package at.asitplus.bindingclient;

import android.net.Uri;
import android.util.Base64;
import at.asitplus.bindingclient.Delegate;
import at.asitplus.bindingclient.data.BindingDeviceInfo;
import at.asitplus.bindingclient.data.BindingParams;
import at.asitplus.bindingclient.data.BindingPostRequest;
import at.asitplus.bindingclient.data.BindingPostResponse;
import at.asitplus.bindingclient.data.QrCodeContent;
import at.asitplus.common.AppIdService;
import at.asitplus.common.AuthSelection;
import at.asitplus.common.BindingAuthMethod;
import at.asitplus.common.BindingEnvironment;
import at.asitplus.common.BindingInformation;
import at.asitplus.common.ContextAdapter;
import at.asitplus.common.Error;
import at.asitplus.common.exception.ProblemDetails;
import at.asitplus.common.exception.detail.AttestationException;
import at.asitplus.common.exception.detail.BindingExistsException;
import at.asitplus.common.exception.detail.QrCodeException;
import at.asitplus.common.exception.detail.UnsupportedAuthenticationSelectionException;
import at.asitplus.common.exception.general.BindingClientException;
import at.asitplus.common.exception.internal.CryptoException;
import at.asitplus.common.exception.internal.HttpStatusException;
import at.asitplus.utils.HttpClientBuilder;
import at.asitplus.utils.JwtSignatureVerifier;
import at.asitplus.utils.KeyStoreService;
import at.asitplus.utils.SimpleCookieJar;
import at.asitplus.utils.constants.EidConstants;
import at.asitplus.utils.constants.HttpConstants;
import com.nimbusds.jose.JOSEObject;
import com.nimbusds.jose.JWSObject;
import com.nimbusds.jose.util.JSONObjectUtils;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.security.KeyPair;
import java.text.ParseException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Date;
import java.util.List;
import java.util.Objects;
import okhttp3.Headers;
import okhttp3.HttpUrl;
import okhttp3.Interceptor;
import okhttp3.MediaType;
import okhttp3.OkHttpClient;
import okhttp3.Request;
import okhttp3.RequestBody;
import okhttp3.Response;
import okhttp3.ResponseBody;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.ASN1Primitive;
import org.bouncycastle.asn1.x500.AttributeTypeAndValue;
import org.bouncycastle.asn1.x500.RDN;
import org.bouncycastle.asn1.x500.X500Name;
import org.bouncycastle.asn1.x500.style.BCStyle;
import org.bouncycastle.asn1.x500.style.IETFUtils;
import org.bouncycastle.cert.X509CertificateHolder;
import org.bouncycastle.pkcs.PKCS10CertificationRequest;
import org.json.JSONException;
import org.json.JSONObject;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: classes12.dex */
public class BindingClient {
    private static final Logger log = LoggerFactory.getLogger((Class<?>) BindingClient.class);
    private final AppIdService appIdService;
    private final AuthSelection authSelection;
    private final ContextAdapter contextAdapter;
    private final Delegate delegate;
    private final String headerValue;
    private final HttpClientBuilder httpClientBuilder;
    private final JwtSignatureVerifier jwtSignatureVerifier;
    private final KeyStoreService keyStoreService;
    private final RevocationService revocationService;
    private final int userAuthTimeout;

    /* loaded from: classes12.dex */
    public interface NoBinding {
        void noBinding();
    }

    /* loaded from: classes12.dex */
    public interface Success {
        void success(BindingInformation bindingInformation);
    }

    public BindingClient(Delegate delegate, KeyStoreService keyStoreService, AppIdService appIdService, RevocationService revocationService, HttpClientBuilder httpClientBuilder, JwtSignatureVerifier jwtSignatureVerifier, ContextAdapter contextAdapter) {
        this.headerValue = "Android Binding Library 2.1.1";
        this.delegate = delegate;
        this.keyStoreService = keyStoreService;
        this.appIdService = appIdService;
        this.revocationService = revocationService;
        this.httpClientBuilder = httpClientBuilder;
        this.jwtSignatureVerifier = jwtSignatureVerifier;
        this.contextAdapter = contextAdapter;
        this.authSelection = AuthSelection.ONLY_BIOMETRY;
        this.userAuthTimeout = AuthSelection.ONLY_BIOMETRY.getUserAuthTimeout();
    }

