package com.medisafe.network.v3.interceptor;

import android.content.SharedPreferences;
import android.os.Build;
import android.support.annotation.NonNull;
import android.text.TextUtils;
import com.appsflyer.share.Constants;
import com.crashlytics.android.Crashlytics;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.fasterxml.jackson.databind.node.ObjectNode;
import com.medisafe.common.Mlog;
import com.medisafe.network.v3.Supplier;
import com.medisafe.network.v3.dt.InstallationDto;
import com.medisafe.network.v3.dt.LegacyAuthenticationRequest;
import com.medisafe.network.v3.dt.LoginResponse;
import com.medisafe.network.v3.dt.OperationSystemDto;
import com.medisafe.network.v3.dt.RefreshTokenDto;
import com.medisafe.network.v3.dt.UserTokenStateDto;
import com.medisafe.network.v3.resource.JwtAuthResource;
import java.io.IOException;
import okhttp3.Interceptor;
import okhttp3.MediaType;
import okhttp3.Protocol;
import okhttp3.Request;
import okhttp3.RequestBody;
import okhttp3.Response;
import okhttp3.ResponseBody;
import okio.Buffer;

/* loaded from: classes3.dex */
public class JwtInterceptor implements Interceptor {
    static final /* synthetic */ boolean $assertionsDisabled = false;
    private static final String PREF_KEY_USER_NOT_AUTHORIZED = "PREF_KEY_USER_NOT_AUTHORIZED";
    public static final String REFRESH_TOKEN = "refresh-token";
    private static final String TAG = "JwtInterceptor";
    private JwtToken accessToken;
    private final Supplier<String> authTokenGetter;
    private String fullAppVersion;
    private String installationId;
    private final JwtAuthResource jwtAuthResource;
    private String refreshToken;
    private final SharedPreferences sharedPreferences;
    private UnAuthorizeListener unAuthorizeListener;
    private final Object refreshLock = new Object();
    ObjectMapper objectMapper = new ObjectMapper();

    /* loaded from: classes3.dex */
    public interface UnAuthorizeListener {
        void logoutUser();
    }

    public JwtInterceptor(JwtAuthResource jwtAuthResource, SharedPreferences sharedPreferences, String str, Supplier<String> supplier, @NonNull UnAuthorizeListener unAuthorizeListener) {
        this.fullAppVersion = str;
        this.authTokenGetter = supplier;
        this.jwtAuthResource = jwtAuthResource;
        this.sharedPreferences = sharedPreferences;
        this.refreshToken = sharedPreferences.getString(REFRESH_TOKEN, null);
        this.unAuthorizeListener = unAuthorizeListener;
    }

    @NonNull
    private Request authorizeRequest(@NonNull Request request, JwtToken jwtToken) {
        return request.newBuilder().addHeader("Authorization", "Bearer " + jwtToken.getToken()).build();
    }

    private Response generateFakeResponse(Request request, int i) {
        return new Response.Builder().request(request).code(i).body(ResponseBody.create(MediaType.get("text/plain"), "Error authorizing user")).message(i == 401 ? "Logged out" : "Error").protocol(Protocol.HTTP_1_1).build();
    }

    private void handleNullRefreshToken() {
        Mlog.d(TAG, "refresh token null, legacy login");
        legacyLogin();
    }

    private String insertUserIdIntoBody(String str, JwtToken jwtToken) {
        long longValue = jwtToken.getUserId().longValue();
        try {
            if (!TextUtils.isEmpty(str)) {
                ObjectNode objectNode = (ObjectNode) this.objectMapper.readTree(str);
                if (objectNode.has("userId")) {
                    objectNode.set("userId", this.objectMapper.getNodeFactory().numberNode(longValue));
                }
                return objectNode.toString();
            }
        } catch (Exception e) {
            Mlog.e("jwtInterceptor", "unable to insert userId into body", e);
        }
        return str;
    }

    private Request insertUserIdIntoRequest(Request request, JwtToken jwtToken) {
        RequestBody requestBody;
        try {
            String httpUrl = request.url().toString();
            String requestBodyToString = requestBodyToString(request.body());
            Request.Builder url = request.newBuilder().url(insertUserIdIntoUrl(httpUrl, jwtToken));
            String method = request.method();
            if (requestBodyToString != null && !TextUtils.isEmpty(requestBodyToString)) {
                requestBody = RequestBody.create(MediaType.parse("application/json; charset=utf-8"), insertUserIdIntoBody(requestBodyToString, jwtToken));
                return url.method(method, requestBody).build();
            }
            requestBody = null;
            return url.method(method, requestBody).build();
        } catch (Exception e) {
            Mlog.e("jwtInterceptor", "unable to insert userId into request", e);
            return request;
        }
    }

    private String insertUserIdIntoUrl(String str, JwtToken jwtToken) {
        return str.replaceFirst("/user/0/", "/user/" + jwtToken.getUserId().longValue() + Constants.URL_PATH_DELIMITER);
    }

    private boolean isNotValid(JwtToken jwtToken) {
        return jwtToken == null || !jwtToken.isValid();
    }

