package io.olvid.messenger.openid;

import android.content.Context;
import android.content.Intent;
import android.net.Uri;
import androidx.activity.ComponentActivity;
import androidx.activity.result.ActivityResult;
import androidx.activity.result.ActivityResultCallback;
import androidx.activity.result.ActivityResultLauncher;
import androidx.activity.result.ActivityResultRegistry;
import androidx.activity.result.contract.ActivityResultContracts;
import androidx.core.util.Pair;
import androidx.lifecycle.DefaultLifecycleObserver;
import androidx.lifecycle.LifecycleOwner;
import com.fasterxml.jackson.core.type.TypeReference;
import com.google.common.net.HttpHeaders;
import io.olvid.engine.Logger;
import io.olvid.engine.engine.types.JsonKeycloakUserDetails;
import io.olvid.messenger.App;
import io.olvid.messenger.AppSingleton;
import io.olvid.messenger.customClasses.NoExceptionConnectionBuilder;
import io.olvid.messenger.openid.KeycloakManager;
import io.olvid.messenger.openid.KeycloakTasks;
import io.olvid.messenger.openid.jsons.JsonGroupsRequest;
import io.olvid.messenger.openid.jsons.JsonGroupsResponse;
import io.olvid.messenger.openid.jsons.JsonMeRequest;
import io.olvid.messenger.openid.jsons.JsonMeResponse;
import io.olvid.messenger.openid.jsons.JsonSearchRequest;
import io.olvid.messenger.openid.jsons.JsonSearchResponse;
import io.olvid.messenger.openid.jsons.KeycloakServerRevocationsAndStuff;
import io.olvid.messenger.openid.jsons.KeycloakUserDetailsAndStuff;
import java.io.BufferedInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.net.HttpURLConnection;
import java.net.URL;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import javax.net.ssl.HttpsURLConnection;
import kotlin.jvm.internal.Intrinsics;
import net.openid.appauth.AppAuthConfiguration;
import net.openid.appauth.AuthState;
import net.openid.appauth.AuthorizationException;
import net.openid.appauth.AuthorizationService;
import net.openid.appauth.AuthorizationServiceConfiguration;
import net.openid.appauth.ClientSecretPost;
import org.jose4j.jwk.JsonWebKey;
import org.jose4j.jwk.JsonWebKeySet;
import org.jose4j.jwk.VerificationJwkSelector;
import org.jose4j.jws.JsonWebSignature;
import org.jose4j.jwt.consumer.JwtConsumerBuilder;
import org.jose4j.jwt.consumer.JwtContext;
import org.jose4j.keys.resolvers.JwksVerificationKeyResolver;
import org.jose4j.lang.JoseException;

/* loaded from: classes5.dex */
public class KeycloakTasks {
    public static final int ERROR_CODE_IDENTITY_ALREADY_UPLOADED = 4;
    public static final int ERROR_CODE_IDENTITY_WAS_REVOKED = 6;
    public static final int ERROR_CODE_INTERNAL_ERROR = 1;
    public static final int ERROR_CODE_INVALID_REQUEST = 3;
    public static final int ERROR_CODE_PERMISSION_DENIED = 2;
    private static final String GET_KEY_PATH = "olvid-rest/getKey";
    private static final String GROUPS_PATH = "olvid-rest/groups";
    private static final String ME_PATH = "olvid-rest/me";
    private static final String PUT_KEY_PATH = "olvid-rest/putKey";
    private static final String REVOCATION_TEST_PATH = "olvid-rest/revocationTest";
    public static final int RFC_AUTHENTICATION_CANCELLED = 8;
    public static final int RFC_AUTHENTICATION_REQUIRED = 2;
    public static final int RFC_BAD_RESPONSE = 4;
    public static final int RFC_IDENTITY_ALREADY_UPLOADED = 10;
    public static final int RFC_IDENTITY_NOT_MANAGED = 7;
    public static final int RFC_IDENTITY_REVOKED = 11;
    public static final int RFC_INVALID_AUTH_STATE = 1;
    public static final int RFC_INVALID_SIGNATURE = 5;
    public static final int RFC_NETWORK_ERROR = 3;
    public static final int RFC_SERVER_ERROR = 6;
    public static final int RFC_UNKNOWN_ERROR = 0;
    public static final int RFC_USER_NOT_AUTHENTICATED = 9;
    private static final String SEARCH_PATH = "olvid-rest/search";

    /* loaded from: classes5.dex */
    public interface AuthenticateCallback {
        void failed(int i);

        void success(AuthState authState);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes5.dex */
    public static class AuthenticationLifecycleObserver implements DefaultLifecycleObserver {
        ActivityResultLauncher<Intent> authenticationResultHandler;
        private AuthenticateCallback callback;
        private final ActivityResultRegistry registry;

        /* JADX INFO: Access modifiers changed from: package-private */
        public AuthenticationLifecycleObserver(ComponentActivity componentActivity) {
            this.registry = componentActivity.getActivityResultRegistry();
        }

