package com.microsoft.authorization.odb;

import android.accounts.Account;
import android.accounts.AccountManager;
import android.content.Context;
import android.net.Uri;
import android.text.TextUtils;
import androidx.annotation.NonNull;
import androidx.annotation.Nullable;
import androidx.annotation.VisibleForTesting;
import com.google.gson.JsonSyntaxException;
import com.microsoft.aad.adal.AuthenticationException;
import com.microsoft.aad.adal.AuthenticationResult;
import com.microsoft.authentication.AuthResult;
import com.microsoft.authentication.telemetry.TelemetryParameters;
import com.microsoft.authorization.AccountHelper;
import com.microsoft.authorization.EmailDisambiguationNetworkTask;
import com.microsoft.authorization.FederationProvider;
import com.microsoft.authorization.OneDriveAccount;
import com.microsoft.authorization.OneDriveAccountType;
import com.microsoft.authorization.SecurityScope;
import com.microsoft.authorization.SecurityToken;
import com.microsoft.authorization.SignInManager;
import com.microsoft.authorization.adal.ADALConfigurationFetcher;
import com.microsoft.authorization.adal.ADALNetworkTasks;
import com.microsoft.authorization.adal.Constants;
import com.microsoft.authorization.communication.RetrofitFactory;
import com.microsoft.authorization.communication.UnexpectedServerResponseException;
import com.microsoft.authorization.instrumentation.AccountInstrumentationEvent;
import com.microsoft.authorization.instrumentation.EventMetaDataIDs;
import com.microsoft.authorization.oneauth.OneAuthAuthenticationException;
import com.microsoft.authorization.oneauth.OneAuthManager;
import com.microsoft.authorization.oneauth.OneAuthNetworkTasks;
import com.microsoft.authorization.oneauth.UnifiedAuthResult;
import com.microsoft.identity.common.java.AuthenticationConstants;
import com.microsoft.odsp.RampManager;
import com.microsoft.odsp.io.FileUtils;
import com.microsoft.odsp.io.Log;
import com.microsoft.tokenshare.c;
import java.io.IOException;
import java.io.InputStream;
import java.net.HttpURLConnection;
import java.net.URL;
import java.util.Collections;
import java.util.Date;
import java.util.Locale;
import java.util.UUID;
import java.util.concurrent.CountDownLatch;
import java.util.concurrent.atomic.AtomicReference;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.parsers.ParserConfigurationException;
import javax.xml.xpath.XPath;
import javax.xml.xpath.XPathConstants;
import javax.xml.xpath.XPathExpression;
import javax.xml.xpath.XPathExpressionException;
import javax.xml.xpath.XPathFactory;
import ob.a;
import ob.b;
import okhttp3.Authenticator;
import okhttp3.MediaType;
import okhttp3.OkHttpClient;
import okhttp3.Protocol;
import okhttp3.Request;
import okhttp3.RequestBody;
import okhttp3.Response;
import org.w3c.dom.Document;
import org.xml.sax.SAXException;

/* loaded from: classes2.dex */
public class OdbNetworkTasks extends ADALNetworkTasks {

    /* renamed from: c, reason: collision with root package name */
    private OneAuthNetworkTasks f9790c;

    @Deprecated
    /* loaded from: classes2.dex */
    public static class GetContextWebInformation {

        /* renamed from: c, reason: collision with root package name */
        private static final XPathExpression f9794c;

        /* renamed from: d, reason: collision with root package name */
        private static final XPathExpression f9795d;

        /* renamed from: a, reason: collision with root package name */
        public final Double f9796a;

        /* renamed from: b, reason: collision with root package name */
        public final String f9797b;

        static {
            XPath newXPath = XPathFactory.newInstance().newXPath();
            try {
                f9794c = newXPath.compile("/GetContextWebInformation/FormDigestValue");
                f9795d = newXPath.compile("/GetContextWebInformation/FormDigestTimeoutSeconds");
            } catch (XPathExpressionException e10) {
                throw new ExceptionInInitializerError(e10);
            }
        }

        public GetContextWebInformation(Document document) throws XPathExpressionException {
            this.f9797b = (String) f9794c.evaluate(document, XPathConstants.STRING);
            this.f9796a = (Double) f9795d.evaluate(document, XPathConstants.NUMBER);
        }
    }