    private void legacyLogin() {
        if (this.authTokenGetter == null) {
            return;
        }
        String str = this.authTokenGetter.get();
        if (TextUtils.isEmpty(str)) {
            return;
        }
        try {
            OperationSystemDto operationSystemDto = new OperationSystemDto();
            operationSystemDto.setName("android");
            operationSystemDto.setVersion(Build.VERSION.RELEASE);
            InstallationDto installationDto = new InstallationDto();
            installationDto.setInstallationId(this.installationId);
            installationDto.setApplicationVersion(this.fullAppVersion);
            installationDto.setDeviceModel(Build.BRAND + " (" + Build.MANUFACTURER + "): " + Build.MODEL + " (" + Build.DEVICE + ")");
            installationDto.setOs(operationSystemDto);
            LegacyAuthenticationRequest legacyAuthenticationRequest = new LegacyAuthenticationRequest();
            legacyAuthenticationRequest.setLegacyToken(str);
            legacyAuthenticationRequest.setInstallation(installationDto);
            retrofit2.Response<LoginResponse> execute = this.jwtAuthResource.legacyLogin(legacyAuthenticationRequest).execute();
            if (execute.isSuccessful()) {
                String accessToken = execute.body().getToken().getAccessToken();
                String refreshToken = execute.body().getToken().getRefreshToken();
                this.accessToken = new JwtToken(accessToken);
                this.refreshToken = refreshToken;
                this.sharedPreferences.edit().putString(REFRESH_TOKEN, refreshToken).apply();
                return;
            }
            Mlog.w(TAG, "Failed to legacy login: " + execute.code() + " - " + execute.message());
        } catch (Exception e) {
            Mlog.e(TAG, "Error in legacy login", e);
            Crashlytics.logException(e);
        }
    }

    private int refreshAccessToken() throws IOException {
        synchronized (this.refreshLock) {
            if (!isNotValid(this.accessToken)) {
                Mlog.monitor("accessToken is valid!");
                return 200;
            }
            Mlog.monitor("accessToken invalid");
            this.accessToken = null;
            if (this.refreshToken == null) {
                Mlog.monitor("no refreshToken");
                handleNullRefreshToken();
                if (isNotValid(this.accessToken)) {
                    Mlog.monitor("token invalid after legacy login");
                    return 401;
                }
                Mlog.d(TAG, "accessToken valid!");
                return 200;
            }
            Mlog.monitor("refreshToken exists, try to refresh access token");
            retrofit2.Response<UserTokenStateDto> execute = this.jwtAuthResource.refresh(new RefreshTokenDto(this.refreshToken)).execute();
            if (execute.isSuccessful()) {
                Mlog.monitor("refresh accessToken successful");
                this.accessToken = new JwtToken(execute.body().getAccessToken());
                Mlog.monitor("new accessToken saved");
                return 200;
            }
            Mlog.monitor("refresh accessToken failed!");
            if (execute.code() == 401) {
                Mlog.monitor("unauthorised access, logging out!");
                this.unAuthorizeListener.logoutUser();
            }
            Mlog.monitor("refreshToken failed, result code: " + execute.code());
            return execute.code();
        }
    }

    private String requestBodyToString(RequestBody requestBody) throws IOException {
        if (requestBody == null) {
            return null;
        }
        Buffer buffer = new Buffer();
        requestBody.writeTo(buffer);
        return buffer.readUtf8();
    }

    private boolean requestHasUserIdZero(Request request) {
        return request.url().toString().contains("/user/0/");
    }

    public Long getUserId() {
        return this.accessToken.getUserId();
    }

    @Override // okhttp3.Interceptor
    @NonNull
    public Response intercept(@NonNull Interceptor.Chain chain) throws IOException {
        JwtToken jwtToken = this.accessToken;
        Request request = chain.request();
        if (isNotValid(jwtToken)) {
            Mlog.d(TAG, "accessToken is not valid");
            int refreshAccessToken = refreshAccessToken();
            if (refreshAccessToken != 200) {
                Mlog.d(TAG, "response for refreshAccessToken not OK");
                this.sharedPreferences.edit().putBoolean("PREF_KEY_USER_NOT_AUTHORIZED", true).apply();
                return generateFakeResponse(request, refreshAccessToken);
            }
            Mlog.d(TAG, "refreshing token success");
            jwtToken = this.accessToken;
        }
        if (requestHasUserIdZero(request)) {
            if (jwtToken == null) {
                return generateFakeResponse(request, 0);
            }
            request = insertUserIdIntoRequest(request, jwtToken);
        }
        Response proceed = chain.proceed(authorizeRequest(request, jwtToken));
        if (proceed.code() == 401 || proceed.code() == 403) {
            synchronized (this.refreshLock) {
                if (jwtToken.equals(this.accessToken)) {
                    this.accessToken = null;
                }
            }
            int refreshAccessToken2 = refreshAccessToken();
            if (refreshAccessToken2 != 200) {
                this.sharedPreferences.edit().putBoolean("PREF_KEY_USER_NOT_AUTHORIZED", true).apply();
                return generateFakeResponse(request, refreshAccessToken2);
            }
            proceed = chain.proceed(authorizeRequest(request, this.accessToken));
            if (proceed.code() == 401) {
                this.sharedPreferences.edit().putBoolean("PREF_KEY_USER_NOT_AUTHORIZED", true).apply();
                return proceed;
            }
        }
        if (this.sharedPreferences.getBoolean("PREF_KEY_USER_NOT_AUTHORIZED", false)) {
            this.sharedPreferences.edit().remove("PREF_KEY_USER_NOT_AUTHORIZED").apply();
        }
        return proceed;
    }

    public boolean isLoggedIn() {
        return this.refreshToken != null;
    }

    public void removeRefreshToken() {
        this.accessToken = null;
        this.refreshToken = null;
    }

    public void setInstallationId(String str) {
        this.installationId = str;
    }

    public void updateTokens(JwtToken jwtToken, String str) {
        synchronized (this.refreshLock) {
            this.accessToken = jwtToken;
            this.refreshToken = str;
            this.sharedPreferences.edit().putString(REFRESH_TOKEN, str).apply();
        }
    }
}
