package com.amazon.whisperlink.feature.security.transport;

import android.content.Context;
import com.amazon.whisperlink.exception.WPTException;
import com.amazon.whisperlink.plugin.config.SecurityConfig;
import com.amazon.whisperlink.port.android.transport.TBtSocket;
import com.amazon.whisperlink.security.service.AuthDaemonInternal;
import com.amazon.whisperlink.security.service.AuthResult;
import com.amazon.whisperlink.security.service.AuthResultCode;
import com.amazon.whisperlink.security.service.AuthToken;
import com.amazon.whisperlink.security.service.SecurityConstants;
import com.amazon.whisperlink.service.AccessLevel;
import com.amazon.whisperlink.service.Description;
import com.amazon.whisperlink.service.Device;
import com.amazon.whisperlink.transport.AuthenticationFeature;
import com.amazon.whisperlink.transport.AuthorizationException;
import com.amazon.whisperlink.transport.SecureTransportFeature;
import com.amazon.whisperlink.transport.TWhisperLinkServerTransport;
import com.amazon.whisperlink.transport.TWhisperLinkTransport;
import com.amazon.whisperlink.transport.WhisperLinkConnHandler;
import com.amazon.whisperlink.util.Connection;
import com.amazon.whisperlink.util.Log;
import com.amazon.whisperlink.util.StringUtil;
import com.amazon.whisperlink.util.WPDeviceUtil;
import com.amazon.whisperlink.util.WhisperLinkUtil;
import com.amazon.whisperplay.thrift.TException;
import java.util.Map;
import org.apache.thrift.transport.TServerTransport;
import org.apache.thrift.transport.TSocket;
import org.apache.thrift.transport.TTransport;
import org.apache.thrift.transport.TTransportException;

/* loaded from: classes2.dex */
public class SecureTransportFeatureImpl implements SecureTransportFeature {
    public static final String HTTP_HEADER_DEVICE_ACCESS_DATA = "x-amzn-dev-veri-data";
    public static final String HTTP_HEADER_DEVICE_ACCESS_NONCE = "x-amzn-dev-nonce";
    public static final String HTTP_HEADER_DEVICE_ACCESS_TOKEN = "x-amzn-dev-token";
    private static final String TAG = "SecureTransportFeatureImpl";
    private Context mContext;

    public SecureTransportFeatureImpl(Context context) {
        this.mContext = context.getApplicationContext();
    }

    /* JADX WARN: Multi-variable type inference failed */
    private AuthenticationFeature.AuthResult getAuthLevelFromTransport(TTransport tTransport, String str, String str2, short s) throws WPTException, TTransportException, AuthorizationException {
        AuthenticationFeature.AuthResultCode authResultCode;
        if (!(tTransport instanceof AuthenticationFeature)) {
            throw new IllegalArgumentException("Delegate is not a TAuthenticatedTransport.");
        }
        AuthenticationFeature.AuthResult authenticationLevel = ((AuthenticationFeature) tTransport).getAuthenticationLevel(str, str2, s);
        if (authenticationLevel == null || (authResultCode = authenticationLevel.result) == null) {
            authResultCode = null;
        }
        if (authResultCode != null && authResultCode != AuthenticationFeature.AuthResultCode.SUCCESS) {
            Log.warning(TAG, "getAuthLevelFromTransport result: " + authResultCode);
        }
        return authenticationLevel;
    }

    /* JADX WARN: Multi-variable type inference failed */
    protected static boolean isTransportAuthenticationSupported(TTransport tTransport) {
        Log.debug(TAG, "isAuthenticationFeatureTransport - transport:" + tTransport);
        return (tTransport instanceof AuthenticationFeature) && ((AuthenticationFeature) tTransport).isAuthenticationSupported();
    }

    protected Connection<AuthDaemonInternal.Iface, AuthDaemonInternal.Client> createConnection() {
        return new Connection<>(WhisperLinkUtil.getLocalDevice(false), SecurityConfig.getAuthDaemonInternalDescription(), new AuthDaemonInternal.Client.Factory());
    }

