package com.microsoft.identity.common.internal.ui.webview;

import android.annotation.TargetApi;
import android.app.Activity;
import android.content.ActivityNotFoundException;
import android.content.ComponentName;
import android.content.Context;
import android.content.Intent;
import android.net.Uri;
import android.os.Handler;
import android.webkit.ClientCertRequest;
import android.webkit.WebResourceRequest;
import android.webkit.WebView;
import androidx.annotation.NonNull;
import androidx.annotation.Nullable;
import androidx.annotation.RequiresApi;
import com.microsoft.aad.adal.AuthenticationConstants;
import com.microsoft.identity.common.adal.internal.util.StringExtensions;
import com.microsoft.identity.common.internal.broker.PackageHelper;
import com.microsoft.identity.common.internal.ui.webview.certbasedauth.CertBasedAuthFactory;
import com.microsoft.identity.common.internal.ui.webview.certbasedauth.ICertBasedAuthChallengeHandler;
import com.microsoft.identity.common.internal.ui.webview.challengehandlers.PKeyAuthChallengeHandler;
import com.microsoft.identity.common.java.challengehandlers.PKeyAuthChallengeFactory;
import com.microsoft.identity.common.java.exception.ClientException;
import com.microsoft.identity.common.java.providers.RawAuthorizationResult;
import com.microsoft.identity.common.java.ui.webview.authorization.IAuthorizationCompletionCallback;
import com.microsoft.identity.common.java.util.StringUtil;
import com.microsoft.identity.common.logging.Logger;
import java.net.URISyntaxException;
import java.util.Locale;

/* loaded from: classes8.dex */
public class AzureActiveDirectoryWebViewClient extends OAuth2WebViewClient {

    /* renamed from: h, reason: collision with root package name */
    private static final String f61594h = AzureActiveDirectoryWebViewClient.class.getSimpleName();

    /* renamed from: e, reason: collision with root package name */
    private final String f61595e;

    /* renamed from: f, reason: collision with root package name */
    private final CertBasedAuthFactory f61596f;

    /* renamed from: g, reason: collision with root package name */
    private ICertBasedAuthChallengeHandler f61597g;

    public AzureActiveDirectoryWebViewClient(@NonNull Activity activity, @NonNull IAuthorizationCompletionCallback iAuthorizationCompletionCallback, @NonNull OnPageLoadedCallback onPageLoadedCallback, @NonNull String str) {
        super(activity, iAuthorizationCompletionCallback, onPageLoadedCallback);
        this.f61595e = str;
        this.f61596f = new CertBasedAuthFactory(activity);
    }

    private void B(@NonNull WebView webView, @NonNull String str) {
        Logger.c(f61594h + ":processSSLProtectionCheck", "The webView was redirected to an unsafe URL: " + E(str), null);
        F("Redirect url scheme not SSL protected", "The webView was redirected to an unsafe URL.");
        webView.stopLoading();
    }

    private void C(@NonNull WebView webView, @NonNull String str) {
        webView.stopLoading();
        if (str.equalsIgnoreCase("companyportal://enrollment")) {
            s();
            return;
        }
        F("webcp_uri_invalid", "Unexpected URL from WebCP: " + str);
    }

    private void D(@NonNull WebView webView, @NonNull String str) {
        String str2 = f61594h + ":processWebsiteRequest";
        webView.stopLoading();
        if (!str.contains("&ismdmurl=1")) {
            u(str);
            G(RawAuthorizationResult.ResultCode.CANCELLED);
            return;
        }
        Logger.h(str2, "This is a device CA request.");
        PackageHelper packageHelper = new PackageHelper(getActivity().getPackageManager());
        Context applicationContext = getActivity().getApplicationContext();
        if (packageHelper.isPackageInstalledAndEnabled(applicationContext, "com.microsoft.skype.teams.ipphone") && "fcg80qvoM1YMKJZibjBwQcDfOno=".equals(packageHelper.getCurrentSignatureForPackage("com.microsoft.skype.teams.ipphone")) && packageHelper.isPackageInstalledAndEnabled(applicationContext, "com.microsoft.windowsintune.companyportal")) {
            try {
                s();
                return;
            } catch (Exception unused) {
                Logger.u(str2, "Failed to launch Company Portal, falling back to browser.");
            }
        }
        u(str);
        G(RawAuthorizationResult.ResultCode.MDM_FLOW);
    }

