package com.microsoft.aad.adal;

import android.net.Uri;
import android.os.Build;
import android.text.TextUtils;
import android.util.Base64;
import com.fasterxml.jackson.annotation.JsonProperty;
import com.google.api.client.http.HttpStatusCodes;
import com.google.api.client.http.UrlEncodedParser;
import com.google.common.net.HttpHeaders;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.net.SocketTimeoutException;
import java.net.URL;
import java.net.URLEncoder;
import java.util.GregorianCalendar;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.UUID;
import org.json.JSONException;
import org.json.JSONObject;

/* JADX INFO: Access modifiers changed from: package-private */
/* compiled from: Oauth2.java */
/* loaded from: classes2.dex */
public class bf {

    /* renamed from: a, reason: collision with root package name */
    private o f2713a;

    /* renamed from: b, reason: collision with root package name */
    private ay f2714b;

    /* renamed from: c, reason: collision with root package name */
    private aw f2715c;
    private boolean d;

    /* JADX INFO: Access modifiers changed from: package-private */
    public bf(o oVar) {
        this.f2715c = new bc();
        this.d = true;
        this.f2713a = oVar;
        this.f2714b = null;
        this.f2715c = null;
    }

    public bf(o oVar, ay ayVar) {
        this.f2715c = new bc();
        this.d = true;
        this.f2713a = oVar;
        this.f2714b = ayVar;
        this.f2715c = null;
    }

    public bf(o oVar, ay ayVar, aw awVar) {
        this.f2715c = new bc();
        this.d = true;
        this.f2713a = oVar;
        this.f2714b = ayVar;
        this.f2715c = awVar;
    }

    private q a(aq aqVar, an anVar) {
        String str;
        List<String> list;
        List<String> list2;
        if (aqVar.b() != null) {
            str = (!aqVar.b().containsKey("client-request-id") || (list2 = aqVar.b().get("client-request-id")) == null || list2.size() <= 0) ? null : list2.get(0);
            if (aqVar.b().containsKey("x-ms-request-id") && (list = aqVar.b().get("x-ms-request-id")) != null && list.size() > 0) {
                be.c("Oauth", "x-ms-request-id: " + list.get(0));
                anVar.c(list.get(0));
            }
        } else {
            str = null;
        }
        switch (aqVar.a()) {
            case HttpStatusCodes.STATUS_CODE_OK /* 200 */:
            case 400:
            case HttpStatusCodes.STATUS_CODE_UNAUTHORIZED /* 401 */:
                try {
                    q g = g(aqVar.c());
                    if (g != null) {
                        anVar.b(g.j());
                    }
                    if (str != null && !str.isEmpty()) {
                        try {
                            if (!UUID.fromString(str).equals(this.f2713a.f())) {
                                be.f("Oauth", "CorrelationId is not matching", JsonProperty.USE_DEFAULT_NAME, a.CORRELATION_ID_NOT_MATCHING_REQUEST_RESPONSE);
                            }
                            be.c("Oauth", "Response correlationId:" + str);
                        } catch (IllegalArgumentException e) {
                            be.b("Oauth", "Wrong format of the correlation ID:" + str, JsonProperty.USE_DEFAULT_NAME, a.CORRELATION_ID_FORMAT, e);
                        }
                    }
                    return g;
                } catch (JSONException e2) {
                    throw new n(a.SERVER_INVALID_JSON_RESPONSE, "Can't parse server response " + aqVar.c(), e2);
                }
            case 500:
            case HttpStatusCodes.STATUS_CODE_SERVICE_UNAVAILABLE /* 503 */:
            case 504:
                throw new bk("Unexpected server response " + aqVar.c());
            default:
                throw new n(a.SERVER_ERROR, "Unexpected server response " + aqVar.c());
        }
    }