    public BindingClient(Delegate delegate, KeyStoreService keyStoreService, AppIdService appIdService, RevocationService revocationService, HttpClientBuilder httpClientBuilder, JwtSignatureVerifier jwtSignatureVerifier, ContextAdapter contextAdapter, AuthSelection authSelection) {
        this.headerValue = "Android Binding Library 2.1.1";
        this.delegate = delegate;
        this.keyStoreService = keyStoreService;
        this.appIdService = appIdService;
        this.revocationService = revocationService;
        this.httpClientBuilder = httpClientBuilder;
        this.jwtSignatureVerifier = jwtSignatureVerifier;
        this.contextAdapter = contextAdapter;
        this.authSelection = authSelection;
        this.userAuthTimeout = authSelection.getUserAuthTimeout();
    }

    private Request buildGetRequest(String str) {
        return new Request.Builder().url(str).addHeader(HttpConstants.HEADER_ACCEPT, HttpConstants.CONTENT_TYPE_APPLICATON_JSON).get().build();
    }

    private String buildPostCsr(JOSEObject jOSEObject, PKCS10CertificationRequest pKCS10CertificationRequest, List<byte[]> list) throws IOException, JSONException {
        return new BindingPostRequest(jOSEObject.serialize(), new BindingDeviceInfo("android", this.contextAdapter.getPackageName(), this.contextAdapter.getOsVersion(), this.contextAdapter.getPatchLevel(), this.contextAdapter.getDeviceFriendlyName()), pKCS10CertificationRequest, list, this.appIdService.getPreviousAppId(), this.appIdService.getCurrentAppId()).toJsonObject().toString();
    }

    private Request buildPostRequest(String str, String str2) {
        return new Request.Builder().url(str).addHeader(HttpConstants.HEADER_ACCEPT, HttpConstants.CONTENT_TYPE_APPLICATON_JSON).post(RequestBody.create(str2, MediaType.parse("application/json; charset=utf-8"))).build();
    }

    private BindingInformation createBindingInformation(X509CertificateHolder x509CertificateHolder) {
        BindingEnvironment extractEnvironment = extractEnvironment(x509CertificateHolder);
        String x500Name = x509CertificateHolder.getSubject().toString();
        return new BindingInformation(x509CertificateHolder.getNotAfter(), x509CertificateHolder.getNotBefore(), this.revocationService.getBindingServiceUrl(), x500Name, extractEnvironment);
    }

    private byte[] extractAttestationChallenge(BindingParams bindingParams) {
        byte[] attestationChallenge = bindingParams.getAttestationChallenge();
        return (attestationChallenge == null || attestationChallenge.length == 0) ? bindingParams.getSubject().getBytes(StandardCharsets.UTF_8) : attestationChallenge;
    }

    private BindingEnvironment extractEnvironment(X509CertificateHolder x509CertificateHolder) {
        for (X500Name x500Name : Arrays.asList(x509CertificateHolder.getSubject(), x509CertificateHolder.getIssuer())) {
            for (String str : extractNameValue(x500Name, BCStyle.OU)) {
                if (str.startsWith("T-") || str.equals("T")) {
                    return BindingEnvironment.T;
                }
                if (str.startsWith("Q-") || str.equals("Q")) {
                    return BindingEnvironment.Q;
                }
            }
            for (String str2 : extractNameValue(x500Name, BCStyle.CN)) {
                if (str2.startsWith("T-")) {
                    return BindingEnvironment.T;
                }
                if (str2.startsWith("Q-")) {
                    return BindingEnvironment.Q;
                }
            }
        }
        return BindingEnvironment.P;
    }

    private Iterable<String> extractNameValue(X500Name x500Name, ASN1ObjectIdentifier aSN1ObjectIdentifier) {
        RDN[] rDNs = x500Name.getRDNs(aSN1ObjectIdentifier);
        ArrayList arrayList = new ArrayList(rDNs.length);
        for (RDN rdn : rDNs) {
            for (AttributeTypeAndValue attributeTypeAndValue : rdn.getTypesAndValues()) {
                if (aSN1ObjectIdentifier.equals((ASN1Primitive) attributeTypeAndValue.getType())) {
                    arrayList.add(IETFUtils.valueToString(attributeTypeAndValue.getValue()).replace("\\", ""));
                }
            }
        }
        return arrayList;
    }

