package com.microsoft.identity.client;

import android.content.Context;
import android.content.pm.PackageManager;
import android.content.pm.Signature;
import android.net.Uri;
import android.text.TextUtils;
import android.util.Base64;
import androidx.annotation.NonNull;
import com.microsoft.identity.client.configuration.AccountMode;
import com.microsoft.identity.client.configuration.HttpConfiguration;
import com.microsoft.identity.client.configuration.LoggerConfiguration;
import com.microsoft.identity.client.exception.MsalClientException;
import com.microsoft.identity.client.internal.MsalUtils;
import com.microsoft.identity.common.adal.internal.AuthenticationConstants;
import com.microsoft.identity.common.adal.internal.AuthenticationSettings;
import com.microsoft.identity.common.internal.authorities.Authority;
import com.microsoft.identity.common.internal.authorities.AzureActiveDirectoryAudience;
import com.microsoft.identity.common.internal.authorities.AzureActiveDirectoryAuthority;
import com.microsoft.identity.common.internal.authorities.Environment;
import com.microsoft.identity.common.internal.authorities.UnknownAudience;
import com.microsoft.identity.common.internal.authorities.UnknownAuthority;
import com.microsoft.identity.common.internal.configuration.LibraryConfiguration;
import com.microsoft.identity.common.internal.providers.oauth2.OAuth2TokenCache;
import com.microsoft.identity.common.internal.telemetry.TelemetryConfiguration;
import com.microsoft.identity.common.internal.ui.AuthorizationAgent;
import com.microsoft.identity.common.internal.ui.browser.BrowserDescriptor;
import e9.c;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.Iterator;
import java.util.List;

/* loaded from: classes3.dex */
public class PublicClientApplicationConfiguration {
    private static final String BROKER_REDIRECT_URI_SCHEME_AND_SEPARATOR = "msauth://";
    public static final String INVALID_REDIRECT_MSG = "Invalid, null, or malformed redirect_uri supplied";
    private static final String TAG = "PublicClientApplicationConfiguration";

    @c("authorization_in_current_task")
    private Boolean isAuthorizationInCurrentTask;

    @c("account_mode")
    private AccountMode mAccountMode;
    private transient Context mAppContext;

    @c("authorities")
    private List<Authority> mAuthorities;

    @c("authorization_user_agent")
    private AuthorizationAgent mAuthorizationAgent;

    @c("browser_safelist")
    private List<BrowserDescriptor> mBrowserSafeList;

    @c("client_capabilities")
    private String mClientCapabilities;

    @c("client_id")
    private String mClientId;

    @c("environment")
    private Environment mEnvironment;

    @c("http")
    private HttpConfiguration mHttpConfiguration;
    private transient boolean mIsSharedDevice = false;

    @c("logging")
    private LoggerConfiguration mLoggerConfiguration;

    @c("multiple_clouds_supported")
    private Boolean mMultipleCloudsSupported;
    private transient OAuth2TokenCache mOAuth2TokenCache;

    @c("redirect_uri")
    private String mRedirectUri;

    @c("minimum_required_broker_protocol_version")
    private String mRequiredBrokerProtocolVersion;

    @c("telemetry")
    private TelemetryConfiguration mTelemetryConfiguration;

    @c("broker_redirect_uri_registered")
    private Boolean mUseBroker;

    @c("power_opt_check_for_network_req_enabled")
    private Boolean powerOptCheckEnabled;

    @c("web_view_zoom_controls_enabled")
    private Boolean webViewZoomControlsEnabled;

    @c("web_view_zoom_enabled")
    private Boolean webViewZoomEnabled;

