package com.microsoft.aad.adal;

import android.net.Uri;
import android.os.Build;
import android.text.TextUtils;
import android.util.Base64;
import com.microsoft.aad.adal.n1;
import com.microsoft.intune.mam.client.app.AppUtils;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.net.SocketTimeoutException;
import java.net.URL;
import java.net.URLEncoder;
import java.util.GregorianCalendar;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.UUID;
import org.json.JSONException;
import org.json.JSONObject;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: classes.dex */
public class d1 {

    /* renamed from: a, reason: collision with root package name */
    private m f3026a;

    /* renamed from: b, reason: collision with root package name */
    private e.e.a.a.b.a.e.e f3027b;

    /* renamed from: c, reason: collision with root package name */
    private u0 f3028c;

    /* renamed from: d, reason: collision with root package name */
    private String f3029d;

    /* renamed from: e, reason: collision with root package name */
    private boolean f3030e;

    /* JADX INFO: Access modifiers changed from: package-private */
    public d1(m mVar) {
        this.f3028c = new b1();
        this.f3030e = true;
        this.f3026a = mVar;
        this.f3027b = null;
        this.f3028c = null;
        s(this.f3026a.a() + "/oauth2/token");
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public d1(m mVar, e.e.a.a.b.a.e.e eVar) {
        this.f3028c = new b1();
        this.f3030e = true;
        this.f3026a = mVar;
        this.f3027b = eVar;
        this.f3028c = null;
        s(this.f3026a.a() + "/oauth2/token");
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public d1(m mVar, e.e.a.a.b.a.e.e eVar, u0 u0Var) {
        this.f3028c = new b1();
        this.f3030e = true;
        this.f3026a = mVar;
        this.f3027b = eVar;
        this.f3028c = u0Var;
        s(this.f3026a.a() + "/oauth2/token");
    }

    public static String c(String str) throws UnsupportedEncodingException {
        if (e.e.a.a.b.a.f.d.h(str)) {
            return null;
        }
        return new String(Base64.decode(str, 9), "UTF-8");
    }

    private static void e(Map<String, String> map, String str) throws JSONException {
        JSONObject jSONObject = new JSONObject(str);
        Iterator<String> keys = jSONObject.keys();
        while (keys.hasNext()) {
            String next = keys.next();
            map.put(next, jSONObject.getString(next));
        }
    }

    private Map<String, String> i() {
        HashMap hashMap = new HashMap();
        hashMap.put("Accept", "application/json");
        return hashMap;
    }

    private o m(String str) throws JSONException, l {
        HashMap hashMap = new HashMap();
        e(hashMap, str);
        return p(hashMap);
    }