    private QrCodeContent extractValuesFromQrCode(String str) throws IOException, QrCodeException {
        Response execute = this.httpClientBuilder.getBuilder().addInterceptor(new Interceptor() { // from class: at.asitplus.bindingclient.BindingClient$$ExternalSyntheticLambda1
            @Override // okhttp3.Interceptor
            public final Response intercept(Interceptor.Chain chain) {
                return BindingClient.this.m5410x6e03247d(chain);
            }
        }).build().newCall(new Request.Builder().url(str).get().build()).execute();
        try {
            ResponseBody body = execute.body();
            if (body == null) {
                throw new IOException("Body is null");
            }
            try {
                JWSObject parse = JWSObject.parse(body.string());
                this.jwtSignatureVerifier.verify("qrBinding", parse);
                QrCodeContent parse2 = QrCodeContent.parse(new JSONObject(parse.getPayload().toJSONObject()));
                if (execute != null) {
                    execute.close();
                }
                return parse2;
            } catch (Exception e) {
                log.warn("extractValuesFromQrCode failed", (Throwable) e);
                throw new QrCodeException(e);
            }
        } catch (Throwable th) {
            if (execute != null) {
                try {
                    execute.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }

    private KeyPair generateEcKeyPair(String str, byte[] bArr) throws CryptoException, UnsupportedAuthenticationSelectionException {
        if (Objects.equals(str, "secp256r1")) {
            return this.keyStoreService.generateKeyPair(256, "EC", true, this.userAuthTimeout, bArr, this.authSelection);
        }
        log.error("generateEcKeyPair: unsupported EC curve " + str);
        throw new CryptoException("Unsupported EC curve");
    }

    private KeyPair generateRsaKeyPair(Number number, byte[] bArr) throws CryptoException, UnsupportedAuthenticationSelectionException {
        int intValue = number.intValue();
        if (intValue == 2048) {
            return this.keyStoreService.generateKeyPair(intValue, "RSA", true, this.userAuthTimeout, bArr, this.authSelection);
        }
        log.error("generateRsaKeyPair: unsupported RSA length " + number);
        throw new CryptoException("Unsupported RSA length");
    }

    private void getBinding(String str, BindingAuthMethod bindingAuthMethod, Success success, Error error) {
        log.debug("getBinding: Starting: " + str);
        OkHttpClient build = this.httpClientBuilder.getBuilder().addInterceptor(new Interceptor() { // from class: at.asitplus.bindingclient.BindingClient$$ExternalSyntheticLambda0
            @Override // okhttp3.Interceptor
            public final Response intercept(Interceptor.Chain chain) {
                return BindingClient.this.m5411lambda$getBinding$1$atasitplusbindingclientBindingClient(chain);
            }
        }).followRedirects(false).cookieJar(new SimpleCookieJar()).build();
        try {
            if (getBindingSubject() != null) {
                throw new BindingExistsException();
            }
            performBindingProcessAsync(str, build, bindingAuthMethod, success, error);
        } catch (Throwable th) {
            if (th instanceof SamlAuthRequiredException) {
                log.info("getBinding: Need Saml auth", (Throwable) th);
                this.delegate.callAgainAfterSamlAuth(th.url, error, createCallback(build, str, bindingAuthMethod, success, error));
            } else {
                log.error("getBinding: error", (Throwable) th);
                error.error(BindingClientException.build(th, this.contextAdapter));
            }
        }
    }

