package com.stackpath.cloak.net.executors;

import android.content.Intent;
import android.os.Build;
import android.os.Bundle;
import android.util.Base64;
import com.stackpath.cloak.BuildConfig;
import com.stackpath.cloak.R;
import com.stackpath.cloak.model.account.DeviceStatusResponse;
import com.stackpath.cloak.model.account.RegisterDevice;
import com.stackpath.cloak.model.certificate.DeviceCertificateResponse;
import com.stackpath.cloak.model.errors.ErrorsResponse;
import com.stackpath.cloak.model.network.Target;
import com.stackpath.cloak.net.CloakServerApi;
import com.stackpath.cloak.net.CloakServiceUtils;
import com.stackpath.cloak.net.OpsUtil;
import com.stackpath.cloak.net.RetrofitException;
import com.stackpath.cloak.net.exceptions.ExecutorExceptionResMessage;
import com.stackpath.cloak.rx.RxErrorHandlingCallAdapterFactory;
import com.stackpath.cloak.rx.events.OpResult;
import com.stackpath.cloak.util.CertificateGenerator;
import com.stackpath.cloak.util.CloakDataUtil;
import com.stackpath.cloak.util.CloakPreferences;
import com.stackpath.cloak.util.CrlGenerator;
import com.stackpath.cloak.util.CryptoUtil;
import com.stackpath.cloak.util.EncodingUtils;
import com.stackpath.cloak.vpn.OpenVPNService;
import io.realm.x;
import j.b0;
import j.g0.a;
import j.u;
import j.x;
import java.io.IOException;
import java.io.StringWriter;
import java.security.SecureRandom;
import java.util.HashSet;
import java.util.List;
import java.util.Locale;
import java.util.concurrent.TimeUnit;
import java.util.function.Function;
import java.util.stream.Collectors;
import org.spongycastle.operator.OperatorCreationException;
import retrofit2.r;

/* loaded from: classes.dex */
public class LoginExecutor extends Executor {
    private static final String PLATFORM = "android";
    private static final int TIMEOUT_SECONDS = 45;
    private List<Integer> apiBreakingHttpCodes;
    private List<String> apiMirrors;
    private CloakServerApi mCloakApi;
    private CloakPreferences mCloakPrefs;
    private Intent mIntent;
    private boolean mIsVerified;
    private OpenVPNService mOpenVPNService;
    private String mReferenceKey;

    public LoginExecutor(OpenVPNService openVPNService, CloakServerApi cloakServerApi, Intent intent, CloakPreferences cloakPreferences, List<String> list, List<Integer> list2) {
        this.mOpenVPNService = openVPNService;
        this.mCloakApi = cloakServerApi;
        this.mIntent = intent;
        this.mCloakPrefs = cloakPreferences;
        this.apiMirrors = list;
        this.apiBreakingHttpCodes = list2;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public i.a.w<DeviceStatusResponse> getDeviceStatus(RegisterDevice registerDevice) {
        this.mIsVerified = registerDevice.getAccount().getIsVerified().booleanValue();
        saveAccountInfo(registerDevice);
        recreateCloakAPI(this.mCloakPrefs.getAuthString());
        return this.mCloakApi.getDeviceStatusRequest(BuildConfig.CLOAK_API_VERSION);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public i.a.w<DeviceStatusResponse> getIsAccountAuthorized(DeviceStatusResponse deviceStatusResponse) {
        if (deviceStatusResponse.getNetworks() == null || deviceStatusResponse.getNetworks().get(0) == null) {
            return i.a.w.j(new RuntimeException("No networks available."));
        }
        this.mCloakPrefs.saveIsAccountAuthorized(deviceStatusResponse.getNetworks().get(0).getIsAuthorized());
        return i.a.w.s(deviceStatusResponse);
    }

    /* JADX WARN: Can't fix incorrect switch cases order, some code will duplicate */
    private void handleError(Throwable th) {
        boolean z;
        int i2;
        RetrofitException retrofitException = (RetrofitException) th;
        String message = th.getMessage();
        String errorKind = retrofitException.getErrorKind();
        errorKind.hashCode();
        char c2 = 65535;
        switch (errorKind.hashCode()) {
            case -1754850584:
                if (errorKind.equals(RetrofitException.ERROR_UNEXPECTED)) {
                    z = false;
                    break;
                }
                z = -1;
                break;
            case -1050195209:
                if (errorKind.equals(RetrofitException.ERROR_NETWORK)) {
                    z = true;
                    break;
                }
                z = -1;
                break;
            case 1635841119:
                if (errorKind.equals(RetrofitException.ERROR_HTTP)) {
                    z = 2;
                    break;
                }
                z = -1;
                break;
            default:
                z = -1;
                break;
        }
        int i3 = R.string.error_maintenance;
        switch (z) {
            case false:
                break;
            case true:
                try {
                    String code = ((ErrorsResponse) retrofitException.getErrorBodyAs(ErrorsResponse.class)).getErrors().getAll().get(0).getCode();
                    switch (code.hashCode()) {
                        case -1289358244:
                            if (code.equals("exists")) {
                                c2 = 1;
                                break;
                            }
                            break;
                        case -393139297:
                            if (code.equals("required")) {
                                c2 = 0;
                                break;
                            }
                            break;
                        case 97692260:
                            if (code.equals("fraud")) {
                                c2 = 3;
                                break;
                            }
                            break;
                        case 1959784951:
                            if (code.equals("invalid")) {
                                c2 = 2;
                                break;
                            }
                            break;
                    }
                    if (c2 == 0 || c2 == 1 || c2 == 2) {
                        i2 = R.string.error_msg_login;
                    } else if (c2 == 3) {
                        i2 = R.string.error_fraud;
                    }
                    i3 = i2;
                    break;
                } catch (IOException unused) {
                    break;
                }
            case true:
            default:
                i3 = R.string.error_network;
                break;
        }
        notifyBridge(OpResult.error(new ExecutorExceptionResMessage(message, i3)));
    }