    private q a(String str, Map<String, String> map) {
        q b2;
        aq a2;
        boolean isEmpty;
        aq aqVar;
        an g = g();
        URL e = bm.e(b());
        if (e == null) {
            a(g);
            throw new n(a.DEVELOPER_AUTHORITY_IS_NOT_VALID_URL);
        }
        g.a(e);
        try {
            try {
                try {
                    this.f2714b.a(this.f2713a.f());
                    ab.INSTANCE.a(e, this.f2713a.f(), map);
                    a2 = this.f2714b.a(e, map, str.getBytes("UTF_8"), UrlEncodedParser.CONTENT_TYPE);
                    g.a(a2.a());
                    g.h(this.f2713a.f().toString());
                    a(g);
                    if (a2.a() == 401) {
                        if (a2.b() == null || !a2.b().containsKey(HttpHeaders.WWW_AUTHENTICATE)) {
                            be.c("Oauth", "401 http status code is returned without authorization header");
                        } else {
                            String str2 = a2.b().get(HttpHeaders.WWW_AUTHENTICATE).get(0);
                            be.c("Oauth", "Device certificate challenge request:" + str2);
                            if (bm.a(str2)) {
                                throw new n(a.DEVICE_CERTIFICATE_REQUEST_INVALID, "Challenge header is empty");
                            }
                            if (bm.b(str2, "PKeyAuth")) {
                                an g2 = g();
                                g2.a(e);
                                be.c("Oauth", "Received pkeyAuth device challenge.");
                                aa aaVar = new aa(this.f2715c);
                                be.c("Oauth", "Processing device challenge");
                                map.put(HttpHeaders.AUTHORIZATION, aaVar.a(str2, e.toString()).b());
                                be.c("Oauth", "Sending request with challenge response");
                                aqVar = this.f2714b.a(e, map, str.getBytes("UTF_8"), UrlEncodedParser.CONTENT_TYPE);
                                g2.a(aqVar.a());
                                g2.h(this.f2713a.f().toString());
                                a(g2);
                            } else {
                                aqVar = a2;
                            }
                            a2 = aqVar;
                        }
                    }
                    isEmpty = TextUtils.isEmpty(a2.c());
                    if (isEmpty) {
                        b2 = null;
                    } else {
                        be.c("Oauth", "Token request does not have exception");
                        try {
                            b2 = a(a2, g);
                            ab.INSTANCE.a((String) null);
                        } catch (bk e2) {
                            b2 = b(str, map);
                            if (b2 == null) {
                                if (this.f2713a.o()) {
                                    be.c("Oauth", "WebResponse is not a success due to: " + a2.a());
                                    throw e2;
                                }
                                be.c("Oauth", "WebResponse is not a success due to: " + a2.a());
                                throw new n(a.SERVER_ERROR, "WebResponse is not a success due to: " + a2.a());
                            }
                            ab.INSTANCE.a("token", this.f2713a.f());
                        }
                    }
                } catch (Throwable th) {
                    ab.INSTANCE.a("token", this.f2713a.f());
                    throw th;
                }
            } catch (SocketTimeoutException e3) {
                b2 = b(str, map);
                if (b2 == null) {
                    ab.INSTANCE.a((String) null);
                    if (this.f2713a.o()) {
                        be.b("Oauth", e3.getMessage(), JsonProperty.USE_DEFAULT_NAME, a.SERVER_ERROR, e3);
                        throw new bk(e3.getMessage(), e3);
                    }
                    be.b("Oauth", e3.getMessage(), JsonProperty.USE_DEFAULT_NAME, a.SERVER_ERROR, e3);
                    throw e3;
                }
                ab.INSTANCE.a("token", this.f2713a.f());
            }
            if (b2 == null) {
                String c2 = isEmpty ? "Status code:" + a2.a() : a2.c();
                be.g("Oauth", "Server error message", c2, a.SERVER_ERROR);
                throw new n(a.SERVER_ERROR, c2);
            }
            ab.INSTANCE.a(b2.n());
            ab.INSTANCE.a("token", this.f2713a.f());
            return b2;
        } catch (UnsupportedEncodingException e4) {
            ab.INSTANCE.a((String) null);
            be.b("Oauth", e4.getMessage(), JsonProperty.USE_DEFAULT_NAME, a.ENCODING_IS_NOT_SUPPORTED, e4);
            throw e4;
        } catch (IOException e5) {
            ab.INSTANCE.a((String) null);
            be.b("Oauth", e5.getMessage(), JsonProperty.USE_DEFAULT_NAME, a.SERVER_ERROR, e5);
            throw e5;
        }
    }