        /* JADX INFO: Access modifiers changed from: private */
        public /* synthetic */ void lambda$onCreate$0(ActivityResult activityResult) {
            Intent data;
            String stringExtra;
            if (activityResult.getResultCode() != -1 || (data = activityResult.getData()) == null || (stringExtra = data.getStringExtra(KeycloakAuthenticationActivity.AUTH_STATE_JSON_INTENT_EXTRA)) == null) {
                Logger.d("Keycloak authentication cancelled by user");
                AuthenticateCallback authenticateCallback = this.callback;
                if (authenticateCallback != null) {
                    authenticateCallback.failed(8);
                    return;
                }
                return;
            }
            try {
                AuthState jsonDeserialize = AuthState.jsonDeserialize(stringExtra);
                if (jsonDeserialize.isAuthorized()) {
                    AuthenticateCallback authenticateCallback2 = this.callback;
                    if (authenticateCallback2 != null) {
                        authenticateCallback2.success(jsonDeserialize);
                    }
                } else {
                    Logger.d("User not authenticated");
                    AuthenticateCallback authenticateCallback3 = this.callback;
                    if (authenticateCallback3 != null) {
                        authenticateCallback3.failed(9);
                    }
                }
            } catch (Exception unused) {
                Logger.d("Error parsing serialized AuthState: receive browser result");
                AuthenticateCallback authenticateCallback4 = this.callback;
                if (authenticateCallback4 != null) {
                    authenticateCallback4.failed(1);
                }
            }
        }

        @Override // androidx.lifecycle.DefaultLifecycleObserver
        public void onCreate(LifecycleOwner lifecycleOwner) {
            this.authenticationResultHandler = this.registry.register("authentication", lifecycleOwner, new ActivityResultContracts.StartActivityForResult(), new ActivityResultCallback() { // from class: io.olvid.messenger.openid.KeycloakTasks$AuthenticationLifecycleObserver$$ExternalSyntheticLambda0
                @Override // androidx.activity.result.ActivityResultCallback
                public final void onActivityResult(Object obj) {
                    KeycloakTasks.AuthenticationLifecycleObserver.this.lambda$onCreate$0((ActivityResult) obj);
                }
            });
        }

        @Override // androidx.lifecycle.DefaultLifecycleObserver
        public /* synthetic */ void onDestroy(LifecycleOwner lifecycleOwner) {
            Intrinsics.checkNotNullParameter(lifecycleOwner, "owner");
        }

        @Override // androidx.lifecycle.DefaultLifecycleObserver
        public /* synthetic */ void onPause(LifecycleOwner lifecycleOwner) {
            Intrinsics.checkNotNullParameter(lifecycleOwner, "owner");
        }

        @Override // androidx.lifecycle.DefaultLifecycleObserver
        public /* synthetic */ void onResume(LifecycleOwner lifecycleOwner) {
            Intrinsics.checkNotNullParameter(lifecycleOwner, "owner");
        }

        @Override // androidx.lifecycle.DefaultLifecycleObserver
        public /* synthetic */ void onStart(LifecycleOwner lifecycleOwner) {
            Intrinsics.checkNotNullParameter(lifecycleOwner, "owner");
        }

        @Override // androidx.lifecycle.DefaultLifecycleObserver
        public /* synthetic */ void onStop(LifecycleOwner lifecycleOwner) {
            Intrinsics.checkNotNullParameter(lifecycleOwner, "owner");
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        public void setCallback(AuthenticateCallback authenticateCallback) {
            this.callback = authenticateCallback;
        }
    }

    /* loaded from: classes5.dex */
    public interface DiscoverKeycloakServerCallback {
        void failed();

        void success(String str, AuthState authState, JsonWebKeySet jsonWebKeySet);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void addContact(Context context, final String str, AuthState authState, String str2, final JsonWebKeySet jsonWebKeySet, final JsonWebKey jsonWebKey, final byte[] bArr, final String str3, final byte[] bArr2, final KeycloakManager.KeycloakCallback<Void> keycloakCallback) {
        Logger.d("Retrieving signed contact details");
        final AuthorizationService authorizationService = new AuthorizationService(context, new AppAuthConfiguration.Builder().setConnectionBuilder(new NoExceptionConnectionBuilder()).build());
        AuthState.AuthStateAction authStateAction = new AuthState.AuthStateAction() { // from class: io.olvid.messenger.openid.KeycloakTasks$$ExternalSyntheticLambda11
            @Override // net.openid.appauth.AuthState.AuthStateAction
            public final void execute(String str4, String str5, AuthorizationException authorizationException) {
                KeycloakTasks.lambda$addContact$11(AuthorizationService.this, keycloakCallback, str3, str, jsonWebKeySet, jsonWebKey, bArr2, bArr, str4, str5, authorizationException);
            }
        };
        if (str2 == null) {
            authState.performActionWithFreshTokens(authorizationService, authStateAction);
        } else {
            authState.performActionWithFreshTokens(authorizationService, new ClientSecretPost(str2), authStateAction);
        }
    }

