
        a2.G().a(this);
    }

    private final void A() {
        String d = this.f.i().d();
        if (d == null || d.length() == 0) {
            LpLog.f("TagLogin", "Empty connect authority");
            a();
            return;
        }
        OpenIdApi openIdApi = this.k;
        if (openIdApi == null) {
            Intrinsics.c("openIdApi");
            throw null;
        }
        String d2 = this.f.i().d();
        if (d2 != null) {
            openIdApi.d(d2, new AdfsApiCallback<OpenIdConfigurationResponse>() { // from class: com.lastpass.lpandroid.domain.account.adfs.AdfsLoginFlow$retrieveOpenIdConfiguration$1
                /* JADX INFO: Access modifiers changed from: package-private */
                {
                    super();
                }

                public void a(@Nullable OpenIdConfigurationResponse openIdConfigurationResponse, @Nullable Response<OpenIdConfigurationResponse> response) {
                    AdfsLoginFlowData adfsLoginFlowData;
                    String str;
                    AdfsLoginFlowData adfsLoginFlowData2;
                    String b;
                    String a2 = openIdConfigurationResponse != null ? openIdConfigurationResponse.a() : null;
                    if (a2 == null || a2.length() == 0) {
                        throw new IllegalStateException("Failed to retrieve openid authority url");
                    }
                    adfsLoginFlowData = AdfsLoginFlow.this.f;
                    String str2 = "";
                    if (openIdConfigurationResponse == null || (str = openIdConfigurationResponse.a()) == null) {
                        str = "";
                    }
                    adfsLoginFlowData.f(str);
                    adfsLoginFlowData2 = AdfsLoginFlow.this.f;
                    if (openIdConfigurationResponse != null && (b = openIdConfigurationResponse.b()) != null) {
                        str2 = b;
                    }
                    adfsLoginFlowData2.g(str2);
                    super.a((AdfsLoginFlow$retrieveOpenIdConfiguration$1) openIdConfigurationResponse, (Response<AdfsLoginFlow$retrieveOpenIdConfiguration$1>) response);
                }

                @Override // com.lastpass.lpandroid.domain.account.adfs.AdfsLoginFlow.AdfsApiCallback, com.lastpass.lpandroid.api.lmiapi.LmiApiCallback
                public /* bridge */ /* synthetic */ void a(Object obj, Response response) {
                    a((OpenIdConfigurationResponse) obj, (Response<OpenIdConfigurationResponse>) response);
                }
            });
        } else {
            Intrinsics.a();
            throw null;
        }
    }

    private final void B() {
        LpLog.a("TagLogin", "Uploading ADFS public key");
        if (this.f.o() == null) {
            throw new IllegalStateException("Keypair null");
        }
        AdfsApi adfsApi = this.j;
        if (adfsApi == null) {
            Intrinsics.c("adfsApi");
            throw null;
        }
        String c = this.f.i().c();
        if (c == null) {
            c = "";
        }
        adfsApi.a(c);
        AdfsApi adfsApi2 = this.j;
        if (adfsApi2 == null) {
            Intrinsics.c("adfsApi");
            throw null;
        }
        String str = this.b;
        KeyPair o = this.f.o();
        if (o == null) {
            Intrinsics.a();
            throw null;
        }
        PublicKey publicKey = o.getPublic();
        Intrinsics.a((Object) publicKey, "flowData.zeroKnowledgeKeyPair!!.public");
        String encodeToString = Base64.encodeToString(publicKey.getEncoded(), 2);
        Intrinsics.a((Object) encodeToString, "Base64.encodeToString(fl….encoded, Base64.NO_WRAP)");
        adfsApi2.a(str, encodeToString, new AdfsApiCallback());
    }