    public static q a(Map<String, String> map) {
        String str;
        String str2;
        bu buVar;
        if (map.containsKey("error")) {
            String str3 = map.get("correlation_id");
            if (!bm.a(str3)) {
                try {
                    be.a(UUID.fromString(str3));
                } catch (IllegalArgumentException e) {
                    be.g("Oauth", "CorrelationId is malformed: " + str3, JsonProperty.USE_DEFAULT_NAME, a.CORRELATION_ID_FORMAT);
                }
            }
            be.c("Oauth", "OAuth2 error:" + map.get("error") + " Description:" + map.get("error_description"));
            return new q(map.get("error"), map.get("error_description"), map.get("error_codes"));
        }
        if (map.containsKey("code")) {
            return new q(map.get("code"));
        }
        if (!map.containsKey("access_token")) {
            return null;
        }
        boolean z = false;
        String str4 = map.get("expires_in");
        GregorianCalendar gregorianCalendar = new GregorianCalendar();
        gregorianCalendar.add(13, (str4 == null || str4.isEmpty()) ? 3600 : Integer.parseInt(str4));
        String str5 = map.get("refresh_token");
        if (map.containsKey("resource") && !bm.a(str5)) {
            z = true;
        }
        if (map.containsKey("id_token")) {
            String str6 = map.get("id_token");
            if (bm.a(str6)) {
                be.c("Oauth", "IdToken was not returned from token request.");
                str = str6;
                str2 = null;
                buVar = null;
            } else {
                be.c("Oauth", "Id token was returned, parsing id token.");
                ba baVar = new ba(str6);
                str2 = baVar.b();
                buVar = new bu(baVar);
                str = str6;
            }
        } else {
            str = null;
            str2 = null;
            buVar = null;
        }
        String str7 = map.containsKey("foci") ? map.get("foci") : null;
        q qVar = new q(map.get("access_token"), str5, gregorianCalendar.getTime(), z, buVar, str2, str, null);
        if (map.containsKey("ext_expires_in")) {
            String str8 = map.get("ext_expires_in");
            GregorianCalendar gregorianCalendar2 = new GregorianCalendar();
            gregorianCalendar2.add(13, bm.a(str8) ? 3600 : Integer.parseInt(str8));
            qVar.a(gregorianCalendar2.getTime());
        }
        qVar.d(str7);
        return qVar;
    }

    private void a(an anVar) {
        bn.a().a(this.f2713a.r(), anVar, "Microsoft.ADAL.http_event");
    }

    private static void a(Map<String, String> map, String str) {
        JSONObject jSONObject = new JSONObject(str);
        Iterator<String> keys = jSONObject.keys();
        while (keys.hasNext()) {
            String next = keys.next();
            map.put(next, jSONObject.getString(next));
        }
    }

    private q b(String str, Map<String, String> map) {
        if (!this.d) {
            return null;
        }
        this.d = false;
        try {
            Thread.sleep(1000L);
        } catch (InterruptedException e) {
            be.c("Oauth", "The thread is interrupted while it is sleeping. " + e);
        }
        be.c("Oauth", "Try again...");
        return a(str, map);
    }

    public static String f(String str) {
        if (bm.a(str)) {
            return null;
        }
        return new String(Base64.decode(str, 9), "UTF-8");
    }

    private Map<String, String> f() {
        HashMap hashMap = new HashMap();
        hashMap.put(HttpHeaders.ACCEPT, "application/json");
        return hashMap;
    }

    private an g() {
        an anVar = new an("Microsoft.ADAL.http_event");
        anVar.i(this.f2713a.r());
        anVar.a("Microsoft.ADAL.post");
        bn.a().a(this.f2713a.r(), "Microsoft.ADAL.http_event");
        return anVar;
    }

    private q g(String str) {
        HashMap hashMap = new HashMap();
        a(hashMap, str);
        return a(hashMap);
    }

    public String a() {
        return this.f2713a.a() + "/oauth2/authorize";
    }

    public String a(String str) {
        be.c("Oauth", "Building request message for redeeming token with auth code.");
        return String.format("%s=%s&%s=%s&%s=%s&%s=%s", "grant_type", bm.c("authorization_code"), "code", bm.c(str), "client_id", bm.c(this.f2713a.d()), "redirect_uri", bm.c(this.f2713a.b()));
    }

    public String b() {
        return this.f2713a.a() + "/oauth2/token";
    }

    public String b(String str) {
        be.c("Oauth", "Building request message for redeeming token with refresh token.");
        String format = String.format("%s=%s&%s=%s&%s=%s", "grant_type", bm.c("refresh_token"), "refresh_token", bm.c(str), "client_id", bm.c(this.f2713a.d()));
        return !bm.a(this.f2713a.c()) ? String.format("%s&%s=%s", format, "resource", bm.c(this.f2713a.c())) : format;
    }

