package com.amazon.kindle.services.authentication;

import android.content.Context;
import com.amazon.identity.auth.device.api.AuthenticationMethodFactory;
import com.amazon.identity.auth.device.api.MAPAccountManager;
import com.amazon.kcp.application.IAuthenticationManager;
import com.amazon.kindle.build.BuildInfo;
import com.amazon.kindle.callback.ICallback;
import com.amazon.kindle.callback.OperationResult;
import com.amazon.kindle.event.AuthenticationEventPayload;
import com.amazon.kindle.event.Event;
import com.amazon.kindle.event.RedrivableEventProvider;
import com.amazon.kindle.krx.events.IMessageQueue;
import com.amazon.kindle.krx.events.KRXAuthenticationEvent;
import com.amazon.kindle.krx.events.Subscriber;
import com.amazon.kindle.krx.messaging.ITodoItem;
import com.amazon.kindle.log.Log;
import com.amazon.kindle.model.metrics.IMetricsData;
import com.amazon.kindle.persistence.AndroidSecureStorage;
import com.amazon.kindle.persistence.ISecureStorage;
import com.amazon.kindle.services.IReaderServicesObjectFactory;
import com.amazon.kindle.services.authentication.AuthenticationEvent;
import com.amazon.kindle.services.events.PubSubMessageService;
import com.amazon.kindle.services.metrics.MetricsService;
import com.amazon.kindle.util.NamedThreadFactory;
import com.amazon.kindle.util.StringUtils;
import com.amazon.kindle.webservices.DynamicConfigManager;
import com.amazon.kindle.webservices.IWebRequestErrorDescriber;
import java.io.UnsupportedEncodingException;
import java.net.URLEncoder;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.List;
import java.util.Map;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.LinkedBlockingQueue;
import java.util.concurrent.ThreadPoolExecutor;
import java.util.concurrent.TimeUnit;
import org.apache.commons.codec.binary.Base64;

/* loaded from: classes.dex */
public class AuthenticationService extends RedrivableEventProvider implements IAuthenticationManager {
    public static final String CIPHER_KEY = "KindleCipherKey";
    private static final String EID_GET_KEY = "eid";
    private static final String EID_SECRET_KEY = "some secret keya.(";
    private static final String LOGOUT_TIMER_KEY = "LogoutTimer";
    private static final String TAG = Log.getTag(AuthenticationService.class);
    private static final int WORKER_NUMS = 1;
    protected String accessToken;
    private IAccountProvider accountProvider;
    protected String adpToken;
    private Context context;
    protected String cookie;
    protected String cor;
    private IAccountInfo currentUserAccountInfo;
    protected String deviceName;
    protected String deviceType;
    protected String dsn;
    protected String emailAddress;
    private ExecutorService executor;
    private final IReaderServicesObjectFactory factory;
    private ISecureStorage fallbackSecureStorage;
    private boolean ftueStarted;
    private final long internalVersionNumber;
    private IMessageQueue messageQueue;
    protected String pfm;
    protected String privateKey;
    private Collection<String> registeredUsers;
    private IRequestSigner requestSigner;
    private ISecureStorage secureStorage;
    private ITokenCache tokenCache;
    private final List<TokenKey> tokensToPrefetch;
    protected String userName;
    private Map<String, String> userRoles;
    protected String whispersendEmailAddress;
    protected String xmainXacbCookie;
    protected String xmainXacbCookieForDevicePfm;

