package com.duosecurity;

import com.duosecurity.exception.DuoException;
import com.duosecurity.model.HealthCheckResponse;
import com.duosecurity.model.Token;
import com.duosecurity.service.DuoConnector;

/* loaded from: input_file:com/duosecurity/Client.class */
public class Client {
    private static final String OAUTH_V_1_HEALTH_CHECK_ENDPOINT = "/oauth/v1/health_check";
    private static final String OAUTH_V_1_AUTHORIZE_ENDPOINT = "/oauth/v1/authorize";
    private static final String OAUTH_V_1_TOKEN_ENDPOINT = "/oauth/v1/token";
    private static final String CLIENT_ASSERTION_TYPE = "urn:ietf:params:oauth:client-assertion-type:jwt-bearer";
    private static final String USER_AGENT_LIB = "duo_universal_java";
    private static final String USER_AGENT_VERSION = "1.1.3";
    private String clientId;
    private String clientSecret;
    private String apiHost;
    private String redirectUri;
    private Boolean useDuoCodeAttribute;
    protected DuoConnector duoConnector;
    private String userAgent;

    /* loaded from: input_file:com/duosecurity/Client$Builder.class */
    public static class Builder {
        private final String clientId;
        private final String clientSecret;
        private final String apiHost;
        private final String redirectUri;
        private static final String[] DEFAULT_CA_CERTS = {"sha256/I/Lt/z7ekCWanjD0Cvj5EqXls2lOaThEA0H2Bg4BT/o=", "sha256/r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E=", "sha256/WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18=", "sha256/dykHF2FLJfEpZOvbOLX4PKrcD2w2sHd/iA/G3uHTOcw=", "sha256/JZaQTcTWma4gws703OR/KFk313RkrDcHRvUt6na6DCg=", "sha256/++MBgDH5WGvL9Bcn5Be30cRcL0f5O+NyoXuWtQdX1aI=", "sha256/f0KW/FtqTjs108NpYj42SrGvOB2PpxIVM8nWxjPqJGE=", "sha256/NqvDJlas/GRcYbcWE8S/IceH9cq77kg0jVhZeAPXq8k=", "sha256/9+ze1cZgR9KO1kZrVDxA4HQ6voHRCSVNz4RdTCx4U8U=", "sha256/j9ESw8g3DxR9XM06fYZeuN1UB4O6xp/GAIjjdD/zM3g="};
        private String[] caCerts = DEFAULT_CA_CERTS;
        private Boolean useDuoCodeAttribute = true;
        private String userAgent = computeUserAgent();

        public Builder(String str, String str2, String str3, String str4) {
            this.clientId = str;
            this.clientSecret = str2;
            this.apiHost = str3;
            this.redirectUri = str4;
        }

        public Client build() throws DuoException {
            Validator.validateClientParams(this.clientId, this.clientSecret, this.apiHost, this.redirectUri);
            Client client = new Client();
            client.clientId = this.clientId;
            client.clientSecret = this.clientSecret;
            client.apiHost = this.apiHost;
            client.redirectUri = this.redirectUri;
            client.useDuoCodeAttribute = this.useDuoCodeAttribute;
            client.userAgent = this.userAgent;
            client.duoConnector = new DuoConnector(this.apiHost, this.caCerts);
            return client;
        }

        public Builder setCACerts(String[] strArr) {
            if (Utils.validateCaCert(strArr)) {
                this.caCerts = strArr;
            }
            return this;
        }

        public Builder setUseDuoCodeAttribute(boolean z) {
            this.useDuoCodeAttribute = Boolean.valueOf(z);
            return this;
        }

        public Builder appendUserAgentInfo(String str) {
            this.userAgent = String.format("%s %s", this.userAgent, str);
            return this;
        }

        private String computeUserAgent() {
            return String.format("%s %s %s", String.format("%s/%s", Client.USER_AGENT_LIB, Client.USER_AGENT_VERSION), String.format("%s/%s", System.getProperty("java.vendor"), System.getProperty("java.version")), String.format("%s/%s/%s", System.getProperty("os.name"), System.getProperty("os.version"), System.getProperty("os.arch")));
        }
    }

    private Client() {
    }

    @Deprecated
    public Client(String str, String str2, String str3, String str4) throws DuoException {
        this(str, str2, str3, str4, null);
    }

    @Deprecated
    public Client(String str, String str2, String str3, String str4, String[] strArr) throws DuoException {
        Client build = new Builder(str, str2, str3, str4).setCACerts(strArr).build();
        this.clientId = build.clientId;
        this.clientSecret = build.clientSecret;
        this.apiHost = build.apiHost;
        this.redirectUri = build.redirectUri;
        this.useDuoCodeAttribute = build.useDuoCodeAttribute;
        this.duoConnector = build.duoConnector;
        this.userAgent = build.userAgent;
    }

    public HealthCheckResponse healthCheck() throws DuoException {
        HealthCheckResponse duoHealthcheck = this.duoConnector.duoHealthcheck(this.clientId, Utils.createJwt(this.clientId, this.clientSecret, Utils.getAndValidateUrl(this.apiHost, OAUTH_V_1_HEALTH_CHECK_ENDPOINT).toString()));
        if (duoHealthcheck.wasSuccess().booleanValue()) {
            return duoHealthcheck;
        }
        throw new DuoException(duoHealthcheck.getMessage());
    }

    public String createAuthUrl(String str, String str2) throws DuoException {
        Validator.validateUsername(str);
        Validator.validateState(str2);
        return Utils.getAndValidateUrl(this.apiHost, OAUTH_V_1_AUTHORIZE_ENDPOINT + String.format("?scope=openid&response_type=code&redirect_uri=%s&client_id=%s&request=%s", this.redirectUri, this.clientId, Utils.createJwtForAuthUrl(this.clientId, this.clientSecret, this.redirectUri, str2, str, this.useDuoCodeAttribute))).toString();
    }

    public Token exchangeAuthorizationCodeFor2FAResult(String str, String str2) throws DuoException {
        return exchangeAuthorizationCodeFor2FAResult(str, new DuoIdTokenValidator(this.clientSecret, str2, this.clientId, this.apiHost));
    }

    public Token exchangeAuthorizationCodeFor2FAResult(String str, TokenValidator tokenValidator) throws DuoException {
        return Utils.transformDecodedJwtToToken(tokenValidator.validateAndDecode(this.duoConnector.exchangeAuthorizationCodeFor2FAResult(this.userAgent, "authorization_code", str, this.redirectUri, CLIENT_ASSERTION_TYPE, Utils.createJwt(this.clientId, this.clientSecret, Utils.getAndValidateUrl(this.apiHost, OAUTH_V_1_TOKEN_ENDPOINT).toString())).getId_token()));
    }

    public String generateState() {
        return Utils.generateJwtId(36);
    }
}