    public q c(String str) {
        if (this.f2714b == null) {
            be.c("Oauth", "Web request is not set correctly");
            throw new IllegalArgumentException("webRequestHandler is null.");
        }
        try {
            String b2 = b(str);
            Map<String, String> f = f();
            f.put("x-ms-PKeyAuth", "1.0");
            be.c("Oauth", "Sending request to redeem token with refresh token.");
            return a(b2, f);
        } catch (UnsupportedEncodingException e) {
            be.b("Oauth", e.getMessage(), JsonProperty.USE_DEFAULT_NAME, a.ENCODING_IS_NOT_SUPPORTED, e);
            return null;
        }
    }

    public String c() {
        Uri.Builder builder = new Uri.Builder();
        builder.appendQueryParameter("response_type", "code").appendQueryParameter("client_id", URLEncoder.encode(this.f2713a.d(), "UTF_8")).appendQueryParameter("resource", URLEncoder.encode(this.f2713a.c(), "UTF_8")).appendQueryParameter("redirect_uri", URLEncoder.encode(this.f2713a.b(), "UTF_8")).appendQueryParameter("state", e());
        if (!bm.a(this.f2713a.e())) {
            builder.appendQueryParameter("login_hint", URLEncoder.encode(this.f2713a.e(), "UTF_8"));
        }
        builder.appendQueryParameter("x-client-SKU", "Android").appendQueryParameter("x-client-Ver", URLEncoder.encode(l.h(), "UTF_8")).appendQueryParameter("x-client-OS", URLEncoder.encode(String.valueOf(Build.VERSION.SDK_INT), "UTF_8")).appendQueryParameter("x-client-DM", URLEncoder.encode(Build.MODEL, "UTF_8"));
        if (this.f2713a.f() != null) {
            builder.appendQueryParameter("client-request-id", URLEncoder.encode(this.f2713a.f().toString(), "UTF_8"));
        }
        if (this.f2713a.i() == bi.Always) {
            builder.appendQueryParameter("prompt", URLEncoder.encode("login", "UTF_8"));
        } else if (this.f2713a.i() == bi.REFRESH_SESSION) {
            builder.appendQueryParameter("prompt", URLEncoder.encode("refresh_session", "UTF_8"));
        }
        String g = this.f2713a.g();
        if (bm.a(g) || !g.contains("haschrome")) {
            builder.appendQueryParameter("haschrome", "1");
        }
        String query = builder.build().getQuery();
        if (bm.a(g)) {
            return query;
        }
        if (!g.startsWith("&")) {
            g = "&" + g;
        }
        return query + g;
    }

    public q d(String str) {
        if (bm.a(str)) {
            throw new IllegalArgumentException("authorizationUrl");
        }
        HashMap<String, String> f = bm.f(str);
        String f2 = f(f.get("state"));
        if (bm.a(f2)) {
            throw new n(a.AUTH_FAILED_NO_STATE);
        }
        Uri parse = Uri.parse("http://state/path?" + f2);
        String queryParameter = parse.getQueryParameter("a");
        String queryParameter2 = parse.getQueryParameter("r");
        if (bm.a(queryParameter) || bm.a(queryParameter2) || !queryParameter2.equalsIgnoreCase(this.f2713a.c())) {
            throw new n(a.AUTH_FAILED_BAD_STATE);
        }
        q a2 = a(f);
        return (a2 == null || a2.i() == null || a2.i().isEmpty()) ? a2 : e(a2.i());
    }

    public String d() {
        return String.format("%s?%s", a(), c());
    }

    public q e(String str) {
        if (this.f2714b == null) {
            throw new IllegalArgumentException("webRequestHandler");
        }
        try {
            String a2 = a(str);
            Map<String, String> f = f();
            be.c("Oauth", "Sending request to redeem token with auth code.");
            return a(a2, f);
        } catch (UnsupportedEncodingException e) {
            be.b("Oauth", e.getMessage(), JsonProperty.USE_DEFAULT_NAME, a.ENCODING_IS_NOT_SUPPORTED, e);
            return null;
        }
    }

    public String e() {
        return Base64.encodeToString(String.format("a=%s&r=%s", this.f2713a.a(), this.f2713a.c()).getBytes("UTF-8"), 9);
    }
}