    /* JADX INFO: Access modifiers changed from: private */
    public final boolean C() {
        return !(this.f.d().length() == 0) && Intrinsics.a((Object) this.f.d(), (Object) this.f.c());
    }

    private final ErrorType D() {
        String a2;
        boolean c;
        boolean c2;
        boolean a3;
        try {
            JWT jwt = new JWT(this.f.e());
            if (jwt.a(10L)) {
                LpLog.f("TagLogin", "JWT expired");
                return ErrorType.LoginFailed.a;
            }
            if (!Intrinsics.a((Object) (jwt.d() != null ? FormattingExtensionsKt.b(r4) : null), (Object) FormattingExtensionsKt.b(this.f.m()))) {
                LpLog.f("TagLogin", "Invalid issuer");
                return ErrorType.LoginFailed.a;
            }
            List<String> a4 = jwt.a();
            if (a4 != null && a4.contains(g().e())) {
                List<String> a5 = jwt.a();
                if ((a5 != null ? a5.size() : 0) > 1 && jwt.b().containsKey("azp")) {
                    LpLog.f("TagLogin", "Missing azp");
                    return ErrorType.LoginFailed.a;
                }
                if (jwt.b().containsKey("azp")) {
                    String a6 = jwt.a("azp").a();
                    if (a6 != null) {
                        String e = g().e();
                        if (e == null) {
                            Intrinsics.a();
                            throw null;
                        }
                        a3 = StringsKt__StringsKt.a((CharSequence) a6, (CharSequence) e, false, 2, (Object) null);
                        if (!a3) {
                        }
                    }
                    LpLog.f("TagLogin", "Invalid azp");
                    return ErrorType.LoginFailed.a;
                }
                if (jwt.b().containsKey("nonce") && !(!Intrinsics.a((Object) jwt.a("nonce").a(), (Object) FormattingExtensionsKt.a(this.f.k())))) {
                    if (jwt.b().containsKey("email")) {
                        c2 = StringsKt__StringsJVMKt.c(jwt.a("email").a(), this.b, true);
                        if (c2) {
                            return null;
                        }
                    }
                    if (jwt.b().containsKey("preferred_username")) {
                        c = StringsKt__StringsJVMKt.c(jwt.a("preferred_username").a(), this.b, true);
                        if (c) {
                            return null;
                        }
                    }
                    LpLog.f("TagLogin", "username is different");
                    if (jwt.b().containsKey("email")) {
                        a2 = jwt.a("email").a();
                        if (a2 != null) {
                        }
                        a2 = "";
                    } else {
                        a2 = jwt.a("preferred_username").a();
                        if (a2 != null) {
                        }
                        a2 = "";
                    }
                    Intrinsics.a((Object) a2, "if(jwt.claims.containsKe…ername\").asString() ?: \"\"");
                    return new ErrorType.DifferentUserLoggedIn(a2);
                }
                LpLog.f("TagLogin", "Invalid nonce");
                return ErrorType.LoginFailed.a;
            }
            LpLog.f("TagLogin", "Invalid audience");
            return ErrorType.LoginFailed.a;
        } catch (DecodeException unused) {
            return ErrorType.LoginFailed.a;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public final void a(AdfsAuthInfo adfsAuthInfo) {
        if (this.f.i().f() != 2) {
            this.f.a(Base64.decode(adfsAuthInfo.b(), 0));
            if (this.f.f() == null) {
                throw new IllegalArgumentException("Emtpy k1");
            }
        }
        this.f.b(Base64.decode(adfsAuthInfo.c(), 0));
        if (this.f.g() == null) {
            throw new IllegalArgumentException("Emtpy k2");
        }
        this.f.a(adfsAuthInfo.a());
        if (TextUtils.isEmpty(this.f.a())) {
            throw new IllegalArgumentException("Emtpy authSessionId");
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public final void a(AdfsLoginType adfsLoginType) {
        this.f.a(adfsLoginType);
        if (this.f.i().g()) {
            LpLog.a("TagLogin", "User is federated, type " + adfsLoginType.f());
            Preferences preferences = this.g;
            if (preferences == null) {
                Intrinsics.c("preferences");
                throw null;
            }
            preferences.b("login_identity_guid", adfsLoginType.b());
            Preferences preferences2 = this.g;
            if (preferences2 == null) {
                Intrinsics.c("preferences");
                throw null;
            }
            preferences2.b("login_identity_provider", adfsLoginType.c());
            Preferences preferences3 = this.g;
            if (preferences3 == null) {
                Intrinsics.c("preferences");
                throw null;
            }
            preferences3.a("login_login_type", adfsLoginType.f());
            Preferences preferences4 = this.g;
            if (preferences4 == null) {
                Intrinsics.c("preferences");
                throw null;
            }
            Long a2 = adfsLoginType.a();
            preferences4.a("login_federated_company_id", a2 != null ? a2.longValue() : 0L);
            Preferences preferences5 = this.g;
            if (preferences5 == null) {
                Intrinsics.c("preferences");
                throw null;
            }
            preferences5.b("login_openid_authority", adfsLoginType.d());
            Preferences preferences6 = this.g;
            if (preferences6 == null) {
                Intrinsics.c("preferences");
                throw null;
            }
            preferences6.b("login_openid_clientid", adfsLoginType.e());
            if (adfsLoginType.f() == 1 || adfsLoginType.f() == 2) {
                String b = adfsLoginType.b();
                if (!(b == null || b.length() == 0)) {
                    String c = adfsLoginType.c();
                    if (!(c == null || c.length() == 0)) {
                        return;
                    }
                }
                throw new IllegalArgumentException("Empty provider url or guid");
            }
            if (adfsLoginType.f() == 3) {
                String d = adfsLoginType.d();
                if (!(d == null || d.length() == 0)) {
                    String e = adfsLoginType.e();
                    if (!(e == null || e.length() == 0)) {
                        this.f.h("https://accounts.lastpass.com/federated/oidcredirect.html");
                        return;
                    }
                }
                throw new IllegalArgumentException("Empty connect authority or client id");
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public final void a(ErrorType errorType, String str) {
        this.c.setValue(new FlowState.Finished(false));
        MutableLiveData<AdfsError> mutableLiveData = this.e;
        if (str == null) {
            str = "";
        }
        mutableLiveData.setValue(new AdfsError(errorType, str));
    }

