package com.microsoft.aad.adal;

import android.content.Context;
import android.content.Intent;
import android.os.Bundle;
import android.os.Handler;
import android.os.HandlerThread;
import android.os.Process;
import com.microsoft.aad.adal.at;
import com.microsoft.aad.adal.cp;
import java.io.Serializable;
import java.io.UnsupportedEncodingException;
import java.net.MalformedURLException;
import java.net.URL;
import java.net.URLEncoder;
import java.util.Date;
import java.util.UUID;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.Executors;

/* JADX INFO: Access modifiers changed from: package-private */
/* compiled from: ProGuard */
/* loaded from: classes2.dex */
public class e {
    private static final String a = "e";
    private static final ExecutorService b = Executors.newSingleThreadExecutor();
    private static Handler g;
    private final Context c;
    private final q d;
    private cq e;
    private final bt f;
    private bg h;
    private b i;

    /* JADX INFO: Access modifiers changed from: private */
    /* compiled from: ProGuard */
    /* loaded from: classes2.dex */
    public static class a {
        private Handler a;
        private p<AuthenticationResult> b;

        public a(Handler handler, p<AuthenticationResult> pVar) {
            this.a = handler;
            this.b = pVar;
        }

        p<AuthenticationResult> a() {
            return this.b;
        }

        public void a(AuthenticationException authenticationException) {
            if (this.b != null) {
                if (this.a != null) {
                    this.a.post(new i(this, authenticationException));
                } else {
                    this.b.a(authenticationException);
                }
            }
        }

        public void a(AuthenticationResult authenticationResult) {
            if (this.b != null) {
                if (this.a != null) {
                    this.a.post(new j(this, authenticationResult));
                } else {
                    this.b.a((p<AuthenticationResult>) authenticationResult);
                }
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public e(Context context, q qVar, b bVar) {
        this.c = context;
        this.d = qVar;
        this.h = new bg(this.c);
        if (qVar.a() != null && bVar != null) {
            this.e = new cq(qVar.a(), qVar.c(), bVar.e());
        }
        this.f = new at(context);
        this.i = bVar;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void a(ac acVar) throws AuthenticationException {
        URL e = cn.e(acVar.a());
        if (e == null) {
            throw new AuthenticationException(ADALError.DEVELOPER_AUTHORITY_IS_NOT_VALID_URL);
        }
        a(acVar, e);
        at.a a2 = this.f.a(acVar.a());
        if (a2 == at.a.CANNOT_SWITCH_TO_BROKER || !this.f.a(acVar.e(), acVar.l()) || acVar.m()) {
            return;
        }
        if (a2 == at.a.NEED_PERMISSIONS_TO_SWITCH_TO_BROKER) {
            throw new UsageAuthenticationException(ADALError.DEVELOPER_BROKER_PERMISSIONS_MISSING, "Broker related permissions are missing for GET_ACCOUNTS.");
        }
        h(acVar);
    }

    private void a(ac acVar, URL url) throws AuthenticationException {
        co.a().a(acVar.s(), "Microsoft.ADAL.authority_validation");
        b bVar = new b("Microsoft.ADAL.authority_validation");
        bVar.l(acVar.f().toString());
        bVar.m(acVar.s());
        try {
            if (this.d.d()) {
                try {
                    a(url, acVar.r(), acVar.m(), acVar.f());
                    bVar.c("yes");
                } catch (AuthenticationException e) {
                    if (e.a() == null || !(e.a().equals(ADALError.DEVICE_CONNECTION_IS_NOT_AVAILABLE) || e.a().equals(ADALError.NO_NETWORK_CONNECTION_POWER_OPTIMIZATION))) {
                        bVar.c("no");
                    } else {
                        bVar.c("not_done");
                    }
                    throw e;
                }
            } else {
                if (!cu.a(url) && !af.a(url)) {
                    try {
                        this.h.a(url);
                    } catch (AuthenticationException unused) {
                        af.a(url.getHost(), new cc(false));
                        Logger.b(a + ":performAuthorityValidation", "Fail to get authority validation metadata back. Ignore the failure since authority validation is turned off.");
                    }
                }
                bVar.c("not_done");
            }
            cc c = af.c(url);
            if (c == null || !c.d()) {
                return;
            }
            a(url, acVar, c);
        } finally {
            co.a().a(acVar.s(), bVar, "Microsoft.ADAL.authority_validation");
        }
    }

