package defpackage;

import android.net.Uri;
import android.os.Build;
import android.text.TextUtils;
import android.util.Base64;
import com.adjust.sdk.Constants;
import com.microsoft.aad.adal.ADALError;
import com.microsoft.aad.adal.AuthenticationException;
import com.microsoft.aad.adal.AuthenticationRequest;
import com.microsoft.aad.adal.AuthenticationResult;
import com.microsoft.aad.adal.ChallengeResponseBuilder;
import com.microsoft.aad.adal.ClientMetrics;
import com.microsoft.aad.adal.Logger;
import com.microsoft.aad.adal.PromptBehavior;
import com.microsoft.aad.adal.ServerRespondingWithRetryableException;
import com.microsoft.aad.adal.TelemetryUtils;
import com.microsoft.aad.adal.UserInfo;
import com.microsoft.onlineid.internal.AppProperties;
import com.microsoft.onlineid.internal.sso.client.MigrationManager;
import com.microsoft.onlineid.sts.request.AbstractStsRequest;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.net.SocketTimeoutException;
import java.net.URL;
import java.net.URLEncoder;
import java.util.GregorianCalendar;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.UUID;
import org.json.JSONException;
import org.json.JSONObject;

/* compiled from: PG */
/* renamed from: Xv, reason: case insensitive filesystem */
/* loaded from: classes2.dex */
public class C0628Xv {

    /* renamed from: a, reason: collision with root package name */
    private AuthenticationRequest f663a;
    private InterfaceC0618Xl b;
    private InterfaceC0617Xk c;
    private boolean d;

    public C0628Xv(AuthenticationRequest authenticationRequest) {
        this.c = new C0623Xq();
        this.d = true;
        this.f663a = authenticationRequest;
        this.b = null;
        this.c = null;
    }

    public C0628Xv(AuthenticationRequest authenticationRequest, InterfaceC0618Xl interfaceC0618Xl) {
        this.c = new C0623Xq();
        this.d = true;
        this.f663a = authenticationRequest;
        this.b = interfaceC0618Xl;
        this.c = null;
    }

    public C0628Xv(AuthenticationRequest authenticationRequest, InterfaceC0618Xl interfaceC0618Xl, InterfaceC0617Xk interfaceC0617Xk) {
        this.c = new C0623Xq();
        this.d = true;
        this.f663a = authenticationRequest;
        this.b = interfaceC0618Xl;
        this.c = interfaceC0617Xk;
    }

