package com.microsoft.aad.adal;

import android.content.Context;
import android.content.Intent;
import android.os.Bundle;
import android.os.Handler;
import android.os.Process;
import java.io.Serializable;
import java.io.UnsupportedEncodingException;
import java.net.URL;
import java.net.URLEncoder;
import java.util.Date;
import java.util.UUID;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.Executors;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: classes2.dex */
public class f {

    /* renamed from: a, reason: collision with root package name */
    private static final String f1642a = f.class.getSimpleName();
    private static final ExecutorService b = Executors.newSingleThreadExecutor();
    private final Context c;
    private final w d;
    private dy e;
    private final cr f;
    private Handler g = null;
    private ca h = new ca();
    private c i;

    /* JADX INFO: Access modifiers changed from: package-private */
    public f(Context context, w wVar, c cVar) {
        this.c = context;
        this.d = wVar;
        if (wVar.a() != null && cVar != null) {
            this.e = new dy(wVar.a(), wVar.c(), cVar.e());
        }
        this.f = new bg(context);
        this.i = cVar;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void a(ak akVar) {
        URL e = dw.e(akVar.a());
        if (e == null) {
            throw new AuthenticationException(a.DEVELOPER_AUTHORITY_IS_NOT_VALID_URL);
        }
        dx.a().a(akVar.s(), "Microsoft.ADAL.authority_validation");
        c cVar = new c("Microsoft.ADAL.authority_validation");
        cVar.h(akVar.f().toString());
        cVar.i(akVar.s());
        try {
            if (this.d.d()) {
                try {
                    a(e, akVar.r(), akVar.m(), akVar.f());
                    cVar.c("Microsoft.ADAL.authority_validation_status_success");
                } catch (AuthenticationException e2) {
                    cVar.c("Microsoft.ADAL.authority_validation_status_failure");
                    throw e2;
                }
            } else {
                cVar.c("Microsoft.ADAL.authority_validation_status_not_done");
            }
            bh a2 = this.f.a(akVar.a());
            if (a2 == bh.CANNOT_SWITCH_TO_BROKER || !this.f.a(akVar.e(), akVar.l()) || akVar.m()) {
                return;
            }
            if (a2 == bh.NEED_PERMISSIONS_TO_SWITCH_TO_BROKER) {
                throw new UsageAuthenticationException(a.DEVELOPER_BROKER_PERMISSIONS_MISSING, "Broker related permissions are missing for GET_ACCOUNTS.");
            }
            h(akVar);
        } finally {
            dx.a().a(akVar.s(), cVar, "Microsoft.ADAL.authority_validation");
        }
    }

    private void a(am amVar, int i, AuthenticationException authenticationException) {
        a((j) null, amVar, i, authenticationException);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void a(j jVar, am amVar, int i, AuthenticationException authenticationException) {
        if (amVar != null) {
            try {
                if (amVar.a() != null) {
                    dg.c(f1642a, "Sending error to callback" + this.d.a(amVar));
                    amVar.c().a(false, (Exception) authenticationException);
                    amVar.c().h(amVar.b().f().toString());
                    amVar.c().b();
                    if (jVar != null) {
                        jVar.a(authenticationException);
                    } else {
                        amVar.a().a(authenticationException);
                    }
                }
            } finally {
                if (authenticationException != null) {
                    this.d.b(i);
                }
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void a(j jVar, cy cyVar, boolean z, ak akVar) {
        an b2 = b(akVar);
        if (!a(b2)) {
            dg.b(f1642a, "Trying to acquire token interactively.");
            b(jVar, cyVar, z, akVar);
            return;
        }
        this.i.a(true, (Exception) null);
        this.i.h(akVar.f().toString());
        this.i.f(b2.o());
        this.i.b();
        jVar.a(b2);
    }