    public static void discoverKeycloakServer(String str, final DiscoverKeycloakServerCallback discoverKeycloakServerCallback) {
        Logger.d("Discovering keycloak server at " + str);
        final String trim = str.trim();
        if (!trim.endsWith("/")) {
            trim = trim + "/";
        }
        AuthorizationServiceConfiguration.fetchFromUrl(Uri.parse(trim + ".well-known/openid-configuration"), new AuthorizationServiceConfiguration.RetrieveConfigurationCallback() { // from class: io.olvid.messenger.openid.KeycloakTasks$$ExternalSyntheticLambda12
            @Override // net.openid.appauth.AuthorizationServiceConfiguration.RetrieveConfigurationCallback
            public final void onFetchConfigurationCompleted(AuthorizationServiceConfiguration authorizationServiceConfiguration, AuthorizationException authorizationException) {
                App.runThread(new Runnable() { // from class: io.olvid.messenger.openid.KeycloakTasks$$ExternalSyntheticLambda1
                    @Override // java.lang.Runnable
                    public final void run() {
                        KeycloakTasks.lambda$discoverKeycloakServer$0(AuthorizationException.this, authorizationServiceConfiguration, r3, r4);
                    }
                });
            }
        }, new NoExceptionConnectionBuilder());
    }

    public static void getGroups(Context context, final String str, AuthState authState, String str2, final byte[] bArr, final Long l, final KeycloakManager.KeycloakCallbackWrapper<Long> keycloakCallbackWrapper) {
        Logger.d("Fetching keycloak groups");
        final AuthorizationService authorizationService = new AuthorizationService(context, new AppAuthConfiguration.Builder().setConnectionBuilder(new NoExceptionConnectionBuilder()).build());
        AuthState.AuthStateAction authStateAction = new AuthState.AuthStateAction() { // from class: io.olvid.messenger.openid.KeycloakTasks$$ExternalSyntheticLambda2
            @Override // net.openid.appauth.AuthState.AuthStateAction
            public final void execute(String str3, String str4, AuthorizationException authorizationException) {
                KeycloakTasks.lambda$getGroups$7(AuthorizationService.this, keycloakCallbackWrapper, l, str, bArr, str3, str4, authorizationException);
            }
        };
        if (str2 == null) {
            authState.performActionWithFreshTokens(authorizationService, authStateAction);
        } else {
            authState.performActionWithFreshTokens(authorizationService, new ClientSecretPost(str2), authStateAction);
        }
    }

    /* JADX WARN: Code restructure failed: missing block: B:30:0x0059, code lost:
    
        if (r5 != null) goto L34;
     */
    /* JADX WARN: Code restructure failed: missing block: B:31:0x006a, code lost:
    
        r5.disconnect();
     */
    /* JADX WARN: Code restructure failed: missing block: B:34:0x0068, code lost:
    