    /* loaded from: classes3.dex */
    public static final class SerializedNames {
        static final String ACCOUNT_MODE = "account_mode";
        static final String AUTHORITIES = "authorities";
        static final String AUTHORIZATION_IN_CURRENT_TASK = "authorization_in_current_task";
        static final String AUTHORIZATION_USER_AGENT = "authorization_user_agent";
        static final String BROWSER_SAFE_LIST = "browser_safelist";
        static final String CLIENT_CAPABILITIES = "client_capabilities";
        static final String CLIENT_ID = "client_id";
        static final String ENVIRONMENT = "environment";
        static final String HTTP = "http";
        static final String LOGGING = "logging";
        static final String MULTIPLE_CLOUDS_SUPPORTED = "multiple_clouds_supported";
        static final String POWER_OPT_CHECK_FOR_NETWORK_REQUEST_ENABLED = "power_opt_check_for_network_req_enabled";
        static final String REDIRECT_URI = "redirect_uri";
        static final String REQUIRED_BROKER_PROTOCOL_VERSION = "minimum_required_broker_protocol_version";
        static final String TELEMETRY = "telemetry";
        static final String USE_BROKER = "broker_redirect_uri_registered";
        static final String WEB_VIEW_ZOOM_CONTROLS_ENABLED = "web_view_zoom_controls_enabled";
        static final String WEB_VIEW_ZOOM_ENABLED = "web_view_zoom_enabled";
    }

    private void checkDefaultAuthoritySpecified() {
        List<Authority> list = this.mAuthorities;
        if (list == null || list.size() <= 1) {
            return;
        }
        Iterator<Authority> it = this.mAuthorities.iterator();
        int i10 = 0;
        while (it.hasNext()) {
            if (it.next().getDefault()) {
                i10++;
            }
        }
        if (i10 == 0) {
            throw new IllegalArgumentException("One authority in your configuration must be marked as default.");
        }
        if (i10 > 1) {
            throw new IllegalArgumentException("More than one authority in your configuration is marked as default.  Only one authority may be default.");
        }
    }

    private boolean hasSchemeAndAuthority(@NonNull String str) {
        try {
            Uri parse = Uri.parse(str);
            return (!TextUtils.isEmpty(parse.getScheme())) && (TextUtils.isEmpty(parse.getAuthority()) ^ true);
        } catch (NullPointerException e10) {
            com.microsoft.identity.common.internal.logging.Logger.errorPII(TAG, INVALID_REDIRECT_MSG, e10);
            return false;
        }
    }

    public static boolean isBrokerRedirectUri(@NonNull String str, @NonNull String str2) {
        StringBuilder sb2 = new StringBuilder();
        sb2.append("msauth://");
        sb2.append(str2);
        sb2.append("/");
        return str != null && str.startsWith(sb2.toString());
    }

    private static void nullConfigurationCheck(String str, String str2) {
        if (TextUtils.isEmpty(str2)) {
            throw new IllegalArgumentException(str + " cannot be null.  Invalid configuration.");
        }
    }

    private void validateAzureActiveDirectoryAuthority(@NonNull AzureActiveDirectoryAuthority azureActiveDirectoryAuthority) {
        AzureActiveDirectoryAudience azureActiveDirectoryAudience = azureActiveDirectoryAuthority.mAudience;
        if (azureActiveDirectoryAudience != null && (azureActiveDirectoryAudience instanceof UnknownAudience)) {
            throw new IllegalArgumentException("Unrecognized audience type for AzureActiveDirectoryAuthority -- null, invalid, or unknown type specified");
        }
    }

    private void validateRedirectUri(@NonNull String str) {
        if (TextUtils.isEmpty(str) || !hasSchemeAndAuthority(str)) {
            throw new IllegalArgumentException(INVALID_REDIRECT_MSG);
        }
    }

