package com.microsoft.intune.mam.policy;

import android.content.Context;
import android.content.Intent;
import android.os.Bundle;
import android.os.ConditionVariable;
import android.support.v4.content.h;
import com.microsoft.aad.adal.ADALError;
import com.microsoft.aad.adal.AuthenticationCancelError;
import com.microsoft.aad.adal.AuthenticationRequest;
import com.microsoft.aad.adal.AuthenticationResult;
import com.microsoft.aad.adal.C0629c;
import com.microsoft.aad.adal.C0632f;
import com.microsoft.aad.adal.C0636j;
import com.microsoft.aad.adal.C0649w;
import com.microsoft.aad.adal.DefaultTokenCacheStore;
import com.microsoft.aad.adal.I;
import com.microsoft.aad.adal.ITokenCacheStore;
import com.microsoft.aad.adal.InterfaceC0648v;
import com.microsoft.aad.adal.Logger;
import com.microsoft.aad.adal.PromptBehavior;
import com.microsoft.aad.adal.RunnableC0634h;
import com.microsoft.aad.adal.TokenCacheItem;
import com.microsoft.aad.adal.UserInfo;
import com.microsoft.aad.adal.aZ;
import com.microsoft.aad.adal.ba;
import com.microsoft.intune.mam.client.app.startup.ADALConnectionDetails;
import com.microsoft.intune.mam.client.identity.MAMIdentityManager;
import com.microsoft.intune.mam.client.telemetry.NetworkUtils;
import com.microsoft.intune.mam.log.MAMLogPIIFactory;
import com.microsoft.intune.mam.log.MAMLogger;
import com.microsoft.intune.mam.log.MAMLoggerProvider;
import java.util.Iterator;
import java.util.UUID;
import java.util.logging.Level;

/* loaded from: classes2.dex */
public final class MAMServiceAuthentication {
    public static final String APIV2_AUTH_USED = "MAMServiceAuthentication.ApiV2AuthUsed";
    public static final String BROKER_NEEDED = "MAMServiceAuthentication.BrokerNeeded";
    private static final MAMLogger LOGGER = MAMLoggerProvider.getLogger((Class<?>) MAMServiceAuthentication.class);
    public static final String MAMSERVICE_RESOURCE_ID = "https://msmamservice.api.application";
    private static final long TOKEN_ACQUIRE_TIMEOUT_MS = 30000;

    /* loaded from: classes2.dex */
    final class AuthCallback implements InterfaceC0648v<AuthenticationResult> {
        private final ConditionVariable mDone;
        private Exception mError = null;
        private AuthenticationResult mResult = null;

        public AuthCallback(ConditionVariable conditionVariable) {
            this.mDone = conditionVariable;
        }

        private void updateResult(AuthenticationResult authenticationResult, Exception exc) {
            this.mResult = authenticationResult;
            this.mError = exc;
            this.mDone.open();
        }

        @Override // com.microsoft.aad.adal.InterfaceC0648v
        public final void onError(Exception exc) {
            updateResult(null, exc);
        }

        @Override // com.microsoft.aad.adal.InterfaceC0648v
        public final void onSuccess(AuthenticationResult authenticationResult) {
            if (authenticationResult == null) {
                MAMServiceAuthentication.LOGGER.warning("ADAL authentication Failed: null result");
                updateResult(null, null);
            } else if (authenticationResult.getStatus() == AuthenticationResult.AuthenticationStatus.Succeeded) {
                updateResult(authenticationResult, null);
            } else {
                MAMServiceAuthentication.LOGGER.warning("ADAL authentication Failed: " + authenticationResult.getErrorLogInfo());
                updateResult(null, null);
            }
        }
    }