    private AuthenticationResult a(C0609Xc c0609Xc, WZ wz) throws AuthenticationException {
        String str;
        TelemetryUtils.CliTelemInfo a2;
        List<String> list;
        List<String> list2;
        String str2 = null;
        if (c0609Xc.c != null) {
            str = (!c0609Xc.c.containsKey("client-request-id") || (list2 = c0609Xc.c.get("client-request-id")) == null || list2.size() <= 0) ? null : list2.get(0);
            if (c0609Xc.c.containsKey("x-ms-request-id") && (list = c0609Xc.c.get("x-ms-request-id")) != null && list.size() > 0) {
                Logger.a("Oauth", "x-ms-request-id: " + list.get(0));
                wz.a("Microsoft.ADAL.x_ms_request_id", list.get(0));
            }
            if (c0609Xc.c.get("x-ms-clitelem") != null && !c0609Xc.c.get("x-ms-clitelem").isEmpty() && (a2 = TelemetryUtils.a(c0609Xc.c.get("x-ms-clitelem").get(0))) != null) {
                if (a2 != null) {
                    String serverErrorCode = a2.getServerErrorCode();
                    if (!XE.a(serverErrorCode) && !serverErrorCode.equals(MigrationManager.InitialSdkVersion)) {
                        wz.a("Microsoft.ADAL.server_error_code", serverErrorCode.trim());
                    }
                    String serverSubErrorCode = a2.getServerSubErrorCode();
                    if (!XE.a(serverSubErrorCode) && !serverSubErrorCode.equals(MigrationManager.InitialSdkVersion)) {
                        wz.a("Microsoft.ADAL.server_sub_error_code", serverSubErrorCode.trim());
                    }
                    String refreshTokenAge = a2.getRefreshTokenAge();
                    if (!XE.a(refreshTokenAge)) {
                        wz.a("Microsoft.ADAL.rt_age", refreshTokenAge.trim());
                    }
                    String speRing = a2.getSpeRing();
                    if (!XE.a(speRing)) {
                        wz.a("Microsoft.ADAL.spe_info", speRing.trim());
                    }
                }
                str2 = a2.getSpeRing();
            }
        } else {
            str = null;
        }
        int i = c0609Xc.f656a;
        if (i != 200 && i != 400 && i != 401) {
            if (i < 500 || i > 599) {
                throw new AuthenticationException(ADALError.SERVER_ERROR, "Unexpected server response " + i + " " + c0609Xc.b);
            }
            throw new ServerRespondingWithRetryableException("Server Error " + i + " " + c0609Xc.b);
        }
        try {
            String str3 = c0609Xc.b;
            HashMap hashMap = new HashMap();
            a(hashMap, str3);
            AuthenticationResult a3 = a(hashMap);
            if (a3 != null) {
                TelemetryUtils.CliTelemInfo cliTelemInfo = new TelemetryUtils.CliTelemInfo();
                cliTelemInfo.setSpeRing(str2);
                a3.setCliTelemInfo(cliTelemInfo);
                wz.a("Microsoft.ADAL.oauth_error_code", a3.getErrorCode());
            }
            if (str != null && !str.isEmpty()) {
                try {
                    if (!UUID.fromString(str).equals(this.f663a.getCorrelationId())) {
                        Logger.b("Oauth", "CorrelationId is not matching", "", ADALError.CORRELATION_ID_NOT_MATCHING_REQUEST_RESPONSE);
                    }
                    Logger.a("Oauth", "Response correlationId:" + str);
                } catch (IllegalArgumentException e) {
                    Logger.a("Oauth", "Wrong format of the correlation ID:" + str, "", ADALError.CORRELATION_ID_FORMAT, e);
                }
            }
            return a3;
        } catch (JSONException e2) {
            throw new AuthenticationException(ADALError.SERVER_INVALID_JSON_RESPONSE, "Can't parse server response " + c0609Xc.b, e2);
        }
    }