        if (r5 == null) goto L39;
     */
    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Removed duplicated region for block: B:38:0x0071  */
    /* JADX WARN: Type inference failed for: r5v0, types: [android.net.Uri, java.lang.Object] */
    /* JADX WARN: Type inference failed for: r5v2 */
    /* JADX WARN: Type inference failed for: r5v4, types: [java.net.HttpURLConnection] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private static java.lang.String getJkws(android.net.Uri r5) {
        /*
            r0 = 0
            if (r5 == 0) goto L75
            java.lang.StringBuilder r1 = new java.lang.StringBuilder
            java.lang.String r2 = "Fetching JKWS at: "
            r1.<init>(r2)
            r1.append(r5)
            java.lang.String r1 = r1.toString()
            io.olvid.engine.Logger.d(r1)
            io.olvid.messenger.customClasses.NoExceptionConnectionBuilder r1 = new io.olvid.messenger.customClasses.NoExceptionConnectionBuilder     // Catch: java.lang.Throwable -> L5e java.lang.Exception -> L63
            r1.<init>()     // Catch: java.lang.Throwable -> L5e java.lang.Exception -> L63
            java.net.HttpURLConnection r5 = r1.openConnection(r5)     // Catch: java.lang.Throwable -> L5e java.lang.Exception -> L63
            int r1 = r5.getResponseCode()     // Catch: java.lang.Exception -> L5c java.lang.Throwable -> L6e
            r2 = 200(0xc8, float:2.8E-43)
            if (r1 != r2) goto L59
            java.io.BufferedReader r1 = new java.io.BufferedReader     // Catch: java.lang.Exception -> L5c java.lang.Throwable -> L6e
            java.io.InputStreamReader r2 = new java.io.InputStreamReader     // Catch: java.lang.Exception -> L5c java.lang.Throwable -> L6e
            java.io.InputStream r3 = r5.getInputStream()     // Catch: java.lang.Exception -> L5c java.lang.Throwable -> L6e
            r2.<init>(r3)     // Catch: java.lang.Exception -> L5c java.lang.Throwable -> L6e
            r1.<init>(r2)     // Catch: java.lang.Exception -> L5c java.lang.Throwable -> L6e
            java.lang.StringBuilder r2 = new java.lang.StringBuilder     // Catch: java.lang.Throwable -> L4f
            r2.<init>()     // Catch: java.lang.Throwable -> L4f
        L38:
            java.lang.String r3 = r1.readLine()     // Catch: java.lang.Throwable -> L4f
            if (r3 == 0) goto L42
            r2.append(r3)     // Catch: java.lang.Throwable -> L4f
            goto L38
        L42:
            java.lang.String r2 = r2.toString()     // Catch: java.lang.Throwable -> L4f
            r1.close()     // Catch: java.lang.Exception -> L5c java.lang.Throwable -> L6e
            if (r5 == 0) goto L4e
            r5.disconnect()
        L4e:
            return r2
        L4f:
            r2 = move-exception
            r1.close()     // Catch: java.lang.Throwable -> L54
            goto L58
        L54:
            r1 = move-exception
            r2.addSuppressed(r1)     // Catch: java.lang.Exception -> L5c java.lang.Throwable -> L6e
        L58:
            throw r2     // Catch: java.lang.Exception -> L5c java.lang.Throwable -> L6e
        L59:
            if (r5 == 0) goto L75
            goto L6a
        L5c:
            r1 = move-exception
            goto L65
        L5e:
            r5 = move-exception
            r4 = r0
            r0 = r5
            r5 = r4
            goto L6f
        L63:
            r1 = move-exception
            r5 = r0
        L65:
            r1.printStackTrace()     // Catch: java.lang.Throwable -> L6e
            if (r5 == 0) goto L75
        L6a:
            r5.disconnect()
            goto L75
        L6e:
            r0 = move-exception
        L6f:
            if (r5 == 0) goto L74
            r5.disconnect()
        L74:
            throw r0
        L75:
            return r0
        */
        throw new UnsupportedOperationException("Method not decompiled: io.olvid.messenger.openid.KeycloakTasks.getJkws(android.net.Uri):java.lang.String");
    }

    public static void getOwnDetails(Context context, final String str, AuthState authState, String str2, final JsonWebKeySet jsonWebKeySet, final Long l, final KeycloakManager.KeycloakCallback<Pair<KeycloakUserDetailsAndStuff, KeycloakServerRevocationsAndStuff>> keycloakCallback) {
        Logger.d("Fetching keycloak own details");
        final AuthorizationService authorizationService = new AuthorizationService(context, new AppAuthConfiguration.Builder().setConnectionBuilder(new NoExceptionConnectionBuilder()).build());
        AuthState.AuthStateAction authStateAction = new AuthState.AuthStateAction() { // from class: io.olvid.messenger.openid.KeycloakTasks$$ExternalSyntheticLambda0
            @Override // net.openid.appauth.AuthState.AuthStateAction
            public final void execute(String str3, String str4, AuthorizationException authorizationException) {
                KeycloakTasks.lambda$getOwnDetails$3(AuthorizationService.this, keycloakCallback, l, str, jsonWebKeySet, str3, str4, authorizationException);
            }
        };
        if (str2 == null) {
            authState.performActionWithFreshTokens(authorizationService, authStateAction);
        } else {
            authState.performActionWithFreshTokens(authorizationService, new ClientSecretPost(str2), authStateAction);
        }
    }