    private void a(URL url, String str, boolean z, UUID uuid) {
        if (this.d.g()) {
            return;
        }
        dg.c(f1642a, "Start validating authority");
        this.h.a(uuid);
        ca.b(url);
        if (z || !ed.a(url) || str == null) {
            if (z && ed.a(url)) {
                dg.c(f1642a, "Silent request. Skipping AD FS authority validation");
            }
            this.h.a(url);
        } else {
            this.h.a(url, str);
        }
        dg.c(f1642a, "The passed in authority is valid.");
        this.d.a(true);
    }

    private boolean a(an anVar) {
        return (anVar == null || dw.a(anVar.b())) ? false : true;
    }

    private synchronized Handler b() {
        if (this.g == null) {
            this.g = new Handler(this.c.getMainLooper());
        }
        return this.g;
    }

    private an b(ak akVar) {
        an anVar = null;
        if (c(akVar)) {
            dg.c(f1642a, "Try to acquire token silently, return valid AT or use RT in the cache.");
            anVar = d(akVar);
            boolean a2 = a(anVar);
            if (!a2 && akVar.m()) {
                String m = anVar == null ? "No result returned from acquireTokenSilent" : anVar.m();
                dg.g(f1642a, "Prompt is not allowed and failed to get token:", akVar.h() + " " + m, a.AUTH_REFRESH_FAILED_PROMPT_NOT_ALLOWED);
                throw new AuthenticationException(a.AUTH_REFRESH_FAILED_PROMPT_NOT_ALLOWED, akVar.h() + " " + m);
            }
            if (a2) {
                dg.c(f1642a, "Token is successfully returned from silent flow. ");
            }
        }
        return anVar;
    }

    private void b(j jVar, cy cyVar, boolean z, ak akVar) {
        if (cyVar == null && !z) {
            throw new AuthenticationException(a.AUTH_REFRESH_FAILED_PROMPT_NOT_ALLOWED, akVar.h() + " Cannot launch webview, acitivity is null.");
        }
        cm.a(this.c);
        int hashCode = jVar.a().hashCode();
        akVar.a(hashCode);
        this.d.a(hashCode, new am(hashCode, akVar, jVar.a(), this.i));
        bh a2 = this.f.a(akVar.a());
        if (a2 == bh.CANNOT_SWITCH_TO_BROKER || !this.f.a(akVar.e(), akVar.l())) {
            dg.c(f1642a, "Starting Authentication Activity for embedded flow. Callback is:" + jVar.a().hashCode());
            new e(this.c, akVar, this.e).a(cyVar, z ? new ab(b(), this.c, this, akVar) : null);
        } else {
            if (a2 == bh.NEED_PERMISSIONS_TO_SWITCH_TO_BROKER) {
                throw new UsageAuthenticationException(a.DEVELOPER_BROKER_PERMISSIONS_MISSING, "Broker related permissions are missing for GET_ACCOUNTS");
            }
            dg.c(f1642a, "Launch activity for interactive authentication via broker with callback: " + jVar.a().hashCode());
            new n(akVar, this.f).a(cyVar);
        }
    }

    private boolean c(ak akVar) {
        return (!eg.a(akVar) && akVar.i() == dp.Auto) || akVar.m();
    }

    private an d(ak akVar) {
        bh a2;
        an e = e(akVar);
        if (a(e) || (a2 = this.f.a(akVar.a())) == bh.CANNOT_SWITCH_TO_BROKER || !this.f.a(akVar.e(), akVar.l())) {
            return e;
        }
        if (a2 == bh.NEED_PERMISSIONS_TO_SWITCH_TO_BROKER) {
            throw new UsageAuthenticationException(a.DEVELOPER_BROKER_PERMISSIONS_MISSING, "Broker related permissions are missing for GET_ACCOUNTS");
        }
        dg.b(f1642a, "Cannot get AT from local cache, switch to Broker for auth, clear tokens from local cache for the user.");
        g(akVar);
        return f(akVar);
    }

    private an e(ak akVar) {
        dg.c(f1642a, "Try to silently get token from local cache.");
        return new m(this.c, akVar, this.e).a();
    }