    protected AuthenticationFeature.AuthResult getAuthResultFromAuthToken(String str, String str2, short s, AuthToken authToken) throws WPTException {
        AuthResultCode authResultCode;
        Connection<AuthDaemonInternal.Iface, AuthDaemonInternal.Client> createConnection = createConnection();
        try {
            try {
                AuthResult checkToken = createConnection.connect().checkToken(authToken, str, str2, s);
                if (checkToken == null || (authResultCode = checkToken.result) == null) {
                    authResultCode = null;
                }
                if (authResultCode != null && authResultCode != AuthResultCode.SUCCESS) {
                    Log.warning(TAG, "Token validation result: " + authResultCode);
                }
                return new AuthenticationFeature.AuthResult(authResultCode != null ? AuthenticationFeature.AuthResultCode.values()[authResultCode.getValue()] : null, checkToken.currentHighLevel);
            } catch (TException e2) {
                throw new WPTException(1000, e2);
            }
        } finally {
            if (createConnection != null) {
                createConnection.close();
            }
        }
    }

    @Override // com.amazon.whisperlink.transport.SecureTransportFeature
    public AuthenticationFeature.AuthResult getAuthResultFromHeaders(TTransport tTransport, Object obj, String str, Map<String, String> map) throws TException {
        AuthToken authToken = (AuthToken) obj;
        String str2 = map.get(TWhisperLinkTransport.HTTP_HEADER_SERVICE_UUID);
        short shortValue = Short.valueOf(map.get(TWhisperLinkTransport.HTTP_HEADER_SERVICE_VERSION)).shortValue();
        String str3 = map.get(TWhisperLinkTransport.HTTP_HEADER_DEVICE_UUID);
        if (authToken == null && isTransportAuthenticationSupported(tTransport)) {
            Log.debug(TAG, "validateHeaders getAuthLevelFromTransport:" + str3 + ":" + str2);
            return getAuthLevelFromTransport(tTransport, str3, str2, shortValue);
        }
        if ((!(tTransport instanceof TSocket) && !(tTransport instanceof TBtSocket) && !isTransportAuthenticationSupported(tTransport)) && authToken != null && "cloud".equals(str)) {
            Log.debug(TAG, "validateHeaders internal route for cloud, get auth level from token.");
            try {
                AuthenticationFeature.AuthResult authResultFromAuthToken = getAuthResultFromAuthToken(str2, WhisperLinkUtil.getLocalDeviceUUID(), shortValue, authToken);
                if (authResultFromAuthToken != null && AuthenticationFeature.AuthResultCode.SUCCESS.equals(authResultFromAuthToken.result)) {
                    Log.debug(TAG, "validateHeaders internal route for cloud, authentication succeeds with local uuid.");
                    return authResultFromAuthToken;
                }
            } catch (Exception e2) {
                Log.warning(TAG, "Exception when trying to authenticate with local uuid:" + e2.getMessage());
            }
            Log.debug(TAG, "validateHeaders internal route for cloud, try authentication with remote uuid.");
        } else if (authToken == null) {
            return new AuthenticationFeature.AuthResult(AuthenticationFeature.AuthResultCode.SUCCESS, 0);
        }
        return getAuthResultFromAuthToken(str2, str3, shortValue, authToken);
    }

    protected AuthToken getAuthToken(Device device, Description description, boolean z) throws TTransportException {
        if (!WhisperLinkUtil.serviceRequiresAuthentication(description.getAccessLevel())) {
            return null;
        }
        Log.debug(TAG, "GetAuthToken");
        Connection<AuthDaemonInternal.Iface, AuthDaemonInternal.Client> createConnection = createConnection();
        try {
            try {
                AuthDaemonInternal.Iface connect = createConnection.connect();
                AuthToken tokenForInternalRoute = z ? connect.getTokenForInternalRoute(description) : connect.getToken(description, device, false);
                Log.debug(TAG, "Successfully gathered token: " + tokenForInternalRoute);
            } catch (TException e2) {
                throw new TTransportException(e2);
            }
        } finally {
            if (createConnection != null) {
                createConnection.close();
            }
        }
    }