    private static byte[] keycloakApiRequest(String str, String str2, String str3, byte[] bArr) throws IOException {
        HttpURLConnection httpURLConnection = (HttpURLConnection) new URL(str + str2).openConnection();
        if ((httpURLConnection instanceof HttpsURLConnection) && AppSingleton.getSslSocketFactory() != null) {
            ((HttpsURLConnection) httpURLConnection).setSSLSocketFactory(AppSingleton.getSslSocketFactory());
        }
        String property = System.getProperty("http.agent");
        if (property != null) {
            httpURLConnection.setRequestProperty(HttpHeaders.USER_AGENT, property);
        }
        try {
            httpURLConnection.setConnectTimeout(10000);
            if (str3 != null) {
                httpURLConnection.setRequestProperty(HttpHeaders.AUTHORIZATION, "Bearer " + str3);
            }
            if (bArr == null) {
                httpURLConnection.setDoOutput(false);
            } else {
                httpURLConnection.setDoOutput(true);
                httpURLConnection.setFixedLengthStreamingMode(bArr.length);
                OutputStream outputStream = httpURLConnection.getOutputStream();
                try {
                    outputStream.write(bArr);
                    if (outputStream != null) {
                        outputStream.close();
                    }
                } finally {
                }
            }
            if (httpURLConnection.getResponseCode() != 200) {
                httpURLConnection.disconnect();
                return null;
            }
            InputStream inputStream = httpURLConnection.getInputStream();
            try {
                BufferedInputStream bufferedInputStream = new BufferedInputStream(inputStream);
                try {
                    ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                    try {
                        byte[] bArr2 = new byte[32768];
                        while (true) {
                            int read = bufferedInputStream.read(bArr2);
                            if (read == -1) {
                                break;
                            }
                            byteArrayOutputStream.write(bArr2, 0, read);
                        }
                        byteArrayOutputStream.flush();
                        byte[] byteArray = byteArrayOutputStream.toByteArray();
                        byteArrayOutputStream.close();
                        bufferedInputStream.close();
                        if (inputStream != null) {
                            inputStream.close();
                        }
                        return byteArray;
                    } finally {
                    }
                } finally {
                }
            } finally {
            }
        } finally {
            httpURLConnection.disconnect();
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static /* synthetic */ void lambda$addContact$10(String str, String str2, String str3, KeycloakManager.KeycloakCallback keycloakCallback, JsonWebKeySet jsonWebKeySet, JsonWebKey jsonWebKey, byte[] bArr, byte[] bArr2) {
        try {
            HashMap hashMap = new HashMap();
            hashMap.put("user-id", str);
            Map map = (Map) AppSingleton.getJsonObjectMapper().readValue(keycloakApiRequest(str2, GET_KEY_PATH, str3, AppSingleton.getJsonObjectMapper().writeValueAsBytes(hashMap)), new TypeReference<Map<String, Object>>() { // from class: io.olvid.messenger.openid.KeycloakTasks.5
            });
            Integer num = (Integer) map.get("error");
            if (num != null) {
                if (num.intValue() != 2) {
                    keycloakCallback.failed(6);
                    return;
                } else {
                    keycloakCallback.failed(2);
                    return;
                }
            }
            String str4 = (String) map.get("signature");
            if (str4 != null) {
                Pair<String, JsonWebKey> verifySignature = verifySignature(str4, jsonWebKeySet, jsonWebKey);
                if (verifySignature != null) {
                    if (Arrays.equals(((JsonKeycloakUserDetails) AppSingleton.getJsonObjectMapper().readValue(verifySignature.first, JsonKeycloakUserDetails.class)).getIdentity(), bArr)) {
                        AppSingleton.getEngine().addKeycloakContact(bArr2, bArr, str4);
                        keycloakCallback.success(null);
                        return;
                    }
                } else if (verifySignature(str4, jsonWebKeySet, null) != null) {
                    KeycloakManager.forceSyncManagedIdentity(bArr2);
                }
            }
            keycloakCallback.failed(5);
        } catch (IOException unused) {
            keycloakCallback.failed(3);
        } catch (Exception e) {
            e.printStackTrace();
            keycloakCallback.failed(0);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static /* synthetic */ void lambda$addContact$11(AuthorizationService authorizationService, final KeycloakManager.KeycloakCallback keycloakCallback, final String str, final String str2, final JsonWebKeySet jsonWebKeySet, final JsonWebKey jsonWebKey, final byte[] bArr, final byte[] bArr2, final String str3, String str4, AuthorizationException authorizationException) {
        authorizationService.dispose();
        if (authorizationException == null && str3 != null) {
            App.runThread(new Runnable() { // from class: io.olvid.messenger.openid.KeycloakTasks$$ExternalSyntheticLambda7
                @Override // java.lang.Runnable
                public final void run() {
                    KeycloakTasks.lambda$addContact$10(str, str2, str3, keycloakCallback, jsonWebKeySet, jsonWebKey, bArr, bArr2);
                }
            });
            return;
        }
        if (authorizationException != null) {
