package com.citrix.citrixvpn.athena;

import android.text.TextUtils;
import android.util.Xml;
import bg.e0;
import com.citrix.authmanagerlite.data.model.RequestTokenResponse;
import com.citrix.citrixvpn.athena.AthenaTokenInfo;
import com.citrix.worx.sdk.CtxLog;
import h4.a;
import java.io.BufferedWriter;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.io.OutputStreamWriter;
import java.io.StringWriter;
import java.net.MalformedURLException;
import java.net.URL;
import java.nio.charset.StandardCharsets;
import java.text.MessageFormat;
import java.util.HashMap;
import java.util.Map;
import javax.net.ssl.HttpsURLConnection;
import mf.javax.xml.XMLConstants;
import mf.org.apache.xerces.impl.xs.SchemaSymbols;
import mf.org.apache.xerces.xinclude.XIncludeHandler;
import org.apache.http.Header;
import org.apache.http.HttpEntity;
import org.apache.http.HttpResponse;
import org.xmlpull.v1.XmlPullParser;
import org.xmlpull.v1.XmlPullParserException;
import org.xmlpull.v1.XmlSerializer;
import pb.g;
import pb.h;
import pb.k;

/* loaded from: classes.dex */
public class e {

    /* renamed from: a, reason: collision with root package name */
    private final String f6876a;

    /* renamed from: b, reason: collision with root package name */
    private final String f6877b;

    /* renamed from: c, reason: collision with root package name */
    private final String f6878c;

    /* renamed from: d, reason: collision with root package name */
    private final String f6879d;

    /* renamed from: e, reason: collision with root package name */
    private AthenaTokenInfo f6880e;

    /* loaded from: classes.dex */
    public interface a {
        h4.a a(com.citrix.authmanagerlite.data.model.c cVar);
    }

    public e(String str, String str2, String str3, String str4) {
        this.f6877b = str2;
        this.f6878c = str3;
        this.f6879d = str4;
        this.f6876a = str;
        String d10 = b.i().d();
        if (d10 == null || !d10.equals(str)) {
            CtxLog.g("AthenaTokenService", "Non-matching primary token in workspace store");
            this.f6880e = null;
        } else {
            CtxLog.g("AthenaTokenService", "Matching primary token found in workspace store");
            this.f6880e = AthenaTokenInfo.j(b.i().e());
        }
    }

    private static Map a() {
        HashMap hashMap = new HashMap();
        String d10 = b.i().d();
        if (!TextUtils.isEmpty(d10)) {
            hashMap.put("X-Citrix-Athena-Auth-Domain", d10);
        }
        return hashMap;
    }

    private static e b(k5.c cVar) {
        CtxLog.g("AthenaTokenService", "Discovering Athena Token Service endpoint");
        try {
            URL url = new URL(cVar.c() + "/");
            h hVar = new h();
            hVar.j(false);
            hVar.d(k5.a.a());
            String o10 = cVar.o();
            if (!TextUtils.isEmpty(o10)) {
                hVar.c("Cookie", "NSC_AAAC=" + o10);
            }
            hVar.c("X-Citrix-Athena-Auth-Domain", cVar.a());
            CtxLog.g("AthenaTokenService", "sending request : " + url.toString());
            HttpResponse b10 = g.b(k5.e.d().c(), url, hVar);
            HttpEntity entity = b10.getEntity();
            int statusCode = b10.getStatusLine().getStatusCode();
            CtxLog.g("AthenaTokenService", "Response code : " + statusCode);
            if (statusCode == 401) {
                Header firstHeader = b10.getFirstHeader("WWW-Authenticate");
                if (firstHeader != null) {
                    return c(cVar, firstHeader);
                }
                CtxLog.g("AthenaTokenService", "Athena token service not found");
                cVar.x(-10);
            } else {
                CtxLog.g("AthenaTokenService", "Athena token service discovery failed");
                cVar.x(-10);
            }
            entity.consumeContent();
            return null;
        } catch (Exception e10) {
            CtxLog.n("AthenaTokenService", "Exception while discovering Athena token service endpoint", e10);
            n(cVar, e10);
            return null;
        }
    }