    private an f(ak akVar) {
        return new n(akVar, this.f).a();
    }

    private void g(ak akVar) {
        if (this.e == null) {
            return;
        }
        String l = !dw.a(akVar.l()) ? akVar.l() : akVar.e();
        ea b2 = this.e.b("1", l);
        if (b2 != null) {
            this.e.a(b2, akVar.c());
        }
        ea a2 = this.e.a(akVar.d(), l);
        ea b3 = this.e.b(akVar.c(), akVar.d(), l);
        if (a2 != null) {
            this.e.a(a2, akVar.c());
        } else if (b3 != null) {
            this.e.a(b3, akVar.c());
        } else {
            dg.c(f1642a, "No token items need to be deleted for the user.");
        }
    }

    private void h(ak akVar) {
        String b2 = akVar.b();
        String e = this.d.e();
        if (dw.a(b2)) {
            String str = "The redirectUri is null or blank. so the redirect uri is expected to be:" + e;
            dg.g(f1642a + ":verifyBrokerRedirectUri", str, "", a.DEVELOPER_REDIRECTURI_INVALID);
            throw new UsageAuthenticationException(a.DEVELOPER_REDIRECTURI_INVALID, str);
        }
        if (!b2.startsWith("msauth://")) {
            String str2 = "The prefix of the redirect uri does not match the expected value.  The valid broker redirect URI prefix: msauth so the redirect uri is expected to be: " + e;
            dg.g(f1642a + ":verifyBrokerRedirectUri", str2, "", a.DEVELOPER_REDIRECTURI_INVALID);
            throw new UsageAuthenticationException(a.DEVELOPER_REDIRECTURI_INVALID, str2);
        }
        dn dnVar = new dn(this.c);
        try {
            String encode = URLEncoder.encode(this.c.getPackageName(), "UTF_8");
            String encode2 = URLEncoder.encode(dnVar.a(this.c.getPackageName()), "UTF_8");
            if (!b2.startsWith("msauth://" + encode + "/")) {
                String str3 = "The base64 url encoded package name component of the redirect uri does not match the expected value. This apps package name is: " + encode + " so the redirect uri is expected to be: " + e;
                dg.g(f1642a + ":verifyBrokerRedirectUri", str3, "", a.DEVELOPER_REDIRECTURI_INVALID);
                throw new UsageAuthenticationException(a.DEVELOPER_REDIRECTURI_INVALID, str3);
            }
            if (b2.equalsIgnoreCase(e)) {
                dg.c(f1642a + ":verifyBrokerRedirectUri", "The broker redirect URI is valid: " + b2);
            } else {
                String str4 = "The base64 url encoded signature component of the redirect uri does not match the expected value. This apps signature is: " + encode2 + " so the redirect uri is expected to be: " + e;
                dg.g(f1642a + ":verifyBrokerRedirectUri", str4, "", a.DEVELOPER_REDIRECTURI_INVALID);
                throw new UsageAuthenticationException(a.DEVELOPER_REDIRECTURI_INVALID, str4);
            }
        } catch (UnsupportedEncodingException e2) {
            dg.b(f1642a + ":verifyBrokerRedirectUri", e2.getMessage(), "", a.ENCODING_IS_NOT_SUPPORTED, e2);
            throw new UsageAuthenticationException(a.ENCODING_IS_NOT_SUPPORTED, "The verifying BrokerRedirectUri process failed because the base64 url encoding is not supported.", e2);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void a(int i, int i2, Intent intent) {
        if (i == 1001) {
            b();
            if (intent == null) {
                dg.g(f1642a, "onActivityResult BROWSER_FLOW data is null.", "", a.ON_ACTIVITY_RESULT_INTENT_NULL);
                return;
            }
            Bundle extras = intent.getExtras();
            int i3 = extras.getInt("com.microsoft.aad.adal:RequestId");
            try {
                am a2 = this.d.a(i3);
                dg.c(f1642a, "onActivityResult RequestId:" + i3);
                String a3 = this.d.a(a2);
                if (i2 == 2004) {
                    String stringExtra = intent.getStringExtra("account.access.token");
                    this.f.c(intent.getStringExtra("account.name"));
                    an anVar = new an(stringExtra, null, new Date(intent.getLongExtra("account.expiredate", 0L)), false, ef.a(intent.getExtras()), intent.getStringExtra("account.userinfo.tenantid"), intent.getStringExtra("account.idtoken"), null);
