package com.microsoft.aad.adal;

import android.net.Uri;
import android.os.Build;
import android.text.TextUtils;
import android.util.Base64;
import com.amazon.identity.auth.device.dataobject.AppInfo;
import com.box.androidsdk.content.models.BoxUser;
import com.mobisystems.office.wordV2.nativecode.PageLayoutConstants;
import java.io.UnsupportedEncodingException;
import java.net.URL;
import java.net.URLEncoder;
import java.util.GregorianCalendar;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.UUID;
import org.apache.http.HttpHeaders;
import org.apache.http.client.utils.URLEncodedUtilsHC4;
import org.json.JSONObject;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: classes2.dex */
public final class x {
    private AuthenticationRequest a;
    private t b;
    private s c;

    /* JADX INFO: Access modifiers changed from: package-private */
    public x(AuthenticationRequest authenticationRequest) {
        this.c = new w();
        this.a = authenticationRequest;
        this.b = null;
        this.c = null;
    }

    public x(AuthenticationRequest authenticationRequest, t tVar) {
        this.c = new w();
        this.a = authenticationRequest;
        this.b = tVar;
        this.c = null;
    }

    public x(AuthenticationRequest authenticationRequest, t tVar, s sVar) {
        this.c = new w();
        this.a = authenticationRequest;
        this.b = tVar;
        this.c = sVar;
    }

    private AuthenticationResult a(n nVar) {
        String str;
        AuthenticationResult authenticationResult;
        List<String> list;
        new AuthenticationResult();
        HashMap hashMap = new HashMap();
        String str2 = (nVar.c == null || !nVar.c.containsKey("client-request-id") || (list = nVar.c.get("client-request-id")) == null || list.size() <= 0) ? null : list.get(0);
        if (nVar.b == null || nVar.b.length <= 0) {
            byte[] bArr = nVar.b;
            if (bArr != null) {
                str = new String(bArr);
            } else {
                str = "Status code:" + String.valueOf(nVar.a);
            }
            Logger.b("Server error message:".concat(String.valueOf(str)));
            authenticationResult = new AuthenticationResult(String.valueOf(nVar.a), str, null);
        } else {
            try {
                a((HashMap<String, String>) hashMap, new String(nVar.b));
                authenticationResult = a((HashMap<String, String>) hashMap);
            } catch (Exception e) {
                Logger.a("Oauth", e.getMessage(), "", ADALError.SERVER_INVALID_JSON_RESPONSE, e);
                authenticationResult = new AuthenticationResult("It failed to parse response as json", e.getMessage(), null);
            }
        }
        if (str2 != null && !str2.isEmpty()) {
            try {
                if (!UUID.fromString(str2).equals(this.a.mCorrelationId)) {
                    Logger.a("Oauth", "CorrelationId is not matching", "", ADALError.CORRELATION_ID_NOT_MATCHING_REQUEST_RESPONSE);
                }
                Logger.b("Response correlationId:".concat(String.valueOf(str2)));
            } catch (Exception e2) {
                Logger.a("Oauth", "Wrong format of the correlation ID:".concat(String.valueOf(str2)), "", ADALError.CORRELATION_ID_FORMAT, e2);
            }
        }
        return authenticationResult;
    }