    private static e c(k5.c cVar, Header header) {
        int indexOf;
        int indexOf2;
        int indexOf3;
        int indexOf4;
        int indexOf5;
        int indexOf6;
        String value = header.getValue();
        String substring = (!value.contains("CitrixAuth realm=\"") || (indexOf6 = value.indexOf("\"", (indexOf5 = value.indexOf("CitrixAuth realm=\"") + 18))) <= indexOf5) ? null : value.substring(indexOf5, indexOf6);
        String substring2 = (!value.contains("locations=\"") || (indexOf4 = value.indexOf("\"", (indexOf3 = value.indexOf("locations=\"") + 11))) <= indexOf3) ? null : value.substring(indexOf3, indexOf4);
        String substring3 = (!value.contains("serviceroot-hint=\"") || (indexOf2 = value.indexOf("\"", (indexOf = value.indexOf("serviceroot-hint=\"") + 18))) <= indexOf) ? null : value.substring(indexOf, indexOf2);
        if (TextUtils.isEmpty(substring) || TextUtils.isEmpty(substring2) || TextUtils.isEmpty(substring3)) {
            CtxLog.g("AthenaTokenService", "Athena token service not found");
            cVar.x(-10);
            return null;
        }
        CtxLog.d("AthenaTokenService", MessageFormat.format("Athena information: realm[{0}], location[{1}], hint[{2}]", substring, substring2, substring3));
        e eVar = new e(b.i().d(), substring, substring2, substring3);
        cVar.x(6);
        return eVar;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* JADX WARN: Code restructure failed: missing block: B:28:0x00ae, code lost:
    