    private o n(String str, Map<String, String> map) throws IOException, l {
        o oVar;
        String a2;
        o0 t = t();
        URL e2 = e.e.a.a.b.a.f.d.e(k());
        if (e2 == null) {
            u(t);
            throw new l(a.DEVELOPER_AUTHORITY_IS_NOT_VALID_URL);
        }
        t.h(e2);
        try {
            try {
                try {
                    this.f3027b.a(this.f3026a.i());
                    b0 b0Var = b0.INSTANCE;
                    b0Var.f(e2, this.f3026a.i(), map);
                    e.e.a.a.b.a.e.d b2 = this.f3027b.b(e2, map, str.getBytes("UTF_8"), "application/x-www-form-urlencoded");
                    t.m(b2.c());
                    t.e(this.f3026a.i().toString());
                    u(t);
                    if (b2.c() == 401) {
                        if (b2.b() == null || !b2.b().containsKey("WWW-Authenticate")) {
                            c1.l("Oauth:postMessage", "401 http status code is returned without authorization header.");
                        } else {
                            String str2 = b2.b().get("WWW-Authenticate").get(0);
                            c1.i("Oauth:postMessage", "Device certificate challenge request. ", "Challenge header: " + str2);
                            if (e.e.a.a.b.a.f.d.h(str2)) {
                                throw new l(a.DEVICE_CERTIFICATE_REQUEST_INVALID, "Challenge header is empty", b2);
                            }
                            if (e.e.a.a.b.a.f.d.g(str2, "PKeyAuth")) {
                                o0 t2 = t();
                                t2.h(e2);
                                c1.l("Oauth:postMessage", "Received pkeyAuth device challenge.");
                                a0 a0Var = new a0(this.f3028c);
                                c1.l("Oauth:postMessage", "Processing device challenge.");
                                map.put("Authorization", a0Var.c(str2, e2.toString()).d());
                                c1.l("Oauth:postMessage", "Sending request with challenge response.");
                                e.e.a.a.b.a.e.d b3 = this.f3027b.b(e2, map, str.getBytes("UTF_8"), "application/x-www-form-urlencoded");
                                t2.m(b3.c());
                                t2.e(this.f3026a.i().toString());
                                u(t2);
                                b2 = b3;
                            }
                        }
                    }
                    boolean isEmpty = TextUtils.isEmpty(b2.a());
                    if (isEmpty) {
                        oVar = null;
                    } else {
                        c1.l("Oauth:postMessage", "Token request does not have exception.");
                        try {
                            oVar = o(b2, t);
                            b0Var.h(null);
                        } catch (k1 e3) {
                            o r = r(str, map);
                            if (r != null) {
                                b0.INSTANCE.g("token", this.f3026a.i());
                                return r;
                            }
                            if (this.f3026a.l()) {
                                c1.l("Oauth:postMessage", "WebResponse is not a success due to: " + b2.c());
                                throw e3;
                            }
                            c1.l("Oauth:postMessage", "WebResponse is not a success due to: " + b2.c());
                            throw new l(a.SERVER_ERROR, "WebResponse is not a success due to: " + b2.c(), b2);
                        }
                    }
                    if (oVar != null) {
                        b0Var.i(oVar.p());
                        b0Var.g("token", this.f3026a.i());
                        return oVar;
                    }
                    if (isEmpty) {
                        a2 = "Status code:" + b2.c();
                    } else {
                        a2 = b2.a();
                    }
                    a aVar = a.SERVER_ERROR;
                    c1.c("Oauth:postMessage", aVar.a(), a2, aVar);
                    throw new l(aVar, a2, b2);
                } catch (IOException e4) {
                    b0.INSTANCE.h(null);
                    a aVar2 = a.SERVER_ERROR;
                    c1.d("Oauth:postMessage", aVar2.a(), e4.getMessage(), aVar2, e4);
                    throw e4;
                }
            } catch (UnsupportedEncodingException e5) {
                b0.INSTANCE.h(null);
                a aVar3 = a.ENCODING_IS_NOT_SUPPORTED;
                c1.d("Oauth:postMessage", aVar3.a(), e5.getMessage(), aVar3, e5);
                throw e5;
            } catch (SocketTimeoutException e6) {
                o r2 = r(str, map);
                if (r2 != null) {
                    b0.INSTANCE.g("token", this.f3026a.i());
                    return r2;
                }
                b0.INSTANCE.h(null);
                if (this.f3026a.l()) {
                    a aVar4 = a.SERVER_ERROR;
                    c1.d("Oauth:postMessage", aVar4.a(), e6.getMessage(), aVar4, e6);
                    throw new k1(e6.getMessage(), e6);
                }
                a aVar5 = a.SERVER_ERROR;
                c1.d("Oauth:postMessage", aVar5.a(), e6.getMessage(), aVar5, e6);
                throw e6;
            }
        } catch (Throwable th) {
            b0.INSTANCE.g("token", this.f3026a.i());
            throw th;
        }
    }

