package com.intuit.spc.authorization.handshake.internal.transactions.signinviaaccess;

import com.facebook.Response;
import com.google.gson.Gson;
import com.intuit.spc.authorization.AuthorizationClient;
import com.intuit.spc.authorization.handshake.internal.HttpClient;
import com.intuit.spc.authorization.handshake.internal.Logger;
import com.intuit.spc.authorization.handshake.internal.exception.AuthorizationException;
import com.intuit.spc.authorization.handshake.internal.exception.AuthorizationExceptionFactory;
import com.intuit.spc.authorization.handshake.internal.exception.AuthorizationServerError;
import com.intuit.spc.authorization.handshake.internal.exception.IdentityChallengeException;
import com.intuit.spc.authorization.handshake.internal.exception.IdentityServerExceptionFactory;
import com.intuit.spc.authorization.handshake.internal.transactions.dataobjects.ChallengeOption;
import com.intuit.spc.authorization.handshake.internal.transactions.dataobjects.IUSResponse;
import com.intuit.spc.authorization.handshake.internal.transactions.mfa.BaseMFATransaction;
import com.newrelic.agent.android.instrumentation.GsonInstrumentation;
import com.newrelic.agent.android.instrumentation.TransactionStateUtil;
import java.net.URL;
import java.util.Collection;
import java.util.Iterator;
import java.util.List;
import java.util.Map;

/* loaded from: classes.dex */
public class SignInViaAccessTransaction extends BaseMFATransaction {
    private String captchaToken;
    private List<ChallengeOption> challengeOptions;
    private String mAccessToken;
    private String mAuthorizationCode;
    private boolean mHasCaptcha;
    private String mIntuitErrorContext;
    private String mIntuitSessionId;
    private String mNamespaceId;
    private Map<String, String> mOfferingInfo;
    private String mPassword;
    private String mRealmId;
    private boolean mRestrictedMode;
    private Collection<String> mScopes;
    private String mUserName;
    public boolean twoStepVerificationEnabled;

    public SignInViaAccessTransaction(AuthorizationClient authorizationClient) {
        super(authorizationClient);
        this.mRestrictedMode = false;
        this.challengeOptions = null;
        this.twoStepVerificationEnabled = false;
        this.mHasCaptcha = false;
    }

    @Override // com.intuit.spc.authorization.handshake.internal.transactions.HttpTransaction
    public HttpClient.Request generateRequest(URL url) throws Exception {
        HttpClient.Request request = new HttpClient.Request();
        request.transactionName = "SignInViaAccess";
        request.url = new URL(url.toString() + getAuthorizationClient().getConfigurationUtil().getSignInUrlSuffix());
        request.verb = "POST";
        request.headers.put("Authorization", "Bearer " + this.mAccessToken);
        request.headers.put(TransactionStateUtil.CONTENT_TYPE_HEADER, "application/json");
        if (this.mOfferingInfo != null) {
            Gson gson = new Gson();
            Map<String, String> map = this.mOfferingInfo;
            request.headers.put("intuit_offering_info", !(gson instanceof Gson) ? gson.toJson(map) : GsonInstrumentation.toJson(gson, map));
        }
        String str = getAuthorizationClient().getConfigurationUtil().getThreatMetrixProfilingSessionIdPrefix() + this.mIntuitSessionId;
        if (this.mIntuitErrorContext != null) {
            str = str + "&SERVICE_UNAVAILABLE";
            request.headers.put("intuit_errorcontext", this.mIntuitErrorContext);
        }
        request.headers.put("intuit_risk_profiling_data", str);
        if (this.captchaToken != null) {
            request.headers.put("intuit_captcha_response", this.captchaToken);
        }
        request.headers.put("intuit_accept_authchallenge", "sms_otp voice_otp email_otp idp totp captcha care");
        OAuth2ClientSignInRequest oAuth2ClientSignInRequest = new OAuth2ClientSignInRequest();
        OAuth2CodeRequest oAuth2CodeRequest = new OAuth2CodeRequest();
        oAuth2CodeRequest.setClientId(getSecureData().getClientId());
        if (this.mScopes != null && this.mScopes.size() > 0) {
            oAuth2CodeRequest.setScopes((String[]) this.mScopes.toArray(new String[this.mScopes.size()]));
        }
        oAuth2ClientSignInRequest.setOauth2CodeRequest(oAuth2CodeRequest);
        oAuth2ClientSignInRequest.setUsername(this.mUserName);
        oAuth2ClientSignInRequest.setPassword(this.mPassword);
        oAuth2ClientSignInRequest.setRealmId(this.mRealmId);
        oAuth2ClientSignInRequest.setNamespaceId(this.mNamespaceId);
        request.content = oAuth2ClientSignInRequest.toData();
        request.contentText = new String(request.content, "UTF-8");
        return request;
    }