        if (r5 == null) goto L42;
     */
    /* JADX WARN: Not initialized variable reg: 5, insn: 0x005a: MOVE (r3 I:??[OBJECT, ARRAY]) = (r5 I:??[OBJECT, ARRAY]), block:B:35:0x005a */
    /* JADX WARN: Removed duplicated region for block: B:37:0x00b4  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static java.lang.String d(k5.c r8) {
        /*
            java.lang.String r0 = "Trying to get secondary token from token service"
            java.lang.String r1 = "AthenaTokenService"
            com.citrix.worx.sdk.CtxLog.g(r1, r0)
            com.citrix.citrixvpn.athena.b r0 = com.citrix.citrixvpn.athena.b.i()
            java.lang.String r0 = r0.e()
            com.citrix.citrixvpn.athena.AthenaTokenInfo r0 = com.citrix.citrixvpn.athena.AthenaTokenInfo.j(r0)
            r2 = -11
            r3 = 0
            if (r0 == 0) goto Lb8
            java.lang.String r0 = r0.m()
            boolean r0 = android.text.TextUtils.isEmpty(r0)
            if (r0 == 0) goto L24
            goto Lb8
        L24:
            com.citrix.citrixvpn.athena.e r0 = b(r8)
            if (r0 != 0) goto L30
            java.lang.String r8 = "Failed to initialize Athena token service"
            com.citrix.worx.sdk.CtxLog.Error(r1, r8)
            return r3
        L30:
            r4 = -12
            javax.net.ssl.HttpsURLConnection r5 = r0.j()     // Catch: java.lang.Throwable -> L8b java.io.IOException -> L8d java.net.MalformedURLException -> L9a
            r6 = 1
            r5.setDoInput(r6)     // Catch: java.lang.Throwable -> L59 java.io.IOException -> L5c java.net.MalformedURLException -> L5e
            r5.setDoOutput(r6)     // Catch: java.lang.Throwable -> L59 java.io.IOException -> L5c java.net.MalformedURLException -> L5e
            java.lang.String r6 = r0.k()     // Catch: java.lang.Throwable -> L59 java.io.IOException -> L5c java.net.MalformedURLException -> L5e
            m(r5, r6)     // Catch: java.lang.Throwable -> L59 java.io.IOException -> L5c java.net.MalformedURLException -> L5e
            int r6 = r5.getResponseCode()     // Catch: java.lang.Throwable -> L59 java.io.IOException -> L5c java.net.MalformedURLException -> L5e
            r7 = 200(0xc8, float:2.8E-43)
            if (r6 != r7) goto L60
            java.lang.String r2 = "Successfully obtained secondary token from Athena service"
            com.citrix.worx.sdk.CtxLog.g(r1, r2)     // Catch: java.lang.Throwable -> L59 java.io.IOException -> L5c java.net.MalformedURLException -> L5e
            java.lang.String r8 = l(r0, r5)     // Catch: java.lang.Throwable -> L59 java.io.IOException -> L5c java.net.MalformedURLException -> L5e
            r5.disconnect()
            return r8
        L59:
            r8 = move-exception
            r3 = r5
            goto Lb2
        L5c:
            r0 = move-exception
            goto L8f
        L5e:
            r2 = move-exception
            goto L9c
        L60:
            r7 = 401(0x191, float:5.62E-43)
            if (r6 != r7) goto L6d
            java.lang.String r6 = "Failed to obtain secondary token. Primary token has expired"
            com.citrix.worx.sdk.CtxLog.Error(r1, r6)     // Catch: java.lang.Throwable -> L59 java.io.IOException -> L5c java.net.MalformedURLException -> L5e
            r8.x(r2)     // Catch: java.lang.Throwable -> L59 java.io.IOException -> L5c java.net.MalformedURLException -> L5e
            goto L87
        L6d:
            java.lang.String r2 = "X-Citrix-Error-Reason"
            java.lang.String r2 = r5.getHeaderField(r2)     // Catch: java.lang.Throwable -> L59 java.io.IOException -> L5c java.net.MalformedURLException -> L5e
            java.lang.String r7 = "Unknown response while obtaining secondary token, responseCode: {0}, possible reason: {1}"
            java.lang.Integer r6 = java.lang.Integer.valueOf(r6)     // Catch: java.lang.Throwable -> L59 java.io.IOException -> L5c java.net.MalformedURLException -> L5e
            java.lang.Object[] r2 = new java.lang.Object[]{r6, r2}     // Catch: java.lang.Throwable -> L59 java.io.IOException -> L5c java.net.MalformedURLException -> L5e
            java.lang.String r2 = java.text.MessageFormat.format(r7, r2)     // Catch: java.lang.Throwable -> L59 java.io.IOException -> L5c java.net.MalformedURLException -> L5e
            com.citrix.worx.sdk.CtxLog.Error(r1, r2)     // Catch: java.lang.Throwable -> L59 java.io.IOException -> L5c java.net.MalformedURLException -> L5e
            r8.x(r4)     // Catch: java.lang.Throwable -> L59 java.io.IOException -> L5c java.net.MalformedURLException -> L5e
        L87:
            r5.disconnect()
            goto Lb1
        L8b:
            r8 = move-exception
            goto Lb2
        L8d:
            r0 = move-exception
            r5 = r3
        L8f:
            java.lang.String r2 = "Exception while fetching secondary token"
            com.citrix.worx.sdk.CtxLog.k(r1, r2, r0)     // Catch: java.lang.Throwable -> L59
            r8.x(r4)     // Catch: java.lang.Throwable -> L59
            if (r5 == 0) goto Lb1
            goto L87
        L9a:
            r2 = move-exception
            r5 = r3
        L9c:
            java.lang.String r6 = "Invalid token service url {0}"
            java.lang.String r0 = r0.f6878c     // Catch: java.lang.Throwable -> L59
            java.lang.Object[] r0 = new java.lang.Object[]{r0}     // Catch: java.lang.Throwable -> L59
            java.lang.String r0 = java.text.MessageFormat.format(r6, r0)     // Catch: java.lang.Throwable -> L59
            com.citrix.worx.sdk.CtxLog.h(r1, r0, r2)     // Catch: java.lang.Throwable -> L59
            r8.x(r4)     // Catch: java.lang.Throwable -> L59
            if (r5 == 0) goto Lb1
            goto L87
        Lb1:
            return r3
        Lb2:
            if (r3 == 0) goto Lb7
            r3.disconnect()
        Lb7:
            throw r8
        Lb8:
            java.lang.String r0 = "Null or empty primary token"
            com.citrix.worx.sdk.CtxLog.Error(r1, r0)
            r8.x(r2)
            return r3
        */
        throw new UnsupportedOperationException("Method not decompiled: com.citrix.citrixvpn.athena.e.d(k5.c):java.lang.String");
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static String e(k5.c cVar) {
        h4.a a10;
        String c10 = b.i().c();
        if (TextUtils.isEmpty(c10)) {
            CtxLog.Error("AthenaTokenService", "CWA app does not have a valid store configured.");
            return null;
        }
        try {
            a10 = g().a(new com.citrix.authmanagerlite.data.model.c(new URL(cVar.c() + "/"), com.citrix.authmanagerlite.data.model.b.GET, c10, a(), null));
        } catch (MalformedURLException e10) {
            CtxLog.k("AthenaTokenService", "Malformed gateway URL", e10);
        } catch (Exception e11) {
            CtxLog.k("AthenaTokenService", "Exception while fetching secondary token", e11);
        }
        if (a10 instanceof a.e) {
            CtxLog.g("AthenaTokenService", "get secondary token: success");
            return ((RequestTokenResponse) ((a.e) a10).a()).getToken();
        }
        if (a10 instanceof a.d) {
            CtxLog.Warning("AthenaTokenService", "get secondary token: failure response");
            e0 a11 = ((a.d) a10).a();
            if (a11 != null) {
                CtxLog.Warning("AthenaTokenService", "get secondary token: failure response code = " + a11.e());
                if (a11.e() == 401) {
                    CtxLog.Error("AthenaTokenService", "get secondary token: 401, primary token expired");
                    cVar.x(-11);
                    return null;
                }
            }
        } else {
            if (a10 instanceof a.c) {
                CtxLog.l("AthenaTokenService", "get secondary token: failure", a10);
                cVar.x(-12);
                return null;
            }
            if (a10 instanceof a.C0231a) {
                CtxLog.Info("AthenaTokenService", "get secondary token: user cancelled");
                cVar.x(-14);
                return null;
            }
            if (a10 instanceof a.b) {
                CtxLog.Info("AthenaTokenService", "get secondary token: cancelled app in background");
                cVar.x(-15);
                return null;
            }
        }
        cVar.x(-12);
        return null;
    }