            authorizationException.printStackTrace();
            if (authorizationException.code == 3) {
                keycloakCallback.failed(3);
                return;
            }
        }
        keycloakCallback.failed(2);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static /* synthetic */ void lambda$discoverKeycloakServer$0(AuthorizationException authorizationException, AuthorizationServiceConfiguration authorizationServiceConfiguration, DiscoverKeycloakServerCallback discoverKeycloakServerCallback, String str) {
        JsonWebKeySet jsonWebKeySet;
        if (authorizationException != null || authorizationServiceConfiguration == null || authorizationServiceConfiguration.discoveryDoc == null) {
            if (authorizationException != null) {
                authorizationException.printStackTrace();
            }
            discoverKeycloakServerCallback.failed();
        } else {
            AuthState authState = new AuthState(authorizationServiceConfiguration);
            try {
                jsonWebKeySet = new JsonWebKeySet(getJkws(authorizationServiceConfiguration.discoveryDoc.getJwksUri()));
            } catch (JoseException unused) {
                jsonWebKeySet = null;
            }
            if (jsonWebKeySet != null) {
                discoverKeycloakServerCallback.success(str, authState, jsonWebKeySet);
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static /* synthetic */ void lambda$getGroups$6(Long l, String str, String str2, KeycloakManager.KeycloakCallbackWrapper keycloakCallbackWrapper, byte[] bArr) {
        try {
            try {
                byte[] keycloakApiRequest = keycloakApiRequest(str, GROUPS_PATH, str2, AppSingleton.getJsonObjectMapper().writeValueAsBytes(new JsonGroupsRequest(l)));
                if (((Integer) ((Map) AppSingleton.getJsonObjectMapper().readValue(keycloakApiRequest, new TypeReference<Map<String, Object>>() { // from class: io.olvid.messenger.openid.KeycloakTasks.3
                })).get("error")) != null) {
                    keycloakCallbackWrapper.failed(6);
                    return;
                }
                JsonGroupsResponse jsonGroupsResponse = (JsonGroupsResponse) AppSingleton.getJsonObjectMapper().readValue(keycloakApiRequest, JsonGroupsResponse.class);
                if (AppSingleton.getEngine().updateKeycloakGroups(bArr, jsonGroupsResponse.getSignedGroupBlobs(), jsonGroupsResponse.getSignedGroupDeletions(), jsonGroupsResponse.getSignedGroupKicks(), jsonGroupsResponse.getCurrentTimestamp())) {
                    keycloakCallbackWrapper.success(Long.valueOf(jsonGroupsResponse.getCurrentTimestamp()));
                } else {
                    keycloakCallbackWrapper.failed(0);
                }
            } catch (IOException unused) {
                keycloakCallbackWrapper.failed(3);
            }
        } catch (Exception e) {
            e.printStackTrace();
            keycloakCallbackWrapper.failed(0);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static /* synthetic */ void lambda$getGroups$7(AuthorizationService authorizationService, final KeycloakManager.KeycloakCallbackWrapper keycloakCallbackWrapper, final Long l, final String str, final byte[] bArr, final String str2, String str3, AuthorizationException authorizationException) {
        authorizationService.dispose();
        if (authorizationException == null && str2 != null) {
            App.runThread(new Runnable() { // from class: io.olvid.messenger.openid.KeycloakTasks$$ExternalSyntheticLambda4
                @Override // java.lang.Runnable
                public final void run() {
                    KeycloakTasks.lambda$getGroups$6(l, str, str2, keycloakCallbackWrapper, bArr);
                }
            });
            return;
        }
        if (authorizationException != null) {
            authorizationException.printStackTrace();
            if (authorizationException.code == 3) {
                keycloakCallbackWrapper.failed(3);
                return;
            }
        }
        keycloakCallbackWrapper.failed(2);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static /* synthetic */ void lambda$getOwnDetails$2(Long l, String str, String str2, KeycloakManager.KeycloakCallback keycloakCallback, JsonWebKeySet jsonWebKeySet) {
        byte[] writeValueAsBytes;
        if (l == null) {
            writeValueAsBytes = null;
        } else {
            try {
                writeValueAsBytes = AppSingleton.getJsonObjectMapper().writeValueAsBytes(new JsonMeRequest(l.longValue()));
            } catch (IOException e) {
                e.printStackTrace();
                keycloakCallback.failed(3);
                return;
            } catch (Exception e2) {
                e2.printStackTrace();
                keycloakCallback.failed(0);
                return;
            }
        }
        byte[] keycloakApiRequest = keycloakApiRequest(str, ME_PATH, str2, writeValueAsBytes);
        Integer num = (Integer) ((Map) AppSingleton.getJsonObjectMapper().readValue(keycloakApiRequest, new TypeReference<Map<String, Object>>() { // from class: io.olvid.messenger.openid.KeycloakTasks.1
        })).get("error");
        if (num != null) {
            if (num.intValue() == 2) {
                keycloakCallback.failed(2);
                return;
            } else {
                keycloakCallback.failed(6);
                return;
            }
        }
        JsonMeResponse jsonMeResponse = (JsonMeResponse) AppSingleton.getJsonObjectMapper().readValue(keycloakApiRequest, JsonMeResponse.class);
        if (jsonMeResponse.signature == null) {
            keycloakCallback.failed(4);
            return;
        }
        Pair<String, JsonWebKey> verifySignature = verifySignature(jsonMeResponse.signature, jsonWebKeySet, null);
        if (verifySignature != null) {
