package com.irobot.home.aws.authentication;

import android.os.Looper;
import android.support.annotation.Keep;
import android.text.TextUtils;
import android.util.Pair;
import com.amazonaws.auth.AWSSessionCredentials;
import com.amazonaws.regions.Region;
import com.amazonaws.regions.Regions;
import com.google.gson.Gson;
import com.irobot.awsservices.a.a;
import com.irobot.awsservices.a.b;
import com.irobot.awsservices.apigateway.ApiGatewayResponse;
import com.irobot.core.AccountError;
import com.irobot.core.AccountErrorEvent;
import com.irobot.core.AccountInfoUpdatedEvent;
import com.irobot.core.AccountLoggedInEvent;
import com.irobot.core.AccountService;
import com.irobot.core.ApiGatewayStatusCode;
import com.irobot.core.Assembler;
import com.irobot.core.AssetId;
import com.irobot.core.AssetType;
import com.irobot.core.AuthenticationHandler;
import com.irobot.core.EventType;
import com.irobot.core.ServiceDiscovery;
import com.irobot.home.aws.authentication.model.AccountAssociationStatus;
import com.irobot.home.aws.authentication.model.AccountLoginRequestData;
import com.irobot.home.aws.authentication.model.AccountLoginResponse;
import com.irobot.home.aws.authentication.model.AssetPoolAssociationInfo;
import com.irobot.home.aws.authentication.model.LoginRequestData;
import com.irobot.home.aws.authentication.model.LoginResponse;
import com.irobot.home.model.w;
import com.irobot.home.util.g;
import com.irobot.home.util.l;
import java.net.MalformedURLException;
import java.net.URL;
import java.text.DateFormat;
import java.text.ParseException;
import java.text.SimpleDateFormat;
import java.util.Date;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import java.util.TimeZone;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import junit.framework.Assert;

/* loaded from: classes2.dex */
public class AwsCredentialsService extends AuthenticationHandler implements b {

    /* renamed from: a, reason: collision with root package name */
    private static final Regions f3000a = Regions.US_EAST_1;

    /* renamed from: b, reason: collision with root package name */
    private static Pattern f3001b = Pattern.compile("^https?://\\w+.execute-api.([a-z0-9-]+).amazonaws.com(/.*)");
    private static final String c = AwsCredentialsService.class.getSimpleName();
    private static final DateFormat d = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ssZ");
    private final Gson e;
    private com.irobot.home.aws.authentication.model.b f;
    private boolean g;
    private boolean h;
    private Map<String, AssetPoolAssociationInfo> i;
    private String j;
    private AWSSessionCredentials k;
    private Date l;
    private com.irobot.home.g.a m;
    private AccountLoginRequestData n;
    private Object o;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes2.dex */
    public static class a {

        /* renamed from: a, reason: collision with root package name */
        private static AwsCredentialsService f3003a = new AwsCredentialsService();
    }

    private AwsCredentialsService() {
        this.e = new Gson();
        this.f = null;
        this.g = false;
        this.h = false;
        this.i = null;
        this.j = "Not Associated";
        this.k = null;
        this.l = null;
        this.n = null;
        this.o = new Object();
        d.setTimeZone(TimeZone.getTimeZone("UTC"));
        this.m = (com.irobot.home.g.a) Assembler.getInstance().getDomainEventBus();
        this.m.a(this, EventType.AccountInfoUpdatedEvent);
        this.m.a(this, EventType.AccountLoggedInEvent);
        this.m.a(this, EventType.AccountErrorEvent);
    }

    private AWSSessionCredentials a(com.irobot.home.aws.authentication.model.a aVar, com.irobot.awsservices.a.a aVar2) {
        if (aVar2 != null) {
            l.b(c, "Attempting to fetch session credentials using authentication type " + (aVar2.a() == a.EnumC0420a.Asset ? " asset." : "account"));
        }
        try {
            ApiGatewayResponse b2 = new com.irobot.awsservices.apigateway.a.a().b(b(aVar, aVar2));
            if (b2 != null) {
                switch (b2.a()) {
                    case 200:
                        this.f = (com.irobot.home.aws.authentication.model.b) this.e.fromJson(b2.c(), (Class) (aVar.getClass().equals(AccountLoginRequestData.class) ? AccountLoginResponse.class : LoginResponse.class));
                        break;
                    case ApiGatewayStatusCode.REQUEST_ERROR /* 400 */:
                        this.g = true;
                        break;
                    default:
                        throw new b.a("Internal AWS service error", new Exception("Internal AWS service error"));
                }
            }
            if (this.f == null || !this.f.hasValidCredentials()) {
                return null;
            }
            AWSSessionCredentials awsCredentials = this.f.getCredentials().getAwsCredentials();
            l.b(c, String.format("AWS session credentials: \n\tsecretKey = %s\n\taccessKeyId = %s\n\tsessionToken = %s", awsCredentials.b(), awsCredentials.a(), awsCredentials.c()));
            if (this.f.getAssociations() != null) {
                String a2 = com.irobot.home.aws.authentication.a.a(aVar2.c(), this.f.getAssociations(), this.i);
                if (!TextUtils.isEmpty(a2)) {
                    l.b(c, String.format("Cognito_id is not associated with asset %s due to %s", aVar2.c(), a2));
                    throw new b.a(a2, new Exception(a2));
                }
            }
            try {
                String expiration = this.f.getCredentials().getExpiration();
                this.l = d.parse(expiration);
                l.b(c, "Credentials expiration timestamp: " + expiration);
            } catch (ParseException e) {
                l.e(c, "Failed to parse credentials expiration timestamp!");
            }
            com.irobot.home.aws.authentication.a.b();
            return awsCredentials;
        } catch (Exception e2) {
            l.b(c, "Login request to API gateway failed - " + e2.getMessage());
            throw new b.a(e2.getMessage(), e2);
        }
    }