    public static HttpsURLConnection f(String str) {
        return (HttpsURLConnection) new URL(str).openConnection();
    }

    public static a g() {
        return new a() { // from class: com.citrix.citrixvpn.athena.d
            @Override // com.citrix.citrixvpn.athena.e.a
            public final h4.a a(com.citrix.authmanagerlite.data.model.c cVar) {
                return t3.g.b(cVar);
            }
        };
    }

    private AthenaTokenInfo h(InputStream inputStream) {
        AthenaTokenInfo.a aVar;
        CtxLog.g("AthenaTokenService", "Parsing secondary token");
        XmlPullParser newPullParser = Xml.newPullParser();
        try {
            newPullParser.setInput(inputStream, StandardCharsets.UTF_8.name());
            boolean z10 = false;
            aVar = null;
            for (int eventType = newPullParser.getEventType(); eventType != 1 && !z10; eventType = newPullParser.next()) {
                if (eventType == 2) {
                    String name = newPullParser.getName();
                    if (name.equalsIgnoreCase("requesttokenresponse")) {
                        aVar = new AthenaTokenInfo.a("");
                    } else if (aVar != null) {
                        i(aVar, newPullParser, name);
                    }
                } else if (eventType != 3) {
                    continue;
                } else if (newPullParser.getName().equalsIgnoreCase("requesttokenresponse")) {
                    z10 = true;
                }
            }
        } catch (XmlPullParserException e10) {
            CtxLog.k("AthenaTokenService", "Failed to parse secondary token response", e10);
            aVar = null;
        }
        if (aVar == null) {
            return null;
        }
        return aVar.a();
    }

    private void i(AthenaTokenInfo.a aVar, XmlPullParser xmlPullParser, String str) {
        if (str.equalsIgnoreCase("for-service")) {
            aVar.f(xmlPullParser.nextText());
            return;
        }
        if (str.equalsIgnoreCase("issued")) {
            aVar.c(xmlPullParser.nextText());
            return;
        }
        if (str.equalsIgnoreCase("expiry")) {
            aVar.b(xmlPullParser.nextText());
        } else if (str.equalsIgnoreCase("lifetime")) {
            aVar.d(xmlPullParser.nextText());
        } else if (str.equalsIgnoreCase(SchemaSymbols.ATTVAL_TOKEN)) {
            aVar.i(xmlPullParser.nextText());
        }
    }