                    if (anVar.b() != null) {
                        a2.c().a(true, (Exception) null);
                        a2.c().h(a2.b().f().toString());
                        a2.c().f(anVar.o());
                        a2.c().b();
                        a2.a().a((v<an>) anVar);
                        return;
                    }
                    return;
                }
                if (i2 == 2001) {
                    dg.c(f1642a, "User cancelled the flow RequestId:" + i3 + a3);
                    a(a2, i3, new AuthenticationCancelError("User cancelled the flow RequestId:" + i3 + a3));
                    return;
                }
                if (i2 == 2006) {
                    dg.c(f1642a + ":onActivityResult", "Device needs to have broker installed, we expect the apps to call usback when the broker is installed");
                    a(a2, i3, new AuthenticationException(a.BROKER_APP_INSTALLATION_STARTED));
                    return;
                }
                if (i2 == 2005) {
                    Serializable serializable = extras.getSerializable("com.microsoft.aad.adal:AuthenticationException");
                    if (serializable == null || !(serializable instanceof AuthenticationException)) {
                        a(a2, i3, new AuthenticationException(a.WEBVIEW_RETURNED_INVALID_AUTHENTICATION_EXCEPTION, a3));
                        return;
                    }
                    AuthenticationException authenticationException = (AuthenticationException) serializable;
                    dg.f(f1642a, "Webview returned exception", authenticationException.getMessage(), a.WEBVIEW_RETURNED_AUTHENTICATION_EXCEPTION);
                    a(a2, i3, authenticationException);
                    return;
                }
                if (i2 == 2002) {
                    String string = extras.getString("com.microsoft.aad.adal:BrowserErrorCode");
                    String string2 = extras.getString("com.microsoft.aad.adal:BrowserErrorMessage");
                    dg.c(f1642a, "Error info:" + string + " " + string2 + " for requestId: " + i3 + a3);
                    a(a2, i3, new AuthenticationException(a.SERVER_INVALID_REQUEST, string + " " + string2 + a3));
                    return;
                }
                if (i2 == 2003) {
                    ak akVar = (ak) extras.getSerializable("com.microsoft.aad.adal:BrowserRequestInfo");
                    String string3 = extras.getString("com.microsoft.aad.adal:BrowserFinalUrl", "");
                    if (!string3.isEmpty()) {
                        b.execute(new i(this, a2, string3, new j(b(), a2.a()), i3));
                        return;
                    }
                    StringBuilder sb = new StringBuilder("Webview did not reach the redirectUrl. ");
                    if (akVar != null) {
                        sb.append(akVar.h());
                    }
                    sb.append(a3);
                    AuthenticationException authenticationException2 = new AuthenticationException(a.WEBVIEW_RETURNED_EMPTY_REDIRECT_URL, sb.toString());
                    dg.g(f1642a, authenticationException2.getMessage(), "", authenticationException2.a());
                    a(a2, i3, authenticationException2);
                }
            } catch (AuthenticationException e) {
                dg.g(f1642a, "onActivityResult did not find waiting request for RequestId:" + i3, "", a.ON_ACTIVITY_RESULT_INTENT_NULL);
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void a(cy cyVar, boolean z, ak akVar, v<an> vVar) {
        j jVar = new j(b(), vVar);
        dg.a(akVar.f());
        dg.c(f1642a, "Sending async task from thread:" + Process.myTid());
        b.execute(new g(this, akVar, jVar, cyVar, z));
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void a(String str, ak akVar, v<an> vVar) {
        dg.a(akVar.f());
        dg.c(f1642a, "Refresh token without cache");
        b.execute(new h(this, akVar, str, new j(b(), vVar)));
    }
}