    public OdbNetworkTasks(Context context, ADALConfigurationFetcher.ADALConfiguration aDALConfiguration) {
        super(context, aDALConfiguration.a());
        if (OneAuthManager.o(context)) {
            this.f9790c = new OneAuthNetworkTasks(this.f9165a);
        }
    }

    private static String e(String str, String str2) throws IOException {
        if (TextUtils.isEmpty(str) || TextUtils.isEmpty(str2)) {
            return null;
        }
        HttpURLConnection httpURLConnection = (HttpURLConnection) new URL(AuthenticationConstants.HTTPS_PROTOCOL_STRING, str2, "_api/SP.OAuth.NativeClient/Authenticate").openConnection();
        try {
            httpURLConnection.setRequestProperty("Authorization", String.format(Locale.ROOT, "Bearer %s", str));
            if ("f05ff7c9-f75a-4acd-a3b5-f4b6a870245d".equals(Constants.a())) {
                httpURLConnection.setRequestProperty("X-FeatureVersion", "2");
            }
            httpURLConnection.setRequestMethod("POST");
            if (httpURLConnection.getResponseCode() == 200) {
                return httpURLConnection.getHeaderField("Set-Cookie");
            }
            return null;
        } finally {
            httpURLConnection.disconnect();
        }
    }

    public static SecurityToken f(String str, SecurityScope securityScope, String str2, Uri uri, Authenticator authenticator) throws IOException {
        return g(str, securityScope, str2, uri, authenticator, false);
    }

    public static SecurityToken g(String str, SecurityScope securityScope, String str2, Uri uri, Authenticator authenticator, boolean z10) throws IOException {
        InputStream inputStream = null;
        if (TextUtils.isEmpty(securityScope.f9025a)) {
            return null;
        }
        Request.Builder method = new Request.Builder().url(Uri.parse(uri.getScheme() + "://" + securityScope.f9025a).buildUpon().appendPath("_api").appendPath("contextinfo").build().toString()).method("POST", RequestBody.create((MediaType) null, new byte[0]));
        method.header("Cookie", str);
        OkHttpClient.Builder newBuilder = RetrofitFactory.h().newBuilder();
        if (authenticator != null) {
            newBuilder.authenticator(authenticator);
        }
        if (z10) {
            newBuilder.protocols(Collections.singletonList(Protocol.HTTP_1_1));
        }
        Response execute = newBuilder.build().newCall(method.build()).execute();
        if (!execute.isSuccessful() || execute.body() == null) {
            throw new UnexpectedServerResponseException(execute.message());
        }
        try {
            try {
                inputStream = execute.body().byteStream();
                GetContextWebInformation getContextWebInformation = new GetContextWebInformation(DocumentBuilderFactory.newInstance().newDocumentBuilder().parse(inputStream));
                Double d10 = getContextWebInformation.f9796a;
                return new SecurityToken(getContextWebInformation.f9797b, new Date(System.currentTimeMillis() + ((d10 != null ? d10.longValue() : 0L) * 1000)), null, securityScope, str2);
            } catch (ParserConfigurationException | XPathExpressionException | SAXException unused) {
                throw new IOException(execute.code() + " : " + execute.message());
            }
        } finally {
            FileUtils.a(inputStream);
        }
    }

    @Nullable
    @VisibleForTesting
    static String h(String str) {
        int indexOf;
        if (!TextUtils.isEmpty(str) && (indexOf = str.indexOf(" ")) > 0) {
            return str.substring(0, indexOf);
        }
        return null;
    }

    private boolean k(AccountManager accountManager, Account account) {
        FederationProvider d10 = FederationProvider.d(accountManager.getUserData(account, "com.microsoft.skydrive.business_fp"));
        if (!j(d10)) {
            Log.b("OdbNetworkTasks", "refreshFederationProviderAsNeeded - No need to refresh federation provider.");
            return false;
        }
        Log.h("OdbNetworkTasks", "refreshFederationProviderAsNeeded - start");
        EmailDisambiguationNetworkTask emailDisambiguationNetworkTask = new EmailDisambiguationNetworkTask();
        final AtomicReference atomicReference = new AtomicReference();
        String h10 = h(account.name);
        final CountDownLatch countDownLatch = new CountDownLatch(1);
        if (TextUtils.isEmpty(h10)) {
            Log.e("OdbNetworkTasks", "refreshFederationProviderAsNeeded - account email is not available.");
            return false;
        }
        emailDisambiguationNetworkTask.e(h10, false, new c<FederationProvider>() { // from class: com.microsoft.authorization.odb.OdbNetworkTasks.1
            @Override // com.microsoft.tokenshare.c
            /* renamed from: a, reason: merged with bridge method [inline-methods] */
            public void onSuccess(FederationProvider federationProvider) {
                atomicReference.set(federationProvider);
                countDownLatch.countDown();
            }