    private AuthenticationResult a(String str, HashMap<String, String> hashMap) {
        AuthenticationResult authenticationResult;
        String str2;
        URL c = ab.c(this.a.mAuthority + "/oauth2/token");
        if (c == null) {
            throw new AuthenticationException(ADALError.DEVELOPER_AUTHORITY_IS_NOT_VALID_URL);
        }
        try {
            try {
                try {
                    this.b.a(this.a.mCorrelationId);
                    ClientMetrics.INSTANCE.a(c, this.a.mCorrelationId, hashMap);
                    n a = this.b.a(c, hashMap, str.getBytes("UTF_8"), URLEncodedUtilsHC4.CONTENT_TYPE);
                    if (a.a == 401) {
                        if (a.c == null || !a.c.containsKey("WWW-Authenticate")) {
                            Logger.b("401 http status code is returned without authorization header");
                        } else {
                            String str3 = a.c.get("WWW-Authenticate").get(0);
                            Logger.b("Device certificate challange request:".concat(String.valueOf(str3)));
                            if (ab.a(str3)) {
                                throw new AuthenticationException(ADALError.DEVICE_CERTIFICATE_REQUEST_INVALID, "Challange header is empty");
                            }
                            if (ab.b(str3, "PKeyAuth")) {
                                Logger.b("Challange is related to device certificate");
                                ChallangeResponseBuilder challangeResponseBuilder = new ChallangeResponseBuilder(this.c);
                                Logger.b("Processing device challange");
                                hashMap.put(HttpHeaders.AUTHORIZATION, challangeResponseBuilder.a(str3, c.toString()).b);
                                Logger.b("Sending request with challenge response");
                                a = this.b.a(c, hashMap, str.getBytes("UTF_8"), URLEncodedUtilsHC4.CONTENT_TYPE);
                            }
                        }
                    }
                    if (a.b != null) {
                        Logger.b("Token request does not have exception");
                        authenticationResult = a(a);
                        ClientMetrics.INSTANCE.a(null);
                    } else {
                        authenticationResult = null;
                    }
                    if (authenticationResult == null) {
                        byte[] bArr = a.b;
                        if (bArr != null) {
                            str2 = new String(bArr);
                        } else {
                            str2 = "Status code:" + String.valueOf(a.a);
                        }
                        Logger.b("Server error message:".concat(String.valueOf(str2)));
                        if (a.d != null) {
                            throw a.d;
                        }
                    } else {
                        ClientMetrics clientMetrics = ClientMetrics.INSTANCE;
                        String[] split = authenticationResult.mErrorCodes != null ? authenticationResult.mErrorCodes.replaceAll("[\\[\\]]", "").split("([^,]),") : null;
                        clientMetrics.mLastError = split != null ? TextUtils.join(AppInfo.DELIM, split) : null;
                    }
                    ClientMetrics.INSTANCE.a("token", this.a.mCorrelationId);
                    return authenticationResult;
                } catch (UnsupportedEncodingException e) {
                    ClientMetrics.INSTANCE.a(null);
                    Logger.a("Oauth", e.getMessage(), "", ADALError.ENCODING_IS_NOT_SUPPORTED, e);
                    throw e;
                }
            } catch (IllegalArgumentException e2) {
                ClientMetrics.INSTANCE.a(null);
                Logger.a("Oauth", e2.getMessage(), "", ADALError.ARGUMENT_EXCEPTION, e2);
                throw e2;
            } catch (Exception e3) {
                ClientMetrics.INSTANCE.a(null);
                Logger.a("Oauth", e3.getMessage(), "", ADALError.SERVER_ERROR, e3);
                throw e3;
            }
        } catch (Throwable th) {
            ClientMetrics.INSTANCE.a("token", this.a.mCorrelationId);
            throw th;
        }
    }

    private static AuthenticationResult a(HashMap<String, String> hashMap) {
        UserInfo userInfo;
        String str;
        String str2;
        String str3;
        UserInfo userInfo2 = null;
        if (hashMap.containsKey("error")) {
            String str4 = hashMap.get("correlation_id");
            if (!ab.a(str4)) {
                try {
                    Logger.a(UUID.fromString(str4));
                } catch (IllegalArgumentException unused) {
                    Logger.b("Oauth", "CorrelationId is malformed: ".concat(String.valueOf(str4)), "", ADALError.CORRELATION_ID_FORMAT);
                }
            }
            Logger.b("OAuth2 error:" + hashMap.get("error") + " Description:" + hashMap.get("error_description"));
            return new AuthenticationResult(hashMap.get("error"), hashMap.get("error_description"), hashMap.get("error_codes"));
        }
        if (hashMap.containsKey("code")) {
            return new AuthenticationResult(hashMap.get("code"));
        }
        if (!hashMap.containsKey("access_token")) {
            return null;
        }
        String str5 = hashMap.get("expires_in");
        GregorianCalendar gregorianCalendar = new GregorianCalendar();
        gregorianCalendar.add(13, (str5 == null || str5.isEmpty()) ? PageLayoutConstants.COMMENTS_PANE_WIDTH : Integer.parseInt(str5));
        boolean containsKey = hashMap.containsKey("resource");
        if (hashMap.containsKey("id_token")) {
            String str6 = hashMap.get("id_token");
            if (ab.a(str6)) {
                Logger.b("IdToken is not provided");
                str2 = str6;
                userInfo = null;
                str = null;
            } else {
                v c = c(str6);
                if (c != null) {
                    String str7 = c.b;
                    UserInfo userInfo3 = new UserInfo(c);
                    str3 = str7;
                    userInfo2 = userInfo3;
                } else {
                    str3 = null;
                }
                str2 = str6;
                userInfo = userInfo2;
                str = str3;
            }
        } else {
            userInfo = null;
            str = null;
            str2 = null;
        }
        return new AuthenticationResult(hashMap.get("access_token"), hashMap.get("refresh_token"), gregorianCalendar.getTime(), containsKey, userInfo, str, str2);
    }