    private final boolean a(AdfsSamlResponseParameters adfsSamlResponseParameters) {
        if (adfsSamlResponseParameters == null) {
            return false;
        }
        AdfsLoginFlowData adfsLoginFlowData = this.f;
        RsaKeyRepository rsaKeyRepository = this.h;
        if (rsaKeyRepository == null) {
            Intrinsics.c("rsaKeyRepository");
            throw null;
        }
        byte[] a2 = adfsSamlResponseParameters.a();
        KeyPair o = this.f.o();
        if (o == null) {
            Intrinsics.a();
            throw null;
        }
        adfsLoginFlowData.a(rsaKeyRepository.b(a2, o.getPrivate()));
        if (this.f.f() == null) {
            LpLog.f("TagLogin", "Failed to decrypt SAML k1");
            return false;
        }
        CryptoUtils cryptoUtils = CryptoUtils.a;
        byte[] b = adfsSamlResponseParameters.b();
        CryptoUtils cryptoUtils2 = CryptoUtils.a;
        byte[] f = this.f.f();
        if (f == null) {
            Intrinsics.a();
            throw null;
        }
        if (cryptoUtils.a(b, cryptoUtils2.a(f)) == 0) {
            return true;
        }
        LpLog.f("TagLogin", "Failed to verify k1 signature");
        this.f.a((byte[]) null);
        return false;
    }

    private final void o() {
        LpLog.a("TagLogin", "ADFS: Assembling master password from key elements");
        if (this.f.i().f() == 3) {
            AdfsLoginFlowData adfsLoginFlowData = this.f;
            CryptoUtils cryptoUtils = CryptoUtils.a;
            byte[] f = adfsLoginFlowData.f();
            if (f == null) {
                Intrinsics.a();
                throw null;
            }
            byte[] g = this.f.g();
            if (g == null) {
                Intrinsics.a();
                throw null;
            }
            adfsLoginFlowData.d(cryptoUtils.a(cryptoUtils.b(f, g)));
        } else {
            AdfsLoginFlowData adfsLoginFlowData2 = this.f;
            CryptoUtils cryptoUtils2 = CryptoUtils.a;
            byte[] f2 = adfsLoginFlowData2.f();
            if (f2 == null) {
                Intrinsics.a();
                throw null;
            }
            byte[] g2 = this.f.g();
            if (g2 == null) {
                Intrinsics.a();
                throw null;
            }
            byte[] b = cryptoUtils2.b(f2, g2);
            byte[] h = this.f.h();
            if (h == null) {
                Intrinsics.a();
                throw null;
            }
            adfsLoginFlowData2.d(cryptoUtils2.a(cryptoUtils2.b(b, h)));
        }
        this.f.c((byte[]) null);
        this.f.a((byte[]) null);
        this.f.b((byte[]) null);
        this.f.e("");
        this.f.b("");
    }