    private MAMServiceAuthentication() {
    }

    public static AuthenticationResult acquireToken(Context context, ADALConnectionDetails aDALConnectionDetails, String str, String str2, MAMIdentityManager mAMIdentityManager, MAMLogPIIFactory mAMLogPIIFactory) {
        UUID randomUUID = UUID.randomUUID();
        LOGGER.info("Requesting auth token for MAM Service;  Correlation ID = " + randomUUID.toString());
        try {
            C0649w c0649w = new C0649w(context, aDALConnectionDetails.getAuthority(), false);
            c0649w.a(randomUUID);
            if (str2 == null) {
                str2 = findADALUserId(c0649w, str, aDALConnectionDetails.getSkipBroker(), mAMLogPIIFactory);
            }
            AuthenticationResult validateResult = validateResult(str2 != null ? c0649w.a(MAMSERVICE_RESOURCE_ID, aDALConnectionDetails.getClientId(), str2) : null, str);
            trackIdentityInformationFromResult(validateResult, str, mAMIdentityManager);
            return validateResult;
        } catch (Exception e) {
            if (NetworkUtils.isNetworkConnected(context)) {
                LOGGER.log(Level.WARNING, "Failed to retrieve token for MAM Service. Correlation ID = " + randomUUID.toString(), (Throwable) e);
            } else {
                LOGGER.log(Level.WARNING, "Unable to connect to internet. Failed to retrieve token for MAM Service. Correlation ID = " + randomUUID.toString(), (Throwable) e);
            }
            return null;
        }
    }

    public static String authHeaderFromToken(String str) {
        return "Bearer " + str;
    }

    public static AuthenticationResult authenticateWithRefreshToken(Context context, ADALConnectionDetails aDALConnectionDetails, String str) {
        if (str == null || str.isEmpty()) {
            LOGGER.warning("Refresh token was null or empty, unable to authenticate with refresh token");
            return null;
        }
        if (aDALConnectionDetails == null) {
            LOGGER.warning("ADAL Details were null, unable to authenticate with refresh token");
            return null;
        }
        UUID randomUUID = UUID.randomUUID();
        LOGGER.info("Requesting auth token from refresh token for MAM Service;  Correlation ID = " + randomUUID.toString());
        try {
            C0649w c0649w = new C0649w(context, aDALConnectionDetails.getAuthority(), false);
            c0649w.a(randomUUID);
            ConditionVariable conditionVariable = new ConditionVariable();
            AuthCallback authCallback = new AuthCallback(conditionVariable);
            String clientId = aDALConnectionDetails.getClientId();
            if (c0649w.a((String) null, authCallback)) {
                if (aZ.a(str)) {
                    throw new IllegalArgumentException("Refresh token is not provided");
                }
                if (aZ.a(clientId)) {
                    throw new IllegalArgumentException("ClientId is not provided");
                }
                String b = ba.b();
                C0629c a2 = c0649w.a(c0649w.f1654a, clientId, b, "5");
                a2.a("Microsoft.ADAL.prompt_behavior", PromptBehavior.Auto.toString());
                a2.a("Microsoft.ADAL.is_deprecated", "true");
                AuthenticationRequest authenticationRequest = new AuthenticationRequest(c0649w.b, MAMSERVICE_RESOURCE_ID, clientId, c0649w.b(), c0649w.g);
                authenticationRequest.setTelemetryRequestId(b);
                authenticationRequest.setSilent(true);
                C0632f a3 = c0649w.a(a2);
                Logger.a(authenticationRequest.getCorrelationId());
                Logger.a(C0632f.f1639a, "Refresh token without cache");
                C0632f.b.execute(new RunnableC0634h(a3, authenticationRequest, str, new C0636j(a3.a(), authCallback)));
            }
            if (conditionVariable.block(TOKEN_ACQUIRE_TIMEOUT_MS)) {
                if (authCallback.mError != null) {
                    throw authCallback.mError;
                }
                return validateResult(authCallback.mResult, null);
            }
            LOGGER.warning("Failed to retrieve token for MAM Service: timeout;  Correlation ID = " + randomUUID.toString());
            int hashCode = authCallback.hashCode();
            I a4 = C0649w.a(hashCode);
            if (a4 == null || a4.f1575a == null) {
                Logger.a("AuthenticationContext", "Current callback is empty. There is not any active authentication.");
            } else {
                String format = a4.b != null ? String.format(" CorrelationId: %s", a4.b.getCorrelationId().toString()) : "No correlation id associated with waiting request";
                Logger.a("AuthenticationContext", "Current callback is not empty. There is an active authentication Activity." + format);
                Intent intent = new Intent("com.microsoft.aad.adal:BrowserCancel");
                intent.putExtras(new Bundle());
                intent.putExtra("com.microsoft.aad.adal:RequestId", hashCode);
                if (h.a(c0649w.f1654a).a(intent)) {
                    Logger.a("AuthenticationContext", "Cancel broadcast message was successful." + format);
                    a4.f1575a.onError(new AuthenticationCancelError("Cancel broadcast message was successful."));
                } else {
                    Logger.b("AuthenticationContext", "Cancel broadcast message was not successful." + format, "", ADALError.BROADCAST_CANCEL_NOT_SUCCESSFUL);
                }
            }
            return null;
        } catch (Exception e) {
            if (NetworkUtils.isNetworkConnected(context)) {
                LOGGER.log(Level.WARNING, "Failed to retrieve token for MAM Service. Correlation ID = " + randomUUID.toString(), (Throwable) e);
            } else {
                LOGGER.log(Level.WARNING, "Unable to connect to internet. Failed to retrieve token for MAM Service. Correlation ID = " + randomUUID.toString(), (Throwable) e);
            }
            return null;
        }
    }