            keycloakCallback.success(new Pair(new KeycloakUserDetailsAndStuff((JsonKeycloakUserDetails) AppSingleton.getJsonObjectMapper().readValue(verifySignature.first, JsonKeycloakUserDetails.class), jsonMeResponse.signature, verifySignature.second, jsonMeResponse.server, jsonMeResponse.apiKey, jsonMeResponse.pushTopics, jsonMeResponse.selfRevocationTestNonce), new KeycloakServerRevocationsAndStuff(jsonMeResponse.revocationAllowed.booleanValue(), jsonMeResponse.currentTimestamp, jsonMeResponse.signedRevocations, jsonMeResponse.minimumBuildVersions)));
        } else {
            keycloakCallback.failed(5);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static /* synthetic */ void lambda$getOwnDetails$3(AuthorizationService authorizationService, final KeycloakManager.KeycloakCallback keycloakCallback, final Long l, final String str, final JsonWebKeySet jsonWebKeySet, final String str2, String str3, AuthorizationException authorizationException) {
        authorizationService.dispose();
        if (authorizationException == null && str2 != null) {
            App.runThread(new Runnable() { // from class: io.olvid.messenger.openid.KeycloakTasks$$ExternalSyntheticLambda10
                @Override // java.lang.Runnable
                public final void run() {
                    KeycloakTasks.lambda$getOwnDetails$2(l, str, str2, keycloakCallback, jsonWebKeySet);
                }
            });
            return;
        }
        if (authorizationException != null) {
            authorizationException.printStackTrace();
            if (authorizationException.code == 3) {
                keycloakCallback.failed(3);
                return;
            }
        }
        keycloakCallback.failed(2);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static /* synthetic */ void lambda$search$8(String str, String str2, String str3, KeycloakManager.KeycloakCallback keycloakCallback) {
        try {
            try {
                JsonSearchRequest jsonSearchRequest = new JsonSearchRequest();
                if (str == null) {
                    jsonSearchRequest.filter = null;
                } else {
                    jsonSearchRequest.filter = str.trim().split("\\s+");
                }
                byte[] keycloakApiRequest = keycloakApiRequest(str2, SEARCH_PATH, str3, AppSingleton.getJsonObjectMapper().writeValueAsBytes(jsonSearchRequest));
                try {
                    Integer num = (Integer) ((Map) AppSingleton.getJsonObjectMapper().readValue(keycloakApiRequest, new TypeReference<Map<String, Object>>() { // from class: io.olvid.messenger.openid.KeycloakTasks.4
                    })).get("error");
                    if (num != null) {
                        if (num.intValue() != 2) {
                            keycloakCallback.failed(6);
                            return;
                        } else {
                            keycloakCallback.failed(2);
                            return;
                        }
                    }
                } catch (Exception unused) {
                }
                JsonSearchResponse jsonSearchResponse = (JsonSearchResponse) AppSingleton.getJsonObjectMapper().readValue(keycloakApiRequest, JsonSearchResponse.class);
                keycloakCallback.success(new Pair(jsonSearchResponse.results, jsonSearchResponse.count));
            } catch (Exception e) {
                e.printStackTrace();
                keycloakCallback.failed(0);
            }
        } catch (IOException unused2) {
            keycloakCallback.failed(3);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static /* synthetic */ void lambda$search$9(AuthorizationService authorizationService, final KeycloakManager.KeycloakCallback keycloakCallback, final String str, final String str2, final String str3, String str4, AuthorizationException authorizationException) {
        authorizationService.dispose();
        if (authorizationException == null && str3 != null) {
            App.runThread(new Runnable() { // from class: io.olvid.messenger.openid.KeycloakTasks$$ExternalSyntheticLambda3
                @Override // java.lang.Runnable
                public final void run() {
                    KeycloakTasks.lambda$search$8(str, str2, str3, keycloakCallback);
                }
            });
            return;
        }
        if (authorizationException != null) {
            authorizationException.printStackTrace();
            if (authorizationException.code == 3) {
                keycloakCallback.failed(3);
                return;
            }
        }
        keycloakCallback.failed(2);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static /* synthetic */ void lambda$selfRevocationTest$12(String str, String str2, KeycloakManager.KeycloakCallback keycloakCallback) {
        boolean z;
        try {
            HashMap hashMap = new HashMap();
            hashMap.put("nonce", str);
            byte[] keycloakApiRequest = keycloakApiRequest(str2, REVOCATION_TEST_PATH, null, AppSingleton.getJsonObjectMapper().writeValueAsBytes(hashMap));
            if (keycloakApiRequest != null) {
                z = true;
                if ((keycloakApiRequest[0] == 1) & (keycloakApiRequest.length == 1)) {
                    keycloakCallback.success(Boolean.valueOf(z));
                }
            }
            z = false;
            keycloakCallback.success(Boolean.valueOf(z));
        } catch (IOException unused) {
            keycloakCallback.failed(3);
        } catch (Exception e) {
            e.printStackTrace();
            keycloakCallback.failed(0);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static /* synthetic */ void lambda$uploadOwnIdentity$4(byte[] bArr, String str, String str2, KeycloakManager.KeycloakCallback keycloakCallback) {
        try {
            HashMap hashMap = new HashMap();
            hashMap.put("identity", bArr);