    private final String p() {
        boolean a2;
        if ((this.c.getValue() instanceof FlowState.Undefined) || (this.c.getValue() instanceof FlowState.NotFederatedUser)) {
            throw new IllegalStateException("Invalid state");
        }
        StringBuilder sb = new StringBuilder();
        sb.append(this.f.i().c());
        String c = this.f.i().c();
        if (c != null) {
            a2 = StringsKt__StringsJVMKt.a(c, "/", false, 2, null);
            if (!a2) {
                sb.append("/");
            }
        }
        sb.append("auth/saml2/");
        String b = this.f.i().b();
        if (b == null) {
            b = "";
        }
        sb.append(b);
        String sb2 = sb.toString();
        Intrinsics.a((Object) sb2, "stringBuilder.toString()");
        return sb2;
    }

    private final String q() {
        if ((this.c.getValue() instanceof FlowState.Undefined) || (this.c.getValue() instanceof FlowState.NotFederatedUser)) {
            throw new IllegalStateException("Invalid state");
        }
        return FormattingExtensionsKt.d(FormattingExtensionsKt.b(this.f.l())) + "?client_id=" + URLEncoder.encode(this.f.i().e(), StandardCharsets.UTF_8.name()) + "&login_hint=" + URLEncoder.encode(this.b, StandardCharsets.UTF_8.name()) + "&redirect_uri=" + URLEncoder.encode("https://accounts.lastpass.com/federated/oidcredirect.html", StandardCharsets.UTF_8.name()) + "&response_type=" + URLEncoder.encode("id_token token", StandardCharsets.UTF_8.name()) + "&scope=" + URLEncoder.encode("openid email profile", StandardCharsets.UTF_8.name()) + "&nonce=" + URLEncoder.encode(FormattingExtensionsKt.a(this.f.k()), StandardCharsets.UTF_8.name());
    }

    private final void r() {
        this.f.e(KeyGenerator.a(32));
    }

    private final void s() {
        LpLog.a("TagLogin", "Generating ADFS public key");
        AdfsLoginFlowData adfsLoginFlowData = this.f;
        RsaKeyRepository rsaKeyRepository = this.h;
        if (rsaKeyRepository == null) {
            Intrinsics.c("rsaKeyRepository");
            throw null;
        }
        adfsLoginFlowData.a(rsaKeyRepository.a());
        z();
    }

    private final void t() {
        LpLog.a("TagLogin", "ADFS: getting auth info");
        AdfsApi adfsApi = this.j;
        if (adfsApi == null) {
            Intrinsics.c("adfsApi");
            throw null;
        }
        String c = this.f.i().c();
        if (c == null) {
            c = "";
        }
        adfsApi.a(c);
        AdfsApi adfsApi2 = this.j;
        if (adfsApi2 != null) {
            adfsApi2.c(this.f.b(), new AdfsApiCallback<AdfsAuthInfo>() { // from class: com.lastpass.lpandroid.domain.account.adfs.AdfsLoginFlow$getAuthInfo$1
                /* JADX INFO: Access modifiers changed from: package-private */
                {
                    super();
                }

                public void a(@Nullable AdfsAuthInfo adfsAuthInfo, @Nullable Response<AdfsAuthInfo> response) {
                    AdfsLoginFlow adfsLoginFlow = AdfsLoginFlow.this;
                    if (adfsAuthInfo != null) {
                        adfsLoginFlow.a(adfsAuthInfo);
                        super.a((AdfsLoginFlow$getAuthInfo$1) adfsAuthInfo, (Response<AdfsLoginFlow$getAuthInfo$1>) response);
                    }
                }

                @Override // com.lastpass.lpandroid.domain.account.adfs.AdfsLoginFlow.AdfsApiCallback, com.lastpass.lpandroid.api.lmiapi.LmiApiCallback
                public /* bridge */ /* synthetic */ void a(Object obj, Response response) {
                    a((AdfsAuthInfo) obj, (Response<AdfsAuthInfo>) response);
                }
            });
        } else {
            Intrinsics.c("adfsApi");
            throw null;
        }
    }