    private o o(e.e.a.a.b.a.e.d dVar, o0 o0Var) throws l {
        String str;
        n1.a b2;
        List<String> list;
        List<String> list2;
        String str2 = null;
        if (dVar.b() != null) {
            str = (!dVar.b().containsKey("client-request-id") || (list2 = dVar.b().get("client-request-id")) == null || list2.size() <= 0) ? null : list2.get(0);
            if (dVar.b().containsKey("x-ms-request-id") && (list = dVar.b().get("x-ms-request-id")) != null && list.size() > 0) {
                c1.l("Oauth:processTokenResponse", "Set request id header. x-ms-request-id: " + list.get(0));
                o0Var.l(list.get(0));
            }
            if (dVar.b().get("x-ms-clitelem") != null && !dVar.b().get("x-ms-clitelem").isEmpty() && (b2 = n1.b(dVar.b().get("x-ms-clitelem").get(0))) != null) {
                o0Var.q(b2);
                str2 = b2.h();
            }
        } else {
            str = null;
        }
        int c2 = dVar.c();
        if (c2 != 200 && c2 != 400 && c2 != 401) {
            if (c2 >= 500 && c2 <= 599) {
                throw new k1("Server Error " + c2 + " " + dVar.a(), dVar);
            }
            throw new l(a.SERVER_ERROR, "Unexpected server response " + c2 + " " + dVar.a(), dVar);
        }
        try {
            o m = m(dVar.a());
            if (m != null) {
                if (m.o() != null) {
                    m.O(dVar);
                }
                n1.a aVar = new n1.a();
                aVar.l(str2);
                m.I(aVar);
                o0Var.j(m.o());
            }
            if (str != null && !str.isEmpty()) {
                try {
                    if (!UUID.fromString(str).equals(this.f3026a.i())) {
                        c1.o("Oauth:processTokenResponse", "CorrelationId is not matching", "", a.CORRELATION_ID_NOT_MATCHING_REQUEST_RESPONSE);
                    }
                    c1.l("Oauth:processTokenResponse", "Response correlationId:" + str);
                } catch (IllegalArgumentException e2) {
                    c1.d("Oauth:processTokenResponse", "Wrong format of the correlation ID:" + str, "", a.CORRELATION_ID_FORMAT, e2);
                }
            }
            return m;
        } catch (JSONException e3) {
            throw new l(a.SERVER_INVALID_JSON_RESPONSE, "Can't parse server response. " + dVar.a(), dVar, e3);
        }
    }

    private o r(String str, Map<String, String> map) throws IOException, l {
        if (!this.f3030e) {
            return null;
        }
        this.f3030e = false;
        try {
            Thread.sleep(1000L);
        } catch (InterruptedException unused) {
            c1.l("Oauth:retry", "The thread is interrupted while it is sleeping. ");
        }
        c1.l("Oauth:retry", "Try again...");
        return n(str, map);
    }

    private void s(String str) {
        this.f3029d = str;
    }

    private o0 t() {
        o0 o0Var = new o0("Microsoft.ADAL.http_event");
        o0Var.g(this.f3026a.s());
        o0Var.i("Microsoft.ADAL.post");
        m1.c().e(this.f3026a.s(), "Microsoft.ADAL.http_event");
        return o0Var;
    }

    private void u(o0 o0Var) {
        m1.c().f(this.f3026a.s(), o0Var, "Microsoft.ADAL.http_event");
    }

    public String a(String str) throws UnsupportedEncodingException {
        c1.l("Oauth", "Building request message for redeeming token with refresh token.");
        String format = String.format("%s=%s&%s=%s&%s=%s&%s=%s", "grant_type", e.e.a.a.b.a.f.d.l("refresh_token"), "refresh_token", e.e.a.a.b.a.f.d.l(str), "client_id", e.e.a.a.b.a.f.d.l(this.f3026a.h()), "client_info", "1");
        return !e.e.a.a.b.a.f.d.h(this.f3026a.r()) ? String.format("%s&%s=%s", format, "resource", e.e.a.a.b.a.f.d.l(this.f3026a.r())) : format;
    }

    public String b(String str) throws UnsupportedEncodingException {
        c1.l("Oauth", "Building request message for redeeming token with auth code.");
        return String.format("%s=%s&%s=%s&%s=%s&%s=%s&%s=%s", "grant_type", e.e.a.a.b.a.f.d.l("authorization_code"), "code", e.e.a.a.b.a.f.d.l(str), "client_id", e.e.a.a.b.a.f.d.l(this.f3026a.h()), "redirect_uri", e.e.a.a.b.a.f.d.l(this.f3026a.p()), "client_info", "1");
    }

    public String d() throws UnsupportedEncodingException {
        return Base64.encodeToString(String.format("a=%s&r=%s", this.f3026a.a(), this.f3026a.r()).getBytes("UTF-8"), 9);
    }

