package com.citrix.citrixvpn.totp;

import android.content.Context;
import android.content.ContextWrapper;
import android.net.Uri;
import android.text.TextUtils;
import com.citrix.worx.sdk.CtxLog;
import java.io.IOException;
import java.net.URLDecoder;
import java.nio.charset.StandardCharsets;
import java.text.MessageFormat;
import java.util.Locale;
import org.json.JSONException;
import org.json.JSONObject;

/* loaded from: classes.dex */
public class TotpInfo {
    static final String ALG_SHA1 = "SHA1";
    static final String ALG_SHA256 = "SHA256";
    static final String ALG_SHA512 = "SHA512";
    static final String AT_SEPARATOR = "@";
    private static final int DEFAULT_DIGITS = 6;
    private static final int DEFAULT_PERIOD = 30;
    static final String ENCODING_UTF8 = StandardCharsets.UTF_8.toString();
    private static final String FIELD_ACCOUNT = "account";
    private static final String FIELD_SCHEME = "scheme";
    private static final String FIELD_SERVER = "server";
    private static final String FIELD_TYPE = "type";
    private static final String PUSH_ENABLED = "pushEnabled";
    private static final String PUSH_HUB = "pushHub";
    private static final String PUSH_NAMESPACE = "pushNamespace";
    private static final String PUSH_TAG = "pushTag";
    private static final String QPARAM_ALGORITHM = "algorithm";
    private static final String QPARAM_CODE = "code";
    private static final String QPARAM_DEVICE_NAME = "device";
    private static final String QPARAM_DIGITS = "digits";
    private static final String QPARAM_ISSUER = "issuer";
    private static final String QPARAM_PERIOD = "period";
    private static final String QPARAM_SECRET = "secret";
    private static final String REGISTRATION_ID = "regId";
    private static final String SCHEME_OTPAUTH = "otpauth";
    private static final String SEPARATOR = ":";
    private static final String TAG = "TotpInfo";
    private static final String TYPE_HOTP = "hotp";
    private static final String TYPE_TOTP = "totp";
    private String account;
    private String algorithm;
    private String deviceName;
    private int digits;
    private String issuer;
    private int period;
    private String pushCode;
    private boolean pushEnabled;
    private String pushHub;
    private String pushNamespace;
    private String pushRegistrationId;
    private String pushTag;
    private String scheme;
    private String secret;
    private String server;
    private String type;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes.dex */
    public static class a {

        /* renamed from: a, reason: collision with root package name */
        private String f7304a;

        /* renamed from: b, reason: collision with root package name */
        private String f7305b;

        /* renamed from: c, reason: collision with root package name */
        private String f7306c;

        a(String str, String str2, String str3) {
            this.f7304a = str;
            this.f7305b = str2;
            this.f7306c = str3;
        }

        static a d(String str) {
            String str2;
            String str3;
            String[] split = URLDecoder.decode(str.substring(1), TotpInfo.ENCODING_UTF8).split(TotpInfo.AT_SEPARATOR);
            String str4 = null;
            if (split.length > 1) {
                str3 = split[split.length - 1];
                str2 = split[0];
                if (split.length > 2) {
                    str2 = str2 + TotpInfo.AT_SEPARATOR + split[1];
                }
            } else {
                str2 = split[0];
                str3 = null;
            }
            if (str2 != null) {
                String[] split2 = str2.split(TotpInfo.SEPARATOR);
                if (split2.length > 1) {
                    str4 = split2[0];
                    str2 = split2[1];
                }
                str2 = str2.trim();
            }
            return new a(str4, str3, str2);
        }

        String a() {
            return this.f7306c;
        }

        String b() {
            return this.f7304a;
        }

        String c() {
            return this.f7305b;
        }
    }

    /* loaded from: classes.dex */
    public static class b {

        /* renamed from: b, reason: collision with root package name */
        private final String f7308b;