    private String a(String str) {
        if (TextUtils.isEmpty(str)) {
            return null;
        }
        Matcher matcher = f3001b.matcher(str);
        if (matcher.matches()) {
            return matcher.group(2);
        }
        return null;
    }

    private com.irobot.awsservices.apigateway.a b(com.irobot.home.aws.authentication.model.a aVar, com.irobot.awsservices.a.a aVar2) {
        if (aVar == null) {
            throw new com.irobot.home.h.a("No request data supplied for prepareLoginRequest()");
        }
        HashMap hashMap = new HashMap();
        hashMap.put("requestMethod", "POST");
        String a2 = a(c(aVar2));
        if (a2 == null) {
            a2 = "";
        }
        hashMap.put("requestPath", a2 + "/v1" + aVar.getLoginPath());
        hashMap.put("requestPayload", this.e.toJson(aVar, aVar.getClass()));
        hashMap.put("timeout", 6000);
        com.irobot.awsservices.apigateway.a aVar3 = new com.irobot.awsservices.apigateway.a();
        aVar3.a(Region.a(b(aVar2)));
        aVar3.a("execute-api");
        String str = null;
        try {
            str = new URL(c(aVar2)).getHost();
        } catch (MalformedURLException e) {
            e.printStackTrace();
        }
        aVar3.b(str);
        aVar3.a(hashMap);
        return aVar3;
    }

    private String c(com.irobot.awsservices.a.a aVar) {
        ServiceDiscovery serviceDiscovery = ServiceDiscovery.getInstance();
        String str = null;
        switch (aVar.a()) {
            case Account:
                str = serviceDiscovery.getAppServiceDiscoveryData(aVar.c()).getApiGatewayUnauthenticatedUrl();
                break;
            case Asset:
                str = serviceDiscovery.getServiceDiscoveryData(AssetId.assetIdForString(aVar.c())).getApiGatewayUnauthenticatedUrl();
                break;
        }
        l.b(c, "Api gateway end point: " + str);
        return str;
    }

    public static AwsCredentialsService e() {
        return a.f3003a;
    }

    private void f() {
        synchronized (this.o) {
            Assembler.getInstance().getAccountService().refreshAccountInfo();
            try {
                this.o.wait();
            } catch (InterruptedException e) {
                e.printStackTrace();
            }
        }
    }

    private Map<String, AssetPoolAssociationInfo> g() {
        int i;
        this.i = new HashMap();
        int i2 = 0;
        for (com.irobot.home.model.a aVar : g.j()) {
            if (aVar.c() == AssetType.Roomba) {
                String id = aVar.b().getId();
                String u = ((w) aVar).d().u();
                i = i2 + 1;
                this.i.put(String.valueOf(i2), new AssetPoolAssociationInfo(id, u, false));
            } else {
                i = i2;
            }
            i2 = i;
        }
        Iterator<Pair<String, String>> it = com.irobot.home.aws.authentication.a.a().iterator();
        while (true) {
            int i3 = i2;
            if (!it.hasNext()) {
                return this.i;
            }
            Pair<String, String> next = it.next();
            if (next != null) {
                this.i.put(String.valueOf(i3), new AssetPoolAssociationInfo((String) next.first, (String) next.second, true));
                i2 = i3 + 1;
            } else {
                l.e(c, "Error parsing robot BLID and password mapping while building deleted associations");
                i2 = i3;
            }
        }
    }

    private static void h() {
        if (Thread.currentThread() == Looper.getMainLooper().getThread()) {
            String str = "Please do not call into public synchronized methods of " + AwsCredentialsService.class.getSimpleName() + "from the main thread. Gigya callbacks returning on main thread, can cause deadlocks";
            l.e(c, str);
            Assert.assertTrue(str, false);
        }
    }