    private String E(@NonNull String str) {
        String str2 = f61594h + ":removeQueryParametersOrRedact";
        try {
            return StringExtensions.i(str);
        } catch (URISyntaxException e6) {
            Logger.e(str2, "Redirect URI has invalid syntax, unable to parse", e6);
            return "redacted";
        }
    }

    private void F(String str, String str2) {
        b().b(RawAuthorizationResult.b(new ClientException(str, str2)));
    }

    private void G(RawAuthorizationResult.ResultCode resultCode) {
        b().b(RawAuthorizationResult.d(resultCode));
    }

    private boolean g(WebView webView, String str) {
        String str2 = f61594h + ":handleUrl";
        String lowerCase = str.toLowerCase(Locale.US);
        try {
            if (m(lowerCase)) {
                Logger.h(str2, "WebView detected request for pkeyauth challenge.");
                new PKeyAuthChallengeHandler(webView, b()).b(new PKeyAuthChallengeFactory().a(str));
                return true;
            }
            if (o(lowerCase)) {
                Logger.h(str2, "Navigation starts with the redirect uri.");
                A(webView, str);
                return true;
            }
            if (r(lowerCase)) {
                Logger.h(str2, "It is an external website request");
                D(webView, str);
                return true;
            }
            if (k(lowerCase)) {
                Logger.h(str2, "It is an install request");
                w(webView, str);
                return true;
            }
            if (q(lowerCase)) {
                Logger.h(str2, "It is a request from WebCP");
                C(webView, str);
                return true;
            }
            if (n(lowerCase)) {
                Logger.h(str2, "Request to open PlayStore.");
                return z(webView, str);
            }
            if (h(lowerCase)) {
                Logger.h(str2, "Request to link account with Authenticator.");
                v(str);
                return true;
            }
            if (l(str)) {
                Logger.h(str2, "Check for Redirect Uri.");
                x(webView, str);
                return true;
            }
            if (i(lowerCase)) {
                Logger.h(str2, "It is an blank page request");
                return true;
            }
            if (p(lowerCase)) {
                Logger.h(str2, "Check for SSL protection");
                B(webView, str);
                return true;
            }
            Logger.h(str2, "This maybe a valid URI, but no special handling for this mentioned URI, hence deferring to WebView for loading.");
            y(str);
            return false;
        } catch (ClientException e6) {
            Logger.c(str2, e6.getErrorCode(), null);
            Logger.e(str2, e6.getMessage(), e6);
            F(e6.getErrorCode(), e6.getMessage());
            webView.stopLoading();
            return true;
        }
    }

    private boolean h(@NonNull String str) {
        return str.startsWith("microsoft-authenticator://activatemfa");
    }

    private boolean i(@NonNull String str) {
        return "about:blank".equals(str);
    }

    private boolean j(Intent intent) {
        return (intent == null || StringExtensions.h(intent.getStringExtra(AuthenticationConstants.Broker.BROKER_REQUEST))) ? false : true;
    }

    private boolean k(@NonNull String str) {
        return str.startsWith(AuthenticationConstants.Broker.BROWSER_EXT_INSTALL_PREFIX);
    }

    private boolean l(@NonNull String str) {
        return j(getActivity().getIntent()) && str.startsWith(AuthenticationConstants.Broker.REDIRECT_PREFIX);
    }

    private boolean m(@NonNull String str) {
        return str.startsWith(AuthenticationConstants.Broker.PKEYAUTH_REDIRECT.toLowerCase(Locale.ROOT));
    }