    private AuthenticationResult a(String str, Map<String, String> map) throws IOException, AuthenticationException {
        AuthenticationResult b;
        C0609Xc a2;
        boolean isEmpty;
        WZ c = c();
        URL e = XE.e(this.f663a.getAuthority() + "/oauth2/token");
        if (e == null) {
            a(c);
            throw new AuthenticationException(ADALError.DEVELOPER_AUTHORITY_IS_NOT_VALID_URL);
        }
        c.a(e);
        try {
            try {
                try {
                    this.b.a(this.f663a.getCorrelationId());
                    ClientMetrics.INSTANCE.beginClientMetricsRecord(e, this.f663a.getCorrelationId(), map);
                    a2 = this.b.a(e, map, str.getBytes("UTF_8"), "application/x-www-form-urlencoded");
                    c.a(a2.f656a);
                    c.b(this.f663a.getCorrelationId().toString());
                    a(c);
                    if (a2.f656a == 401) {
                        if (a2.c == null || !a2.c.containsKey("WWW-Authenticate")) {
                            Logger.a("Oauth", "401 http status code is returned without authorization header");
                        } else {
                            String str2 = a2.c.get("WWW-Authenticate").get(0);
                            Logger.a("Oauth", "Device certificate challenge request:" + str2);
                            if (XE.a(str2)) {
                                throw new AuthenticationException(ADALError.DEVICE_CERTIFICATE_REQUEST_INVALID, "Challenge header is empty");
                            }
                            if (XE.b(str2, "PKeyAuth")) {
                                WZ c2 = c();
                                c2.a(e);
                                Logger.a("Oauth", "Received pkeyAuth device challenge.");
                                ChallengeResponseBuilder challengeResponseBuilder = new ChallengeResponseBuilder(this.c);
                                Logger.a("Oauth", "Processing device challenge");
                                map.put("Authorization", challengeResponseBuilder.a(str2, e.toString()).b);
                                Logger.a("Oauth", "Sending request with challenge response");
                                C0609Xc a3 = this.b.a(e, map, str.getBytes("UTF_8"), "application/x-www-form-urlencoded");
                                c2.a(a3.f656a);
                                c2.b(this.f663a.getCorrelationId().toString());
                                a(c2);
                                a2 = a3;
                            }
                        }
                    }
                    isEmpty = TextUtils.isEmpty(a2.b);
                    if (isEmpty) {
                        b = null;
                    } else {
                        Logger.a("Oauth", "Token request does not have exception");
                        try {
                            b = a(a2, c);
                            ClientMetrics.INSTANCE.setLastError(null);
                        } catch (ServerRespondingWithRetryableException e2) {
                            b = b(str, map);
                            if (b == null) {
                                if (this.f663a.getIsExtendedLifetimeEnabled()) {
                                    Logger.a("Oauth", "WebResponse is not a success due to: " + a2.f656a);
                                    throw e2;
                                }
                                Logger.a("Oauth", "WebResponse is not a success due to: " + a2.f656a);
                                throw new AuthenticationException(ADALError.SERVER_ERROR, "WebResponse is not a success due to: " + a2.f656a);
                            }
                            ClientMetrics.INSTANCE.endClientMetricsRecord("token", this.f663a.getCorrelationId());
                        }
                    }
                } catch (Throwable th) {
                    ClientMetrics.INSTANCE.endClientMetricsRecord("token", this.f663a.getCorrelationId());
                    throw th;
                }
            } catch (UnsupportedEncodingException e3) {
                ClientMetrics.INSTANCE.setLastError(null);
                Logger.a("Oauth", e3.getMessage(), "", ADALError.ENCODING_IS_NOT_SUPPORTED, e3);
                throw e3;
            }
        } catch (SocketTimeoutException e4) {
            b = b(str, map);
            if (b == null) {
                ClientMetrics.INSTANCE.setLastError(null);
                if (this.f663a.getIsExtendedLifetimeEnabled()) {
                    Logger.a("Oauth", e4.getMessage(), "", ADALError.SERVER_ERROR, e4);
                    throw new ServerRespondingWithRetryableException(e4.getMessage(), e4);
                }
                Logger.a("Oauth", e4.getMessage(), "", ADALError.SERVER_ERROR, e4);
                throw e4;
            }
            ClientMetrics.INSTANCE.endClientMetricsRecord("token", this.f663a.getCorrelationId());
        } catch (IOException e5) {
            ClientMetrics.INSTANCE.setLastError(null);
            Logger.a("Oauth", e5.getMessage(), "", ADALError.SERVER_ERROR, e5);
            throw e5;
        }
        if (b == null) {
            String str3 = isEmpty ? "Status code:" + a2.f656a : a2.b;
            Logger.c("Oauth", "Server error message", str3, ADALError.SERVER_ERROR);
            throw new AuthenticationException(ADALError.SERVER_ERROR, str3);
        }
        ClientMetrics.INSTANCE.setLastErrorCodes(b.getErrorCodes());
        ClientMetrics.INSTANCE.endClientMetricsRecord("token", this.f663a.getCorrelationId());
        return b;
    }

    public static AuthenticationResult a(Map<String, String> map) throws AuthenticationException {
        String str;
        String str2;
        UserInfo userInfo;
        if (map.containsKey("error")) {
            String str3 = map.get("correlation_id");
            if (!XE.a(str3)) {
                try {
                    Logger.a(UUID.fromString(str3));
                } catch (IllegalArgumentException e) {
                    Logger.c("Oauth", "CorrelationId is malformed: " + str3, "", ADALError.CORRELATION_ID_FORMAT);
                }
            }
            Logger.a("Oauth", "OAuth2 error:" + map.get("error") + " Description:" + map.get("error_description"));
            return new AuthenticationResult(map.get("error"), map.get("error_description"), map.get("error_codes"));
        }
        if (map.containsKey("code")) {
            return new AuthenticationResult(map.get("code"));
        }
        if (!map.containsKey("access_token")) {
            return null;
        }
        boolean z = false;
        String str4 = map.get("expires_in");
        GregorianCalendar gregorianCalendar = new GregorianCalendar();
        gregorianCalendar.add(13, (str4 == null || str4.isEmpty()) ? 3600 : Integer.parseInt(str4));
        String str5 = map.get("refresh_token");
        if (map.containsKey("resource") && !XE.a(str5)) {
            z = true;
        }
        if (map.containsKey("id_token")) {
            String str6 = map.get("id_token");
            if (XE.a(str6)) {
                Logger.a("Oauth", "IdToken was not returned from token request.");
                str = str6;
                str2 = null;
                userInfo = null;
            } else {
                Logger.a("Oauth", "Id token was returned, parsing id token.");
                C0620Xn c0620Xn = new C0620Xn(str6);
                str2 = c0620Xn.b;
                userInfo = new UserInfo(c0620Xn);
                str = str6;
            }
        } else {
            str = null;
            str2 = null;
            userInfo = null;
        }
        String str7 = map.containsKey("foci") ? map.get("foci") : null;
        AuthenticationResult authenticationResult = new AuthenticationResult(map.get("access_token"), str5, gregorianCalendar.getTime(), z, userInfo, str2, str, null);
        if (map.containsKey("ext_expires_in")) {
            String str8 = map.get("ext_expires_in");
            GregorianCalendar gregorianCalendar2 = new GregorianCalendar();
            gregorianCalendar2.add(13, XE.a(str8) ? 3600 : Integer.parseInt(str8));
            authenticationResult.setExtendedExpiresOn(gregorianCalendar2.getTime());
        }
        authenticationResult.setFamilyClientId(str7);
        return authenticationResult;
    }