    private String getResponseBody(OkHttpClient okHttpClient, Request request) throws Exception {
        Logger logger = log;
        logger.debug("getResponseBody: " + request);
        Response execute = okHttpClient.newCall(request).execute();
        try {
            String header = execute.header(HttpConstants.HEADER_LOCATION);
            if (execute.isRedirect() && header != null) {
                if (isSamlAuthRequest(header)) {
                    throw new SamlAuthRequiredException(header);
                }
                if (isAuthHandlerRequest(header, execute.headers())) {
                    throw new AuthRequiredException(header);
                }
                if (request.url().equals(HttpUrl.parse(header))) {
                    throw new RedirectForSuccessException(header);
                }
                if (stripLastPathSegment(request.url().getUrl()).equals(stripLastPathSegment(header))) {
                    throw new RedirectForSuccessException(header);
                }
            }
            ResponseBody body = execute.body();
            if (!execute.isSuccessful()) {
                if (body != null) {
                    String string = body.string();
                    logger.error("HTTP status {} on URL {} with {}", Integer.valueOf(execute.code()), request.url(), request.body());
                    try {
                        throw new HttpStatusException(execute.code(), request.url().getUrl(), ProblemDetails.parse(JSONObjectUtils.parse(string)));
                    } catch (ParseException e) {
                    }
                }
                log.error("HTTP status {} on URL {}", Integer.valueOf(execute.code()), request.url());
                throw new HttpStatusException(execute.code(), request.url().getUrl());
            }
            if (body == null || body.getContentLength() == 0) {
                logger.error("No valid response from URL {}", request.url());
                throw new IOException("No valid response");
            }
            String string2 = body.string();
            if (execute != null) {
                execute.close();
            }
            return string2;
        } catch (Throwable th) {
            if (execute != null) {
                try {
                    execute.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }

    private boolean isAuthHandlerRequest(String str, Headers headers) {
        return (str.contains("authHandler") || str.contains("?token=")) && Objects.equals(headers.get(EidConstants.HEADER_AUTH_HANDLER_OP), EidConstants.HEADER_AUTH_HANDLER_OP_VALUE_START);
    }

    private boolean isSamlAuthRequest(String str) {
        return str.contains("/SAML2/Redirect/") || str.contains("SAMLRequest=") || str.contains("auth/eds");
    }

    private void performBindingProcessAsync(String str, OkHttpClient okHttpClient, BindingAuthMethod bindingAuthMethod, Success success, Error error) throws Exception {
        JOSEObject step1GetParams = step1GetParams(str, okHttpClient);
        step3GenerateCsr(str, okHttpClient, step1GetParams, step2GenerateKeyPair(step1GetParams), bindingAuthMethod, success, error);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void resumeBindingWithAuthHandlerResponse(OkHttpClient okHttpClient, String str, Success success) throws Exception {
        log.debug("resumeBindingWithAuthHandlerResponse: " + str);
        BindingPostResponse step4PostRequestGetResponse = step4PostRequestGetResponse(okHttpClient, Uri.parse(str).buildUpon().appendPath(this.appIdService.getCurrentAppId()).appendPath(this.appIdService.getPreviousAppId()).toString(), "");
        step5CallLogout(okHttpClient, step4PostRequestGetResponse.getLogoutUrl());
        storeBinding(step4PostRequestGetResponse, success);
    }

    private JOSEObject step1GetParams(String str, OkHttpClient okHttpClient) throws Exception {
        String builder = Uri.parse(str).buildUpon().appendPath("params").appendQueryParameter(BindingConstants.PARAM_OS, "android").appendQueryParameter("packageName", this.contextAdapter.getPackageName()).toString();
        JWSObject parse = JWSObject.parse(getResponseBody(okHttpClient, buildGetRequest(builder)));
        log.debug("step1GetParams: from " + builder + " get " + parse.getParsedString());
        return parse;
    }

    private KeyPair step2GenerateKeyPair(JOSEObject jOSEObject) throws Exception {
        BindingParams parse = BindingParams.parse(new JSONObject(jOSEObject.getPayload().toJSONObject()));
        log.debug("step2GenerateKeyPair: " + parse);
        Number rsaLength = parse.getRsaLength();
        String curveName = parse.getCurveName();
        byte[] extractAttestationChallenge = extractAttestationChallenge(parse);
        return (rsaLength == null || rsaLength.intValue() <= 0) ? generateEcKeyPair(curveName, extractAttestationChallenge) : generateRsaKeyPair(rsaLength, extractAttestationChallenge);
    }