    private boolean n(@NonNull String str) {
        return str.startsWith("market://details?id=");
    }

    private boolean o(@NonNull String str) {
        return str.startsWith(this.f61595e.toLowerCase(Locale.US));
    }

    private boolean p(@NonNull String str) {
        return !str.startsWith(AuthenticationConstants.Broker.REDIRECT_SSL_PREFIX);
    }

    private boolean q(@NonNull String str) {
        return str.startsWith("companyportal://");
    }

    private boolean r(@NonNull String str) {
        return str.startsWith(AuthenticationConstants.Broker.BROWSER_EXT_PREFIX);
    }

    private void s() {
        Logger.q(f61594h + ":launchCompanyPortal", "Sending intent to launch the CompanyPortal.");
        Intent intent = new Intent();
        intent.setComponent(new ComponentName("com.microsoft.windowsintune.companyportal", "com.microsoft.windowsintune.companyportal.views.SplashActivity"));
        intent.addFlags(268468224);
        getActivity().startActivity(intent);
        G(RawAuthorizationResult.ResultCode.MDM_FLOW);
    }

    private void u(String str) {
        String str2 = f61594h + ":openLinkInBrowser";
        Logger.h(str2, "Try to open url link in browser");
        Intent intent = new Intent("android.intent.action.VIEW", Uri.parse(str.replace(AuthenticationConstants.Broker.BROWSER_EXT_PREFIX, AuthenticationConstants.Broker.REDIRECT_SSL_PREFIX)));
        if (intent.resolveActivity(getActivity().getPackageManager()) != null) {
            getActivity().startActivity(intent);
        } else {
            Logger.u(str2, "Unable to find an app to resolve the activity.");
        }
    }

    private void v(String str) {
        String str2 = f61594h + ":processAuthAppMFAUrl";
        Logger.q(str2, "Linking Account in Broker for MFA.");
        try {
            Intent intent = new Intent("android.intent.action.VIEW", Uri.parse(str));
            intent.addFlags(268435456);
            getActivity().startActivity(intent);
        } catch (ActivityNotFoundException e6) {
            Logger.c(str2, "Failed to open the Authenticator application.", e6);
        }
    }

    private void w(@NonNull final WebView webView, @NonNull String str) {
        String str2 = f61594h + ":processInstallRequest";
        RawAuthorizationResult c10 = RawAuthorizationResult.c(str);
        if (c10.h() != RawAuthorizationResult.ResultCode.BROKER_INSTALLATION_TRIGGERED) {
            b().b(c10);
            webView.stopLoading();
            return;
        }
        final String str3 = StringExtensions.f(str).get("app_link");
        Logger.h(str2, "Launching the link to app:" + str3);
        b().b(c10);
        new Handler().postDelayed(new Runnable() { // from class: com.microsoft.identity.common.internal.ui.webview.AzureActiveDirectoryWebViewClient.1
            @Override // java.lang.Runnable
            public void run() {
                AzureActiveDirectoryWebViewClient.this.getActivity().startActivity(new Intent("android.intent.action.VIEW", Uri.parse(str3.replace(AuthenticationConstants.Broker.BROWSER_EXT_PREFIX, AuthenticationConstants.Broker.REDIRECT_SSL_PREFIX))));
                webView.stopLoading();
            }
        }, 1000L);
        webView.stopLoading();
    }

    private void x(@NonNull WebView webView, @NonNull String str) {
        String str2 = f61594h + ":processInvalidRedirectUri";
        Logger.c(str2, "The RedirectUri is not as expected.", null);
        Logger.e(str2, String.format("Received %s and expected %s", str, this.f61595e), null);
        F("The redirectUri for broker is invalid", String.format("The RedirectUri is not as expected. Received %s and expected %s", str, this.f61595e));
        webView.stopLoading();
    }