    public String f() {
        return this.f3026a.a() + "/oauth2/authorize";
    }

    public String g() throws UnsupportedEncodingException {
        Uri.Builder builder = new Uri.Builder();
        builder.appendQueryParameter("response_type", "code").appendQueryParameter("client_id", URLEncoder.encode(this.f3026a.h(), "UTF_8")).appendQueryParameter("resource", URLEncoder.encode(this.f3026a.r(), "UTF_8")).appendQueryParameter("redirect_uri", URLEncoder.encode(this.f3026a.p(), "UTF_8")).appendQueryParameter("state", d());
        if (!e.e.a.a.b.a.f.d.h(this.f3026a.n())) {
            builder.appendQueryParameter("login_hint", URLEncoder.encode(this.f3026a.n(), "UTF_8"));
        }
        builder.appendQueryParameter("x-client-SKU", "Android").appendQueryParameter("x-client-Ver", URLEncoder.encode(j.u(), "UTF_8")).appendQueryParameter("x-client-OS", URLEncoder.encode(String.valueOf(Build.VERSION.SDK_INT), "UTF_8")).appendQueryParameter("x-client-DM", URLEncoder.encode(Build.MODEL, "UTF_8"));
        if (this.f3026a.i() != null) {
            builder.appendQueryParameter("client-request-id", URLEncoder.encode(this.f3026a.i().toString(), "UTF_8"));
        }
        if (this.f3026a.o() == g1.Always) {
            builder.appendQueryParameter("prompt", URLEncoder.encode("login", "UTF_8"));
        } else if (this.f3026a.o() == g1.REFRESH_SESSION) {
            builder.appendQueryParameter("prompt", URLEncoder.encode("refresh_session", "UTF_8"));
        }
        String j = this.f3026a.j();
        if (e.e.a.a.b.a.f.d.h(j) || !j.contains("haschrome")) {
            builder.appendQueryParameter("haschrome", "1");
        }
        if (!e.e.a.a.b.a.f.d.h(this.f3026a.g())) {
            builder.appendQueryParameter("claims", this.f3026a.g());
        }
        String query = builder.build().getQuery();
        if (e.e.a.a.b.a.f.d.h(j)) {
            return query;
        }
        if (!j.startsWith("&")) {
            j = "&" + j;
        }
        return query + j;
    }

    public String h() throws UnsupportedEncodingException {
        return String.format("%s?%s", f(), g());
    }

    public o j(String str) throws IOException, l {
        if (e.e.a.a.b.a.f.d.h(str)) {
            throw new IllegalArgumentException("authorizationUrl");
        }
        HashMap<String, String> f2 = e.e.a.a.b.a.f.d.f(str);
        String c2 = c(f2.get("state"));
        if (e.e.a.a.b.a.f.d.h(c2)) {
            throw new l(a.AUTH_FAILED_NO_STATE);
        }
        Uri parse = Uri.parse("http://state/path?" + c2);
        String queryParameter = parse.getQueryParameter("a");
        String queryParameter2 = parse.getQueryParameter("r");
        if (e.e.a.a.b.a.f.d.h(queryParameter) || e.e.a.a.b.a.f.d.h(queryParameter2) || !queryParameter2.equalsIgnoreCase(this.f3026a.r())) {
            throw new l(a.AUTH_FAILED_BAD_STATE);
        }
        o p = p(f2);
        if (p == null || p.n() == null || p.n().isEmpty()) {
            return p;
        }
        o l = l(p.n());
        if (e.e.a.a.b.a.f.d.h(p.j())) {
            l.H(this.f3026a.a());
        } else {
            l.H(p.j());
        }
        return l;
    }

    public String k() {
        return this.f3029d;
    }

    public o l(String str) throws IOException, l {
        if (this.f3027b == null) {
            throw new IllegalArgumentException("webRequestHandler");
        }
        try {
            String b2 = b(str);
            Map<String, String> i = i();
            c1.l("Oauth:getTokenForCode", "Sending request to redeem token with auth code.");
            return n(b2, i);
        } catch (UnsupportedEncodingException e2) {
            c1.d("Oauth:getTokenForCode", a.ENCODING_IS_NOT_SUPPORTED.a(), e2.getMessage(), a.ENCODING_IS_NOT_SUPPORTED, e2);
            return null;
        }
    }