    private void a(ad adVar, int i, AuthenticationException authenticationException) {
        a((a) null, adVar, i, authenticationException);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void a(a aVar, ad adVar, int i, AuthenticationException authenticationException) {
        if (adVar != null) {
            try {
                if (adVar.a() != null) {
                    Logger.b(a + ":waitingRequestOnError", "Sending error to callback" + this.d.a(adVar));
                    adVar.c().a(false, (Exception) authenticationException);
                    adVar.c().l(adVar.b().f().toString());
                    adVar.c().b();
                    if (aVar != null) {
                        aVar.a(authenticationException);
                    } else {
                        adVar.a().a(authenticationException);
                    }
                }
            } finally {
                if (authenticationException != null) {
                    this.d.b(i);
                }
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void a(a aVar, bz bzVar, boolean z, ac acVar) throws AuthenticationException {
        AuthenticationResult b2 = b(acVar);
        if (a(b2)) {
            this.i.a(true, (Exception) null);
            this.i.l(acVar.f().toString());
            this.i.f(b2.p());
            this.i.b();
            aVar.a(b2);
            return;
        }
        Logger.a(a + ":performAcquireTokenRequest", "Trying to acquire token interactively.");
        b(aVar, bzVar, z, acVar);
    }

    private void a(URL url, ac acVar, cc ccVar) throws AuthenticationException {
        if (ccVar == null || !ccVar.d() || ccVar.a() == null || url.getHost().equalsIgnoreCase(ccVar.a())) {
            return;
        }
        try {
            acVar.a(cw.a(url, ccVar.a()).toString());
        } catch (MalformedURLException unused) {
            Logger.a(a, "preferred network is invalid", "use exactly the same authority url that is passed");
        }
    }

    private void a(URL url, String str, boolean z, UUID uuid) throws AuthenticationException {
        boolean a2 = cu.a(url);
        if (af.b(url)) {
            return;
        }
        if (a2 && this.d.g()) {
            return;
        }
        Logger.b(a + ":validateAuthority", "Start validating authority");
        this.h.a(uuid);
        bg.b(url);
        if (z || !a2 || str == null) {
            if (z && cu.a(url)) {
                Logger.b(a + ":validateAuthority", "Silent request. Skipping AD FS authority validation");
            }
            this.h.a(url);
        } else {
            this.h.a(url, str);
        }
        Logger.b(a + ":validateAuthority", "The passed in authority is valid.");
        this.d.a(true);
    }

    private boolean a(AuthenticationResult authenticationResult) {
        return (authenticationResult == null || cn.a(authenticationResult.b())) ? false : true;
    }

    private synchronized Handler b() {
        if (g == null) {
            HandlerThread handlerThread = new HandlerThread("AcquireTokenRequestHandlerThread");
            handlerThread.start();
            g = new Handler(handlerThread.getLooper());
        }
        return g;
    }

    private AuthenticationResult b(ac acVar) throws AuthenticationException {
        String str;
        if (!c(acVar)) {
            return null;
        }
        Logger.b(a + ":tryAcquireTokenSilent", "Try to acquire token silently, return valid AT or use RT in the cache.");
        AuthenticationResult d = d(acVar);
        boolean a2 = a(d);
        if (a2 || !acVar.m()) {
            if (!a2) {
                return d;
            }
            Logger.b(a + ":tryAcquireTokenSilent", "Token is successfully returned from silent flow. ");
            return d;
        }
        if (d == null) {
            str = "No result returned from acquireTokenSilent";
        } else {
            str = " ErrorCode:" + d.k();
        }
        Logger.d(a + ":tryAcquireTokenSilent", "Prompt is not allowed and failed to get token. " + str, acVar.h(), ADALError.AUTH_REFRESH_FAILED_PROMPT_NOT_ALLOWED);
        AuthenticationException authenticationException = new AuthenticationException(ADALError.AUTH_REFRESH_FAILED_PROMPT_NOT_ALLOWED, acVar.h() + " " + str);
        authenticationException.a(d);
        throw authenticationException;
    }