    public AuthenticationService(IAccountInfo iAccountInfo, IRequestSigner iRequestSigner, Context context, IReaderServicesObjectFactory iReaderServicesObjectFactory, IAccountProvider iAccountProvider, List<TokenKey> list, long j) {
        super(context, 1, iAccountInfo);
        this.cookie = "";
        this.xmainXacbCookie = "";
        this.xmainXacbCookieForDevicePfm = "";
        this.adpToken = "";
        this.accessToken = "";
        this.privateKey = "";
        this.userName = "";
        this.deviceName = "";
        this.emailAddress = "";
        this.whispersendEmailAddress = "";
        this.cor = "";
        this.pfm = "";
        this.deviceType = "";
        this.dsn = "";
        this.registeredUsers = new HashSet();
        this.userRoles = new HashMap();
        this.messageQueue = PubSubMessageService.getInstance().createMessageQueue(AuthenticationService.class);
        this.context = context;
        this.factory = iReaderServicesObjectFactory;
        this.tokenCache = MAPTokenCache.getInstance(this.context, this.factory);
        this.accountProvider = iAccountProvider;
        this.tokensToPrefetch = Collections.unmodifiableList(new ArrayList(list));
        this.secureStorage = new MAPSecureStorage(getFallbackSecureStorage(context), context, this.tokenCache, iAccountProvider);
        this.currentUserAccountInfo = iAccountInfo;
        for (IAccountInfo iAccountInfo2 : getAllAccountInfo()) {
            this.registeredUsers.add(iAccountInfo2.getId());
            this.userRoles.put(iAccountInfo2.getId(), iAccountInfo2.getUserRole());
        }
        this.registeredUsers.add("MASTER");
        this.requestSigner = iRequestSigner;
        this.internalVersionNumber = j;
        PubSubMessageService.getInstance().subscribe(this);
        startOver(null);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public List<IAccountInfo> getAllAccountInfo() {
        MAPAccountManager mAPAccountManager = new MAPAccountManager(this.context);
        ArrayList arrayList = new ArrayList();
        for (String str : mAPAccountManager.getAccounts()) {
            arrayList.add(new AccountInfo(str, true, false, UserStateHelper.isInSafeMode(this.context) ? "ChildRole" : "AdultRole", this.tokenCache.getValue(TokenKey.COR, str, false, false), this.tokenCache.getValue(TokenKey.PFM, str, false, false)));
        }
        if (arrayList.size() == 0) {
            arrayList.add(AccountInfo.getDefaultAccountInfo());
        }
        return arrayList;
    }

    private synchronized ExecutorService getExecutor() {
        if (this.executor == null) {
            this.executor = new ThreadPoolExecutor(0, 1, 1L, TimeUnit.MINUTES, new LinkedBlockingQueue(), new NamedThreadFactory(getClass().getSimpleName()));
        }
        return this.executor;
    }

    private ISecureStorage getFallbackSecureStorage(Context context) {
        if (this.fallbackSecureStorage == null) {
            this.fallbackSecureStorage = new AndroidSecureStorage(this.context);
        }
        return this.fallbackSecureStorage;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void publishRegistrationEvents() {
        this.messageQueue.publish(new AuthenticationEvent(AuthenticationEvent.EventType.LOGIN));
        this.messageQueue.publish(new KRXAuthenticationEvent(KRXAuthenticationEvent.EventType.LOGIN, this.currentUserAccountInfo.getId()));
        setFtueStarted(true);
        publishEvent(new Event(this.currentUserAccountInfo.getId(), new AuthenticationEventPayload(this.currentUserAccountInfo), USER_REGISTER, false));
    }

    private void removeAuthentication() {
        if (isAuthenticated()) {
            MetricsService metricsService = MetricsService.getInstance();
            IMetricsData startMetrics = metricsService.startMetrics("AuthenticationManagerTimer");
            startMetrics.startTimingMetric(LOGOUT_TIMER_KEY);
            this.secureStorage.removeItemWithKey(CIPHER_KEY);
            this.tokenCache.clear(this.currentUserAccountInfo.getId());
            if (!BuildInfo.isDebugBuild()) {
                DynamicConfigManager.getInstance().clearConfigUrls();
            }
            Log.info(TAG, "Authentication removed, notifying all listeners");
            publishEvent(new Event(this.currentUserAccountInfo.getId(), this.currentUserAccountInfo, SESSION_USER_DEREGISTER, false));
            this.messageQueue.publish(new AuthenticationEvent(AuthenticationEvent.EventType.LOGOUT));
            this.messageQueue.publish(new KRXAuthenticationEvent(KRXAuthenticationEvent.EventType.LOGOUT, this.currentUserAccountInfo.getId()));
            setFtueStarted(false);
            startMetrics.stopTimingMetric(LOGOUT_TIMER_KEY);
            metricsService.reportMetrics(startMetrics);
        }
    }

