package com.microsoft.office.outlook.net;

import android.content.Context;
import android.util.Base64;
import com.acompli.accore.k0;
import com.acompli.accore.model.ACMailAccount;
import com.acompli.accore.util.BaseAnalyticsProvider;
import com.acompli.accore.util.g1;
import com.microsoft.intune.mam.client.app.MAMCertificatePinningManager;
import com.microsoft.office.outlook.logger.Logger;
import com.microsoft.office.outlook.logger.LoggerFactory;
import d5.c;
import it.e;
import it.x;
import it.y;
import java.io.IOException;
import java.net.URL;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Iterator;
import java.util.List;
import java.util.Vector;
import kotlin.jvm.internal.j;
import kotlin.jvm.internal.r;
import okhttp3.Connection;
import okhttp3.Handshake;
import okhttp3.Interceptor;
import okhttp3.Request;
import okhttp3.Response;
import org.json.JSONException;
import org.json.JSONObject;
import vq.je;

/* loaded from: classes6.dex */
public final class CertPinningInterceptor implements Interceptor {
    private static final int PAYLOAD_INDEX = 1;
    private static final String TOKEN_PREFIX = "Bearer ";
    public k0 accountManager;
    public BaseAnalyticsProvider ariaAnalyticsProvider;
    public static final Companion Companion = new Companion(null);
    private static final Logger logger = LoggerFactory.getLogger("CertPinningInterceptor");

    /* loaded from: classes6.dex */
    public static final class Companion {
        private Companion() {
        }

        public /* synthetic */ Companion(j jVar) {
            this();
        }
    }

    public CertPinningInterceptor(Context context) {
        r.f(context, "context");
        c.a(context).F(this);
    }

    private final String getUpnFromToken(String str) {
        List v02;
        String str2 = null;
        try {
            v02 = y.v0(str, new String[]{"."}, false, 0, 6, null);
            if (v02.size() != 3) {
                logger.d("Token not 3 parts");
            } else {
                byte[] bytes = Base64.decode((String) v02.get(1), 8);
                r.e(bytes, "bytes");
                str2 = new JSONObject(new String(bytes, e.f46091b)).getString("upn");
            }
        } catch (JSONException unused) {
        }
        return str2;
    }

    private final boolean hasO365AccountsOnly(Vector<ACMailAccount> vector) {
        if (vector.isEmpty()) {
            return false;
        }
        Iterator<ACMailAccount> it2 = vector.iterator();
        while (it2.hasNext()) {
            if (!it2.next().isAADAccount()) {
                return false;
            }
        }
        return true;
    }

    public final k0 getAccountManager() {
        k0 k0Var = this.accountManager;
        if (k0Var != null) {
            return k0Var;
        }
        r.w("accountManager");
        return null;
    }

    public final BaseAnalyticsProvider getAriaAnalyticsProvider() {
        BaseAnalyticsProvider baseAnalyticsProvider = this.ariaAnalyticsProvider;
        if (baseAnalyticsProvider != null) {
            return baseAnalyticsProvider;
        }
        r.w("ariaAnalyticsProvider");
        return null;
    }

    @Override // okhttp3.Interceptor
    public Response intercept(Interceptor.Chain chain) {
        Handshake handshake;
        boolean F;
        r.f(chain, "chain");
        Request request = chain.request();
        Connection connection = chain.connection();
        if (connection != null && (handshake = connection.handshake()) != null) {
            String header = request.header("Authorization");
            if (!(header == null || header.length() == 0)) {
                F = x.F(header, "Bearer ", false, 2, null);
                if (F) {
                    String substring = header.substring(7);
                    r.e(substring, "this as java.lang.String).substring(startIndex)");
                    String upnFromToken = getUpnFromToken(substring);
                    if (upnFromToken == null) {
                        Vector<ACMailAccount> D1 = getAccountManager().D1();
                        r.e(D1, "accountManager.allAccounts");
                        boolean hasO365AccountsOnly = hasO365AccountsOnly(D1);
                        Response response = chain.proceed(request);
                        int code = response.code();
                        BaseAnalyticsProvider ariaAnalyticsProvider = getAriaAnalyticsProvider();
                        je jeVar = je.no_upn_found;
                        String host = request.url().url().getHost();
                        if (host == null) {
                            host = "";
                        }
                        ariaAnalyticsProvider.Q0(jeVar, host, hasO365AccountsOnly, Integer.valueOf(code), request.url().toString());
                        r.e(response, "response");
                        return response;
                    }
                    logger.d("Obtained UPN for certificate pinning: " + g1.m(upnFromToken, 0, 1, null));
                    List<Certificate> peerCertificates = handshake.peerCertificates();
                    for (Certificate certificate : peerCertificates) {
                        if (certificate != null && !(certificate instanceof X509Certificate)) {
                            Response proceed = chain.proceed(request);
                            r.e(proceed, "chain.proceed(request)");
                            return proceed;
                        }
                    }
                    URL url = request.url().url();
                    try {
                        Object[] array = peerCertificates.toArray(new X509Certificate[0]);
                        if (array == null) {
                            throw new NullPointerException("null cannot be cast to non-null type kotlin.Array<T of kotlin.collections.ArraysKt__ArraysJVMKt.toTypedArray>");
                        }
                        MAMCertificatePinningManager.validatePins((X509Certificate[]) array, upnFromToken, url);
                    } catch (CertificateException e10) {
                        throw new IOException(e10);
                    }
                }
            }
        }
        Response proceed2 = chain.proceed(request);
        r.e(proceed2, "chain.proceed(request)");
        return proceed2;
    }

    public final void setAccountManager(k0 k0Var) {
        r.f(k0Var, "<set-?>");
        this.accountManager = k0Var;
    }

    public final void setAriaAnalyticsProvider(BaseAnalyticsProvider baseAnalyticsProvider) {
        r.f(baseAnalyticsProvider, "<set-?>");
        this.ariaAnalyticsProvider = baseAnalyticsProvider;
    }
}