    private void b(a aVar, bz bzVar, boolean z, ac acVar) throws AuthenticationException {
        if (bzVar == null && !z) {
            throw new AuthenticationException(ADALError.AUTH_REFRESH_FAILED_PROMPT_NOT_ALLOWED, acVar.h() + " Cannot launch webview, acitivity is null.");
        }
        bq.a(this.c);
        int hashCode = aVar.a().hashCode();
        acVar.a(hashCode);
        this.d.a(hashCode, new ad(hashCode, acVar, aVar.a(), this.i));
        at.a a2 = this.f.a(acVar.a());
        if (a2 == at.a.CANNOT_SWITCH_TO_BROKER || !this.f.a(acVar.e(), acVar.l())) {
            Logger.b(a + ":acquireTokenInteractiveFlow", "Starting Authentication Activity for embedded flow. ", " Callback is: " + aVar.a().hashCode(), null);
            new d(this.c, acVar, this.e).a(bzVar, z ? new u(b(), this.c, this, acVar) : null);
            return;
        }
        if (a2 == at.a.NEED_PERMISSIONS_TO_SWITCH_TO_BROKER) {
            throw new UsageAuthenticationException(ADALError.DEVELOPER_BROKER_PERMISSIONS_MISSING, "Broker related permissions are missing for GET_ACCOUNTS");
        }
        Logger.b(a + ":acquireTokenInteractiveFlow", "Launch activity for interactive authentication via broker with callback. ", "" + aVar.a().hashCode(), null);
        new l(acVar, this.f).a(bzVar);
    }

    private boolean c(ac acVar) {
        return (!cw.a(acVar) && acVar.i() == PromptBehavior.Auto) || acVar.m();
    }

    private AuthenticationResult d(ac acVar) throws AuthenticationException {
        at.a a2;
        AuthenticationResult e = e(acVar);
        if (a(e) || (a2 = this.f.a(acVar.a())) == at.a.CANNOT_SWITCH_TO_BROKER || !this.f.a(acVar.e(), acVar.l())) {
            return e;
        }
        if (a2 == at.a.NEED_PERMISSIONS_TO_SWITCH_TO_BROKER) {
            throw new UsageAuthenticationException(ADALError.DEVELOPER_BROKER_PERMISSIONS_MISSING, "Broker related permissions are missing for GET_ACCOUNTS");
        }
        Logger.a(a + ":acquireTokenSilentFlow", "Cannot get AT from local cache, switch to Broker for auth, clear tokens from local cache for the user.");
        g(acVar);
        return f(acVar);
    }

    private AuthenticationResult e(ac acVar) throws AuthenticationException {
        Logger.b(a + ":tryAcquireTokenSilentLocally", "Try to silently get token from local cache.");
        return new k(this.c, acVar, this.e).a();
    }

    private AuthenticationResult f(ac acVar) throws AuthenticationException {
        return new l(acVar, this.f).a();
    }

    private void g(ac acVar) throws AuthenticationException {
        if (this.e == null) {
            return;
        }
        String l = !cn.a(acVar.l()) ? acVar.l() : acVar.e();
        try {
            TokenCacheItem b2 = this.e.b("1", l);
            if (b2 != null) {
                this.e.a(b2, acVar.c());
            }
            try {
                TokenCacheItem a2 = this.e.a(acVar.d(), l);
                TokenCacheItem b3 = this.e.b(acVar.c(), acVar.d(), l);
                if (a2 != null) {
                    this.e.a(a2, acVar.c());
                    return;
                }
                if (b3 != null) {
                    this.e.a(b3, acVar.c());
                    return;
                }
                Logger.b(a + ":removeTokensForUser", "No token items need to be deleted for the user.");
            } catch (MalformedURLException e) {
                throw new AuthenticationException(ADALError.DEVELOPER_AUTHORITY_IS_NOT_VALID_URL, e.getMessage(), e);
            }
        } catch (MalformedURLException e2) {
            throw new AuthenticationException(ADALError.DEVELOPER_AUTHORITY_IS_NOT_VALID_URL, e2.getMessage(), e2);
        }
    }