    private void startOver(final ICallback<Void> iCallback) {
        final String primaryAccount = this.accountProvider.getPrimaryAccount();
        if (StringUtils.isNullOrEmpty(primaryAccount)) {
            Log.error(TAG, "startOver(): not registered; current account ID: " + this.currentUserAccountInfo.getId());
            return;
        }
        SessionUser sessionUser = SessionUser.getInstance(this.context);
        sessionUser.updateCurrentSessionUser(primaryAccount);
        this.currentUserAccountInfo = sessionUser.getAccountInfo();
        this.tokenCache.clear(primaryAccount);
        getExecutor().submit(new Runnable() { // from class: com.amazon.kindle.services.authentication.AuthenticationService.3
            @Override // java.lang.Runnable
            public void run() {
                for (TokenKey tokenKey : AuthenticationService.this.tokensToPrefetch) {
                    if (tokenKey == TokenKey.USER_EMAIL) {
                        AuthenticationService.this.fetchToken(tokenKey, primaryAccount);
                    } else {
                        AuthenticationService.this.getToken(tokenKey, primaryAccount);
                    }
                }
                if (AuthenticationService.this.secureStorage != null) {
                    if (iCallback != null) {
                        iCallback.call(null);
                    }
                } else if (AuthenticationService.this.currentUserAccountInfo == null) {
                    Log.warn(AuthenticationService.TAG, "startOver(): Null account Info");
                } else {
                    Log.warn(AuthenticationService.TAG, "startOver(): No secure storage found for " + AuthenticationService.this.currentUserAccountInfo.getId());
                }
            }
        });
    }

    @Override // com.amazon.kcp.application.IAuthenticationManager
    public String fetchToken(TokenKey tokenKey) {
        return fetchToken(tokenKey, this.accountProvider.getPrimaryAccount());
    }

    @Override // com.amazon.kcp.application.IAuthenticationManager
    public String fetchToken(TokenKey tokenKey, String str) {
        return this.tokenCache.getValue(tokenKey, str, false, false);
    }

    @Override // com.amazon.kcp.application.IAuthenticationManager
    public IAccountInfo getAccountInfo() {
        return this.currentUserAccountInfo;
    }

    @Override // com.amazon.kcp.application.IAuthenticationManager
    public AuthenticationMethodFactory getAuthenticatedMethodFactory() {
        String primaryAccount = this.accountProvider.getPrimaryAccount();
        if (!this.currentUserAccountInfo.getId().equals(primaryAccount)) {
            startOver(null);
        }
        return new AuthenticationMethodFactory(this.context, primaryAccount);
    }

    @Override // com.amazon.kcp.application.IAuthenticationManager
    public String getCookie() {
        return getToken(TokenKey.XFSN_COOKIE);
    }

    public String getDeviceType() {
        return getToken(TokenKey.DEVICE_TYPE);
    }

    @Override // com.amazon.kcp.application.IAuthenticationManager
    public String getEncryptedDeviceSerialNumber() {
        try {
            byte[] bytes = getToken(TokenKey.DEVICE_TYPE).getBytes("UTF-8");
            byte[] bytes2 = EID_SECRET_KEY.getBytes("UTF-8");
            int i = 0;
            for (int i2 = 0; i2 < bytes.length; i2++) {
                bytes[i2] = (byte) (bytes[i2] ^ bytes2[i]);
                i = (i + 1) % bytes2.length;
            }
            return URLEncoder.encode(new String(Base64.encodeBase64(bytes), "UTF-8"));
        } catch (UnsupportedEncodingException e) {
            throw new RuntimeException("Unexpected exception", e);
        }
    }

    @Override // com.amazon.kcp.application.IAuthenticationManager
    public boolean getFtueStarted() {
        return this.ftueStarted;
    }

    @Override // com.amazon.kcp.application.IAuthenticationManager
    public String getPFM() {
        return fetchToken(TokenKey.PFM);
    }

    @Override // com.amazon.kcp.application.IAuthenticationManager
    public IRequestSigner getRequestSigner() {
        return this.requestSigner;
    }

    @Override // com.amazon.kcp.application.IAuthenticationManager
    public synchronized ISecureStorage getSecureStorage() {
        return this.secureStorage;
    }

    @Override // com.amazon.kcp.application.IAuthenticationManager
    public String getToken(TokenKey tokenKey) {
        return getToken(tokenKey, this.accountProvider.getPrimaryAccount());
    }

    public String getToken(TokenKey tokenKey, String str) {
        return this.tokenCache.getValue(tokenKey, str, true, false);
    }

    @Override // com.amazon.kcp.application.IAuthenticationManager
    public String getUserAccountId() {
        return this.currentUserAccountInfo.getId();
    }