    public String getAuthorizationCode() {
        return this.mAuthorizationCode;
    }

    public List<ChallengeOption> getChallengeOptions() {
        return this.challengeOptions;
    }

    public boolean getRestrictedMode() {
        return this.mRestrictedMode;
    }

    @Override // com.intuit.spc.authorization.handshake.internal.transactions.mfa.BaseMFATransaction
    public void handleSpecificMFATransactionResponse(HttpClient.Response response) throws Exception {
        if (response == null || response.statusCode.intValue() != 200) {
            throw IdentityServerExceptionFactory.createIdentityServerException(response, new IUSResponse(response.content, IUSResponse.IdentityServerErrorOperationContext.SignIn, (this.mIntuitErrorContext == null || this.mIntuitErrorContext.isEmpty()) ? false : true));
        }
        try {
            OAuth2ClientSignInResponse oAuth2ClientSignInResponse = new OAuth2ClientSignInResponse(response.content);
            if (oAuth2ClientSignInResponse.getAction() != null && oAuth2ClientSignInResponse.getAction().equalsIgnoreCase("CHALLENGE")) {
                Iterator<ChallengeOption> it = oAuth2ClientSignInResponse.getChallengeOptions().iterator();
                while (it.hasNext()) {
                    if (it.next().getType().equalsIgnoreCase("CAPTCHA")) {
                        this.mHasCaptcha = true;
                        Logger.getInstance().logInfo("CAPTCHA required!");
                        return;
                    }
                }
            }
            if (oAuth2ClientSignInResponse.getError() == null || !oAuth2ClientSignInResponse.getError().equalsIgnoreCase(Response.SUCCESS_KEY)) {
                throw new AuthorizationException(oAuth2ClientSignInResponse.getError());
            }
            String action = oAuth2ClientSignInResponse.getAction();
            if (!"pass".equalsIgnoreCase(action) && !"challenge".equalsIgnoreCase(action)) {
                throw AuthorizationExceptionFactory.createServerErrorException("Unknown action type", response.statusCode, null, "", new Integer(response.statusCode.intValue()).toString());
            }
            this.challengeOptions = oAuth2ClientSignInResponse.getChallengeOptions();
            if (this.challengeOptions != null && !this.challengeOptions.isEmpty()) {
                Iterator<ChallengeOption> it2 = this.challengeOptions.iterator();
                while (true) {
                    if (!it2.hasNext()) {
                        break;
                    } else if (it2.next().isPrimary()) {
                        this.twoStepVerificationEnabled = true;
                        break;
                    }
                }
            } else if ("challenge".equalsIgnoreCase(action)) {
                throw new IdentityChallengeException("Challenge response with NO options!", response.statusCode);
            }
            if ("pass".equalsIgnoreCase(action)) {
                this.mRestrictedMode = false;
                if (!this.twoStepVerificationEnabled) {
                    this.challengeOptions = null;
                }
            } else {
                this.mRestrictedMode = true;
            }
            this.mAuthorizationCode = oAuth2ClientSignInResponse.getCode();
        } catch (Exception e) {
            throw AuthorizationExceptionFactory.createServerErrorException(response.statusCode, response.contentText, AuthorizationServerError.UNKNOWN, null, null, null);
        }
    }

    public boolean isHasCaptcha() {
        return this.mHasCaptcha;
    }

    public boolean isTwoStepVerificationEnabled() {
        return this.twoStepVerificationEnabled;
    }

    @Override // com.intuit.spc.authorization.handshake.internal.transactions.mfa.BaseMFATransaction
    public void setAccessToken(String str) {
        this.mAccessToken = str;
    }

    public void setCaptchaToken(String str) {
        this.captchaToken = str;
    }

    public void setIntuitErrorContext(String str) {
        this.mIntuitErrorContext = str;
    }

    public void setIntuitSessionId(String str) {
        this.mIntuitSessionId = str;
    }

    public void setNamespaceId(String str) {
        this.mNamespaceId = str;
    }

    public void setOfferingInfo(Map<String, String> map) {
        this.mOfferingInfo = map;
    }

    public void setPassword(String str) {
        this.mPassword = str;
    }

    public void setRealmId(String str) {
        this.mRealmId = str;
    }

    public void setScopes(Collection<String> collection) {
        this.mScopes = collection;
    }

    public void setUserName(String str) {
        this.mUserName = str;
    }
}
