package com.symantec.roverrouter.rovercloud;

import android.content.Context;
import android.content.Intent;
import android.text.TextUtils;
import com.amazonaws.auth.AWSAbstractCognitoIdentityProvider;
import com.amazonaws.regions.Regions;
import com.amazonaws.services.cognitoidentity.model.NotAuthorizedException;
import com.symantec.rover.log.RoverLog;
import com.symantec.roverrouter.Login;
import com.symantec.roverrouter.R;
import com.symantec.roverrouter.rovercloud.nsl.TokenClient;
import com.symantec.roverrouter.rovercloud.nsl.TokenResult;
import com.symantec.roverrouter.toolbox.Preferences;
import com.symantec.roverrouter.util.Constants;
import java.io.IOException;
import java.util.HashMap;
import java.util.Map;

/* loaded from: classes2.dex */
public class RoverCloudIdentityProvider extends AWSAbstractCognitoIdentityProvider {
    private static final int RETRY_TIME = 10;
    private static final String TAG = "com.symantec.roverrouter.rovercloud.RoverCloudIdentityProvider";
    private final Context context;
    private final TokenClient tokenClient;

    /* JADX INFO: Access modifiers changed from: package-private */
    public RoverCloudIdentityProvider(Context context, Regions regions) {
        super((String) null, context.getString(R.string.cognito_identity_pool_id_rover), regions);
        this.context = context;
        this.tokenClient = new TokenClient(this.context);
    }

    public static String gethWebSessionAccessToken(Context context) {
        TokenClient tokenClient = new TokenClient(context);
        String stringPreference = new Preferences.Factory(context).createInstance().getStringPreference(Preferences.STRING_OIDC_REFRESH_TOKEN);
        if (TextUtils.isEmpty(stringPreference)) {
            RoverLog.e(TAG, "Missing refresh token.");
            return null;
        }
        try {
            TokenResult nslRequest = tokenClient.nslRequest(TokenClient.GRANT_TYPE_REFRESH_TOKEN, stringPreference, true);
            Login.OpenIdToken openIdToken = nslRequest.getOpenIdToken();
            if (nslRequest.isSuccess() && openIdToken != null) {
                return openIdToken.accessToken;
            }
        } catch (IOException e) {
            RoverLog.e(TAG, "Error happens in the middle of getting AWS credentials. Exception message: " + e.getMessage());
        }
        return null;
    }

    private void refreshTokenWhenExpired(Preferences preferences, Map<String, String> map, String str) {
        Login.OpenIdToken openIdToken;
        RoverLog.d(TAG, "Cached token is expired, try to exchange id token with refresh token.");
        TokenResult tokenResult = null;
        try {
            String stringPreference = preferences.getStringPreference(Preferences.STRING_OIDC_REFRESH_TOKEN);
            if (!TextUtils.isEmpty(stringPreference)) {
                tokenResult = this.tokenClient.nslRequest(TokenClient.GRANT_TYPE_REFRESH_TOKEN, stringPreference, false);
            }
        } catch (IOException e) {
            RoverLog.e(TAG, "Error happens in the middle of getting AWS credentials. Exception message: " + e.getMessage());
            if (this.context != null && "connect timed out".equals(e.getMessage())) {
                this.context.sendBroadcast(new Intent(Constants.ACTION_INTERNET_CONNECTION_LOST));
            }
        }
        if (tokenResult != null) {
            RoverLog.d(TAG, "Token result isSuccess: " + tokenResult.isSuccess() + ", statusCode: " + tokenResult.getStatusCode());
            if (!tokenResult.isSuccess() || (openIdToken = tokenResult.getOpenIdToken()) == null) {
                return;
            }
            preferences.saveLongPreference(Preferences.LONG_OIDC_TOKEN_CREATED, System.currentTimeMillis());
            preferences.saveLongPreference(Preferences.LONG_OIDC_ID_TOKEN_EXP_SECS, openIdToken.idTokenExpInSecs);
            preferences.saveStringPreference(Preferences.STRING_OIDC_ACCESS_TOKEN, openIdToken.accessToken);
            preferences.saveStringPreference(Preferences.STRING_OIDC_REFRESH_TOKEN, openIdToken.refreshToken);
            preferences.saveStringPreference(Preferences.STRING_OIDC_ID_TOKEN, openIdToken.idToken);
            map.put(str, openIdToken.idToken);
            setLogins(map);
        }
    }

    private void tryToGetIdentityId(Preferences preferences, Map<String, String> map, String str, int i) {
        if (i > 10) {
            RoverLog.d(TAG, "Failed to refresh access token for 10 times, There's something horribly wrong");
            return;
        }
        try {
            getIdentityId();
        } catch (NotAuthorizedException unused) {
            refreshTokenWhenExpired(preferences, map, str);
            tryToGetIdentityId(preferences, map, str, i + 1);
        }
    }

    @Override // com.amazonaws.auth.AWSAbstractCognitoIdentityProvider
    public String getProviderName() {
        return "Cognito";
    }

    @Override // com.amazonaws.auth.AWSAbstractCognitoIdentityProvider, com.amazonaws.auth.AWSIdentityProvider
    public String refresh() {
        HashMap hashMap = new HashMap(1);
        Preferences createInstance = new Preferences.Factory(this.context).createInstance();
        long longPreference = createInstance.getLongPreference(Preferences.LONG_OIDC_TOKEN_CREATED) + (createInstance.getLongPreference(Preferences.LONG_OIDC_ID_TOKEN_EXP_SECS) * 1000);
        String string = this.context.getString(R.string.aws_credential_provider_name_nsl);
        if (System.currentTimeMillis() < longPreference - 30000) {
            RoverLog.d(TAG, "Found valid token in shared preferences.");
            hashMap.put(string, createInstance.getStringPreference(Preferences.STRING_OIDC_ID_TOKEN));
            setLogins(hashMap);
        } else {
            refreshTokenWhenExpired(createInstance, hashMap, string);
        }
        tryToGetIdentityId(createInstance, hashMap, string, 0);
        return null;
    }
}