        /* renamed from: a, reason: collision with root package name */
        private String f7307a = TotpInfo.SCHEME_OTPAUTH;

        /* renamed from: c, reason: collision with root package name */
        private String f7309c = TotpInfo.TYPE_TOTP;

        /* renamed from: d, reason: collision with root package name */
        private String f7310d = "";

        /* renamed from: e, reason: collision with root package name */
        private String f7311e = "";

        /* renamed from: f, reason: collision with root package name */
        private String f7312f = "";

        /* renamed from: g, reason: collision with root package name */
        private int f7313g = 6;

        /* renamed from: h, reason: collision with root package name */
        private int f7314h = 30;

        /* renamed from: i, reason: collision with root package name */
        private String f7315i = TotpInfo.ALG_SHA1;

        /* renamed from: j, reason: collision with root package name */
        private String f7316j = "";

        /* renamed from: k, reason: collision with root package name */
        private String f7317k = "";

        /* renamed from: l, reason: collision with root package name */
        private boolean f7318l = false;

        /* renamed from: m, reason: collision with root package name */
        private String f7319m = "";

        /* renamed from: n, reason: collision with root package name */
        private String f7320n = "";

        /* renamed from: o, reason: collision with root package name */
        private String f7321o = "";

        public b(String str) {
            this.f7308b = str;
        }

        public b p(String str) {
            this.f7310d = str;
            return this;
        }

        public b q(String str) {
            if (!TotpInfo.ALG_SHA1.equalsIgnoreCase(str) && !TotpInfo.ALG_SHA256.equalsIgnoreCase(str) && !TotpInfo.ALG_SHA512.equalsIgnoreCase(str)) {
                throw new IllegalArgumentException(MessageFormat.format("HMAC algorithm can only be one of 'SHA1', 'SH256', or 'SHA512', got: {0}", str));
            }
            this.f7315i = str;
            return this;
        }

        public TotpInfo r() {
            return new TotpInfo(this);
        }

        public b s(String str) {
            this.f7316j = str;
            return this;
        }

        public b t(int i10) {
            if (6 != i10 && 8 != i10) {
                throw new IllegalArgumentException(MessageFormat.format("Digits can only be either 6 or 8, got: {0}", Integer.valueOf(i10)));
            }
            this.f7313g = i10;
            return this;
        }

        public b u(String str) {
            this.f7312f = str;
            return this;
        }

        public b v(int i10) {
            this.f7314h = i10;
            return this;
        }

        public b w(String str) {
            this.f7317k = str;
            return this;
        }

        public b x(String str) {
            this.f7311e = str;
            return this;
        }

        public b y(String str, String str2, String str3) {
            if (TextUtils.isEmpty(str3)) {
                throw new IllegalArgumentException(MessageFormat.format("Tag is required for push registration, got: {0}", str3));
            }
            this.f7319m = str;
            this.f7320n = str2;
            this.f7321o = str3;
            this.f7318l = true;
            return this;
        }

        public b z(String str) {
            if (!TotpInfo.TYPE_TOTP.equalsIgnoreCase(str) && !TotpInfo.TYPE_HOTP.equalsIgnoreCase(str)) {
                throw new IllegalArgumentException(MessageFormat.format("Type can only be 'totp' or 'hotp', got: {0}", str));
            }
            this.f7309c = str.toLowerCase(Locale.US);
            return this;
        }
    }

    private TotpInfo(b bVar) {
        this.scheme = "";
        this.secret = "";
        this.type = "";
        this.account = "";
        this.server = "";
        this.issuer = "";
        this.digits = 6;
        this.period = 30;
        this.algorithm = "";
        this.deviceName = "";
        this.pushCode = "";
        this.pushNamespace = "";
        this.pushHub = "";
        this.pushTag = "";
        this.pushRegistrationId = "";
        this.scheme = bVar.f7307a;
        this.secret = bVar.f7308b;
        this.type = bVar.f7309c;
        this.account = bVar.f7310d;
        this.server = bVar.f7311e;
        this.issuer = bVar.f7312f;
        this.digits = bVar.f7313g;
        this.period = bVar.f7314h;
        this.algorithm = bVar.f7315i;
        this.deviceName = bVar.f7316j;
        this.pushCode = bVar.f7317k;
        this.pushNamespace = bVar.f7319m;
        this.pushHub = bVar.f7320n;
        this.pushTag = bVar.f7321o;
        this.pushEnabled = bVar.f7318l;
    }

