package com.amazonaws.mobileconnectors.appsync;

import android.content.Context;
import com.amazonaws.DefaultRequest;
import com.amazonaws.auth.AWSCredentialsProvider;
import com.amazonaws.auth.CognitoCachingCredentialsProvider;
import com.amazonaws.http.HttpHeader;
import com.amazonaws.http.HttpMethodName;
import com.amazonaws.mobile.config.AWSConfiguration;
import com.amazonaws.mobileconnectors.appsync.AWSAppSyncClient;
import com.amazonaws.mobileconnectors.appsync.sigv4.APIKeyAuthProvider;
import com.amazonaws.mobileconnectors.appsync.sigv4.AWSLambdaAuthProvider;
import com.amazonaws.mobileconnectors.appsync.sigv4.AppSyncV4Signer;
import com.amazonaws.mobileconnectors.appsync.sigv4.BasicCognitoUserPoolsAuthProvider;
import com.amazonaws.mobileconnectors.appsync.sigv4.CognitoUserPoolsAuthProvider;
import com.amazonaws.mobileconnectors.appsync.sigv4.OidcAuthProvider;
import com.amazonaws.mobileconnectors.cognitoidentityprovider.CognitoUserPool;
import com.amazonaws.regions.Regions;
import com.amazonaws.services.s3.Headers;
import com.amazonaws.util.DateUtils;
import com.apollographql.apollo.api.Subscription;
import java.io.ByteArrayInputStream;
import java.net.MalformedURLException;
import java.net.URI;
import java.net.URISyntaxException;
import java.net.URL;
import java.text.SimpleDateFormat;
import java.util.Date;
import java.util.Locale;
import java.util.Map;
import org.json.JSONException;
import org.json.JSONObject;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: classes3.dex */
public class SubscriptionAuthorizer {
    private final AWSLambdaAuthProvider mAWSLambdaAuthProvider;
    private final APIKeyAuthProvider mApiKeyProvider;
    private final Context mApplicationContext;
    private final AWSConfiguration mAwsConfiguration;
    private final CognitoUserPoolsAuthProvider mCognitoUserPoolsAuthProvider;
    private final AWSCredentialsProvider mCredentialsProvider;
    private final OidcAuthProvider mOidcAuthProvider;
    private final String mServerUrl;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes3.dex */
    public static final class ISO8601Timestamp {
        ISO8601Timestamp() {
        }

        static String now() {
            return new SimpleDateFormat(DateUtils.COMPRESSED_DATE_PATTERN, Locale.US).format(new Date());
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public SubscriptionAuthorizer(AWSAppSyncClient.Builder builder) {
        this.mAwsConfiguration = builder.mAwsConfiguration;
        this.mApplicationContext = builder.mContext;
        this.mOidcAuthProvider = builder.mOidcAuthProvider;
        this.mCredentialsProvider = builder.mCredentialsProvider;
        this.mCognitoUserPoolsAuthProvider = builder.mCognitoUserPoolsAuthProvider;
        this.mAWSLambdaAuthProvider = builder.mAWSLambdaAuthProvider;
        this.mServerUrl = builder.mServerUrl;
        this.mApiKeyProvider = builder.mApiKey;
    }

    private String getApiKey() throws JSONException {
        APIKeyAuthProvider aPIKeyAuthProvider = this.mApiKeyProvider;
        return aPIKeyAuthProvider != null ? aPIKeyAuthProvider.getAPIKey() : this.mAwsConfiguration.optJsonObject("AppSync").getString("ApiKey");
    }

    private String getApiRegion() throws JSONException {
        return this.mAwsConfiguration.optJsonObject("AppSync").getString("Region");
    }

    private JSONObject getAuthorizationDetailsForApiKey() {
        try {
            return new JSONObject().put("host", getHost(this.mServerUrl)).put(Headers.S3_ALTERNATE_DATE, ISO8601Timestamp.now()).put("x-api-key", getApiKey());
        } catch (MalformedURLException | JSONException e3) {
            throw new RuntimeException("Error constructing the authorization json for Api key. ", e3);
        }
    }

    private JSONObject getAuthorizationDetailsForAwsLambda() {
        try {
            return new JSONObject().put("host", getHost(this.mServerUrl)).put(HttpHeader.AUTHORIZATION, this.mAWSLambdaAuthProvider.getLatestAuthToken());
        } catch (MalformedURLException | JSONException e3) {
            throw new RuntimeException("Error constructing authorization message json", e3);
        }
    }