    @Override // com.irobot.awsservices.a.b
    public synchronized AWSSessionCredentials a(com.irobot.awsservices.a.a aVar) {
        AWSSessionCredentials aWSSessionCredentials;
        synchronized (this) {
            h();
            AccountService accountService = Assembler.getInstance().getAccountService();
            boolean isInAccountMode = accountService.isInAccountMode();
            if (this.l != null) {
                int time = (int) (this.l.getTime() - System.currentTimeMillis());
                l.a(c, "Time until credentials expire: " + time);
                boolean z = isInAccountMode ? !this.h : true;
                if (!isInAccountMode && this.i != null && this.f != null) {
                    z = TextUtils.isEmpty(com.irobot.home.aws.authentication.a.a(aVar.c(), this.f.getAssociations(), this.i));
                }
                if (time > 0 && this.k != null && z) {
                    aWSSessionCredentials = this.k;
                }
            }
            this.g = false;
            if (isInAccountMode) {
                if (accountService.isLoggedIn()) {
                    f();
                    this.k = a(this.n, aVar);
                    if (this.g) {
                        l.d(c, "Last authentication request failed. Retrying...");
                        f();
                        this.k = a(this.n, aVar);
                        this.g = false;
                    }
                } else {
                    a();
                }
                aWSSessionCredentials = this.k;
            } else {
                Assert.assertTrue("Asset ID required to retrieve session credentials", aVar.a() == a.EnumC0420a.Asset);
                String c2 = aVar.c();
                LoginRequestData loginRequestData = new LoginRequestData();
                loginRequestData.setAppId(g.e());
                Map<String, AssetPoolAssociationInfo> g = g();
                loginRequestData.setAssociations(g);
                this.k = a(loginRequestData, aVar);
                if (this.k == null && this.g) {
                    LoginRequestData loginRequestData2 = new LoginRequestData();
                    loginRequestData2.setPreviousAppId(loginRequestData.getAppId());
                    loginRequestData2.setAppId(g.f());
                    loginRequestData.setAssociations(g);
                    this.k = a(loginRequestData2, aVar);
                    g.b(AssetId.assetIdForString(c2));
                    this.g = false;
                }
                if (this.k == null) {
                    throw new b.a(com.irobot.home.aws.authentication.a.a(c2, this.f == null ? new HashMap<>() : this.f.getAssociations(), this.i), new Exception(String.format("Unable to fetch session credentials\n for assetID %s, API Gateway endpoint queried: %s", c2, c(aVar))));
                }
                aWSSessionCredentials = this.k;
            }
        }
        return aWSSessionCredentials;
    }

    @Override // com.irobot.awsservices.a.b
    public synchronized void a() {
        h();
        this.k = null;
        this.l = null;
    }

    public void a(ApiGatewayResponse apiGatewayResponse) {
        if (Assembler.getInstance().getAccountService().isInAccountMode()) {
            try {
                AccountAssociationStatus accountAssociationStatus = (AccountAssociationStatus) this.e.fromJson(apiGatewayResponse.c(), AccountAssociationStatus.class);
                if (accountAssociationStatus != null) {
                    this.j = accountAssociationStatus.getAssociationStatus();
                }
            } catch (Exception e) {
                e.printStackTrace();
            }
        }
    }

    @Override // com.irobot.awsservices.a.b
    public Regions b(com.irobot.awsservices.a.a aVar) {
        ServiceDiscovery serviceDiscovery = ServiceDiscovery.getInstance();
        String str = null;
        switch (aVar.a()) {
            case Account:
                str = serviceDiscovery.getAppServiceDiscoveryData(aVar.c()).getAwsRegion();
                break;
            case Asset:
                str = serviceDiscovery.getServiceDiscoveryData(AssetId.assetIdForString(aVar.c())).getAwsRegion();
                break;
        }
        return g.i(str) ? Regions.fromName(str) : f3000a;
    }

    @Override // com.irobot.awsservices.a.b
    public void b() {
        a();
        this.h = true;
    }

    @Override // com.irobot.awsservices.a.b
    public void c() {
        this.h = false;
    }

    @Override // com.irobot.awsservices.a.b
    public b.a d() {
        AccountService accountService = Assembler.getInstance().getAccountService();
        if (this.h && accountService.isInAccountMode()) {
            return new b.a(this.j, new Exception(this.j));
        }
        return null;
    }

    @Override // com.irobot.core.AuthenticationHandler
    public boolean isAuthenticated() {
        return (this.k == null || TextUtils.isEmpty(this.k.a()) || TextUtils.isEmpty(this.k.b()) || TextUtils.isEmpty(this.k.c()) || (this.l != null && ((int) (this.l.getTime() - System.currentTimeMillis())) <= 0)) ? false : true;
    }

    @Keep
    public void onAccountErrorEvent(AccountErrorEvent accountErrorEvent) {
        synchronized (this.o) {
            if (accountErrorEvent.error() == AccountError.AccountInfoRefreshFailed) {
                this.n = null;
            }
            this.o.notifyAll();
        }
    }

    @Keep
    public void onAccountInfoUpdatedEvent(AccountInfoUpdatedEvent accountInfoUpdatedEvent) {
        synchronized (this.o) {
            this.n = AccountLoginRequestData.create(accountInfoUpdatedEvent.accountInfo(), g.e());
            this.o.notifyAll();
        }
    }

    @Keep
    public void onAccountLoggedInEvent(AccountLoggedInEvent accountLoggedInEvent) {
        synchronized (this.o) {
            this.n = AccountLoginRequestData.create(accountLoggedInEvent.accountInfo(), g.e());
            this.o.notifyAll();
        }
    }
}
