package ru.tcsbank.mcp.network;

import android.content.Context;
import android.support.annotation.NonNull;
import android.support.annotation.Nullable;
import android.support.annotation.WorkerThread;
import android.text.TextUtils;
import android.util.Base64;
import com.google.common.base.Preconditions;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import javax.inject.Inject;
import ru.tcsbank.mcp.business.validators.EmailValidator;
import ru.tcsbank.mcp.network.SecurityManager;
import ru.tcsbank.mcp.network.exception.DeviceLinkNeededWithLogin;
import ru.tcsbank.mcp.network.exception.ServerException;
import ru.tcsbank.mcp.repository.McpAuthPrefs;
import ru.tcsbank.mcp.services.DeliveryChannelsManager;
import ru.tcsbank.mcp.util.CipherUtils;
import ru.tcsbank.mcp.util.StringUtils;
import ru.tinkoff.core.log.Logger;
import ru.tinkoff.core.manager.PrefsManager;
import ru.tinkoff.core.model.Ping;
import ru.tinkoff.core.model.payload.SessionPayload;
import ru.tinkoff.core.model.provider.Provider;
import ru.tinkoff.core.util.DeviceUtils;
import ru.tinkoff.core.util.PhoneNumberUtils;

/* loaded from: classes.dex */
public class McpSecurityManager implements SecurityManager {
    private static final String PIN_HASH = "b59c67bf196a4758191e42f76670ceba";
    private static final long REFRESH_SESSION_INTERVAL = 600000;

    @NonNull
    private final ApiServer apiServer;

    @NonNull
    private final Context context;

    @NonNull
    private final String deviceId;

    @Nullable
    private String email;
    private volatile boolean isAuthorized;
    private volatile long lastCheckLogin;

    @Nullable
    private String phone;

    @NonNull
    private final PrefsManager prefsManager;

    @Nullable
    private List<SecurityManager.SecurityManagerListener> securityManagerListeners;

    @Nullable
    private List<SecurityManager.UserIdChangeListener> userIdChangeListeners;

    @NonNull
    private String uid = "1111";

    @NonNull
    private final Object checkLoginMutex = new Object();

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: ru.tcsbank.mcp.network.McpSecurityManager$1 */
    /* loaded from: classes2.dex */
    public class AnonymousClass1 implements SessionListener {
        AnonymousClass1() {
        }

        @Override // ru.tcsbank.mcp.network.SessionListener
        public void onSessionExpired() {
            try {
                McpSecurityManager.this.sessionExpired();
            } catch (ServerException e) {
                Logger.e(getClass().getName(), e.getMessage(), e);
            }
        }

        @Override // ru.tcsbank.mcp.network.SessionListener
        public void onSetSession(@NonNull SessionPayload sessionPayload) {
            McpSecurityManager.this.setAuthorizeSession(sessionPayload);
        }
    }

    @Inject
    public McpSecurityManager(@NonNull Context context, @NonNull ApiServer apiServer, @NonNull PrefsManager prefsManager) {
        Preconditions.checkNotNull(context);
        Preconditions.checkNotNull(apiServer);
        Preconditions.checkNotNull(prefsManager);
        this.context = context;
        this.apiServer = apiServer;
        this.prefsManager = prefsManager;
        this.deviceId = DeviceUtils.getDeviceId(this.context);
        this.phone = (String) prefsManager.getPref(McpAuthPrefs.PHONE.getValue());
        this.email = (String) prefsManager.getPref(McpAuthPrefs.EMAIL.getValue());
        apiServer.addSessionListener(new SessionListener() { // from class: ru.tcsbank.mcp.network.McpSecurityManager.1
            AnonymousClass1() {
            }

            @Override // ru.tcsbank.mcp.network.SessionListener
            public void onSessionExpired() {
                try {
                    McpSecurityManager.this.sessionExpired();
                } catch (ServerException e) {
                    Logger.e(getClass().getName(), e.getMessage(), e);
                }
            }

            @Override // ru.tcsbank.mcp.network.SessionListener
            public void onSetSession(@NonNull SessionPayload sessionPayload) {
                McpSecurityManager.this.setAuthorizeSession(sessionPayload);
            }
        });
    }

    private void dispatchDeviceLinkNeededWithLogin() {
        if (this.securityManagerListeners != null) {
            Iterator<SecurityManager.SecurityManagerListener> it = this.securityManagerListeners.iterator();
            while (it.hasNext()) {
                it.next().onDeviceLinkNeededWithLogin();
            }
        }
    }

    private void dispatchSessionChanged() {
        if (this.securityManagerListeners == null || this.apiServer.getSession() == null) {
            return;
        }
        Iterator<SecurityManager.SecurityManagerListener> it = this.securityManagerListeners.iterator();
        while (it.hasNext()) {
            it.next().onSessionChanged(this.apiServer.getSession());
        }
    }

    private void dispatchSignUp() {
        if (this.securityManagerListeners != null) {
            Iterator<SecurityManager.SecurityManagerListener> it = this.securityManagerListeners.iterator();
            while (it.hasNext()) {
                it.next().onSignUp();
            }
        }
    }

    private void dispatchUserIdChanged(String str) {
        if (this.userIdChangeListeners != null) {
            Iterator<SecurityManager.UserIdChangeListener> it = this.userIdChangeListeners.iterator();
            while (it.hasNext()) {
                it.next().onUserIdChanged(str);
            }
        }
    }