    private JSONObject getAuthorizationDetailsForIAM(boolean z2, Subscription subscription) throws JSONException {
        DefaultRequest defaultRequest = new DefaultRequest("appsync");
        try {
            String str = this.mServerUrl;
            if (z2) {
                str = str + "/connect";
            }
            URI uri = new URI(str);
            defaultRequest.setEndpoint(uri);
            defaultRequest.addHeader("accept", "application/json, text/javascript");
            defaultRequest.addHeader("content-encoding", "amz-1.0");
            defaultRequest.addHeader("content-type", "application/json; charset=UTF-8");
            defaultRequest.setHttpMethod(HttpMethodName.valueOf("POST"));
            if (z2) {
                defaultRequest.setContent(new ByteArrayInputStream("{}".getBytes()));
            } else {
                defaultRequest.setContent(new ByteArrayInputStream(getDataJson(subscription).getBytes()));
            }
            String str2 = uri.getAuthority().split("\\.")[2];
            if (DomainType.CUSTOM == DomainType.from(this.mServerUrl)) {
                str2 = getApiRegion();
            }
            if (z2) {
                new AppSyncV4Signer(str2, AppSyncV4Signer.ResourcePath.IAM_CONNECTION_RESOURCE_PATH).sign(defaultRequest, getCredentialsProvider().getCredentials());
            } else {
                new AppSyncV4Signer(str2).sign(defaultRequest, getCredentialsProvider().getCredentials());
            }
            JSONObject jSONObject = new JSONObject();
            try {
                for (Map.Entry<String, String> entry : defaultRequest.getHeaders().entrySet()) {
                    if (entry.getKey().equals("host")) {
                        jSONObject.put("host", getHost(this.mServerUrl));
                    } else {
                        jSONObject.put(entry.getKey(), entry.getValue());
                    }
                }
                return jSONObject;
            } catch (MalformedURLException e3) {
                e = e3;
                throw new RuntimeException("Error constructing authorization message json", e);
            } catch (JSONException e4) {
                e = e4;
                throw new RuntimeException("Error constructing authorization message json", e);
            }
        } catch (URISyntaxException e5) {
            throw new RuntimeException("Error constructing canonical URI for IAM request signature", e5);
        }
    }

    private JSONObject getAuthorizationDetailsForOidc() {
        try {
            return new JSONObject().put("host", getHost(this.mServerUrl)).put(HttpHeader.AUTHORIZATION, this.mOidcAuthProvider.getLatestAuthToken());
        } catch (MalformedURLException | JSONException e3) {
            throw new RuntimeException("Error constructing authorization message json", e3);
        }
    }

    private JSONObject getAuthorizationDetailsForUserpools() {
        try {
            return new JSONObject().put("host", getHost(this.mServerUrl)).put(HttpHeader.AUTHORIZATION, getCognitoUserPoolsAuthProvider().getLatestAuthToken());
        } catch (MalformedURLException | JSONException e3) {
            throw new RuntimeException("Error constructing authorization message JSON.", e3);
        }
    }

    private CognitoUserPoolsAuthProvider getCognitoUserPoolsAuthProvider() {
        CognitoUserPoolsAuthProvider cognitoUserPoolsAuthProvider = this.mCognitoUserPoolsAuthProvider;
        return cognitoUserPoolsAuthProvider != null ? cognitoUserPoolsAuthProvider : new BasicCognitoUserPoolsAuthProvider(new CognitoUserPool(this.mApplicationContext, this.mAwsConfiguration));
    }

    private AWSCredentialsProvider getCredentialsProvider() throws RuntimeException {
        AWSCredentialsProvider aWSCredentialsProvider = this.mCredentialsProvider;
        if (aWSCredentialsProvider != null) {
            return aWSCredentialsProvider;
        }
        try {
            String region = getRegion();
            return new CognitoCachingCredentialsProvider(this.mApplicationContext, getIdentityPoolId(), Regions.fromName(region));
        } catch (JSONException e3) {
            throw new RuntimeException("Error reading identity pool information from AWSConfiguration", e3);
        }
    }

    private static String getDataJson(Subscription subscription) {
        try {
            return new JSONObject().put("query", subscription.a()).put("variables", new JSONObject(subscription.d().b())).toString();
        } catch (JSONException e3) {
            throw new RuntimeException("Error constructing JSON object", e3);
        }
    }

    private static String getHost(String str) throws MalformedURLException {
        return new URL(str).getHost();
    }

    private String getIdentityPoolId() throws JSONException {
        return this.mAwsConfiguration.optJsonObject("CredentialsProvider").getJSONObject("CognitoIdentity").getJSONObject(this.mAwsConfiguration.getConfiguration()).getString("PoolId");
    }

    private String getRegion() throws JSONException {
        return this.mAwsConfiguration.optJsonObject("CredentialsProvider").getJSONObject("CognitoIdentity").getJSONObject(this.mAwsConfiguration.getConfiguration()).getString("Region");
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public JSONObject getAuthorizationDetails(boolean z2, Subscription subscription) throws JSONException {
        try {
            String string = this.mAwsConfiguration.optJsonObject("AppSync").getString("AuthMode");
            string.hashCode();
            char c3 = 65535;
            switch (string.hashCode()) {
                case -1600818164:
                    if (string.equals("AMAZON_COGNITO_USER_POOLS")) {
                        c3 = 0;
                        break;
                    }
                    break;
                case -1474186384:
                    if (string.equals("OPENID_CONNECT")) {
                        c3 = 1;
                        break;
                    }
                    break;
                case -81149318:
                    if (string.equals("API_KEY")) {
                        c3 = 2;
                        break;
                    }
                    break;
                case 128487891:
                    if (string.equals("AWS_IAM")) {
                        c3 = 3;
                        break;
                    }
                    break;
                case 1052853097:
                    if (string.equals("AWS_LAMBDA")) {
                        c3 = 4;
                        break;
                    }
                    break;
            }
            switch (c3) {
                case 0:
                    return getAuthorizationDetailsForUserpools();
                case 1:
                    return getAuthorizationDetailsForOidc();
                case 2:
                    return getAuthorizationDetailsForApiKey();
                case 3:
                    return getAuthorizationDetailsForIAM(z2, subscription);
                case 4:
                    return getAuthorizationDetailsForAwsLambda();
                default:
                    throw new RuntimeException("Invalid AuthMode read from awsconfiguration.json.");
            }
        } catch (JSONException e3) {
            throw new RuntimeException("Failed to read AuthMode from awsconfiguration.json", e3);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public JSONObject getConnectionAuthorizationDetails() throws JSONException {
        return getAuthorizationDetails(true, null);
    }
}