    private static String findADALUserId(C0649w c0649w, String str, boolean z, MAMLogPIIFactory mAMLogPIIFactory) {
        UserInfo[] userInfoArr;
        if (!z) {
            try {
                userInfoArr = c0649w.f != null ? c0649w.f.b() : null;
            } catch (Exception e) {
                LOGGER.log(Level.WARNING, "Unable to get cached users from broker.", (Throwable) e);
                userInfoArr = null;
            }
            if (userInfoArr != null) {
                for (UserInfo userInfo : userInfoArr) {
                    if (userInfo.getDisplayableId().equalsIgnoreCase(str)) {
                        String userId = userInfo.getUserId();
                        LOGGER.info("found user {0} from the broker with id {1}", new Object[]{mAMLogPIIFactory.getPIIUPN(str), userId});
                        return userId;
                    }
                }
            }
        }
        ITokenCacheStore iTokenCacheStore = c0649w.e;
        if (!(iTokenCacheStore instanceof DefaultTokenCacheStore)) {
            LOGGER.severe("Found unexpected type for ADAL ITokenCacheStore; unable to get the UserId from the cache for user {0}", mAMLogPIIFactory.getPIIUPN(str));
            return null;
        }
        Iterator<TokenCacheItem> all = ((DefaultTokenCacheStore) iTokenCacheStore).getAll();
        while (all.hasNext()) {
            UserInfo userInfo2 = all.next().getUserInfo();
            if (userInfo2 != null && userInfo2.getDisplayableId().equalsIgnoreCase(str)) {
                String userId2 = userInfo2.getUserId();
                LOGGER.info("found user {0} from the ADAL cache with id {1}", new Object[]{mAMLogPIIFactory.getPIIUPN(str), userId2});
                return userId2;
            }
        }
        LOGGER.warning("No entry in ADAL cache for user {0}", mAMLogPIIFactory.getPIIUPN(str));
        return null;
    }

    private static void trackIdentityInformationFromResult(AuthenticationResult authenticationResult, String str, MAMIdentityManager mAMIdentityManager) {
        if (authenticationResult == null || mAMIdentityManager == null) {
            return;
        }
        mAMIdentityManager.updateTenantAadId(mAMIdentityManager.create(str, authenticationResult.getUserInfo() != null ? authenticationResult.getUserInfo().getUserId() : null), authenticationResult.getTenantId());
    }

    private static AuthenticationResult validateResult(AuthenticationResult authenticationResult, String str) {
        if (authenticationResult == null) {
            LOGGER.warning("Failed to acquire MAMService token.");
            return null;
        }
        if (authenticationResult.getStatus() != AuthenticationResult.AuthenticationStatus.Succeeded) {
            LOGGER.warning("ADAL authentication Failed: " + authenticationResult.getErrorLogInfo());
            return null;
        }
        if (str == null || authenticationResult.getUserInfo().getDisplayableId().equalsIgnoreCase(str)) {
            LOGGER.info("MAMService token acquired successfully.");
            return authenticationResult;
        }
        LOGGER.warning("Failed to acquire MAMService token: wrong user id.");
        return null;
    }
}
