package com.microsoft.aad.adal;

import android.net.Uri;
import android.os.Build;
import android.util.Base64;
import com.box.androidsdk.content.models.BoxError;
import com.box.androidsdk.content.models.BoxUser;
import com.davemorrissey.labs.subscaleview.BuildConfig;
import com.google.api.client.http.UrlEncodedParser;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.net.URL;
import java.net.URLEncoder;
import java.util.GregorianCalendar;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.UUID;
import org.json.JSONException;
import org.json.JSONObject;
import zendesk.core.Constants;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: classes3.dex */
public class z {

    /* renamed from: a, reason: collision with root package name */
    private AuthenticationRequest f11494a;

    /* renamed from: b, reason: collision with root package name */
    private v f11495b;

    /* renamed from: c, reason: collision with root package name */
    private t f11496c;

    /* JADX INFO: Access modifiers changed from: package-private */
    public z(AuthenticationRequest authenticationRequest) {
        this.f11496c = new y();
        this.f11494a = authenticationRequest;
        this.f11495b = null;
        this.f11496c = null;
    }

    public z(AuthenticationRequest authenticationRequest, v vVar) {
        this.f11496c = new y();
        this.f11494a = authenticationRequest;
        this.f11495b = vVar;
        this.f11496c = null;
    }

    public z(AuthenticationRequest authenticationRequest, v vVar, t tVar) {
        this.f11496c = new y();
        this.f11494a = authenticationRequest;
        this.f11495b = vVar;
        this.f11496c = tVar;
    }

    public static String c(String str) {
        if (d0.a(str)) {
            return null;
        }
        return new String(Base64.decode(str, 9));
    }

    private static void e(HashMap<String, String> hashMap, String str) {
        JSONObject jSONObject = new JSONObject(str);
        Iterator<String> keys = jSONObject.keys();
        while (keys.hasNext()) {
            String next = keys.next();
            hashMap.put(next, jSONObject.getString(next));
        }
    }

    private HashMap<String, String> i() {
        HashMap<String, String> hashMap = new HashMap<>();
        hashMap.put(Constants.ACCEPT_HEADER, Constants.APPLICATION_JSON);
        return hashMap;
    }

    private static x m(String str) {
        try {
            int indexOf = str.indexOf(".");
            int i10 = indexOf + 1;
            int indexOf2 = str.indexOf(".", i10);
            if (str.indexOf(".", indexOf2 + 1) == -1 && indexOf > 0 && indexOf2 > 0) {
                String str2 = new String(Base64.decode(str.substring(i10, indexOf2), 8), "UTF-8");
                HashMap hashMap = new HashMap();
                e(hashMap, str2);
                if (!hashMap.isEmpty()) {
                    x xVar = new x();
                    xVar.f11483a = (String) hashMap.get("sub");
                    xVar.f11484b = (String) hashMap.get("tid");
                    xVar.f11485c = (String) hashMap.get("upn");
                    xVar.f11488f = (String) hashMap.get("email");
                    xVar.f11486d = (String) hashMap.get("given_name");
                    xVar.f11487e = (String) hashMap.get("family_name");
                    xVar.f11489g = (String) hashMap.get("idp");
                    xVar.f11490h = (String) hashMap.get("oid");
                    String str3 = (String) hashMap.get("pwd_exp");
                    if (!d0.a(str3)) {
                        xVar.f11491i = Long.parseLong(str3);
                    }
                    xVar.f11492j = (String) hashMap.get("pwd_url");
                    Logger.q("Oauth", "IdToken is extracted from token response");
                    return xVar;
                }
            }
        } catch (UnsupportedEncodingException | JSONException e10) {
            Logger.f("Oauth", "Error in parsing user id token", null, ADALError.IDTOKEN_PARSING_FAILURE, e10);
        }
        return null;
    }

    private AuthenticationResult n(byte[] bArr) {
        HashMap hashMap = new HashMap();
        e(hashMap, new String(bArr));
        return q(hashMap);
    }