    private void a(WZ wz) {
        XF.a().a(this.f663a.getTelemetryRequestId(), wz, "Microsoft.ADAL.http_event");
    }

    private static void a(Map<String, String> map, String str) throws JSONException {
        JSONObject jSONObject = new JSONObject(str);
        Iterator<String> keys = jSONObject.keys();
        while (keys.hasNext()) {
            String next = keys.next();
            map.put(next, jSONObject.getString(next));
        }
    }

    private AuthenticationResult b(String str, Map<String, String> map) throws IOException, AuthenticationException {
        if (!this.d) {
            return null;
        }
        this.d = false;
        try {
            Thread.sleep(1000L);
        } catch (InterruptedException e) {
            Logger.a("Oauth", "The thread is interrupted while it is sleeping. " + e);
        }
        Logger.a("Oauth", "Try again...");
        return a(str, map);
    }

    private static Map<String, String> b() {
        HashMap hashMap = new HashMap();
        hashMap.put("Accept", "application/json");
        return hashMap;
    }

    private WZ c() {
        WZ wz = new WZ("Microsoft.ADAL.http_event");
        wz.c(this.f663a.getTelemetryRequestId());
        wz.a("Microsoft.ADAL.method", "Microsoft.ADAL.post");
        XF.a().a(this.f663a.getTelemetryRequestId(), "Microsoft.ADAL.http_event");
        return wz;
    }

    public final AuthenticationResult a(String str) throws IOException, AuthenticationException {
        if (this.b == null) {
            Logger.a("Oauth", "Web request is not set correctly");
            throw new IllegalArgumentException("webRequestHandler is null.");
        }
        try {
            Logger.a("Oauth", "Building request message for redeeming token with refresh token.");
            String format = String.format("%s=%s&%s=%s&%s=%s", "grant_type", XE.c("refresh_token"), "refresh_token", XE.c(str), AppProperties.ClientIdKey, XE.c(this.f663a.getClientId()));
            if (!XE.a(this.f663a.getResource())) {
                format = String.format("%s&%s=%s", format, "resource", XE.c(this.f663a.getResource()));
            }
            Map<String, String> b = b();
            b.put("x-ms-PKeyAuth", "1.0");
            Logger.a("Oauth", "Sending request to redeem token with refresh token.");
            return a(format, b);
        } catch (UnsupportedEncodingException e) {
            Logger.a("Oauth", e.getMessage(), "", ADALError.ENCODING_IS_NOT_SUPPORTED, e);
            return null;
        }
    }