    @WorkerThread
    private void initAnonymousSession() throws ServerException {
        String session = this.apiServer.session(this.deviceId);
        if (TextUtils.isEmpty(session)) {
            throw new ServerException();
        }
        this.apiServer.setSession(session);
    }

    public /* synthetic */ void lambda$checkLoginAsync$0() {
        try {
            prepareSession();
        } catch (ServerException e) {
            Logger.e(getClass().getName(), e.getMessage(), e);
        }
    }

    @WorkerThread
    private boolean mobileAuth() throws ServerException {
        SessionPayload mobileAuth;
        try {
            String oldSession = getOldSession();
            if (oldSession == null || (mobileAuth = this.apiServer.mobileAuth(this.deviceId, PIN_HASH, oldSession, getSessionId())) == null || mobileAuth.getSessionId() == null) {
                return false;
            }
            setAuthorizeSession(mobileAuth);
            return true;
        } catch (ServerException e) {
            Logger.e(getClass().getName(), e.getMessage(), e);
            if (!(e instanceof DeviceLinkNeededWithLogin)) {
                return false;
            }
            signOut();
            DeliveryChannelsManager.singleton().clear();
            dispatchDeviceLinkNeededWithLogin();
            return false;
        }
    }

    private void saveOldSession() {
        String session = this.apiServer.getSession();
        if (session == null) {
            return;
        }
        this.prefsManager.savePref(McpAuthPrefs.OLD_SESSION.getValue(), new String(Base64.encode(CipherUtils.xor(session.getBytes(), PIN_HASH.getBytes()), 0)));
    }

    private void setUid(@Nullable String str) {
        String str2 = this.uid;
        if (StringUtils.isEmpty(str)) {
            str = "1111";
        }
        this.uid = str;
        if (TextUtils.equals(str2, this.uid)) {
            return;
        }
        dispatchUserIdChanged(this.uid);
    }

    @Override // ru.tcsbank.mcp.network.SecurityManager
    public void addSecurityManagerListener(@NonNull SecurityManager.SecurityManagerListener securityManagerListener) {
        if (this.securityManagerListeners == null) {
            this.securityManagerListeners = new ArrayList();
        }
        this.securityManagerListeners.add(securityManagerListener);
    }

    @Override // ru.tcsbank.mcp.network.SecurityManager
    public void addUserIdChangeListener(@NonNull SecurityManager.UserIdChangeListener userIdChangeListener) {
        if (this.userIdChangeListeners == null) {
            this.userIdChangeListeners = new ArrayList();
        }
        this.userIdChangeListeners.add(userIdChangeListener);
    }

    @Override // ru.tcsbank.mcp.network.SecurityManager
    public void checkLoginAsync() {
        synchronized (this.checkLoginMutex) {
            if (System.currentTimeMillis() - this.lastCheckLogin < REFRESH_SESSION_INTERVAL) {
                return;
            }
            this.lastCheckLogin = System.currentTimeMillis();
            new Thread(McpSecurityManager$$Lambda$1.lambdaFactory$(this)).start();
        }
    }

    @Override // ru.tcsbank.mcp.network.SecurityManager
    @NonNull
    public String getDeviceId() {
        return this.deviceId;
    }

    @Override // ru.tcsbank.mcp.network.SecurityManager
    @Nullable
    public String getEmail() {
        return this.email;
    }

    @Override // ru.tcsbank.mcp.network.SecurityManager
    @Nullable
    public String getLogin() {
        return this.phone != null ? this.phone : this.email;
    }

    @Override // ru.tcsbank.mcp.network.SecurityManager
    @Nullable
    public String getOldSession() {
        String str = (String) this.prefsManager.getPref(McpAuthPrefs.OLD_SESSION.getValue());
        if (str == null) {
            return null;
        }
        return CipherUtils.xor(new String(Base64.decode(str.getBytes(), 0)), PIN_HASH);
    }

    @Override // ru.tcsbank.mcp.network.SecurityManager
    @Nullable
    public String getPhone() {
        return this.phone;
    }

    @Override // ru.tcsbank.mcp.network.SecurityManager
    @Nullable
    public String getSessionId() {
        return this.apiServer.getSession();
    }

    @Override // ru.tcsbank.mcp.network.SecurityManager
    @NonNull
    public String getUid() {
        return this.uid;
    }

    @Override // ru.tcsbank.mcp.network.SecurityManager
    @WorkerThread
    public synchronized void initSession() throws ServerException {
        initAnonymousSession();
        if (isAuthorizedBefore()) {
            mobileAuth();
        }
        dispatchSessionChanged();
    }