    private void step3GenerateCsr(final String str, final OkHttpClient okHttpClient, final JOSEObject jOSEObject, KeyPair keyPair, final BindingAuthMethod bindingAuthMethod, final Success success, final Error error) {
        BindingParams parse = BindingParams.parse(new JSONObject(jOSEObject.getPayload().toJSONObject()));
        String postUrl = parse.getPostUrl();
        String subject = parse.getSubject();
        final String uri = Uri.parse(str).buildUpon().appendEncodedPath(postUrl).build().toString();
        this.keyStoreService.generateCsr(keyPair, subject, this.userAuthTimeout, this.authSelection, new KeyStoreService.GenerateCsrCallback() { // from class: at.asitplus.bindingclient.BindingClient$$ExternalSyntheticLambda2
            @Override // at.asitplus.utils.KeyStoreService.GenerateCsrCallback
            public final void success(PKCS10CertificationRequest pKCS10CertificationRequest) {
                BindingClient.this.m5412x951caae4(jOSEObject, okHttpClient, uri, success, str, error, bindingAuthMethod, pKCS10CertificationRequest);
            }
        }, new KeyStoreService.CallbackError() { // from class: at.asitplus.bindingclient.BindingClient$$ExternalSyntheticLambda3
            @Override // at.asitplus.utils.KeyStoreService.CallbackError
            public final void error(Throwable th) {
                BindingClient.this.m5413x21bcd5e5(error, th);
            }
        });
    }

    private void step4PostCsr(PKCS10CertificationRequest pKCS10CertificationRequest, JOSEObject jOSEObject, OkHttpClient okHttpClient, String str, Success success) throws Exception {
        log.debug("step4PostCsr: " + str);
        BindingPostResponse step4PostRequestGetResponse = step4PostRequestGetResponse(okHttpClient, str, buildPostCsr(jOSEObject, pKCS10CertificationRequest, this.keyStoreService.loadAttestationChain()));
        step5CallLogout(okHttpClient, step4PostRequestGetResponse.getLogoutUrl());
        storeBinding(step4PostRequestGetResponse, success);
    }

    private BindingPostResponse step4PostRequestGetResponse(OkHttpClient okHttpClient, String str, String str2) throws Exception {
        try {
            return BindingPostResponse.parse(getResponseBody(okHttpClient, buildPostRequest(str, str2)));
        } catch (HttpStatusException e) {
            if (e.getProblemDetails() == null || e.getProblemDetails().getTitle() == null || !e.getProblemDetails().getTitle().contains("AttestationServiceException")) {
                throw e;
            }
            String detail = e.getProblemDetails().getDetail();
            if (detail != null) {
                throw new AttestationException(AttestationException.Reason.findByString(detail), e);
            }
            throw new AttestationException(AttestationException.Reason.ERROR_ANYTHING, e);
        }
    }

    private void step5CallLogout(OkHttpClient okHttpClient, String str) {
        log.debug("step5CallLogout: " + str);
        if (str == null) {
            return;
        }
        try {
            Response execute = okHttpClient.newCall(buildGetRequest(str)).execute();
            if (execute != null) {
                execute.close();
            }
        } catch (IOException e) {
        }
    }

    private void storeBinding(BindingPostResponse bindingPostResponse, Success success) throws Exception {
        this.revocationService.store(bindingPostResponse.getRevocationToken());
        X509CertificateHolder x509CertificateHolder = new X509CertificateHolder(bindingPostResponse.getCertificate());
        this.keyStoreService.storeBinding(x509CertificateHolder);
        log.debug("storeBinding: Stored " + Base64.encodeToString(x509CertificateHolder.getEncoded(), 2));
        success.success(createBindingInformation(x509CertificateHolder));
    }

    private String stripLastPathSegment(String str) {
        String[] split = str.split("/");
        StringBuilder sb = new StringBuilder(split[0]);
        for (String str2 : split) {
            if (!str.startsWith(str2)) {
                if (str.endsWith(str2)) {
                    return sb.toString();
                }
                sb.append("/").append(str2);
            }
        }
        return sb.toString();
    }

    public boolean bindingKeyNeedsMigration201904() {
        try {
            return !this.keyStoreService.isKeySuitableForJwtAuth();
        } catch (CryptoException e) {
            log.warn("useJwtAuthWithBindingKey: error", (Throwable) e);
            return false;
        }
    }