    private void h(ac acVar) throws UsageAuthenticationException {
        String b2 = acVar.b();
        String e = this.d.e();
        if (cn.a(b2)) {
            Logger.d(a + ":verifyBrokerRedirectUri", "The redirectUri is null or blank. ", "The redirect uri is expected to be:" + e, ADALError.DEVELOPER_REDIRECTURI_INVALID);
            throw new UsageAuthenticationException(ADALError.DEVELOPER_REDIRECTURI_INVALID, "The redirectUri is null or blank.");
        }
        if (!b2.startsWith("msauth://")) {
            Logger.d(a + ":verifyBrokerRedirectUri", "The prefix of the redirect uri does not match the expected value. ", " The valid broker redirect URI prefix: msauth so the redirect uri is expected to be: " + e, ADALError.DEVELOPER_REDIRECTURI_INVALID);
            throw new UsageAuthenticationException(ADALError.DEVELOPER_REDIRECTURI_INVALID, "The prefix of the redirect uri does not match the expected value.");
        }
        ci ciVar = new ci(this.c);
        try {
            String encode = URLEncoder.encode(this.c.getPackageName(), "UTF_8");
            String encode2 = URLEncoder.encode(ciVar.a(this.c.getPackageName()), "UTF_8");
            if (!b2.startsWith("msauth://" + encode + "/")) {
                Logger.d(a + ":verifyBrokerRedirectUri", "The base64 url encoded package name component of the redirect uri does not match the expected value. ", "This apps package name is: " + encode + " so the redirect uri is expected to be: " + e, ADALError.DEVELOPER_REDIRECTURI_INVALID);
                throw new UsageAuthenticationException(ADALError.DEVELOPER_REDIRECTURI_INVALID, "The base64 url encoded package name component of the redirect uri does not match the expected value. ");
            }
            if (b2.equalsIgnoreCase(e)) {
                Logger.b(a + ":verifyBrokerRedirectUri", "The broker redirect URI is valid.");
                return;
            }
            Logger.d(a + ":verifyBrokerRedirectUri", "The base64 url encoded signature component of the redirect uri does not match the expected value. ", "This apps signature is: " + encode2 + " so the redirect uri is expected to be: " + e, ADALError.DEVELOPER_REDIRECTURI_INVALID);
            throw new UsageAuthenticationException(ADALError.DEVELOPER_REDIRECTURI_INVALID, "The base64 url encoded signature component of the redirect uri does not match the expected value.");
        } catch (UnsupportedEncodingException e2) {
            Logger.a(a + ":verifyBrokerRedirectUri", ADALError.ENCODING_IS_NOT_SUPPORTED.a(), e2.getMessage(), ADALError.ENCODING_IS_NOT_SUPPORTED, e2);
            throw new UsageAuthenticationException(ADALError.ENCODING_IS_NOT_SUPPORTED, "The verifying BrokerRedirectUri process failed because the base64 url encoding is not supported.", e2);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void a(int i, int i2, Intent intent) {
        if (i == 1001) {
            b();
            if (intent == null) {
                Logger.d(a + ":onActivityResult", "BROWSER_FLOW data is null.", "", ADALError.ON_ACTIVITY_RESULT_INTENT_NULL);
                return;
            }
            Bundle extras = intent.getExtras();
            int i3 = extras.getInt("com.microsoft.aad.adal:RequestId");
            try {
                ad a2 = this.d.a(i3);
                Logger.b(a + ":onActivityResult", "Waiting request found. RequestId:" + i3);
                String a3 = this.d.a(a2);
                if (i2 == 2004) {
                    String stringExtra = intent.getStringExtra("account.access.token");
                    this.f.c(intent.getStringExtra("account.name"));
                    Date date = new Date(intent.getLongExtra("account.expiredate", 0L));
                    String stringExtra2 = intent.getStringExtra("account.idtoken");
                    String stringExtra3 = intent.getStringExtra("account.userinfo.tenantid");
                    UserInfo a4 = UserInfo.a(intent.getExtras());
                    String stringExtra4 = intent.getStringExtra("cliteleminfo.server_error");
                    String stringExtra5 = intent.getStringExtra("cliteleminfo.server_suberror");
                    String stringExtra6 = intent.getStringExtra("cliteleminfo.rt_age");
                    String stringExtra7 = intent.getStringExtra("cliteleminfo.spe_ring");
                    AuthenticationResult authenticationResult = new AuthenticationResult(stringExtra, null, date, false, a4, stringExtra3, stringExtra2, null);
                    authenticationResult.e(intent.getStringExtra("account.authority"));
                    cp.a aVar = new cp.a();
                    aVar.b(stringExtra4);
                    aVar.c(stringExtra5);
                    aVar.d(stringExtra6);
                    aVar.e(stringExtra7);
                    authenticationResult.a(aVar);
                    if (authenticationResult.b() != null) {