            Integer num = (Integer) ((Map) AppSingleton.getJsonObjectMapper().readValue(keycloakApiRequest(str, PUT_KEY_PATH, str2, AppSingleton.getJsonObjectMapper().writeValueAsBytes(hashMap)), new TypeReference<Map<String, Object>>() { // from class: io.olvid.messenger.openid.KeycloakTasks.2
            })).get("error");
            if (num != null) {
                int intValue = num.intValue();
                if (intValue != 1) {
                    if (intValue == 6) {
                        keycloakCallback.failed(11);
                    } else if (intValue != 3) {
                        if (intValue == 4) {
                            keycloakCallback.failed(10);
                        }
                    }
                }
                keycloakCallback.failed(6);
            } else {
                keycloakCallback.success(null);
            }
        } catch (IOException unused) {
            keycloakCallback.failed(3);
        } catch (Exception e) {
            e.printStackTrace();
            keycloakCallback.failed(0);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static /* synthetic */ void lambda$uploadOwnIdentity$5(AuthorizationService authorizationService, final KeycloakManager.KeycloakCallback keycloakCallback, final byte[] bArr, final String str, final String str2, String str3, AuthorizationException authorizationException) {
        authorizationService.dispose();
        if (authorizationException == null && str2 != null) {
            App.runThread(new Runnable() { // from class: io.olvid.messenger.openid.KeycloakTasks$$ExternalSyntheticLambda5
                @Override // java.lang.Runnable
                public final void run() {
                    KeycloakTasks.lambda$uploadOwnIdentity$4(bArr, str, str2, keycloakCallback);
                }
            });
            return;
        }
        if (authorizationException != null) {
            authorizationException.printStackTrace();
            if (authorizationException.code == 3) {
                keycloakCallback.failed(3);
                return;
            }
        }
        keycloakCallback.failed(2);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void search(Context context, final String str, AuthState authState, String str2, final String str3, final KeycloakManager.KeycloakCallback<Pair<List<JsonKeycloakUserDetails>, Integer>> keycloakCallback) {
        Logger.d("Performing search on keycloak");
        final AuthorizationService authorizationService = new AuthorizationService(context, new AppAuthConfiguration.Builder().setConnectionBuilder(new NoExceptionConnectionBuilder()).build());
        AuthState.AuthStateAction authStateAction = new AuthState.AuthStateAction() { // from class: io.olvid.messenger.openid.KeycloakTasks$$ExternalSyntheticLambda9
            @Override // net.openid.appauth.AuthState.AuthStateAction
            public final void execute(String str4, String str5, AuthorizationException authorizationException) {
                KeycloakTasks.lambda$search$9(AuthorizationService.this, keycloakCallback, str3, str, str4, str5, authorizationException);
            }
        };
        if (str2 == null) {
            authState.performActionWithFreshTokens(authorizationService, authStateAction);
        } else {
            authState.performActionWithFreshTokens(authorizationService, new ClientSecretPost(str2), authStateAction);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void selfRevocationTest(final String str, final String str2, final KeycloakManager.KeycloakCallback<Boolean> keycloakCallback) {
        Logger.d("Checking keycloak for self revocation");
        App.runThread(new Runnable() { // from class: io.olvid.messenger.openid.KeycloakTasks$$ExternalSyntheticLambda6
            @Override // java.lang.Runnable
            public final void run() {
                KeycloakTasks.lambda$selfRevocationTest$12(str2, str, keycloakCallback);
            }
        });
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void uploadOwnIdentity(Context context, final String str, AuthState authState, String str2, final byte[] bArr, final KeycloakManager.KeycloakCallback<Void> keycloakCallback) {
        Logger.d("Uploading Olvid ID to keycloak");
        final AuthorizationService authorizationService = new AuthorizationService(context, new AppAuthConfiguration.Builder().setConnectionBuilder(new NoExceptionConnectionBuilder()).build());
        AuthState.AuthStateAction authStateAction = new AuthState.AuthStateAction() { // from class: io.olvid.messenger.openid.KeycloakTasks$$ExternalSyntheticLambda8
            @Override // net.openid.appauth.AuthState.AuthStateAction
            public final void execute(String str3, String str4, AuthorizationException authorizationException) {
                KeycloakTasks.lambda$uploadOwnIdentity$5(AuthorizationService.this, keycloakCallback, bArr, str, str3, str4, authorizationException);
            }
        };
        if (str2 == null) {
            authState.performActionWithFreshTokens(authorizationService, authStateAction);
        } else {
            authState.performActionWithFreshTokens(authorizationService, new ClientSecretPost(str2), authStateAction);
        }
    }

    private static Pair<String, JsonWebKey> verifySignature(String str, JsonWebKeySet jsonWebKeySet, JsonWebKey jsonWebKey) {
        List<JsonWebKey> jsonWebKeys = jsonWebKey == null ? jsonWebKeySet.getJsonWebKeys() : Collections.singletonList(jsonWebKey);
        try {
            JwtContext process = new JwtConsumerBuilder().setExpectedAudience(false, new String[0]).setVerificationKeyResolver(new JwksVerificationKeyResolver(jsonWebKeys)).build().process(str);
            return new Pair<>(process.getJwtClaims().getRawJson(), new VerificationJwkSelector().select((JsonWebSignature) process.getJoseObjects().get(0), jsonWebKeys));
        } catch (Exception e) {
            e.printStackTrace();
            return null;
        }
    }
}
