package com.microsoft.aad.adal;

import android.net.Uri;
import android.os.Build;
import android.text.TextUtils;
import android.util.Base64;
import com.microsoft.aad.adal.b0;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.net.SocketTimeoutException;
import java.net.URL;
import java.net.URLEncoder;
import java.util.GregorianCalendar;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.UUID;
import org.json.JSONException;
import org.json.JSONObject;

/* loaded from: classes2.dex */
class u {

    /* renamed from: a, reason: collision with root package name */
    private d f13999a;

    /* renamed from: b, reason: collision with root package name */
    private be.f f14000b;

    /* renamed from: c, reason: collision with root package name */
    private be.e f14001c;

    /* renamed from: d, reason: collision with root package name */
    private boolean f14002d;

    /* JADX INFO: Access modifiers changed from: package-private */
    public u(d dVar) {
        this.f14001c = new s();
        this.f14002d = true;
        this.f13999a = dVar;
        this.f14000b = null;
        this.f14001c = null;
    }

    public u(d dVar, be.f fVar, be.e eVar) {
        this.f14001c = new s();
        this.f14002d = true;
        this.f13999a = dVar;
        this.f14000b = fVar;
        this.f14001c = eVar;
    }

    public static String b(String str) {
        if (z.g(str)) {
            return null;
        }
        return new String(Base64.decode(str, 9), "UTF-8");
    }

    private static void d(Map<String, String> map, String str) {
        JSONObject jSONObject = new JSONObject(str);
        Iterator<String> keys = jSONObject.keys();
        while (keys.hasNext()) {
            String next = keys.next();
            map.put(next, jSONObject.getString(next));
        }
    }

    private Map<String, String> h() {
        HashMap hashMap = new HashMap();
        hashMap.put("Accept", "application/json");
        return hashMap;
    }

    private e l(String str) {
        HashMap hashMap = new HashMap();
        d(hashMap, str);
        return o(hashMap);
    }