    @Override // com.amazon.kcp.application.IAuthenticationManager
    public String getUserName() {
        return fetchToken(TokenKey.USER_NAME);
    }

    @Override // com.amazon.kcp.application.IAuthenticationManager
    public String getUserRole() {
        return this.currentUserAccountInfo.getUserRole();
    }

    @Override // com.amazon.kcp.application.IAuthenticationManager
    public String getUserRole(String str) {
        return this.userRoles.get(str);
    }

    @Override // com.amazon.kcp.application.IAuthenticationManager
    public void handleRegistration(final ICallback<Void> iCallback) {
        startOver(new ICallback<Void>() { // from class: com.amazon.kindle.services.authentication.AuthenticationService.2
            @Override // com.amazon.kindle.callback.ICallback
            public void call(OperationResult<Void> operationResult) {
                AuthenticationService.this.publishRegistrationEvents();
                iCallback.call(null);
            }
        });
    }

    @Subscriber
    public void handleTokenFetchedEvent(TokenFetchedEvent tokenFetchedEvent) {
        String primaryAccount = this.accountProvider.getPrimaryAccount();
        if (StringUtils.isNullOrEmpty(primaryAccount) || !primaryAccount.equals(tokenFetchedEvent.getAccount())) {
            return;
        }
        switch (tokenFetchedEvent.getKey()) {
            case COR:
                this.currentUserAccountInfo.setUserCOR(tokenFetchedEvent.getValue());
                return;
            case PFM:
                this.currentUserAccountInfo.setUserPFM(tokenFetchedEvent.getValue());
                return;
            default:
                return;
        }
    }

    @Override // com.amazon.kcp.application.IAuthenticationManager
    public boolean isAuthenticated() {
        return !StringUtils.isNullOrEmpty(this.accountProvider.getPrimaryAccount());
    }

    @Override // com.amazon.kcp.application.IAuthenticationManager
    public boolean isAuthenticated(String str) {
        return this.registeredUsers.contains(str);
    }

    @Override // com.amazon.kcp.application.IAuthenticationManager
    public void removeAuthentication(IAccountInfo iAccountInfo) {
        removeAuthentication();
        this.registeredUsers.remove(iAccountInfo.getId());
    }

    public void setFtueStarted(boolean z) {
        this.ftueStarted = z;
    }

    @Override // com.amazon.kcp.application.IAuthenticationManager
    public void updateCORPFM() {
        final String primaryAccount = this.accountProvider.getPrimaryAccount();
        if (this.currentUserAccountInfo == null || !this.currentUserAccountInfo.getId().equals(primaryAccount)) {
            startOver(null);
        } else if (this.secureStorage != null) {
            getExecutor().submit(new Runnable() { // from class: com.amazon.kindle.services.authentication.AuthenticationService.1
                @Override // java.lang.Runnable
                public void run() {
                    String value = AuthenticationService.this.tokenCache.getValue(TokenKey.COR, primaryAccount, true, true);
                    String value2 = AuthenticationService.this.tokenCache.getValue(TokenKey.PFM, primaryAccount, true, true);
                    for (IAccountInfo iAccountInfo : AuthenticationService.this.getAllAccountInfo()) {
                        iAccountInfo.setUserCOR(value);
                        iAccountInfo.setUserPFM(value2);
                    }
                    AuthenticationService.this.currentUserAccountInfo.setUserCOR(value);
                    AuthenticationService.this.currentUserAccountInfo.setUserPFM(value2);
                    AuthenticationService.this.publishEvent(new Event(AuthenticationService.this.context, IAuthenticationManager.COR_PFM_UPDATED));
                }
            });
        } else {
            Log.warn(TAG, "No secure storage found" + (BuildInfo.isDebugBuild() ? " for " + this.currentUserAccountInfo.getId() : ""));
        }
    }

    @Override // com.amazon.kcp.application.IAuthenticationManager
    public void updateDeviceCredentials(String str, ITodoItem iTodoItem, ICallback<IWebRequestErrorDescriber> iCallback) {
        this.tokenCache.updateDeviceCredentials(this.accountProvider.getPrimaryAccount(), str, iTodoItem, this.internalVersionNumber, iCallback);
    }

    @Override // com.amazon.kcp.application.IAuthenticationManager
    public void updateDeviceName(String str, String str2) {
        this.tokenCache.setValue(TokenKey.DEVICE_NAME, str, str2);
    }
}