    private HttpsURLConnection j() {
        AthenaTokenInfo athenaTokenInfo = this.f6880e;
        if (athenaTokenInfo == null) {
            throw new IOException("Primary token has not been initialized");
        }
        if (TextUtils.isEmpty(athenaTokenInfo.m())) {
            throw new IOException("Empty primary token value");
        }
        HttpsURLConnection f10 = f(this.f6878c);
        f10.setInstanceFollowRedirects(false);
        f10.setRequestMethod("POST");
        f10.setRequestProperty("Content-Type", "application/vnd.citrix.requesttoken+xml");
        f10.setRequestProperty(XIncludeHandler.HTTP_ACCEPT, "application/vnd.citrix.requesttokenresponse+xml, application/vnd.citrix.requesttokenchoices+xml");
        f10.setRequestProperty("User-Agent", k.f());
        f10.setRequestProperty("Authorization", MessageFormat.format("{0} {1}", "CitrixAuth", this.f6880e.m()));
        return f10;
    }

    private String k() {
        XmlSerializer newSerializer = Xml.newSerializer();
        StringWriter stringWriter = new StringWriter();
        try {
            newSerializer.setOutput(stringWriter);
            newSerializer.startDocument("utf-8", Boolean.TRUE);
            newSerializer.startTag("", "requesttoken");
            newSerializer.attribute("", XMLConstants.XMLNS_ATTRIBUTE, "http://citrix.com/delivery-services/1-0/auth/requesttoken");
            newSerializer.startTag("", "for-service");
            newSerializer.text(this.f6877b);
            newSerializer.endTag("", "for-service");
            newSerializer.startTag("", "for-service-url");
            newSerializer.text(this.f6879d);
            newSerializer.endTag("", "for-service-url");
            newSerializer.startTag("", "reqtokentemplate");
            newSerializer.text("");
            newSerializer.endTag("", "reqtokentemplate");
            newSerializer.startTag("", "requested-lifetime");
            newSerializer.text("1.00:00:00");
            newSerializer.endTag("", "requested-lifetime");
            newSerializer.endTag("", "requesttoken");
            newSerializer.endDocument();
            return stringWriter.toString();
        } catch (Exception e10) {
            CtxLog.h("AthenaTokenService", "Exception while generating secondary token request", e10);
            throw new IOException(e10);
        }
    }

    private static String l(e eVar, HttpsURLConnection httpsURLConnection) {
        String str;
        InputStream inputStream = httpsURLConnection.getInputStream();
        try {
            AthenaTokenInfo h10 = eVar.h(inputStream);
            if (h10 != null) {
                str = h10.m();
            } else {
                CtxLog.g("AthenaTokenService", "Failed to parse token response");
                str = null;
            }
            if (inputStream != null) {
                inputStream.close();
            }
            return str;
        } catch (Throwable th) {
            if (inputStream != null) {
                try {
                    inputStream.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }

    private static void m(HttpsURLConnection httpsURLConnection, String str) {
        OutputStream outputStream = httpsURLConnection.getOutputStream();
        try {
            BufferedWriter bufferedWriter = new BufferedWriter(new OutputStreamWriter(outputStream, StandardCharsets.UTF_8));
            try {
                bufferedWriter.write(str);
                bufferedWriter.flush();
                bufferedWriter.close();
                if (outputStream != null) {
                    outputStream.close();
                }
            } finally {
            }
        } catch (Throwable th) {
            if (outputStream != null) {
                try {
                    outputStream.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }

    private static void n(k5.c cVar, Exception exc) {
        if (o(exc.getCause())) {
            cVar.x(-3);
        } else {
            cVar.x(-1);
        }
    }

    private static boolean o(Throwable th) {
        if (th == null) {
            return false;
        }
        String message = th.getMessage();
        CtxLog.b("AthenaTokenService", "Exception cause : " + message);
        return "Server Certificate Not Trusted".equals(message);
    }

    public String toString() {
        return MessageFormat.format("realm: [{0}], location: [{1}], hint: [{2}], auth-domain: [{3}]", this.f6877b, this.f6878c, this.f6879d, this.f6876a);
    }
}