    private e m(String str, Map<String, String> map) {
        e eVar;
        String a10;
        p q10 = q();
        URL d10 = z.d(j());
        if (d10 == null) {
            r(q10);
            throw new c(a.DEVELOPER_AUTHORITY_IS_NOT_VALID_URL);
        }
        q10.e(d10);
        try {
            try {
                try {
                    this.f14000b.a(this.f13999a.e());
                    k kVar = k.INSTANCE;
                    kVar.j(d10, this.f13999a.e(), map);
                    be.c b10 = this.f14000b.b(d10, map, str.getBytes("UTF_8"), "application/x-www-form-urlencoded");
                    q10.j(b10.c());
                    q10.b(this.f13999a.e().toString());
                    r(q10);
                    if (b10.c() == 401) {
                        if (b10.b() == null || !b10.b().containsKey("WWW-Authenticate")) {
                            t.o("Oauth", "401 http status code is returned without authorization header");
                        } else {
                            String str2 = b10.b().get("WWW-Authenticate").get(0);
                            t.o("Oauth", "Device certificate challenge request:" + str2);
                            if (z.g(str2)) {
                                throw new c(a.DEVICE_CERTIFICATE_REQUEST_INVALID, "Challenge header is empty");
                            }
                            if (z.f(str2, "PKeyAuth")) {
                                p q11 = q();
                                q11.e(d10);
                                t.o("Oauth", "Received pkeyAuth device challenge.");
                                j jVar = new j(this.f14001c);
                                t.o("Oauth", "Processing device challenge");
                                map.put("Authorization", jVar.c(str2, d10.toString()).d());
                                t.o("Oauth", "Sending request with challenge response");
                                be.c b11 = this.f14000b.b(d10, map, str.getBytes("UTF_8"), "application/x-www-form-urlencoded");
                                q11.j(b11.c());
                                q11.b(this.f13999a.e().toString());
                                r(q11);
                                b10 = b11;
                            }
                        }
                    }
                    boolean isEmpty = TextUtils.isEmpty(b10.a());
                    if (isEmpty) {
                        eVar = null;
                    } else {
                        t.o("Oauth", "Token request does not have exception");
                        try {
                            eVar = n(b10, q10);
                            kVar.m(null);
                        } catch (x e10) {
                            e p10 = p(str, map);
                            if (p10 != null) {
                                k.INSTANCE.k("token", this.f13999a.e());
                                return p10;
                            }
                            if (this.f13999a.g()) {
                                t.o("Oauth", "WebResponse is not a success due to: " + b10.c());
                                throw e10;
                            }
                            t.o("Oauth", "WebResponse is not a success due to: " + b10.c());
                            throw new c(a.SERVER_ERROR, "WebResponse is not a success due to: " + b10.c());
                        }
                    }
                    if (eVar != null) {
                        kVar.r(eVar.e());
                        kVar.k("token", this.f13999a.e());
                        return eVar;
                    }
                    if (isEmpty) {
                        a10 = "Status code:" + b10.c();
                    } else {
                        a10 = b10.a();
                    }
                    a aVar = a.SERVER_ERROR;
                    t.b("Oauth", "Server error message", a10, aVar);
                    throw new c(aVar, a10);
                } catch (IOException e11) {
                    k.INSTANCE.m(null);
                    t.c("Oauth", e11.getMessage(), "", a.SERVER_ERROR, e11);
                    throw e11;
                }
            } catch (UnsupportedEncodingException e12) {
                k.INSTANCE.m(null);
                t.c("Oauth", e12.getMessage(), "", a.ENCODING_IS_NOT_SUPPORTED, e12);
                throw e12;
            } catch (SocketTimeoutException e13) {
                e p11 = p(str, map);
                if (p11 != null) {
                    k.INSTANCE.k("token", this.f13999a.e());
                    return p11;
                }
                k.INSTANCE.m(null);
                if (this.f13999a.g()) {
                    t.c("Oauth", e13.getMessage(), "", a.SERVER_ERROR, e13);
                    throw new x(e13.getMessage(), e13);
                }
                t.c("Oauth", e13.getMessage(), "", a.SERVER_ERROR, e13);
                throw e13;
            }
        } catch (Throwable th2) {
            k.INSTANCE.k("token", this.f13999a.e());
            throw th2;
        }
    }

    private e n(be.c cVar, p pVar) {
        String str;
        b0.a a10;
        List<String> list;
        List<String> list2;
        String str2 = null;
        if (cVar.b() != null) {
            str = (!cVar.b().containsKey("client-request-id") || (list2 = cVar.b().get("client-request-id")) == null || list2.size() <= 0) ? null : list2.get(0);
            if (cVar.b().containsKey("x-ms-request-id") && (list = cVar.b().get("x-ms-request-id")) != null && list.size() > 0) {
                t.o("Oauth", "x-ms-request-id: " + list.get(0));
                pVar.i(list.get(0));
            }
            if (cVar.b().get("x-ms-clitelem") != null && !cVar.b().get("x-ms-clitelem").isEmpty() && (a10 = b0.a(cVar.b().get("x-ms-clitelem").get(0))) != null) {
                pVar.n(a10);
                str2 = a10.d();
            }
        } else {
            str = null;
        }
        int c10 = cVar.c();
        if (c10 != 200 && c10 != 400 && c10 != 401) {
            if (c10 >= 500 && c10 <= 599) {
                throw new x("Server Error " + c10 + " " + cVar.a());
            }
            throw new c(a.SERVER_ERROR, "Unexpected server response " + c10 + " " + cVar.a());
        }
        try {
            e l10 = l(cVar.a());
            if (l10 != null) {
                b0.a aVar = new b0.a();
                aVar.h(str2);
                l10.p(aVar);
                pVar.g(l10.d());
            }
            if (str != null && !str.isEmpty()) {
                try {
                    if (!UUID.fromString(str).equals(this.f13999a.e())) {
                        t.r("Oauth", "CorrelationId is not matching", "", a.CORRELATION_ID_NOT_MATCHING_REQUEST_RESPONSE);
                    }
                    t.o("Oauth", "Response correlationId:" + str);
                } catch (IllegalArgumentException e10) {
                    t.c("Oauth", "Wrong format of the correlation ID:" + str, "", a.CORRELATION_ID_FORMAT, e10);
                }
            }
            return l10;
        } catch (JSONException e11) {
            throw new c(a.SERVER_INVALID_JSON_RESPONSE, "Can't parse server response " + cVar.a(), e11);
        }
    }