    private final String u() {
        CryptoUtils cryptoUtils = CryptoUtils.a;
        byte[] f = this.f.f();
        if (f == null) {
            Intrinsics.a();
            throw null;
        }
        byte[] g = this.f.g();
        if (g == null) {
            Intrinsics.a();
            throw null;
        }
        String encodeToString = Base64.encodeToString(cryptoUtils.a(cryptoUtils.b(f, g)), 2);
        Intrinsics.a((Object) encodeToString, "Base64.encodeToString(fl…sha256(), Base64.NO_WRAP)");
        return encodeToString;
    }

    private final void v() {
        LpLog.a("TagLogin", "ADFS: getting local key part");
        AdfsApi adfsApi = this.j;
        if (adfsApi == null) {
            Intrinsics.c("adfsApi");
            throw null;
        }
        String c = this.f.i().c();
        if (c == null) {
            c = "";
        }
        adfsApi.a(c);
        AdfsApi adfsApi2 = this.j;
        if (adfsApi2 != null) {
            adfsApi2.b(this.b, u(), this.f.a(), new AdfsApiCallback<AdfsLocalKeyPart>() { // from class: com.lastpass.lpandroid.domain.account.adfs.AdfsLoginFlow$getLocalKeyPart$1
                /* JADX INFO: Access modifiers changed from: package-private */
                {
                    super();
                }

                public void a(@Nullable AdfsLocalKeyPart adfsLocalKeyPart, @Nullable Response<AdfsLocalKeyPart> response) {
                    AdfsLoginFlowData adfsLoginFlowData;
                    AdfsLoginFlowData adfsLoginFlowData2;
                    adfsLoginFlowData = AdfsLoginFlow.this.f;
                    adfsLoginFlowData.c(Base64.decode(adfsLocalKeyPart != null ? adfsLocalKeyPart.a() : null, 0));
                    adfsLoginFlowData2 = AdfsLoginFlow.this.f;
                    if (adfsLoginFlowData2.h() == null) {
                        throw new IllegalArgumentException("Emtpy local key");
                    }
                    super.a((AdfsLoginFlow$getLocalKeyPart$1) adfsLocalKeyPart, (Response<AdfsLoginFlow$getLocalKeyPart$1>) response);
                }

                @Override // com.lastpass.lpandroid.domain.account.adfs.AdfsLoginFlow.AdfsApiCallback, com.lastpass.lpandroid.api.lmiapi.LmiApiCallback
                public /* bridge */ /* synthetic */ void a(Object obj, Response response) {
                    a((AdfsLocalKeyPart) obj, (Response<AdfsLocalKeyPart>) response);
                }
            });
        } else {
            Intrinsics.c("adfsApi");
            throw null;
        }
    }

    private final void w() {
        OpenIdApi openIdApi = this.k;
        if (openIdApi == null) {
            Intrinsics.c("openIdApi");
            throw null;
        }
        openIdApi.b("https://graph.microsoft.com");
        OpenIdApi openIdApi2 = this.k;
        if (openIdApi2 != null) {
            openIdApi2.b(this.f.b(), new AdfsApiCallback<OpenIdK1Response>() { // from class: com.lastpass.lpandroid.domain.account.adfs.AdfsLoginFlow$getOpenIdK1$1
                /* JADX INFO: Access modifiers changed from: package-private */
                {
                    super();
                }

                public void a(@Nullable OpenIdK1Response openIdK1Response, @Nullable Response<OpenIdK1Response> response) {
                    String str;
                    AdfsLoginFlowData adfsLoginFlowData;
                    AdfsLoginFlowData adfsLoginFlowData2;
                    AdfsLoginFlowData adfsLoginFlowData3;
                    AdfsLoginFlowData adfsLoginFlowData4;
                    List<OpenIdK1Extension> a2;
                    int a3;
                    if (openIdK1Response == null || (a2 = openIdK1Response.a()) == null) {
                        str = null;
                    } else {
                        a3 = CollectionsKt__IterablesKt.a(a2, 10);
                        ArrayList arrayList = new ArrayList(a3);
                        Iterator<T> it = a2.iterator();
                        while (it.hasNext()) {
                            arrayList.add(((OpenIdK1Extension) it.next()).a());
                        }
                        str = (String) CollectionsKt.f((List) arrayList);
                    }
                    if (str == null || str.length() == 0) {
                        throw new IllegalStateException("k1 not found in response");
                    }
                    adfsLoginFlowData = AdfsLoginFlow.this.f;
                    adfsLoginFlowData.a(Base64.decode(str, 2));
                    adfsLoginFlowData2 = AdfsLoginFlow.this.f;
                    if (adfsLoginFlowData2.f() != null) {
                        adfsLoginFlowData3 = AdfsLoginFlow.this.f;
                        adfsLoginFlowData4 = AdfsLoginFlow.this.f;
                        byte[] f = adfsLoginFlowData4.f();
                        String encodeToString = Base64.encodeToString(f != null ? CryptoUtils.a.a(f) : null, 2);
                        Intrinsics.a((Object) encodeToString, "Base64.encodeToString(fl…sha256(), Base64.NO_WRAP)");
                        adfsLoginFlowData3.c(encodeToString);
                    }
                    super.a((AdfsLoginFlow$getOpenIdK1$1) openIdK1Response, (Response<AdfsLoginFlow$getOpenIdK1$1>) response);
                }