    @Override // ru.tcsbank.mcp.network.SecurityManager
    public boolean isAuthorized() {
        if (isAuthorizedBefore()) {
            return this.isAuthorized;
        }
        return false;
    }

    @Override // ru.tcsbank.mcp.network.SecurityManager
    public boolean isAuthorizedBefore() {
        return getOldSession() != null;
    }

    @Override // ru.tcsbank.mcp.network.SecurityManager
    @WorkerThread
    @Nullable
    public Ping ping() throws ServerException {
        Ping ping = this.apiServer.ping(this.deviceId);
        boolean isAuthorizedBefore = isAuthorizedBefore();
        if (ping != null) {
            setUid(ping.getUserId());
            if (isAuthorizedBefore && !ping.getAccessLevel().equals(Provider.CLIENT)) {
                sessionExpired();
            }
        } else if (isAuthorizedBefore) {
            sessionExpired();
        }
        return ping;
    }

    @Override // ru.tcsbank.mcp.network.SecurityManager
    @WorkerThread
    public void prepareSession() throws ServerException {
        if (isAuthorizedBefore()) {
            ping();
        } else {
            initAnonymousSession();
        }
    }

    @Override // ru.tcsbank.mcp.network.SecurityManager
    public void removeSecurityManagerListeners(@NonNull SecurityManager.SecurityManagerListener securityManagerListener) {
        if (this.securityManagerListeners != null) {
            this.securityManagerListeners.remove(securityManagerListener);
        }
    }

    @Override // ru.tcsbank.mcp.network.SecurityManager
    public void removeUserIdChangeListener(@NonNull SecurityManager.UserIdChangeListener userIdChangeListener) {
        if (this.userIdChangeListeners != null) {
            this.userIdChangeListeners.remove(userIdChangeListener);
        }
    }

    @Override // ru.tcsbank.mcp.network.SecurityManager
    @WorkerThread
    public synchronized void sessionExpired() throws ServerException {
        this.isAuthorized = false;
        try {
            if (!mobileAuth()) {
                initAnonymousSession();
            }
        } catch (ServerException e) {
            Logger.e(getClass().getName(), e.getMessage(), e);
            throw new IllegalStateException(e);
        }
    }

    @Override // ru.tcsbank.mcp.network.SecurityManager
    public synchronized void setAuthorizeSession(@NonNull SessionPayload sessionPayload) {
        this.apiServer.setSession(sessionPayload.getSessionId());
        this.isAuthorized = true;
        saveOldSession();
        setUid(sessionPayload.getUserId());
        dispatchSessionChanged();
    }

    @Override // ru.tcsbank.mcp.network.SecurityManager
    public void setEmail(@NonNull String str) throws IllegalArgumentException {
        Preconditions.checkArgument(!TextUtils.isEmpty(str) && EmailValidator.validate(str));
        this.email = str;
        this.prefsManager.savePref(McpAuthPrefs.EMAIL.getValue(), str);
    }

    @Override // ru.tcsbank.mcp.network.SecurityManager
    public void setPhone(@NonNull String str) throws IllegalArgumentException {
        Preconditions.checkArgument(!TextUtils.isEmpty(str) && PhoneNumberUtils.isPhoneNumber(str));
        this.phone = str;
        this.prefsManager.savePref(McpAuthPrefs.PHONE.getValue(), str);
    }

    @Override // ru.tcsbank.mcp.network.SecurityManager
    @WorkerThread
    public synchronized void signOut() throws ServerException {
        this.isAuthorized = false;
        this.prefsManager.delete(McpAuthPrefs.OLD_SESSION.getValue());
        this.phone = null;
        this.email = null;
        this.apiServer.signOut();
        initAnonymousSession();
        dispatchSessionChanged();
    }

    @Override // ru.tcsbank.mcp.network.SecurityManager
    @WorkerThread
    public synchronized void signUp(@NonNull String str, @NonNull SecurityManager.LoginType loginType) throws ServerException {
        SessionPayload signUpByEmail;
        Preconditions.checkArgument(!TextUtils.isEmpty(str));
        Preconditions.checkNotNull(loginType);
        if (loginType.equals(SecurityManager.LoginType.PHONE)) {
            signUpByEmail = this.apiServer.signUpByPhone(str, this.deviceId);
            if (signUpByEmail != null) {
                setPhone(str);
                this.apiServer.mobileSavePin(this.deviceId, PIN_HASH);
                setAuthorizeSession(signUpByEmail);
                dispatchSignUp();
            }
        } else {
            signUpByEmail = this.apiServer.signUpByEmail(str, this.deviceId);
            if (signUpByEmail != null) {
                setEmail(str);
                this.apiServer.mobileSavePin(this.deviceId, PIN_HASH);
                setAuthorizeSession(signUpByEmail);
                dispatchSignUp();
            }
        }
    }
}