    @Override // com.amazon.whisperlink.transport.SecureTransportFeature
    public Object getAuthTokenFromHeaders(Map<String, String> map) {
        String str = map.get(HTTP_HEADER_DEVICE_ACCESS_TOKEN);
        String str2 = map.get(HTTP_HEADER_DEVICE_ACCESS_NONCE);
        String str3 = map.get(HTTP_HEADER_DEVICE_ACCESS_DATA);
        Log.debug(TAG, "validateHeaders read auth token string:" + str + ":" + str2 + ":" + str3);
        if (str == null || str2 == null) {
            return null;
        }
        AuthToken authToken = new AuthToken(str, Long.parseLong(str2));
        if (StringUtil.isEmpty(str3)) {
            return authToken;
        }
        authToken.setVerifiedData(str3);
        return authToken;
    }

    @Override // com.amazon.whisperlink.transport.SecureTransportFeature
    public Object getAuthTokenIfNeeded(Device device, Description description, TTransport tTransport) throws TTransportException {
        AuthToken authToken;
        boolean isTransportAuthenticationSupported = isTransportAuthenticationSupported(tTransport);
        boolean z = (device == null || WhisperLinkUtil.isLocalDevice(device) || !WPDeviceUtil.requireTokenExchange(device)) ? false : true;
        if (!isTransportAuthenticationSupported || z) {
            authToken = getAuthToken(device, description, device == null || WhisperLinkUtil.isLocalDevice(device));
        } else {
            authToken = null;
        }
        StringBuilder sb = new StringBuilder();
        sb.append("getTransport: transport ");
        sb.append(isTransportAuthenticationSupported ? "is" : "is not");
        sb.append(" auth supported; device ");
        sb.append(z ? "requires" : "does NOT require");
        sb.append(" token exchange: ");
        sb.append(tTransport);
        Log.debug(TAG, sb.toString());
        return authToken;
    }

    /* JADX WARN: Code restructure failed: missing block: B:11:0x001b, code lost:
    
        if (r2 != null) goto L13;
     */
    /* JADX WARN: Code restructure failed: missing block: B:12:0x002a, code lost:
    
        if (r3 != null) goto L17;
     */
    /* JADX WARN: Code restructure failed: missing block: B:13:0x002c, code lost:
    
        r6 = "Could not get current auths. Filtered all services";
     */
    /* JADX WARN: Code restructure failed: missing block: B:15:0x003a, code lost:
    
        if (r3.containsKey(r6.getUuid()) == false) goto L20;
     */
    /* JADX WARN: Code restructure failed: missing block: B:16:0x003c, code lost:
    
        r0 = r3.get(r6.getUuid());
     */
    /* JADX WARN: Code restructure failed: missing block: B:17:0x0027, code lost:
    
        r2.close();
     */
    /* JADX WARN: Code restructure failed: missing block: B:20:0x0025, code lost:
    
        if (r2 == null) goto L14;
     */
    @Override // com.amazon.whisperlink.transport.SecureTransportFeature
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public int getCurrentAuthorizationLevelForDevice(com.amazon.whisperlink.service.Device r6) {
        /*
            r5 = this;
            r0 = 0
            java.lang.Integer r0 = java.lang.Integer.valueOf(r0)
            java.lang.String r1 = "SecureTransportFeatureImpl"
            if (r6 != 0) goto Lc
            java.lang.String r6 = "Illegal arguments. No device"
            goto L2e
        Lc:
            com.amazon.whisperlink.util.Connection r2 = r5.createConnection()
            r3 = 0
            java.lang.Object r4 = r2.connect()     // Catch: java.lang.Throwable -> L1e com.amazon.whisperplay.thrift.TException -> L20
            com.amazon.whisperlink.security.service.AuthDaemonInternal$Iface r4 = (com.amazon.whisperlink.security.service.AuthDaemonInternal.Iface) r4     // Catch: java.lang.Throwable -> L1e com.amazon.whisperplay.thrift.TException -> L20
            java.util.Map r3 = r4.getCurrentAuths()     // Catch: java.lang.Throwable -> L1e com.amazon.whisperplay.thrift.TException -> L20
            if (r2 == 0) goto L2a
            goto L27
        L1e:
            r6 = move-exception
            goto L4c
        L20:
            java.lang.String r4 = "Exception when get current auths from internal service"
            com.amazon.whisperlink.util.Log.error(r1, r4)     // Catch: java.lang.Throwable -> L1e
            if (r2 == 0) goto L2a
        L27:
            r2.close()
        L2a:
            if (r3 != 0) goto L32
            java.lang.String r6 = "Could not get current auths. Filtered all services"
        L2e:
            com.amazon.whisperlink.util.Log.error(r1, r6)
            goto L47
        L32:
            java.lang.String r1 = r6.getUuid()
            boolean r1 = r3.containsKey(r1)
            if (r1 == 0) goto L47
            java.lang.String r6 = r6.getUuid()
            java.lang.Object r6 = r3.get(r6)
            r0 = r6
            java.lang.Integer r0 = (java.lang.Integer) r0
        L47:
            int r6 = r0.intValue()
            return r6
        L4c:
            if (r2 == 0) goto L51
            r2.close()
        L51:
            throw r6
        */
        throw new UnsupportedOperationException("Method not decompiled: com.amazon.whisperlink.feature.security.transport.SecureTransportFeatureImpl.getCurrentAuthorizationLevelForDevice(com.amazon.whisperlink.service.Device):int");
    }