            @Override // com.microsoft.tokenshare.c
            public void onError(Throwable th) {
                countDownLatch.countDown();
            }
        });
        try {
            countDownLatch.await();
        } catch (InterruptedException e10) {
            Log.f("OdbNetworkTasks", "refreshFederationProviderAsNeeded - InterruptedException received", e10);
        }
        FederationProvider federationProvider = (FederationProvider) atomicReference.get();
        if (federationProvider != null && federationProvider != d10) {
            try {
                Log.h("OdbNetworkTasks", "refreshFederationProviderAsNeeded - getADALConfigurationSync");
                ADALConfigurationFetcher.ADALConfiguration c10 = new ADALConfigurationFetcher().c(this.f9165a, federationProvider, false);
                accountManager.setUserData(account, "com.microsoft.skydrive.business_fp", federationProvider.toString());
                accountManager.setUserData(account, "com.microsoft.skydrive.business_authority", c10.a());
                d(c10.a());
                Log.h("OdbNetworkTasks", "refreshFederationProviderAsNeeded - updated account federation provider from " + d10 + " to " + federationProvider);
                OneDriveAccount j10 = SignInManager.p().j(this.f9165a, account.name);
                new a("FPOld", d10.toString());
                b.d().o(new AccountInstrumentationEvent(this.f9165a, EventMetaDataIDs.D, new a[]{new a("FPOld", d10.toString()), new a("FPNew", federationProvider.toString())}, (a[]) null, j10));
                return true;
            } catch (IOException | XPathExpressionException e11) {
                Log.f("OdbNetworkTasks", "refreshFederationProviderAsNeeded - failed to fetch adal configuration for " + federationProvider, e11);
            }
        }
        return false;
    }

    @Nullable
    private UnifiedAuthResult m(String str, String str2, String str3, TelemetryParameters telemetryParameters) throws AuthenticationException, OneAuthAuthenticationException {
        if (!OneAuthManager.o(this.f9165a)) {
            AuthenticationResult c10 = c(str2, str, str3);
            if (c10 != null) {
                return new UnifiedAuthResult(c10);
            }
            return null;
        }
        AuthResult q10 = this.f9790c.q(str, OneDriveAccountType.BUSINESS, str2, str3, telemetryParameters);
        if (q10 == null) {
            Log.e("OdbNetworkTasks", "Could not execute token refresh for userId" + str + "; No account found for given userId");
            return null;
        }
        UnifiedAuthResult unifiedAuthResult = new UnifiedAuthResult(q10);
        Log.a("UserIdInformation", "(UnifiedTokenRefresh result) called for userId:" + str + " returned getUserId:" + unifiedAuthResult.j() + " getDisplayableId:" + unifiedAuthResult.d());
        if (q10.getCredential() == null || q10.getAccount() == null) {
            Log.a("UserIdInformation", "(UnifiedTokenRefresh result) oneAuthResult.getCredentials() or account was null");
        } else {
            Log.a("UserIdInformation", "(UnifiedTokenRefresh result) oneAuthResult.getCredentials().getAccountId(): " + q10.getCredential().getAccountId() + "oneAuthResult.getAccount().getId():" + q10.getAccount().getId() + " oneAuthResult.getAccount().getProviderId(): " + q10.getAccount().getProviderId());
        }
        if (q10.getError() == null) {
            return unifiedAuthResult;
        }
        Log.c("OdbNetworkTasks", "Tokenrefresh with oneAuth returned with error: " + q10.getError().getStatus() + " and substatus: " + q10.getError().getSubStatus());
        throw new OneAuthAuthenticationException(q10.getError());
    }

    protected String i(@NonNull String str) {
        return RampManager.b().get(str);
    }