    private void verifyRedirectUriWithAppSignature() {
        String packageName = this.mAppContext.getPackageName();
        try {
            for (Signature signature : this.mAppContext.getPackageManager().getPackageInfo(packageName, 64).signatures) {
                MessageDigest messageDigest = MessageDigest.getInstance("SHA");
                messageDigest.update(signature.toByteArray());
                if (this.mRedirectUri.equalsIgnoreCase(new Uri.Builder().scheme(AuthenticationConstants.Broker.REDIRECT_PREFIX).authority(packageName).appendPath(Base64.encodeToString(messageDigest.digest(), 2)).build().toString())) {
                    return;
                }
            }
        } catch (PackageManager.NameNotFoundException | NoSuchAlgorithmException e10) {
            com.microsoft.identity.common.internal.logging.Logger.error(TAG, "Unexpected error in verifyRedirectUriWithAppSignature()", e10);
        }
        throw new MsalClientException(MsalClientException.REDIRECT_URI_VALIDATION_ERROR, "The redirect URI in the configuration file doesn't match with the one generated with package name and signature hash. Please verify the uri in the config file and your app registration in Azure portal.");
    }

    public Boolean authorizationInCurrentTask() {
        return this.isAuthorizationInCurrentTask;
    }

    public void checkIntentFilterAddedToAppManifestForBrokerFlow() {
        boolean hasCustomTabRedirectActivity = MsalUtils.hasCustomTabRedirectActivity(this.mAppContext, this.mRedirectUri);
        if ((getAuthorizationAgent() != AuthorizationAgent.DEFAULT && getAuthorizationAgent() != AuthorizationAgent.BROWSER) || hasCustomTabRedirectActivity) {
            if (this.mUseBroker.booleanValue()) {
                if (isBrokerRedirectUri(this.mRedirectUri, this.mAppContext.getPackageName())) {
                    verifyRedirectUriWithAppSignature();
                    return;
                } else {
                    com.microsoft.identity.common.internal.logging.Logger.warn(TAG, "The app is still using legacy MSAL redirect uri. Switch to MSAL local auth.  For brokered auth, the redirect URI is expected to conform to 'msauth://<authority>/.*' where the authority in that uri is the package name of the app. This package name is listed as 'applicationId' in the build.gradle file.");
                    this.mUseBroker = Boolean.FALSE;
                    return;
                }
            }
            return;
        }
        Uri parse = Uri.parse(this.mRedirectUri);
        String simpleName = BrowserTabActivity.class.getSimpleName();
        if (LibraryConfiguration.getInstance().isAuthorizationInCurrentTask()) {
            simpleName = CurrentTaskBrowserTabActivity.class.getSimpleName();
        }
        throw new MsalClientException(MsalClientException.APP_MANIFEST_VALIDATION_ERROR, "Intent filter for: " + simpleName + " is missing.  Please make sure you have the following activity in your AndroidManifest.xml \n\n<activity android:name=\"com.microsoft.identity.client." + simpleName + "\">\n\t<intent-filter>\n\t\t<action android:name=\"android.intent.action.VIEW\" />\n\t\t<category android:name=\"android.intent.category.DEFAULT\" />\n\t\t<category android:name=\"android.intent.category.BROWSABLE\" />\n\t\t<data\n\t\t\tandroid:host=\"" + parse.getHost() + "\"\n\t\t\tandroid:path=\"" + parse.getPath() + "\"\n\t\t\tandroid:scheme=\"" + parse.getScheme() + "\" />\n\t</intent-filter>\n</activity>\n");
    }

    public AccountMode getAccountMode() {
        return this.mAccountMode;
    }

    public Context getAppContext() {
        return this.mAppContext;
    }

    public List<Authority> getAuthorities() {
        return this.mAuthorities;
    }

    public AuthorizationAgent getAuthorizationAgent() {
        return this.mAuthorizationAgent;
    }

    public List<BrowserDescriptor> getBrowserSafeList() {
        return this.mBrowserSafeList;
    }

    public String getClientCapabilities() {
        return this.mClientCapabilities;
    }

    public String getClientId() {
        return this.mClientId;
    }

    public Authority getDefaultAuthority() {
        List<Authority> list = this.mAuthorities;
        if (list == null) {
            return null;
        }
        if (list.size() <= 1) {
            return this.mAuthorities.get(0);
        }
        for (Authority authority : this.mAuthorities) {
            if (authority.getDefault()) {
                return authority;
            }
        }
        return null;
    }