    @Override // com.amazon.whisperlink.transport.SecureTransportFeature
    public String getHeadersForToken(Object obj) {
        if (obj == null) {
            return "";
        }
        AuthToken authToken = (AuthToken) obj;
        StringBuilder sb = new StringBuilder();
        sb.append(HTTP_HEADER_DEVICE_ACCESS_TOKEN);
        sb.append(":");
        sb.append(authToken.hashedSecret);
        sb.append("\r\n");
        sb.append(HTTP_HEADER_DEVICE_ACCESS_NONCE);
        sb.append(":");
        sb.append(Long.toString(authToken.nonce));
        sb.append("\r\n");
        if (authToken.isSetVerifiedData() && !StringUtil.isEmpty(authToken.getVerifiedData())) {
            sb.append(HTTP_HEADER_DEVICE_ACCESS_DATA);
            sb.append(":");
            sb.append(authToken.getVerifiedData());
            sb.append("\r\n");
        }
        return sb.toString();
    }

    @Override // com.amazon.whisperlink.transport.SecureTransportFeature
    public Object getInternalAuthToken(Description description) throws TTransportException {
        return getAuthToken(null, description, true);
    }

    @Override // com.amazon.whisperlink.transport.SecureTransportFeature
    public TWhisperLinkServerTransport getSecureWhisperLinkServerTransport(TServerTransport tServerTransport, WhisperLinkConnHandler whisperLinkConnHandler, String str, boolean z, boolean z2) {
        return z2 ? new TSecureWhisperLinkServerTransport(tServerTransport, str, z2, z) : new TSecureWhisperLinkServerTransport(tServerTransport, whisperLinkConnHandler, str, z);
    }

    @Override // com.amazon.whisperlink.transport.SecureTransportFeature
    public TWhisperLinkTransport getSecureWhisperLinkTransport(TTransport tTransport, String str, Description description, Device device, Device device2, String str2, String str3, String str4, int i2, String str5, String str6, String str7) throws TTransportException {
        return new TSecureWhisperLinkTransport(tTransport, str, description, device, device2, str2, str3, str4, i2, str5, str6, str7);
    }

    @Override // com.amazon.whisperlink.transport.SecureTransportFeature
    public void revokeAuthTokensFor(String str) throws TTransportException {
        StringBuilder sb;
        Description description = new Description();
        description.sid = SecurityConstants.AUTH_DAEMON_INTERNAL_IDENTIFIER;
        description.accessLevel = AccessLevel.ALL.getValue();
        Connection<AuthDaemonInternal.Iface, AuthDaemonInternal.Client> createConnection = createConnection();
        try {
            try {
                if (createConnection.connect().revokeToken(str)) {
                    sb = new StringBuilder();
                    sb.append("Successfully revoked token for device: ");
                    sb.append(str);
                } else {
                    sb = new StringBuilder();
                    sb.append("No token to remove for: ");
                    sb.append(str);
                }
                Log.debug(TAG, sb.toString());
            } catch (TException e2) {
                throw new TTransportException(e2);
            }
        } finally {
            if (createConnection != null) {
                createConnection.close();
            }
        }
    }
}