                        a2.c().a(true, (Exception) null);
                        a2.c().l(a2.b().f().toString());
                        a2.c().f(authenticationResult.p());
                        a2.c().h(aVar.a());
                        a2.c().i(aVar.b());
                        a2.c().j(aVar.c());
                        a2.c().k(aVar.d());
                        a2.c().b();
                        a2.a().a((p<AuthenticationResult>) authenticationResult);
                        return;
                    }
                    return;
                }
                if (i2 == 2001) {
                    Logger.b(a + ":onActivityResult", "User cancelled the flow. RequestId:" + i3 + " " + a3);
                    StringBuilder sb = new StringBuilder();
                    sb.append("User cancelled the flow RequestId:");
                    sb.append(i3);
                    sb.append(a3);
                    a(a2, i3, new AuthenticationCancelError(sb.toString()));
                    return;
                }
                if (i2 == 2006) {
                    Logger.b(a + ":onActivityResult", "Device needs to have broker installed, we expect the apps to call usback when the broker is installed");
                    a(a2, i3, new AuthenticationException(ADALError.BROKER_APP_INSTALLATION_STARTED));
                    return;
                }
                if (i2 == 2005) {
                    Serializable serializable = extras.getSerializable("com.microsoft.aad.adal:AuthenticationException");
                    if (serializable == null || !(serializable instanceof AuthenticationException)) {
                        a(a2, i3, new AuthenticationException(ADALError.WEBVIEW_RETURNED_INVALID_AUTHENTICATION_EXCEPTION, a3));
                        return;
                    }
                    AuthenticationException authenticationException = (AuthenticationException) serializable;
                    Logger.c(a + ":onActivityResult", "Webview returned exception.", authenticationException.getMessage(), ADALError.WEBVIEW_RETURNED_AUTHENTICATION_EXCEPTION);
                    a(a2, i3, authenticationException);
                    return;
                }
                if (i2 != 2002) {
                    if (i2 == 2003) {
                        ac acVar = (ac) extras.getSerializable("com.microsoft.aad.adal:BrowserRequestInfo");
                        String string = extras.getString("com.microsoft.aad.adal:BrowserFinalUrl", "");
                        if (!string.isEmpty()) {
                            b.execute(new h(this, a2, string, new a(b(), a2.a()), i3));
                            return;
                        }
                        StringBuilder sb2 = new StringBuilder("Webview did not reach the redirectUrl. ");
                        if (acVar != null) {
                            sb2.append(acVar.h());
                        }
                        sb2.append(a3);
                        AuthenticationException authenticationException2 = new AuthenticationException(ADALError.WEBVIEW_RETURNED_EMPTY_REDIRECT_URL, sb2.toString());
                        Logger.d(a + ":onActivityResult", "", authenticationException2.getMessage(), authenticationException2.a());
                        a(a2, i3, authenticationException2);
                        return;
                    }
                    return;
                }
                String string2 = extras.getString("com.microsoft.aad.adal:BrowserErrorCode");
                String string3 = extras.getString("com.microsoft.aad.adal:BrowserErrorMessage");
                Logger.b(a + ":onActivityResult", "Error info:" + string2 + " for requestId: " + i3 + " " + a3, string3, null);
                ADALError aDALError = ADALError.SERVER_INVALID_REQUEST;
                StringBuilder sb3 = new StringBuilder();
                sb3.append(string2);
                sb3.append(" ");
                sb3.append(string3);
                sb3.append(a3);
                a(a2, i3, new AuthenticationException(aDALError, sb3.toString()));
            } catch (AuthenticationException unused) {
                Logger.d(a + ":onActivityResult", "Failed to find waiting request. RequestId:" + i3, "", ADALError.ON_ACTIVITY_RESULT_INTENT_NULL);
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void a(bz bzVar, boolean z, ac acVar, p<AuthenticationResult> pVar) {
        a aVar = new a(b(), pVar);
        Logger.a(acVar.f());
        Logger.b(a + ":acquireToken", "Sending async task from thread:" + Process.myTid());
        b.execute(new f(this, acVar, aVar, bzVar, z));
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void a(String str, ac acVar, p<AuthenticationResult> pVar) {
        Logger.a(acVar.f());
        Logger.b(a + ":refreshTokenWithoutCache", "Refresh token without cache");
        b.execute(new g(this, acVar, str, new a(b(), pVar)));
    }
}