    Delegate.Callback createCallback(final OkHttpClient okHttpClient, final String str, final BindingAuthMethod bindingAuthMethod, final Success success, final Error error) {
        return new Delegate.Callback() { // from class: at.asitplus.bindingclient.BindingClient.1
            @Override // at.asitplus.bindingclient.Delegate.Callback
            public void resumeBindingWithAuthHandlerResponse(String str2) {
                try {
                    BindingClient.this.resumeBindingWithAuthHandlerResponse(okHttpClient, str2, success);
                } catch (Exception e) {
                    BindingClient.log.error("resumeBindingWithAuthHandlerResponse: error", (Throwable) e);
                    error.error(BindingClientException.build(e, BindingClient.this.contextAdapter));
                }
            }

            @Override // at.asitplus.bindingclient.Delegate.Callback
            public void resumeBindingWithSamlAssertion(JSONObject jSONObject) {
                BindingClient.this.resumeBindingWithAssertion(okHttpClient, str, jSONObject, bindingAuthMethod, success, error);
            }
        };
    }

    public void destroyBinding(boolean z, Success success, NoBinding noBinding) {
        try {
            Logger logger = log;
            logger.debug("destroyBinding: Starting");
            X509CertificateHolder loadCertificate = this.keyStoreService.loadCertificate();
            if (loadCertificate == null) {
                noBinding.noBinding();
                return;
            }
            BindingInformation createBindingInformation = createBindingInformation(loadCertificate);
            this.keyStoreService.destroyBinding();
            this.revocationService.revokeBinding(z);
            logger.debug("destroyBinding: Success");
            success.success(createBindingInformation);
        } catch (Throwable th) {
            log.warn("destroyBinding: error", th);
            noBinding.noBinding();
        }
    }

    public void getBinding(String str, Success success, Error error) {
        getBinding(str, BindingAuthMethod.VDA, success, error);
    }

    public BindingEnvironment getBindingEnvironment() {
        try {
            X509CertificateHolder loadCertificate = this.keyStoreService.loadCertificate();
            if (loadCertificate == null) {
                log.debug("getBindingEnvironment: " + ((Object) null));
                return null;
            }
            BindingEnvironment extractEnvironment = extractEnvironment(loadCertificate);
            log.debug("getBindingEnvironment: " + extractEnvironment);
            return extractEnvironment;
        } catch (Throwable th) {
            log.debug("getBindingEnvironment: " + ((Object) null));
            return null;
        }
    }

    public BindingInformation getBindingInformation() {
        try {
            X509CertificateHolder loadCertificate = this.keyStoreService.loadCertificate();
            if (loadCertificate == null) {
                log.debug("getBindingInformation: " + ((Object) null));
                return null;
            }
            BindingInformation createBindingInformation = createBindingInformation(loadCertificate);
            log.debug("getBindingInformation: " + createBindingInformation);
            return createBindingInformation;
        } catch (Throwable th) {
            log.debug("getBindingInformation: " + ((Object) null));
            return null;
        }
    }

    public String getBindingSubject() {
        try {
            X509CertificateHolder loadCertificate = this.keyStoreService.loadCertificate();
            if (loadCertificate == null) {
                log.debug("getBindingSubject: " + ((Object) null));
                return null;
            }
            String x500Name = loadCertificate.getSubject().toString();
            log.debug("getBindingSubject: " + x500Name);
            return x500Name;
        } catch (Throwable th) {
            log.debug("getBindingSubject: " + ((Object) null));
            return null;
        }
    }

    public void getBindingWithEidasQrCode(String str, Success success, Error error) {
        getBinding(str, BindingAuthMethod.EIDAS, success, error);
    }

    public void getBindingWithQrCode(String str, Success success, Error error) {
        log.debug("getBindingWithQrCode: Starting: " + str);
        try {
            QrCodeContent extractValuesFromQrCode = extractValuesFromQrCode(str);
            String bindingService = extractValuesFromQrCode.getBindingService();
            this.delegate.setJwtValue(extractValuesFromQrCode.getEncryptedJwt());
            getBinding(bindingService, BindingAuthMethod.QR_CODE, success, error);
        } catch (Throwable th) {
            log.error("getBindingWithQrCode: error extracting values from QR code", th);
            error.error(BindingClientException.build(th, this.contextAdapter));
        }
    }