    private AuthenticationResult o(String str, HashMap<String, String> hashMap) {
        AuthenticationResult authenticationResult;
        String str2;
        URL g10 = d0.g(k());
        if (g10 == null) {
            throw new AuthenticationException(ADALError.DEVELOPER_AUTHORITY_IS_NOT_VALID_URL);
        }
        try {
            try {
                this.f11495b.b(this.f11494a.d());
                ClientMetrics clientMetrics = ClientMetrics.INSTANCE;
                clientMetrics.beginClientMetricsRecord(g10, this.f11494a.d(), hashMap);
                o a10 = this.f11495b.a(g10, hashMap, str.getBytes("UTF_8"), UrlEncodedParser.CONTENT_TYPE);
                if (a10.d() == 401) {
                    if (a10.c() == null || !a10.c().containsKey("WWW-Authenticate")) {
                        Logger.q("Oauth", "401 http status code is returned without authorization header");
                    } else {
                        String str3 = a10.c().get("WWW-Authenticate").get(0);
                        Logger.q("Oauth", "Device certificate challenge request:" + str3);
                        if (d0.a(str3)) {
                            throw new AuthenticationException(ADALError.DEVICE_CERTIFICATE_REQUEST_INVALID, "Challenge header is empty");
                        }
                        if (d0.i(str3, "PKeyAuth")) {
                            Logger.q("Oauth", "Challenge is related to device certificate");
                            ChallengeResponseBuilder challengeResponseBuilder = new ChallengeResponseBuilder(this.f11496c);
                            Logger.q("Oauth", "Processing device challenge");
                            hashMap.put("Authorization", challengeResponseBuilder.c(str3, g10.toString()).f11379b);
                            Logger.q("Oauth", "Sending request with challenge response");
                            a10 = this.f11495b.a(g10, hashMap, str.getBytes("UTF_8"), UrlEncodedParser.CONTENT_TYPE);
                        }
                    }
                }
                byte[] a11 = a10.a();
                boolean z10 = a11 == null || a11.length == 0;
                if (z10) {
                    authenticationResult = null;
                } else {
                    Logger.q("Oauth", "Token request does not have exception");
                    authenticationResult = p(a10);
                    clientMetrics.setLastError(null);
                }
                if (authenticationResult != null) {
                    clientMetrics.setLastErrorCodes(authenticationResult.f());
                    clientMetrics.endClientMetricsRecord("token", this.f11494a.d());
                    return authenticationResult;
                }
                if (z10) {
                    str2 = "Status code:" + a10.d();
                } else {
                    str2 = new String(a11);
                }
                ADALError aDALError = ADALError.SERVER_ERROR;
                Logger.e("Oauth", "Server error message", str2, aDALError);
                if (a10.b() != null) {
                    throw a10.b();
                }
                throw new AuthenticationException(aDALError, str2);
            } catch (UnsupportedEncodingException e10) {
                ClientMetrics.INSTANCE.setLastError(null);
                Logger.f("Oauth", e10.getMessage(), "", ADALError.ENCODING_IS_NOT_SUPPORTED, e10);
                throw e10;
            } catch (IOException e11) {
                ClientMetrics.INSTANCE.setLastError(null);
                Logger.f("Oauth", e11.getMessage(), "", ADALError.SERVER_ERROR, e11);
                throw e11;
            }
        } catch (Throwable th2) {
            ClientMetrics.INSTANCE.endClientMetricsRecord("token", this.f11494a.d());
            throw th2;
        }
    }

    private AuthenticationResult p(o oVar) {
        AuthenticationResult authenticationResult;
        List<String> list;
        String str = (oVar.c() == null || !oVar.c().containsKey("client-request-id") || (list = oVar.c().get("client-request-id")) == null || list.size() <= 0) ? null : list.get(0);
        int d10 = oVar.d();
        if (d10 == 200 || d10 == 400 || d10 == 401) {
            try {
                authenticationResult = n(oVar.a());
            } catch (JSONException e10) {
                Logger.f("Oauth", e10.getMessage(), "", ADALError.SERVER_INVALID_JSON_RESPONSE, e10);
                authenticationResult = new AuthenticationResult("It failed to parse response as json", e10.getMessage(), null);
            }
        } else {
            String str2 = new String(oVar.a());
            Logger.e("Oauth", "Server response", str2, ADALError.SERVER_ERROR);
            authenticationResult = new AuthenticationResult(String.valueOf(oVar.d()), str2, null);
        }
        if (str != null && !str.isEmpty()) {
            try {
                if (!UUID.fromString(str).equals(this.f11494a.d())) {
                    Logger.s("Oauth", "CorrelationId is not matching", "", ADALError.CORRELATION_ID_NOT_MATCHING_REQUEST_RESPONSE);
                }
                Logger.q("Oauth", "Response correlationId:" + str);
            } catch (IllegalArgumentException e11) {
                Logger.f("Oauth", "Wrong format of the correlation ID:" + str, "", ADALError.CORRELATION_ID_FORMAT, e11);
            }
        }
        return authenticationResult;
    }