    @VisibleForTesting
    boolean j(FederationProvider federationProvider) {
        if (federationProvider == null) {
            Log.e("OdbNetworkTasks", "isRefreshFederationProviderAllowed - FederationProvider value is null.");
            return false;
        }
        if (!Boolean.parseBoolean(i("FederationProviderRefresh"))) {
            Log.e("OdbNetworkTasks", "isRefreshFederationProviderAllowed - ramp is off.");
            return false;
        }
        String i10 = i("FederationProviderRefreshAllowed");
        if (TextUtils.isEmpty(i10)) {
            Log.e("OdbNetworkTasks", "isRefreshFederationProviderAllowed - Allowed list empty.");
            return false;
        }
        for (String str : i10.split(";")) {
            if (FederationProvider.d(str) == federationProvider) {
                return true;
            }
        }
        Log.e("OdbNetworkTasks", "isRefreshFederationProviderAllowed - not in allowed list: " + federationProvider.toString());
        return false;
    }

    public SecurityToken l(AccountManager accountManager, Account account, SecurityScope securityScope, String str, UUID uuid) throws IOException, JsonSyntaxException, AuthenticationException, OneAuthAuthenticationException {
        String uri;
        UnifiedAuthResult m10;
        String e10;
        String userData = accountManager.getUserData(account, "com.microsoft.skydrive.cid");
        TelemetryParameters telemetryParameters = new TelemetryParameters(uuid);
        Log.a("OdbNetworkTasks", "(refreshSecurityToken) account.name:" + account.name + " attempting to find account using USER_CID:" + userData);
        if (TextUtils.isEmpty(userData)) {
            return null;
        }
        if (!"ODB_ACCESSTOKEN".equalsIgnoreCase(securityScope.f9026b) && !"ODB_ACCESSTOKEN_BY_GUID".equalsIgnoreCase(securityScope.f9026b)) {
            if (!"ODB_COOKIE".equalsIgnoreCase(securityScope.f9026b)) {
                if (!"ODB_FORM_DIGEST".equalsIgnoreCase(securityScope.f9026b)) {
                    return null;
                }
                SecurityToken l10 = l(accountManager, account, SecurityScope.f(OneDriveAccountType.BUSINESS, Uri.parse("https://" + securityScope.f9025a), "ODB_COOKIE"), null, uuid);
                return f(l10 != null ? l10.b() : "", securityScope, userData, AccountHelper.u(this.f9165a, account), null);
            }
            String uri2 = new Uri.Builder().scheme(AuthenticationConstants.HTTPS_PROTOCOL_STRING).authority(securityScope.f9025a).build().toString();
            telemetryParameters.setScenarioName("odbCookie");
            UnifiedAuthResult m11 = m(userData, uri2, str, telemetryParameters);
            if (m11 == null || m11.h() != AuthenticationResult.AuthenticationStatus.Succeeded || (e10 = e(m11.b(), securityScope.f9025a)) == null) {
                return null;
            }
            Date e11 = m11.e();
            if ("f05ff7c9-f75a-4acd-a3b5-f4b6a870245d".equals(Constants.a())) {
                e11 = new Date(System.currentTimeMillis() + 432000000);
            }
            return new SecurityToken(e10, e11, null, securityScope, userData);
        }
        if ("ODB_ACCESSTOKEN_BY_GUID".equalsIgnoreCase(securityScope.f9026b)) {
            uri = securityScope.f9025a;
        } else {
            uri = Uri.parse("https://" + securityScope.f9025a).toString();
        }
        String str2 = uri;
        try {
            telemetryParameters.setScenarioName("odbRefreshToken");
            m10 = m(userData, str2, str, telemetryParameters);
            StringBuilder sb2 = new StringBuilder();
            sb2.append("refreshSecurityToken -- result: ");
            sb2.append(m10 != null ? m10.h().toString() : null);
            Log.h("OdbNetworkTasks", sb2.toString());
        } catch (AuthenticationException e12) {
            if (!k(accountManager, account)) {
                throw e12;
            }
            telemetryParameters.setScenarioName("odbRefreshToken_federationProviderRefresh");
            m10 = m(userData, str2, str, telemetryParameters);
        }
        if (m10 == null || m10.h() != AuthenticationResult.AuthenticationStatus.Succeeded) {
            return null;
        }
        SecurityToken securityToken = new SecurityToken(m10.b(), m10.e(), m10.g(), securityScope, userData);
        securityToken.s(m10.c());
        return securityToken;
    }
}