    private void initializeDevice() {
        registerCloakDevice().m(new i.a.d0.j() { // from class: com.stackpath.cloak.net.executors.i
            @Override // i.a.d0.j
            public final Object apply(Object obj) {
                i.a.w deviceStatus;
                deviceStatus = LoginExecutor.this.getDeviceStatus((RegisterDevice) obj);
                return deviceStatus;
            }
        }).m(new i.a.d0.j() { // from class: com.stackpath.cloak.net.executors.j
            @Override // i.a.d0.j
            public final Object apply(Object obj) {
                i.a.w isAccountAuthorized;
                isAccountAuthorized = LoginExecutor.this.getIsAccountAuthorized((DeviceStatusResponse) obj);
                return isAccountAuthorized;
            }
        }).m(new i.a.d0.j() { // from class: com.stackpath.cloak.net.executors.p
            @Override // i.a.d0.j
            public final Object apply(Object obj) {
                return LoginExecutor.this.getCloakDeviceCertificateResponse((DeviceStatusResponse) obj);
            }
        }).n(new i.a.d0.j() { // from class: com.stackpath.cloak.net.executors.g
            @Override // i.a.d0.j
            public final Object apply(Object obj) {
                return LoginExecutor.this.c((DeviceCertificateResponse) obj);
            }
        }).b(CrlGenerator.generateCrlWithOneHourTimeFrame(this.mCloakPrefs)).u(i.a.j0.a.b()).n(i.a.b0.c.a.c()).s(new i.a.d0.a() { // from class: com.stackpath.cloak.net.executors.k
            @Override // i.a.d0.a
            public final void run() {
                LoginExecutor.this.d();
            }
        }, new i.a.d0.f() { // from class: com.stackpath.cloak.net.executors.m
            @Override // i.a.d0.f
            public final void accept(Object obj) {
                LoginExecutor.this.e((Throwable) obj);
            }
        });
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* renamed from: lambda$initializeDevice$0, reason: merged with bridge method [inline-methods] */
    public /* synthetic */ i.a.f c(DeviceCertificateResponse deviceCertificateResponse) throws Exception {
        return CertificateGenerator.generateCert(deviceCertificateResponse, this.mCloakPrefs.getCurrentNetwork(), this.mReferenceKey, this.mOpenVPNService.getFilesDir());
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* renamed from: lambda$initializeDevice$2, reason: merged with bridge method [inline-methods] */
    public /* synthetic */ void e(Throwable th) throws Exception {
        m.a.a.d(th, "Exception authenticating user", new Object[0]);
        handleError(th);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static /* synthetic */ b0 lambda$recreateCloakAPI$3(String str, u.a aVar) throws IOException {
        j.z f2 = aVar.f();
        return aVar.a(f2.h().c("Authorization", str).c("Accept", "application/json").e(f2.g(), f2.a()).a());
    }

    private void notifyBridge(OpResult opResult) {
        CloakServiceUtils.notifyBridge(this.mIntent, CloakServiceUtils.copy(this.mIntent, opResult));
        CloakServiceUtils.notifyService(this.mOpenVPNService, this.mIntent);
    }

    private CloakServerApi recreateCloakAPI(String str) {
        j.g0.a aVar = new j.g0.a();
        aVar.d(a.EnumC0229a.BODY);
        x.a a = new x.a().a(aVar);
        if (str != null) {
            final String str2 = "Basic " + Base64.encodeToString(str.getBytes(EncodingUtils.getDefaultCharsetEncoding()), 2);
            a.a(new j.u() { // from class: com.stackpath.cloak.net.executors.h
                @Override // j.u
                public final b0 a(u.a aVar2) {
                    return LoginExecutor.lambda$recreateCloakAPI$3(str2, aVar2);
                }
            });
        }
        if (Build.VERSION.SDK_INT >= 24) {
            a.a(new e.f.c.a.a((List) this.apiMirrors.stream().map(new Function() { // from class: com.stackpath.cloak.net.executors.z
                @Override // java.util.function.Function
                public final Object apply(Object obj) {
                    return j.t.m((String) obj);
                }
            }).collect(Collectors.toList()), this.apiBreakingHttpCodes));
        }
        TimeUnit timeUnit = TimeUnit.SECONDS;
        CloakServerApi cloakServerApi = (CloakServerApi) new r.b().g(a.H(45L, timeUnit).d(45L, timeUnit).b()).c(BuildConfig.API_ENDPOINT).b(retrofit2.w.a.a.f()).a(RxErrorHandlingCallAdapterFactory.create()).e().b(CloakServerApi.class);
        this.mCloakApi = cloakServerApi;
        this.mOpenVPNService.setCloakApi(cloakServerApi);
        return this.mCloakApi;
    }