                @Override // com.lastpass.lpandroid.domain.account.adfs.AdfsLoginFlow.AdfsApiCallback, com.lastpass.lpandroid.api.lmiapi.LmiApiCallback
                public /* bridge */ /* synthetic */ void a(Object obj, Response response) {
                    a((OpenIdK1Response) obj, (Response<OpenIdK1Response>) response);
                }
            });
        } else {
            Intrinsics.c("openIdApi");
            throw null;
        }
    }

    private final void x() {
        OpenIdApi openIdApi = this.k;
        if (openIdApi == null) {
            Intrinsics.c("openIdApi");
            throw null;
        }
        Preferences preferences = this.g;
        if (preferences == null) {
            Intrinsics.c("preferences");
            throw null;
        }
        Boolean d = preferences.d("debug_menu_use_test_push");
        Intrinsics.a((Object) d, "preferences.getBoolean(P…PREF_DEBUG_USE_TEST_PUSH)");
        openIdApi.a(d.booleanValue() ? "https://loginservice.dev.3amlabs.net/" : "https://accounts.lastpass.com/");
        OpenIdApi openIdApi2 = this.k;
        if (openIdApi2 == null) {
            Intrinsics.c("openIdApi");
            throw null;
        }
        Long a2 = this.f.i().a();
        openIdApi2.a(a2 != null ? a2.longValue() : 0L, this.f.e(), new AdfsApiCallback<OpenIdK2Response>() { // from class: com.lastpass.lpandroid.domain.account.adfs.AdfsLoginFlow$getOpenIdK2$1
            /* JADX INFO: Access modifiers changed from: package-private */
            {
                super();
            }

            public void a(@Nullable OpenIdK2Response openIdK2Response, @Nullable Response<OpenIdK2Response> response) {
                AdfsLoginFlowData adfsLoginFlowData;
                AdfsLoginFlowData adfsLoginFlowData2;
                boolean C;
                String b = openIdK2Response != null ? openIdK2Response.b() : null;
                if (b == null || b.length() == 0) {
                    throw new IllegalStateException("k2 not found in response");
                }
                adfsLoginFlowData = AdfsLoginFlow.this.f;
                adfsLoginFlowData.b(Base64.decode(b, 2));
                adfsLoginFlowData2 = AdfsLoginFlow.this.f;
                String a3 = openIdK2Response.a();
                if (a3 == null) {
                    a3 = "";
                }
                adfsLoginFlowData2.d(a3);
                C = AdfsLoginFlow.this.C();
                if (!C) {
                    throw new IllegalArgumentException("Fragment ids mismatch");
                }
                super.a((AdfsLoginFlow$getOpenIdK2$1) openIdK2Response, (Response<AdfsLoginFlow$getOpenIdK2$1>) response);
            }

            @Override // com.lastpass.lpandroid.domain.account.adfs.AdfsLoginFlow.AdfsApiCallback, com.lastpass.lpandroid.api.lmiapi.LmiApiCallback
            public /* bridge */ /* synthetic */ void a(Object obj, Response response) {
                a((OpenIdK2Response) obj, (Response<OpenIdK2Response>) response);
            }
        });
    }