    public Environment getEnvironment() {
        return this.mEnvironment;
    }

    public HttpConfiguration getHttpConfiguration() {
        return this.mHttpConfiguration;
    }

    public boolean getIsSharedDevice() {
        return this.mIsSharedDevice;
    }

    public LoggerConfiguration getLoggerConfiguration() {
        return this.mLoggerConfiguration;
    }

    public Boolean getMultipleCloudsSupported() {
        return this.mMultipleCloudsSupported;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public OAuth2TokenCache getOAuth2TokenCache() {
        return this.mOAuth2TokenCache;
    }

    public String getRedirectUri() {
        return this.mRedirectUri;
    }

    public String getRequiredBrokerProtocolVersion() {
        return this.mRequiredBrokerProtocolVersion;
    }

    public TelemetryConfiguration getTelemetryConfiguration() {
        return this.mTelemetryConfiguration;
    }

    public Boolean getUseBroker() {
        return this.mUseBroker;
    }

    public boolean isDefaultAuthorityConfigured() {
        return getDefaultAuthority() != null;
    }

    public Boolean isPowerOptCheckForEnabled() {
        return this.powerOptCheckEnabled;
    }

    public boolean isWebViewZoomControlsEnabled() {
        return this.webViewZoomControlsEnabled.booleanValue();
    }

    public boolean isWebViewZoomEnabled() {
        return this.webViewZoomEnabled.booleanValue();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void mergeConfiguration(PublicClientApplicationConfiguration publicClientApplicationConfiguration) {
        String str = publicClientApplicationConfiguration.mClientId;
        if (str == null) {
            str = this.mClientId;
        }
        this.mClientId = str;
        String str2 = publicClientApplicationConfiguration.mRedirectUri;
        if (str2 == null) {
            str2 = this.mRedirectUri;
        }
        this.mRedirectUri = str2;
        List<Authority> list = publicClientApplicationConfiguration.mAuthorities;
        if (list == null) {
            list = this.mAuthorities;
        }
        this.mAuthorities = list;
        AuthorizationAgent authorizationAgent = publicClientApplicationConfiguration.mAuthorizationAgent;
        if (authorizationAgent == null) {
            authorizationAgent = this.mAuthorizationAgent;
        }
        this.mAuthorizationAgent = authorizationAgent;
        Environment environment = publicClientApplicationConfiguration.mEnvironment;
        if (environment == null) {
            environment = this.mEnvironment;
        }
        this.mEnvironment = environment;
        HttpConfiguration httpConfiguration = publicClientApplicationConfiguration.mHttpConfiguration;
        if (httpConfiguration == null) {
            httpConfiguration = this.mHttpConfiguration;
        }
        this.mHttpConfiguration = httpConfiguration;
        Boolean bool = publicClientApplicationConfiguration.mMultipleCloudsSupported;
        if (bool == null) {
            bool = this.mMultipleCloudsSupported;
        }
        this.mMultipleCloudsSupported = bool;
        Boolean bool2 = publicClientApplicationConfiguration.mUseBroker;
        if (bool2 == null) {
            bool2 = this.mUseBroker;
        }
        this.mUseBroker = bool2;
        TelemetryConfiguration telemetryConfiguration = publicClientApplicationConfiguration.mTelemetryConfiguration;
        if (telemetryConfiguration == null) {
            telemetryConfiguration = this.mTelemetryConfiguration;
        }
        this.mTelemetryConfiguration = telemetryConfiguration;
        String str3 = publicClientApplicationConfiguration.mRequiredBrokerProtocolVersion;
        if (str3 == null) {
            str3 = this.mRequiredBrokerProtocolVersion;
        }
        this.mRequiredBrokerProtocolVersion = str3;
        List<BrowserDescriptor> list2 = this.mBrowserSafeList;
        if (list2 == null) {
            this.mBrowserSafeList = publicClientApplicationConfiguration.mBrowserSafeList;
        } else {
            List<BrowserDescriptor> list3 = publicClientApplicationConfiguration.mBrowserSafeList;
            if (list3 != null) {
                list2.addAll(list3);
            }
        }
        AccountMode accountMode = publicClientApplicationConfiguration.mAccountMode;
        if (accountMode == AccountMode.MULTIPLE) {
            accountMode = this.mAccountMode;
        }
        this.mAccountMode = accountMode;
        String str4 = publicClientApplicationConfiguration.mClientCapabilities;
        if (str4 == null) {
            str4 = this.mClientCapabilities;
        }
        this.mClientCapabilities = str4;
        boolean z10 = publicClientApplicationConfiguration.mIsSharedDevice;
        if (z10) {
            z10 = this.mIsSharedDevice;
        }
        this.mIsSharedDevice = z10;
        LoggerConfiguration loggerConfiguration = publicClientApplicationConfiguration.mLoggerConfiguration;
        if (loggerConfiguration == null) {
            loggerConfiguration = this.mLoggerConfiguration;
        }
        this.mLoggerConfiguration = loggerConfiguration;
        Boolean bool3 = publicClientApplicationConfiguration.webViewZoomControlsEnabled;
        if (bool3 == null) {
            bool3 = this.webViewZoomControlsEnabled;
        }
        this.webViewZoomControlsEnabled = bool3;
        Boolean bool4 = publicClientApplicationConfiguration.webViewZoomEnabled;
        if (bool4 == null) {
            bool4 = this.webViewZoomEnabled;
        }
        this.webViewZoomEnabled = bool4;
        Boolean bool5 = publicClientApplicationConfiguration.powerOptCheckEnabled;
        if (bool5 == null) {
            bool5 = this.powerOptCheckEnabled;
        }
        this.powerOptCheckEnabled = bool5;
        Boolean bool6 = publicClientApplicationConfiguration.isAuthorizationInCurrentTask;
        if (bool6 == null) {
            bool6 = this.isAuthorizationInCurrentTask;
        }
        this.isAuthorizationInCurrentTask = bool6;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setAppContext(Context context) {
        this.mAppContext = context;
    }