    public static e o(Map<String, String> map) {
        f0 f0Var;
        String str;
        String str2;
        e eVar;
        if (map.containsKey("error")) {
            String str3 = map.get("correlation_id");
            if (!z.g(str3)) {
                try {
                    t.n(UUID.fromString(str3));
                } catch (IllegalArgumentException unused) {
                    t.b("Oauth", "CorrelationId is malformed: " + str3, "", a.CORRELATION_ID_FORMAT);
                }
            }
            t.o("Oauth", "OAuth2 error:" + map.get("error") + " Description:" + map.get("error_description"));
            eVar = new e(map.get("error"), map.get("error_description"), map.get("error_codes"));
        } else {
            if (map.containsKey("code")) {
                return new e(map.get("code"));
            }
            if (!map.containsKey("access_token")) {
                return null;
            }
            String str4 = map.get("expires_in");
            GregorianCalendar gregorianCalendar = new GregorianCalendar();
            gregorianCalendar.add(13, (str4 == null || str4.isEmpty()) ? 3600 : Integer.parseInt(str4));
            String str5 = map.get("refresh_token");
            boolean z10 = map.containsKey("resource") && !z.g(str5);
            if (map.containsKey("id_token")) {
                String str6 = map.get("id_token");
                if (z.g(str6)) {
                    t.o("Oauth", "IdToken was not returned from token request.");
                    str2 = str6;
                    f0Var = null;
                    str = null;
                } else {
                    t.o("Oauth", "Id token was returned, parsing id token.");
                    r rVar = new r(str6);
                    str2 = str6;
                    str = rVar.k();
                    f0Var = new f0(rVar);
                }
            } else {
                f0Var = null;
                str = null;
                str2 = null;
            }
            String str7 = map.containsKey("foci") ? map.get("foci") : null;
            eVar = new e(map.get("access_token"), str5, gregorianCalendar.getTime(), z10, f0Var, str, str2, null);
            if (map.containsKey("ext_expires_in")) {
                String str8 = map.get("ext_expires_in");
                GregorianCalendar gregorianCalendar2 = new GregorianCalendar();
                gregorianCalendar2.add(13, z.g(str8) ? 3600 : Integer.parseInt(str8));
                eVar.q(gregorianCalendar2.getTime());
            }
            eVar.r(str7);
        }
        return eVar;
    }

    private e p(String str, Map<String, String> map) {
        if (!this.f14002d) {
            return null;
        }
        this.f14002d = false;
        try {
            Thread.sleep(1000L);
        } catch (InterruptedException e10) {
            t.o("Oauth", "The thread is interrupted while it is sleeping. " + e10);
        }
        t.o("Oauth", "Try again...");
        return m(str, map);
    }

    private p q() {
        p pVar = new p("Microsoft.ADAL.http_event");
        pVar.d(this.f13999a.n());
        pVar.f("Microsoft.ADAL.post");
        a0.a().b(this.f13999a.n(), "Microsoft.ADAL.http_event");
        return pVar;
    }

    private void r(p pVar) {
        a0.a().c(this.f13999a.n(), pVar, "Microsoft.ADAL.http_event");
    }

    public String a(String str) {
        t.o("Oauth", "Building request message for redeeming token with auth code.");
        return String.format("%s=%s&%s=%s&%s=%s&%s=%s", "grant_type", z.k("authorization_code"), "code", z.k(str), "client_id", z.k(this.f13999a.d()), "redirect_uri", z.k(this.f13999a.k()));
    }