    public final String a() throws UnsupportedEncodingException {
        String str;
        Object[] objArr = new Object[2];
        objArr[0] = this.f663a.getAuthority() + "/oauth2/authorize";
        Uri.Builder builder = new Uri.Builder();
        builder.appendQueryParameter("response_type", "code").appendQueryParameter(AppProperties.ClientIdKey, URLEncoder.encode(this.f663a.getClientId(), "UTF_8")).appendQueryParameter("resource", URLEncoder.encode(this.f663a.getResource(), "UTF_8")).appendQueryParameter("redirect_uri", URLEncoder.encode(this.f663a.getRedirectUri(), "UTF_8")).appendQueryParameter("state", Base64.encodeToString(String.format("a=%s&r=%s", this.f663a.getAuthority(), this.f663a.getResource()).getBytes(Constants.ENCODING), 9));
        if (!XE.a(this.f663a.getLoginHint())) {
            builder.appendQueryParameter("login_hint", URLEncoder.encode(this.f663a.getLoginHint(), "UTF_8"));
        }
        builder.appendQueryParameter("x-client-SKU", AbstractStsRequest.DeviceType).appendQueryParameter("x-client-Ver", URLEncoder.encode(C0582Wb.c(), "UTF_8")).appendQueryParameter("x-client-OS", URLEncoder.encode(String.valueOf(Build.VERSION.SDK_INT), "UTF_8")).appendQueryParameter("x-client-DM", URLEncoder.encode(Build.MODEL, "UTF_8"));
        if (this.f663a.getCorrelationId() != null) {
            builder.appendQueryParameter("client-request-id", URLEncoder.encode(this.f663a.getCorrelationId().toString(), "UTF_8"));
        }
        if (this.f663a.getPrompt() == PromptBehavior.Always) {
            builder.appendQueryParameter("prompt", URLEncoder.encode("login", "UTF_8"));
        } else if (this.f663a.getPrompt() == PromptBehavior.REFRESH_SESSION) {
            builder.appendQueryParameter("prompt", URLEncoder.encode("refresh_session", "UTF_8"));
        }
        String extraQueryParamsAuthentication = this.f663a.getExtraQueryParamsAuthentication();
        if (XE.a(extraQueryParamsAuthentication) || !extraQueryParamsAuthentication.contains("haschrome")) {
            builder.appendQueryParameter("haschrome", "1");
        }
        if (!XE.a(this.f663a.getClaimsChallenge())) {
            builder.appendQueryParameter("claims", this.f663a.getClaimsChallenge());
        }
        String query = builder.build().getQuery();
        if (XE.a(extraQueryParamsAuthentication)) {
            str = query;
        } else {
            if (!extraQueryParamsAuthentication.startsWith("&")) {
                extraQueryParamsAuthentication = "&" + extraQueryParamsAuthentication;
            }
            str = query + extraQueryParamsAuthentication;
        }
        objArr[1] = str;
        return String.format("%s?%s", objArr);
    }

    public final AuthenticationResult b(String str) throws IOException, AuthenticationException {
        if (XE.a(str)) {
            throw new IllegalArgumentException("authorizationUrl");
        }
        HashMap<String, String> f = XE.f(str);
        String str2 = f.get("state");
        String str3 = !XE.a(str2) ? new String(Base64.decode(str2, 9), Constants.ENCODING) : null;
        if (XE.a(str3)) {
            throw new AuthenticationException(ADALError.AUTH_FAILED_NO_STATE);
        }
        Uri parse = Uri.parse("http://state/path?" + str3);
        String queryParameter = parse.getQueryParameter("a");
        String queryParameter2 = parse.getQueryParameter("r");
        if (XE.a(queryParameter) || XE.a(queryParameter2) || !queryParameter2.equalsIgnoreCase(this.f663a.getResource())) {
            throw new AuthenticationException(ADALError.AUTH_FAILED_BAD_STATE);
        }
        AuthenticationResult a2 = a(f);
        return (a2 == null || a2.getCode() == null || a2.getCode().isEmpty()) ? a2 : c(a2.getCode());
    }

    public final AuthenticationResult c(String str) throws IOException, AuthenticationException {
        if (this.b == null) {
            throw new IllegalArgumentException("webRequestHandler");
        }
        try {
            Logger.a("Oauth", "Building request message for redeeming token with auth code.");
            String format = String.format("%s=%s&%s=%s&%s=%s&%s=%s", "grant_type", XE.c("authorization_code"), "code", XE.c(str), AppProperties.ClientIdKey, XE.c(this.f663a.getClientId()), "redirect_uri", XE.c(this.f663a.getRedirectUri()));
            Map<String, String> b = b();
            Logger.a("Oauth", "Sending request to redeem token with auth code.");
            return a(format, b);
        } catch (UnsupportedEncodingException e) {
            Logger.a("Oauth", e.getMessage(), "", ADALError.ENCODING_IS_NOT_SUPPORTED, e);
            return null;
        }
    }
}