    public static AuthenticationResult q(HashMap<String, String> hashMap) {
        g0 g0Var;
        String str;
        String str2;
        AuthenticationResult authenticationResult;
        String str3;
        g0 g0Var2;
        if (hashMap.containsKey(BoxError.FIELD_ERROR)) {
            String str4 = hashMap.get("correlation_id");
            if (!d0.a(str4)) {
                try {
                    Logger.p(UUID.fromString(str4));
                } catch (IllegalArgumentException unused) {
                    Logger.e("Oauth", "CorrelationId is malformed: " + str4, "", ADALError.CORRELATION_ID_FORMAT);
                }
            }
            Logger.q("Oauth", "OAuth2 error:" + hashMap.get(BoxError.FIELD_ERROR) + " Description:" + hashMap.get(BoxError.FIELD_ERROR_DESCRIPTION));
            authenticationResult = new AuthenticationResult(hashMap.get(BoxError.FIELD_ERROR), hashMap.get(BoxError.FIELD_ERROR_DESCRIPTION), hashMap.get("error_codes"));
        } else {
            if (hashMap.containsKey(BoxError.FIELD_CODE)) {
                return new AuthenticationResult(hashMap.get(BoxError.FIELD_CODE));
            }
            if (!hashMap.containsKey("access_token")) {
                return null;
            }
            String str5 = hashMap.get("expires_in");
            GregorianCalendar gregorianCalendar = new GregorianCalendar();
            gregorianCalendar.add(13, (str5 == null || str5.isEmpty()) ? 3600 : Integer.parseInt(str5));
            boolean containsKey = hashMap.containsKey("resource");
            if (hashMap.containsKey("id_token")) {
                String str6 = hashMap.get("id_token");
                if (d0.a(str6)) {
                    Logger.q("Oauth", "IdToken is not provided");
                    str2 = str6;
                    g0Var = null;
                    str = null;
                } else {
                    x m10 = m(str6);
                    if (m10 != null) {
                        str3 = m10.f11484b;
                        g0Var2 = new g0(m10);
                    } else {
                        str3 = null;
                        g0Var2 = null;
                    }
                    str2 = str6;
                    str = str3;
                    g0Var = g0Var2;
                }
            } else {
                g0Var = null;
                str = null;
                str2 = null;
            }
            String str7 = hashMap.containsKey("foci") ? hashMap.get("foci") : null;
            authenticationResult = new AuthenticationResult(hashMap.get("access_token"), hashMap.get("refresh_token"), gregorianCalendar.getTime(), containsKey, g0Var, str, str2);
            authenticationResult.s(str7);
        }
        return authenticationResult;
    }

    public String a(String str) {
        String format = String.format("%s=%s&%s=%s&%s=%s", "grant_type", d0.c("refresh_token"), "refresh_token", d0.c(str), "client_id", d0.c(this.f11494a.c()));
        return !d0.a(this.f11494a.k()) ? String.format("%s&%s=%s", format, "resource", d0.c(this.f11494a.k())) : format;
    }

    public String b(String str) {
        return String.format("%s=%s&%s=%s&%s=%s&%s=%s", "grant_type", d0.c("authorization_code"), BoxError.FIELD_CODE, d0.c(str), "client_id", d0.c(this.f11494a.c()), "redirect_uri", d0.c(this.f11494a.i()));
    }

    public String d() {
        return Base64.encodeToString(String.format("a=%s&r=%s", this.f11494a.a(), this.f11494a.k()).getBytes(), 9);
    }