    public boolean isBindingValidCurrently() {
        boolean z = false;
        try {
            X509CertificateHolder loadCertificate = this.keyStoreService.loadCertificate();
            if (loadCertificate == null) {
                return false;
            }
            z = loadCertificate.isValidOn(new Date());
            Logger logger = log;
            logger.debug("isBindingValidCurrently: " + z);
            logger.debug("isBindingValidCurrently: Not before: " + loadCertificate.getNotBefore() + ", not after " + loadCertificate.getNotAfter());
            return z;
        } catch (Throwable th) {
            log.debug("isBindingValidCurrently: " + ((Object) null));
            return z;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: lambda$extractValuesFromQrCode$0$at-asitplus-bindingclient-BindingClient, reason: not valid java name */
    public /* synthetic */ Response m5410x6e03247d(Interceptor.Chain chain) throws IOException {
        return chain.proceed(chain.request().newBuilder().addHeader("X-Requested-With", "Android Binding Library 2.1.1").build());
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: lambda$getBinding$1$at-asitplus-bindingclient-BindingClient, reason: not valid java name */
    public /* synthetic */ Response m5411lambda$getBinding$1$atasitplusbindingclientBindingClient(Interceptor.Chain chain) throws IOException {
        return chain.proceed(chain.request().newBuilder().addHeader("X-Requested-With", "Android Binding Library 2.1.1").build());
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: lambda$step3GenerateCsr$2$at-asitplus-bindingclient-BindingClient, reason: not valid java name */
    public /* synthetic */ void m5412x951caae4(JOSEObject jOSEObject, OkHttpClient okHttpClient, String str, Success success, String str2, Error error, BindingAuthMethod bindingAuthMethod, PKCS10CertificationRequest pKCS10CertificationRequest) {
        try {
            step4PostCsr(pKCS10CertificationRequest, jOSEObject, okHttpClient, str, success);
        } catch (AuthRequiredException e) {
            log.info("CryptoCallback: Need Auth", (Throwable) e);
            this.delegate.callAgainAfterAuth(str2, e.url, error, createCallback(okHttpClient, str2, bindingAuthMethod, success, error), bindingAuthMethod);
        } catch (RedirectForSuccessException e2) {
            try {
                resumeBindingWithAuthHandlerResponse(okHttpClient, e2.url, success);
            } catch (Exception e3) {
                log.error("CryptoCallback: error", (Throwable) e2);
                error.error(BindingClientException.build(e2, this.contextAdapter));
            }
        } catch (Throwable th) {
            log.error("CryptoCallback: error", th);
            error.error(BindingClientException.build(th, this.contextAdapter));
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: lambda$step3GenerateCsr$3$at-asitplus-bindingclient-BindingClient, reason: not valid java name */
    public /* synthetic */ void m5413x21bcd5e5(Error error, Throwable th) {
        log.error("step3GenerateCsr: error", th);
        error.error(BindingClientException.build(th, this.contextAdapter));
    }

    void resumeBindingWithAssertion(OkHttpClient okHttpClient, String str, JSONObject jSONObject, BindingAuthMethod bindingAuthMethod, Success success, Error error) {
        try {
            Logger logger = log;
            logger.debug("resumeBindingWithSamlAssertion: Starting: " + str);
            new SamlClient().cashInAssertion(okHttpClient, jSONObject);
            performBindingProcessAsync(str, okHttpClient, bindingAuthMethod, success, error);
            logger.debug("resumeBindingWithSamlAssertion: Success");
        } catch (Throwable th) {
            log.error("resumeBindingWithSamlAssertion: error", th);
            error.error(BindingClientException.build(th, this.contextAdapter));
        }
    }

    public void revokeBinding(boolean z, Success success, NoBinding noBinding) {
        try {
            Logger logger = log;
            logger.debug("revokeBinding: Starting");
            X509CertificateHolder loadCertificate = this.keyStoreService.loadCertificate();
            if (loadCertificate == null) {
                noBinding.noBinding();
                return;
            }
            BindingInformation createBindingInformation = createBindingInformation(loadCertificate);
            this.revocationService.revokeBinding(z);
            logger.debug("revokeBinding: Success");
            success.success(createBindingInformation);
        } catch (Throwable th) {
            log.warn("revokeBinding: error", th);
            noBinding.noBinding();
        }
    }
}