    public static TotpInfo a(Context context, String str) {
        Uri parse = Uri.parse(str);
        String scheme = parse.getScheme();
        if (!SCHEME_OTPAUTH.equalsIgnoreCase(scheme)) {
            throw new IllegalArgumentException(MessageFormat.format("Only {0} URI scheme is supported, got: {1}", SCHEME_OTPAUTH, scheme));
        }
        String host = parse.getHost();
        String path = parse.getPath();
        if (path == null || path.length() < 1) {
            throw new IllegalArgumentException("TOTP URI path can't be empty");
        }
        a d10 = a.d(path);
        String b10 = d10.b();
        String a10 = d10.a();
        String c10 = d10.c();
        String queryParameter = parse.getQueryParameter(QPARAM_SECRET);
        if (TextUtils.isEmpty(queryParameter)) {
            throw new IllegalArgumentException(MessageFormat.format("No TOTP secret found in scanned QR code [{0}]", str));
        }
        if (a.l.L(queryParameter)) {
            throw new IllegalArgumentException(MessageFormat.format("Invalid base32 value for token secret in scanned QR code[{0}]", str));
        }
        String q10 = q(parse, QPARAM_ISSUER, b10);
        if (q10 != null) {
            q10 = URLDecoder.decode(q10, ENCODING_UTF8);
        }
        if (b10 == null) {
            b10 = q10;
        } else if (!b10.equals(q10)) {
            throw new IllegalArgumentException(MessageFormat.format("Label ({0}) is not same as issuer query parameter ({1})", b10, q10));
        }
        String q11 = q(parse, QPARAM_DIGITS, "6");
        String q12 = q(parse, QPARAM_PERIOD, "30");
        String q13 = q(parse, QPARAM_ALGORITHM, ALG_SHA1);
        String queryParameter2 = parse.getQueryParameter(QPARAM_DEVICE_NAME);
        String q14 = q(parse, QPARAM_CODE, null);
        try {
            b bVar = new b(a.l.n(context, queryParameter.getBytes(StandardCharsets.US_ASCII)));
            bVar.z(host).u(b10).p(a10).x(c10).t(Integer.parseInt(q11)).v(Integer.parseInt(q12)).q(q13).s(queryParameter2).w(q14);
            return bVar.r();
        } catch (Exception e10) {
            CtxLog.k(TAG, "Could not securely save TOTP secret", e10);
            throw new RuntimeException(e10);
        }
    }

    public static TotpInfo b(ContextWrapper contextWrapper, String str) {
        return a(contextWrapper.getBaseContext(), str);
    }

    public static TotpInfo c(String str) {
        if (TextUtils.isEmpty(str)) {
            CtxLog.Error(TAG, "Null or empty JSON data");
            return null;
        }
        try {
            JSONObject jSONObject = new JSONObject(str);
            b bVar = new b(jSONObject.getString(QPARAM_SECRET));
            bVar.z(v(jSONObject, FIELD_TYPE, TYPE_TOTP)).u(v(jSONObject, QPARAM_ISSUER, "")).p(v(jSONObject, FIELD_ACCOUNT, "")).x(v(jSONObject, FIELD_SERVER, "")).t(i(jSONObject, QPARAM_DIGITS, 6)).v(i(jSONObject, QPARAM_PERIOD, 30)).q(v(jSONObject, QPARAM_ALGORITHM, ALG_SHA1)).s(v(jSONObject, QPARAM_DEVICE_NAME, ""));
            if (jSONObject.getBoolean(PUSH_ENABLED)) {
                bVar.y(v(jSONObject, PUSH_NAMESPACE, ""), v(jSONObject, PUSH_HUB, ""), v(jSONObject, PUSH_TAG, ""));
            }
            TotpInfo r10 = bVar.r();
            r10.z(v(jSONObject, REGISTRATION_ID, ""));
            return r10;
        } catch (JSONException e10) {
            CtxLog.k(TAG, "Failed to convert JSON object to TOTP", e10);
            return null;
        }
    }