    private i.a.w<RegisterDevice> registerCloakDevice() {
        return this.mCloakApi.registerDeviceRequest(BuildConfig.CLOAK_API_VERSION, OpsUtil.extractEmail(this.mIntent), OpsUtil.extractPassword(this.mIntent), this.mCloakPrefs.getInstallId(), Build.MODEL, PLATFORM, Build.VERSION.RELEASE, Integer.toString(BuildConfig.VERSION_CODE), Locale.getDefault().getLanguage(), null);
    }

    private void saveAccountInfo(RegisterDevice registerDevice) {
        this.mCloakPrefs.saveDeviceId(registerDevice.getDeviceId());
        this.mCloakPrefs.saveUserEmail(OpsUtil.extractEmail(this.mIntent));
        this.mCloakPrefs.saveToken(registerDevice.getAuthToken());
        this.mCloakPrefs.saveTrustedNetworksSet(new HashSet(registerDevice.getPrefs().getTrustedSsids().getValue()));
        this.mCloakPrefs.saveIsCellularTrusted(registerDevice.getPrefs().getTrustCellularNetworks().getValue().booleanValue());
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* renamed from: sendSuccess, reason: merged with bridge method [inline-methods] */
    public void d() {
        Bundle bundle = new Bundle();
        bundle.putBoolean(AccountStatusExecutor.IS_VERIFIED, this.mIsVerified);
        notifyBridge(OpResult.ok(bundle));
    }

    public void execute() {
        initializeDevice();
    }

    public i.a.w<DeviceCertificateResponse> getCloakDeviceCertificateResponse(final DeviceStatusResponse deviceStatusResponse) {
        if (deviceStatusResponse.getNetworks() == null || deviceStatusResponse.getNetworks().get(0) == null) {
            return i.a.w.j(new RuntimeException("No networks available."));
        }
        this.mCloakPrefs.saveHasPrivateNetworks(deviceStatusResponse.getNetworks().size() > 1);
        this.mCloakPrefs.saveCurrentNetwork(deviceStatusResponse.getNetworks().get(0).getNetworkId());
        Target target = deviceStatusResponse.getNetworks().get(0).getTargets().get(0);
        this.mCloakPrefs.saveCurrentTarget(target.getTargetId(), target.getName());
        io.realm.x o0 = io.realm.x.o0();
        try {
            o0.l0(new x.a() { // from class: com.stackpath.cloak.net.executors.l
                @Override // io.realm.x.a
                public final void a(io.realm.x xVar) {
                    xVar.v0(CloakDataUtil.processTargets(DeviceStatusResponse.this.getNetworks(), null));
                }
            });
            o0.close();
            StringWriter stringWriter = new StringWriter();
            org.spongycastle.openssl.a.a aVar = new org.spongycastle.openssl.a.a(stringWriter);
            try {
                org.spongycastle.crypto.m.b bVar = new org.spongycastle.crypto.m.b();
                bVar.d(new org.spongycastle.crypto.o.n(CryptoUtil.RSA_PUBLIC_EXPONENT, new SecureRandom(), CryptoUtil.RSA_BITSIZE, 80));
                org.spongycastle.crypto.b b2 = bVar.b();
                aVar.f(new org.spongycastle.util.io.pem.b("RSA PRIVATE KEY", org.spongycastle.crypto.q.a.a(b2.a()).l()));
                aVar.close();
                this.mReferenceKey = stringWriter.toString();
                org.spongycastle.pkcs.c.a aVar2 = new org.spongycastle.pkcs.c.a(new org.spongycastle.asn1.f2.c(OpenVPNService.X500_NAME_STRING), b2.b());
                org.spongycastle.asn1.x509.a b3 = new org.spongycastle.operator.c().b("SHA256withRSA");
                return this.mCloakApi.getDeviceCertificateRequest(deviceStatusResponse.getNetworks().get(0).getNetworkId(), Base64.encodeToString(aVar2.a(new org.spongycastle.operator.d.d(b3, new org.spongycastle.operator.b().a(b3)).b(b2.a())).a(), 4));
            } catch (IOException | OperatorCreationException e2) {
                return i.a.w.j(e2);
            }
        } catch (Throwable th) {
            if (o0 != null) {
                try {
                    o0.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }
}