    public String f() {
        return this.f11494a.a() + "/oauth2/authorize";
    }

    public String g() {
        String format = String.format("response_type=%s&client_id=%s&resource=%s&redirect_uri=%s&state=%s", BoxError.FIELD_CODE, URLEncoder.encode(this.f11494a.c(), "UTF_8"), URLEncoder.encode(this.f11494a.k(), "UTF_8"), URLEncoder.encode(this.f11494a.i(), "UTF_8"), d());
        if (this.f11494a.g() != null && !this.f11494a.g().isEmpty()) {
            format = String.format("%s&%s=%s", format, "login_hint", URLEncoder.encode(this.f11494a.g(), "UTF_8"));
        }
        String format2 = String.format("%s&%s=%s", String.format("%s&%s=%s", String.format("%s&%s=%s", String.format("%s&%s=%s", format, "x-client-SKU", "Android"), "x-client-Ver", URLEncoder.encode(b.H(), "UTF_8")), "x-client-OS", URLEncoder.encode("" + Build.VERSION.SDK_INT, "UTF_8")), "x-client-DM", URLEncoder.encode("" + Build.MODEL, "UTF_8"));
        if (this.f11494a.d() != null) {
            format2 = String.format("%s&%s=%s", format2, "client-request-id", URLEncoder.encode(this.f11494a.d().toString(), "UTF_8"));
        }
        if (this.f11494a.h() == PromptBehavior.Always) {
            format2 = String.format("%s&%s=%s", format2, "prompt", URLEncoder.encode(BoxUser.FIELD_LOGIN, "UTF_8"));
        } else if (this.f11494a.h() == PromptBehavior.REFRESH_SESSION) {
            format2 = String.format("%s&%s=%s", format2, "prompt", URLEncoder.encode("refresh_session", "UTF_8"));
        }
        if (d0.a(this.f11494a.e())) {
            return format2;
        }
        String e10 = this.f11494a.e();
        if (!e10.startsWith("&")) {
            e10 = "&" + e10;
        }
        return format2 + e10;
    }

    public String h() {
        return String.format("%s?%s", f(), g());
    }

    public AuthenticationResult j(String str) {
        if (d0.a(str)) {
            throw new IllegalArgumentException("authorizationUrl");
        }
        HashMap<String, String> h10 = d0.h(str);
        String c10 = c(h10.get("state"));
        if (d0.a(c10)) {
            throw new AuthenticationException(ADALError.AUTH_FAILED_NO_STATE);
        }
        Uri parse = Uri.parse("http://state/path?" + c10);
        String queryParameter = parse.getQueryParameter(hf.a.f13393a);
        String queryParameter2 = parse.getQueryParameter("r");
        if (d0.a(queryParameter) || d0.a(queryParameter2) || !queryParameter2.equalsIgnoreCase(this.f11494a.k())) {
            throw new AuthenticationException(ADALError.AUTH_FAILED_BAD_STATE);
        }
        AuthenticationResult q10 = q(h10);
        return (q10 == null || q10.d() == null || q10.d().isEmpty()) ? q10 : l(q10.d());
    }

    public String k() {
        return this.f11494a.a() + "/oauth2/token";
    }

    public AuthenticationResult l(String str) {
        if (this.f11495b == null) {
            throw new IllegalArgumentException("webRequestHandler");
        }
        try {
            return o(b(str), i());
        } catch (UnsupportedEncodingException e10) {
            Logger.f("Oauth", e10.getMessage(), "", ADALError.ENCODING_IS_NOT_SUPPORTED, e10);
            return null;
        }
    }

    public AuthenticationResult r(String str) {
        if (this.f11495b == null) {
            Logger.q("Oauth", "Web request is not set correctly");
            throw new IllegalArgumentException("webRequestHandler is null.");
        }
        try {
            String a10 = a(str);
            HashMap<String, String> i10 = i();
            i10.put("x-ms-PKeyAuth", BuildConfig.VERSION_NAME);
            return o(a10, i10);
        } catch (UnsupportedEncodingException e10) {
            Logger.f("Oauth", e10.getMessage(), "", ADALError.ENCODING_IS_NOT_SUPPORTED, e10);
            return null;
        }
    }
}