    public String c() {
        return Base64.encodeToString(String.format("a=%s&r=%s", this.f13999a.a(), this.f13999a.m()).getBytes("UTF-8"), 9);
    }

    public String e() {
        return this.f13999a.a() + "/oauth2/authorize";
    }

    public String f() {
        Uri.Builder builder = new Uri.Builder();
        builder.appendQueryParameter("response_type", "code").appendQueryParameter("client_id", URLEncoder.encode(this.f13999a.d(), "UTF_8")).appendQueryParameter("resource", URLEncoder.encode(this.f13999a.m(), "UTF_8")).appendQueryParameter("redirect_uri", URLEncoder.encode(this.f13999a.k(), "UTF_8")).appendQueryParameter("state", c());
        if (!z.g(this.f13999a.i())) {
            builder.appendQueryParameter("login_hint", URLEncoder.encode(this.f13999a.i(), "UTF_8"));
        }
        builder.appendQueryParameter("x-client-SKU", "Android").appendQueryParameter("x-client-Ver", URLEncoder.encode(b.a(), "UTF_8")).appendQueryParameter("x-client-OS", URLEncoder.encode(String.valueOf(Build.VERSION.SDK_INT), "UTF_8")).appendQueryParameter("x-client-DM", URLEncoder.encode(Build.MODEL, "UTF_8"));
        if (this.f13999a.e() != null) {
            builder.appendQueryParameter("client-request-id", URLEncoder.encode(this.f13999a.e().toString(), "UTF_8"));
        }
        if (this.f13999a.j() == w.Always) {
            builder.appendQueryParameter("prompt", URLEncoder.encode("login", "UTF_8"));
        } else if (this.f13999a.j() == w.REFRESH_SESSION) {
            builder.appendQueryParameter("prompt", URLEncoder.encode("refresh_session", "UTF_8"));
        }
        String f10 = this.f13999a.f();
        if (z.g(f10) || !f10.contains("haschrome")) {
            builder.appendQueryParameter("haschrome", "1");
        }
        if (!z.g(this.f13999a.c())) {
            builder.appendQueryParameter("claims", this.f13999a.c());
        }
        String query = builder.build().getQuery();
        if (z.g(f10)) {
            return query;
        }
        if (!f10.startsWith("&")) {
            f10 = "&" + f10;
        }
        return query + f10;
    }

    public String g() {
        return String.format("%s?%s", e(), f());
    }

    public e i(String str) {
        if (z.g(str)) {
            throw new IllegalArgumentException("authorizationUrl");
        }
        HashMap<String, String> e10 = z.e(str);
        String b10 = b(e10.get("state"));
        if (z.g(b10)) {
            throw new c(a.AUTH_FAILED_NO_STATE);
        }
        Uri parse = Uri.parse("http://state/path?" + b10);
        String queryParameter = parse.getQueryParameter("a");
        String queryParameter2 = parse.getQueryParameter("r");
        if (z.g(queryParameter) || z.g(queryParameter2) || !queryParameter2.equalsIgnoreCase(this.f13999a.m())) {
            throw new c(a.AUTH_FAILED_BAD_STATE);
        }
        e o10 = o(e10);
        return (o10 == null || o10.c() == null || o10.c().isEmpty()) ? o10 : k(o10.c());
    }

    public String j() {
        return this.f13999a.a() + "/oauth2/token";
    }

    public e k(String str) {
        if (this.f14000b == null) {
            throw new IllegalArgumentException("webRequestHandler");
        }
        try {
            String a10 = a(str);
            Map<String, String> h10 = h();
            t.o("Oauth", "Sending request to redeem token with auth code.");
            return m(a10, h10);
        } catch (UnsupportedEncodingException e10) {
            t.c("Oauth", e10.getMessage(), "", a.ENCODING_IS_NOT_SUPPORTED, e10);
            return null;
        }
    }
}