    public o p(Map<String, String> map) throws l {
        boolean z;
        String str;
        u1 u1Var;
        String str2;
        String str3;
        e.e.a.a.d.e.b.d.j jVar = null;
        if (map.containsKey("error")) {
            String str4 = map.get("correlation_id");
            if (!e.e.a.a.b.a.f.d.h(str4)) {
                try {
                    c1.k(UUID.fromString(str4));
                } catch (IllegalArgumentException unused) {
                    c1.c("Oauth", "CorrelationId is malformed: " + str4, "", a.CORRELATION_ID_FORMAT);
                }
            }
            c1.i("Oauth", "OAuth2 error:" + map.get("error"), " Description:" + map.get("error_description"));
            return new o(map.get("error"), map.get("error_description"), map.get("error_codes"));
        }
        if (map.containsKey("code")) {
            o oVar = new o(this.f3026a.h(), map.get("code"));
            String str5 = map.get("cloud_instance_host_name");
            if (e.e.a.a.b.a.f.d.h(str5)) {
                return oVar;
            }
            String uri = new Uri.Builder().scheme("https").authority(str5).path(e.e.a.a.b.a.f.d.e(this.f3026a.a()).getPath()).build().toString();
            s(uri + "/oauth2/token");
            oVar.H(uri);
            return oVar;
        }
        if (!map.containsKey("access_token")) {
            return null;
        }
        String str6 = map.get("expires_in");
        GregorianCalendar gregorianCalendar = new GregorianCalendar();
        Long valueOf = Long.valueOf((str6 == null || str6.isEmpty()) ? 3600L : Long.parseLong(str6));
        gregorianCalendar.add(13, (str6 == null || str6.isEmpty()) ? 3600 : Integer.parseInt(str6));
        String str7 = map.get("refresh_token");
        if (!map.containsKey("resource") || e.e.a.a.b.a.f.d.h(str7)) {
            z = false;
            str = null;
        } else {
            str = map.get("resource");
            z = true;
        }
        if (map.containsKey("id_token")) {
            String str8 = map.get("id_token");
            if (e.e.a.a.b.a.f.d.h(str8)) {
                c1.l("Oauth", "IdToken was not returned from token request.");
                str3 = str8;
                u1Var = null;
                str2 = null;
            } else {
                c1.l("Oauth", "Id token was returned, parsing id token.");
                x0 x0Var = new x0(str8);
                str3 = str8;
                str2 = x0Var.j();
                u1Var = new u1(x0Var);
            }
        } else {
            u1Var = null;
            str2 = null;
            str3 = null;
        }
        String str9 = map.containsKey("foci") ? map.get("foci") : null;
        if (map.containsKey("client_info")) {
            try {
                jVar = new e.e.a.a.d.e.b.d.j(map.get("client_info"));
            } catch (e.e.a.a.c.c unused2) {
                c1.n("Oauth", "ClientInfo decoding/parsing failed.");
            }
        }
        o oVar2 = new o(map.get("access_token"), str7, gregorianCalendar.getTime(), z, u1Var, str2, str3, null, this.f3026a.h());
        oVar2.S(str);
        oVar2.J(jVar);
        oVar2.K(valueOf);
        oVar2.T(Long.valueOf(System.currentTimeMillis()));
        if (map.containsKey("ext_expires_in")) {
            String str10 = map.get("ext_expires_in");
            GregorianCalendar gregorianCalendar2 = new GregorianCalendar();
            gregorianCalendar2.add(13, e.e.a.a.b.a.f.d.h(str10) ? 3600 : Integer.parseInt(str10));
            oVar2.M(gregorianCalendar2.getTime());
        }
        oVar2.N(str9);
        return oVar2;
    }

    public o q(String str) throws IOException, l {
        if (this.f3027b == null) {
            c1.l("Oauth", "Web request is not set correctly.");
            throw new IllegalArgumentException("webRequestHandler is null.");
        }
        try {
            String a2 = a(str);
            Map<String, String> i = i();
            i.put("x-ms-PKeyAuth", AppUtils.DEFAULT_PACKAGE_VERSION);
            c1.l("Oauth", "Sending request to redeem token with refresh token.");
            return n(a2, i);
        } catch (UnsupportedEncodingException e2) {
            c1.d("Oauth", a.ENCODING_IS_NOT_SUPPORTED.a(), e2.getMessage(), a.ENCODING_IS_NOT_SUPPORTED, e2);
            return null;
        }
    }
}