    public void setClientId(String str) {
        this.mClientId = str;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setIsSharedDevice(boolean z10) {
        this.mIsSharedDevice = z10;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setOAuth2TokenCache(OAuth2TokenCache oAuth2TokenCache) {
        this.mOAuth2TokenCache = oAuth2TokenCache;
    }

    public void setPowerOptCheckEnabled(Boolean bool) {
        this.powerOptCheckEnabled = bool;
    }

    public void setRedirectUri(@NonNull String str) {
        this.mRedirectUri = str;
    }

    public void setTokenCacheSecretKeys(@NonNull byte[] bArr) {
        AuthenticationSettings.INSTANCE.setSecretKey(bArr);
    }

    public void setWebViewZoomControlsEnabled(boolean z10) {
        this.webViewZoomControlsEnabled = Boolean.valueOf(z10);
    }

    public void setWebViewZoomEnabled(boolean z10) {
        this.webViewZoomEnabled = Boolean.valueOf(z10);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void validateConfiguration() {
        List<BrowserDescriptor> list;
        validateRedirectUri(this.mRedirectUri);
        nullConfigurationCheck("client_id", this.mClientId);
        checkDefaultAuthoritySpecified();
        if (!this.mAuthorizationAgent.equals(AuthorizationAgent.WEBVIEW) && ((list = this.mBrowserSafeList) == null || list.isEmpty())) {
            throw new IllegalArgumentException("Null browser safe list configured.");
        }
        for (Authority authority : this.mAuthorities) {
            if (authority instanceof UnknownAuthority) {
                throw new IllegalArgumentException("Unrecognized authority type -- null, invalid or unknown type specified.");
            }
            if (authority instanceof AzureActiveDirectoryAuthority) {
                validateAzureActiveDirectoryAuthority((AzureActiveDirectoryAuthority) authority);
            }
        }
    }
}