    private void y(@NonNull String str) {
        Logger.j(f61594h + ":processInvalidUrl", "We are declining to override loading and redirect to invalid URL: '" + E(str) + "' the user's url pattern is '" + this.f61595e + "'");
    }

    private boolean z(@NonNull WebView webView, @NonNull String str) {
        String str2 = f61594h + ":processPlayStoreURL";
        webView.stopLoading();
        if (!str.startsWith("market://details?id=com.microsoft.windowsintune.companyportal") && !str.startsWith("market://details?id=com.azure.authenticator")) {
            Logger.h(str2, "The URI is either trying to open an unknown application or contains unknown query parameters");
            return false;
        }
        String str3 = str.contains("com.microsoft.windowsintune.companyportal") ? "com.microsoft.windowsintune.companyportal" : "com.azure.authenticator";
        Logger.h(str2, "Request to open PlayStore to install package : '" + str3 + "'");
        try {
            Intent intent = new Intent("android.intent.action.VIEW", Uri.parse("market://details?id=" + str3));
            intent.addFlags(268468224);
            getActivity().startActivity(intent);
            return true;
        } catch (ActivityNotFoundException e6) {
            Logger.c(str2, "PlayStore is not present on the device", e6);
            return true;
        }
    }

    protected void A(@NonNull WebView webView, @NonNull String str) {
        Logger.h(f61594h + ":processRedirectUrl", "It is pointing to redirect. Final url can be processed to get the code or error.");
        b().b(RawAuthorizationResult.c(str));
        webView.stopLoading();
    }

    public void f(@NonNull RawAuthorizationResult rawAuthorizationResult) {
        ICertBasedAuthChallengeHandler iCertBasedAuthChallengeHandler = this.f61597g;
        if (iCertBasedAuthChallengeHandler != null) {
            iCertBasedAuthChallengeHandler.a(rawAuthorizationResult);
        }
    }

    @Override // android.webkit.WebViewClient
    @TargetApi(21)
    public void onReceivedClientCertRequest(@NonNull WebView webView, @NonNull final ClientCertRequest clientCertRequest) {
        ICertBasedAuthChallengeHandler iCertBasedAuthChallengeHandler = this.f61597g;
        if (iCertBasedAuthChallengeHandler != null) {
            iCertBasedAuthChallengeHandler.e();
        }
        this.f61596f.h(new CertBasedAuthFactory.CertBasedAuthChallengeHandlerCallback() { // from class: com.microsoft.identity.common.internal.ui.webview.AzureActiveDirectoryWebViewClient.2
            @Override // com.microsoft.identity.common.internal.ui.webview.certbasedauth.CertBasedAuthFactory.CertBasedAuthChallengeHandlerCallback
            public void a(@Nullable ICertBasedAuthChallengeHandler iCertBasedAuthChallengeHandler2) {
                AzureActiveDirectoryWebViewClient.this.f61597g = iCertBasedAuthChallengeHandler2;
                if (AzureActiveDirectoryWebViewClient.this.f61597g == null) {
                    clientCertRequest.cancel();
                } else {
                    AzureActiveDirectoryWebViewClient.this.f61597g.b(clientCertRequest);
                }
            }
        });
    }

    @Override // android.webkit.WebViewClient
    @RequiresApi(24)
    @TargetApi(24)
    public boolean shouldOverrideUrlLoading(WebView webView, WebResourceRequest webResourceRequest) {
        return g(webView, webResourceRequest.getUrl().toString());
    }

    @Override // android.webkit.WebViewClient
    public boolean shouldOverrideUrlLoading(WebView webView, String str) {
        if (StringUtil.i(str)) {
            throw new IllegalArgumentException("Redirect to empty url in web view.");
        }
        return g(webView, str);
    }

    public void t() {
        ICertBasedAuthChallengeHandler iCertBasedAuthChallengeHandler = this.f61597g;
        if (iCertBasedAuthChallengeHandler != null) {
            iCertBasedAuthChallengeHandler.e();
        }
        this.f61596f.j();
    }
}