    private static void a(HashMap<String, String> hashMap, String str) {
        JSONObject jSONObject = new JSONObject(str);
        Iterator keys = jSONObject.keys();
        while (keys.hasNext()) {
            String str2 = (String) keys.next();
            hashMap.put(str2, jSONObject.getString(str2));
        }
    }

    private static v c(String str) {
        try {
            int indexOf = str.indexOf(".");
            int i = indexOf + 1;
            int indexOf2 = str.indexOf(".", i);
            if (str.indexOf(".", indexOf2 + 1) == -1 && indexOf > 0 && indexOf2 > 0) {
                String str2 = new String(Base64.decode(str.substring(i, indexOf2), 8), "UTF-8");
                HashMap hashMap = new HashMap();
                a((HashMap<String, String>) hashMap, str2);
                if (!hashMap.isEmpty()) {
                    v vVar = new v();
                    vVar.a = (String) hashMap.get("sub");
                    vVar.b = (String) hashMap.get("tid");
                    vVar.c = (String) hashMap.get("upn");
                    vVar.f = (String) hashMap.get("email");
                    vVar.d = (String) hashMap.get("given_name");
                    vVar.e = (String) hashMap.get("family_name");
                    vVar.g = (String) hashMap.get("idp");
                    vVar.h = (String) hashMap.get("oid");
                    String str3 = (String) hashMap.get("pwd_exp");
                    if (!ab.a(str3)) {
                        vVar.i = Long.parseLong(str3);
                    }
                    vVar.j = (String) hashMap.get("pwd_url");
                    Logger.b("IdToken is extracted from token response");
                    return vVar;
                }
            }
        } catch (Exception e) {
            Logger.a("Oauth", "Error in parsing user id token", null, ADALError.IDTOKEN_PARSING_FAILURE, e);
        }
        return null;
    }

    private String c() {
        return this.a.mAuthority + "/oauth2/authorize";
    }

    private AuthenticationResult d(String str) {
        if (this.b == null) {
            throw new IllegalArgumentException("webRequestHandler");
        }
        try {
            return a(String.format("%s=%s&%s=%s&%s=%s&%s=%s", "grant_type", URLEncoder.encode("authorization_code", "UTF_8"), "code", URLEncoder.encode(str, "UTF_8"), "client_id", URLEncoder.encode(this.a.mClientId, "UTF_8"), "redirect_uri", URLEncoder.encode(this.a.mRedirectUri, "UTF_8")), e());
        } catch (UnsupportedEncodingException e) {
            Logger.a("Oauth", e.getMessage(), "", ADALError.ENCODING_IS_NOT_SUPPORTED, e);
            return null;
        }
    }

    private String d() {
        return Base64.encodeToString(String.format("a=%s&r=%s", this.a.mAuthority, this.a.mResource).getBytes(), 9);
    }

    private static String e(String str) {
        if (ab.a(str)) {
            return null;
        }
        return new String(Base64.decode(str, 9));
    }

    private static HashMap<String, String> e() {
        HashMap<String, String> hashMap = new HashMap<>();
        hashMap.put("Accept", io.fabric.sdk.android.services.common.a.ACCEPT_JSON_VALUE);
        return hashMap;
    }