    private final void y() {
        int f = this.f.i().f();
        if (f == 1) {
            this.c.setValue(new FlowState.UserLogin());
            return;
        }
        if (f == 2) {
            this.c.setValue(new FlowState.ZeroKnowledgeGenerateKeys());
            s();
        } else {
            if (f != 3) {
                this.c.setValue(new FlowState.NotFederatedUser());
                return;
            }
            r();
            this.c.setValue(new FlowState.RetrieveOpenIdConfig());
            A();
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public final void z() {
        LpLog.a("TagLogin", "ADFS state " + this.c.getValue() + " completed");
        FlowState value = this.c.getValue();
        if (value instanceof FlowState.Undefined) {
            y();
            return;
        }
        if (value instanceof FlowState.UserLogin) {
            if (this.f.i().f() == 3) {
                this.c.setValue(new FlowState.OpenIdK1());
                w();
                return;
            } else {
                this.c.setValue(new FlowState.AuthInfo());
                t();
                return;
            }
        }
        if (value instanceof FlowState.AuthInfo) {
            this.c.setValue(new FlowState.LocalKey());
            v();
            return;
        }
        if (value instanceof FlowState.LocalKey) {
            o();
            this.c.setValue(new FlowState.Finished(true));
            return;
        }
        if (value instanceof FlowState.ZeroKnowledgeGenerateKeys) {
            this.c.setValue(new FlowState.ZeroKnowledgeUploadPublicKey());
            B();
            return;
        }
        if (value instanceof FlowState.ZeroKnowledgeUploadPublicKey) {
            this.c.setValue(new FlowState.UserLogin());
            return;
        }
        if (value instanceof FlowState.RetrieveOpenIdConfig) {
            this.c.setValue(new FlowState.UserLogin());
            return;
        }
        if (value instanceof FlowState.OpenIdK1) {
            this.c.setValue(new FlowState.OpenIdK2());
            x();
        } else if (value instanceof FlowState.OpenIdK2) {
            o();
            this.c.setValue(new FlowState.Finished(true));
        }
    }

    public final void a() {
        this.c.setValue(new FlowState.Finished(false));
        this.d.setValue(null);
    }

    public final void a(@NotNull String authToken, @Nullable AdfsSamlResponseParameters adfsSamlResponseParameters) {
        Intrinsics.b(authToken, "authToken");
        LpLog.a("TagLogin", "ADFS user login completed");
        if (!(this.c.getValue() instanceof FlowState.UserLogin) && !(this.c.getValue() instanceof FlowState.Finished)) {
            throw new IllegalStateException("Invalid state");
        }
        if (authToken.length() == 0) {
            a(ErrorType.LoginFailed.a, "Missing auth token");
            return;
        }
        this.f.b(authToken);
        if (this.f.i().f() == 2 && !a(adfsSamlResponseParameters)) {
            a(ErrorType.LoginFailed.a, "Missing auth token");
        } else {
            z();
        }
    }

    public final void a(@NotNull String authToken, @NotNull String idToken) {
        Intrinsics.b(authToken, "authToken");
        Intrinsics.b(idToken, "idToken");
        LpLog.a("TagLogin", "OpenId user login completed");
        if (!(this.c.getValue() instanceof FlowState.UserLogin) && !(this.c.getValue() instanceof FlowState.Finished)) {
            throw new IllegalStateException("Invalid state");
        }
        if (!(authToken.length() == 0)) {
            if (!(idToken.length() == 0)) {
                this.f.e(idToken);
                this.f.b(authToken);
                ErrorType D = D();
                if (D == null) {
                    z();
                    return;
                }
                LpLog.f("TagLogin", "Invalid id token, validation failed " + D);
                a(D, "");
                return;
            }
        }
        a(ErrorType.LoginFailed.a, "Missing auth token or id token");
    }

    public final void b() {
        boolean c;
        boolean c2;
        if (!(this.c.getValue() instanceof FlowState.Undefined) && !(this.c.getValue() instanceof FlowState.UserLogin)) {
            throw new IllegalStateException("Invalid state");
        }
        boolean z = false;
        if (this.b.length() == 0) {
            z();
            return;
        }
        LastPassUserAccount f = LastPassUserAccount.f();
        if (f != null) {
            c2 = StringsKt__StringsJVMKt.c(f.n(), this.b, true);
            if (c2 && f.v()) {
                z = true;
            }
        }
        String str = this.b;
        Preferences preferences = this.g;
        if (preferences == null) {
            Intrinsics.c("preferences");
            throw null;
        }
        c = StringsKt__StringsJVMKt.c(str, preferences.c("login_last_federated_email"), true);
        if (!z && !c) {
            AdfsApi adfsApi = this.j;
            if (adfsApi != null) {
                adfsApi.a(this.b, new AdfsApiCallback<AdfsLoginType>() { // from class: com.lastpass.lpandroid.domain.account.adfs.AdfsLoginFlow$checkLoginType$1
                    /* JADX INFO: Access modifiers changed from: package-private */
                    {
                        super();
                    }