    static int i(JSONObject jSONObject, String str, int i10) {
        return jSONObject.has(str) ? jSONObject.getInt(str) : i10;
    }

    private static String q(Uri uri, String str, String str2) {
        String queryParameter = uri.getQueryParameter(str);
        return queryParameter == null ? str2 : queryParameter;
    }

    public static String v(JSONObject jSONObject, String str, String str2) {
        return jSONObject.has(str) ? jSONObject.getString(str) : str2;
    }

    public String A() {
        JSONObject jSONObject = new JSONObject();
        try {
            jSONObject.accumulate(FIELD_SCHEME, r()).accumulate(FIELD_TYPE, w()).accumulate(FIELD_ACCOUNT, d()).accumulate(FIELD_SERVER, u()).accumulate(QPARAM_SECRET, s()).accumulate(QPARAM_ISSUER, j()).accumulate(QPARAM_DIGITS, Integer.valueOf(g())).accumulate(QPARAM_PERIOD, Integer.valueOf(k())).accumulate(QPARAM_ALGORITHM, e()).accumulate(QPARAM_DEVICE_NAME, f()).accumulate(PUSH_ENABLED, Boolean.valueOf(x())).accumulate(PUSH_NAMESPACE, n()).accumulate(PUSH_HUB, m()).accumulate(PUSH_TAG, p()).accumulate(REGISTRATION_ID, o());
            return jSONObject.toString();
        } catch (JSONException e10) {
            CtxLog.k(TAG, "Failed to convert TOTP to JSON object", e10);
            return null;
        }
    }

    public String d() {
        return this.account;
    }

    public String e() {
        return this.algorithm;
    }

    public String f() {
        return this.deviceName;
    }

    public int g() {
        return this.digits;
    }

    public String h() {
        String d10 = d();
        String u10 = u();
        if (TextUtils.isEmpty(u10)) {
            return d10;
        }
        return d10 + AT_SEPARATOR + u10;
    }

    public String j() {
        return this.issuer;
    }

    public int k() {
        return this.period;
    }

    public String l() {
        return this.pushCode;
    }

    public String m() {
        return this.pushHub;
    }

    public String n() {
        return this.pushNamespace;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String o() {
        return this.pushRegistrationId;
    }

    public String p() {
        return this.pushTag;
    }

    public String r() {
        return this.scheme;
    }

    public String s() {
        return this.secret;
    }

    public byte[] t(Context context) {
        byte[] bArr;
        try {
            bArr = a.l.k(context, this.secret);
        } catch (Exception e10) {
            CtxLog.k(TAG, "Failed to decrypt password token secret. Device should be registered again.", e10);
            bArr = null;
        }
        if (bArr != null && bArr.length != 0) {
            return bArr;
        }
        CtxLog.Error(TAG, "Totp secret decryption failed. Device should be registered again.");
        throw new IOException("Totp secret decryption failed");
    }

    public String u() {
        return this.server;
    }

    public String w() {
        return this.type;
    }

    public boolean x() {
        return this.pushEnabled;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void y(String str, String str2, String str3) {
        this.pushEnabled = true;
        this.pushNamespace = str;
        this.pushHub = str2;
        this.pushTag = str3;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void z(String str) {
        this.pushRegistrationId = str;
    }
}