    public final AuthenticationResult a(String str) {
        if (this.b == null) {
            Logger.b("Web request is not set correctly");
            throw new IllegalArgumentException("webRequestHandler");
        }
        try {
            String format = String.format("%s=%s&%s=%s&%s=%s", "grant_type", URLEncoder.encode("refresh_token", "UTF_8"), "refresh_token", URLEncoder.encode(str, "UTF_8"), "client_id", URLEncoder.encode(this.a.mClientId, "UTF_8"));
            if (!ab.a(this.a.mResource)) {
                format = String.format("%s&%s=%s", format, "resource", URLEncoder.encode(this.a.mResource, "UTF_8"));
            }
            HashMap<String, String> e = e();
            e.put("x-ms-PKeyAuth", "1.0");
            return a(format, e);
        } catch (UnsupportedEncodingException e2) {
            Logger.a("Oauth", e2.getMessage(), "", ADALError.ENCODING_IS_NOT_SUPPORTED, e2);
            return null;
        }
    }

    public final String a() {
        String format = String.format("response_type=%s&client_id=%s&resource=%s&redirect_uri=%s&state=%s", "code", URLEncoder.encode(this.a.mClientId, "UTF_8"), URLEncoder.encode(this.a.mResource, "UTF_8"), URLEncoder.encode(this.a.mRedirectUri, "UTF_8"), d());
        if (this.a.mLoginHint != null && !this.a.mLoginHint.isEmpty()) {
            format = String.format("%s&%s=%s", format, "login_hint", URLEncoder.encode(this.a.mLoginHint, "UTF_8"));
        }
        String format2 = String.format("%s&%s=%s", String.format("%s&%s=%s", format, "x-client-SKU", "Android"), "x-client-Ver", URLEncoder.encode(c.b(), "UTF_8"));
        StringBuilder sb = new StringBuilder();
        sb.append(Build.VERSION.SDK_INT);
        String format3 = String.format("%s&%s=%s", String.format("%s&%s=%s", format2, "x-client-OS", URLEncoder.encode(sb.toString(), "UTF_8")), "x-client-DM", URLEncoder.encode(Build.MODEL, "UTF_8"));
        if (this.a.mCorrelationId != null) {
            format3 = String.format("%s&%s=%s", format3, "client-request-id", URLEncoder.encode(this.a.mCorrelationId.toString(), "UTF_8"));
        }
        if (this.a.mPrompt == PromptBehavior.Always) {
            format3 = String.format("%s&%s=%s", format3, "prompt", URLEncoder.encode(BoxUser.FIELD_LOGIN, "UTF_8"));
        } else if (this.a.mPrompt == PromptBehavior.REFRESH_SESSION) {
            format3 = String.format("%s&%s=%s", format3, "prompt", URLEncoder.encode("refresh_session", "UTF_8"));
        }
        if (ab.a(this.a.mExtraQueryParamsAuthentication)) {
            return format3;
        }
        String str = this.a.mExtraQueryParamsAuthentication;
        if (!str.startsWith("&")) {
            str = "&".concat(String.valueOf(str));
        }
        return format3 + str;
    }

    public final AuthenticationResult b(String str) {
        if (ab.a(str)) {
            throw new IllegalArgumentException("authorizationUrl");
        }
        HashMap<String, String> d = ab.d(str);
        String e = e(d.get("state"));
        if (ab.a(e)) {
            throw new AuthenticationException(ADALError.AUTH_FAILED_NO_STATE);
        }
        Uri parse = Uri.parse("http://state/path?".concat(String.valueOf(e)));
        String queryParameter = parse.getQueryParameter("a");
        String queryParameter2 = parse.getQueryParameter("r");
        if (ab.a(queryParameter) || ab.a(queryParameter2) || !queryParameter2.equalsIgnoreCase(this.a.mResource)) {
            throw new AuthenticationException(ADALError.AUTH_FAILED_BAD_STATE);
        }
        AuthenticationResult a = a(d);
        return (a == null || a.mCode == null || a.mCode.isEmpty()) ? a : d(a.mCode);
    }

    public final String b() {
        return String.format("%s?%s", c(), a());
    }
}