                    public void a(@Nullable AdfsLoginType adfsLoginType, @Nullable Response<AdfsLoginType> response) {
                        AdfsLoginFlow adfsLoginFlow = AdfsLoginFlow.this;
                        if (adfsLoginType != null) {
                            adfsLoginFlow.a(adfsLoginType);
                            super.a((AdfsLoginFlow$checkLoginType$1) adfsLoginType, (Response<AdfsLoginFlow$checkLoginType$1>) response);
                        }
                    }

                    @Override // com.lastpass.lpandroid.domain.account.adfs.AdfsLoginFlow.AdfsApiCallback, com.lastpass.lpandroid.api.lmiapi.LmiApiCallback
                    public /* bridge */ /* synthetic */ void a(Object obj, Response response) {
                        a((AdfsLoginType) obj, (Response<AdfsLoginType>) response);
                    }
                });
                return;
            } else {
                Intrinsics.c("adfsApi");
                throw null;
            }
        }
        LpLog.a("TagLogin", "last user is federated");
        AdfsLoginFlowData adfsLoginFlowData = this.f;
        Preferences preferences2 = this.g;
        if (preferences2 == null) {
            Intrinsics.c("preferences");
            throw null;
        }
        int g = preferences2.g("login_login_type");
        Preferences preferences3 = this.g;
        if (preferences3 == null) {
            Intrinsics.c("preferences");
            throw null;
        }
        String c3 = preferences3.c("login_identity_guid");
        Preferences preferences4 = this.g;
        if (preferences4 == null) {
            Intrinsics.c("preferences");
            throw null;
        }
        String c4 = preferences4.c("login_identity_provider");
        Preferences preferences5 = this.g;
        if (preferences5 == null) {
            Intrinsics.c("preferences");
            throw null;
        }
        String c5 = preferences5.c("login_openid_authority");
        Preferences preferences6 = this.g;
        if (preferences6 == null) {
            Intrinsics.c("preferences");
            throw null;
        }
        String c6 = preferences6.c("login_openid_clientid");
        Preferences preferences7 = this.g;
        if (preferences7 == null) {
            Intrinsics.c("preferences");
            throw null;
        }
        adfsLoginFlowData.a(new AdfsLoginType(g, c3, c4, c5, c6, Long.valueOf(preferences7.h("login_federated_company_id"))));
        z();
    }

    @NotNull
    public final String c() {
        return this.f.a();
    }

    @NotNull
    public final MutableLiveData<Unit> d() {
        return this.d;
    }

    @NotNull
    public final MutableLiveData<AdfsError> e() {
        return this.e;
    }

    @NotNull
    public final MutableLiveData<FlowState> f() {
        return this.c;
    }

    @NotNull
    public final AdfsLoginType g() {
        return this.f.i();
    }

    @Nullable
    public final byte[] h() {
        if (this.c.getValue() instanceof FlowState.Finished) {
            return this.f.j();
        }
        throw new IllegalStateException("Invalid state");
    }

    @NotNull
    public final String i() {
        return this.f.c();
    }

    @NotNull
    public final String j() {
        return this.f.d();
    }

    @NotNull
    public final String k() {
        return this.f.n();
    }

    @NotNull
    public final String l() {
        return g().f() != 3 ? p() : q();
    }

    @NotNull
    public final String m() {
        return this.b;
    }

    public final boolean n() {
        return this.f.i().g();
    }

    @Override // com.lastpass.lpandroid.domain.encryption.Purgeable
    public void purge() {
        this.f.d((byte[]) null);
        if (this.c.getValue() instanceof FlowState.Finished) {
            this.f.a((byte[]) null);
            this.f.b((byte[]) null);
            this.f.c((byte[]) null);
            this.f.a((KeyPair) null);
            this.f.a("");
            this.f.d("");
            this.f.c("");
            this.f.e("");
            this.f.b("");
            this.f.e((byte[]) null);
        }
    }
}
