package com.microsoft.authorization.m1;

import android.accounts.Account;
import android.accounts.AccountManager;
import android.content.Context;
import android.net.Uri;
import android.text.TextUtils;
import com.microsoft.aad.adal.AuthenticationException;
import com.microsoft.aad.adal.AuthenticationResult;
import com.microsoft.authentication.g;
import com.microsoft.authorization.SecurityScope;
import com.microsoft.authorization.c0;
import com.microsoft.authorization.c1;
import com.microsoft.authorization.d0;
import com.microsoft.authorization.j1.a;
import com.microsoft.authorization.j1.i;
import com.microsoft.authorization.k1.r;
import com.microsoft.authorization.p1.j;
import com.microsoft.authorization.p1.l;
import com.microsoft.authorization.p1.o;
import com.microsoft.authorization.p1.p;
import com.microsoft.authorization.s;
import com.microsoft.authorization.u;
import com.microsoft.authorization.v0;
import com.microsoft.identity.common.internal.eststelemetry.SchemaConstants;
import com.microsoft.identity.common.internal.net.HttpRequest;
import com.microsoft.odsp.t;
import com.microsoft.skydrive.serialization.communication.odb.BaseOdbItem;
import java.io.IOException;
import java.io.InputStream;
import java.net.HttpURLConnection;
import java.net.URL;
import java.util.Collections;
import java.util.Date;
import java.util.Locale;
import java.util.concurrent.CountDownLatch;
import java.util.concurrent.atomic.AtomicReference;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.parsers.ParserConfigurationException;
import javax.xml.xpath.XPath;
import javax.xml.xpath.XPathConstants;
import javax.xml.xpath.XPathExpression;
import javax.xml.xpath.XPathExpressionException;
import javax.xml.xpath.XPathFactory;
import okhttp3.Authenticator;
import okhttp3.MediaType;
import okhttp3.OkHttpClient;
import okhttp3.Protocol;
import okhttp3.Request;
import okhttp3.RequestBody;
import okhttp3.Response;
import org.w3c.dom.Document;
import org.xml.sax.SAXException;

/* loaded from: classes4.dex */
public class f extends com.microsoft.authorization.j1.c {
    private o c;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes4.dex */
    public class a implements com.microsoft.tokenshare.b<u> {
        final /* synthetic */ AtomicReference a;
        final /* synthetic */ CountDownLatch b;

        a(f fVar, AtomicReference atomicReference, CountDownLatch countDownLatch) {
            this.a = atomicReference;
            this.b = countDownLatch;
        }

        @Override // com.microsoft.tokenshare.b
        /* renamed from: a, reason: merged with bridge method [inline-methods] */
        public void onSuccess(u uVar) {
            this.a.set(uVar);
            this.b.countDown();
        }

        @Override // com.microsoft.tokenshare.b
        public void onError(Throwable th) {
            this.b.countDown();
        }
    }

    @Deprecated
    /* loaded from: classes4.dex */
    public static class b {
        private static final XPathExpression c;
        private static final XPathExpression d;
        public final Double a;
        public final String b;

        static {
            XPath newXPath = XPathFactory.newInstance().newXPath();
            try {
                c = newXPath.compile("/GetContextWebInformation/FormDigestValue");
                d = newXPath.compile("/GetContextWebInformation/FormDigestTimeoutSeconds");
            } catch (XPathExpressionException e) {
                throw new ExceptionInInitializerError(e);
            }
        }

        public b(Document document) throws XPathExpressionException {
            this.b = (String) c.evaluate(document, XPathConstants.STRING);
            this.a = (Double) d.evaluate(document, XPathConstants.NUMBER);
        }
    }

    public f(Context context, a.b bVar) {
        super(context, bVar.a());
        if (l.f()) {
            this.c = new o(this.a);
        }
    }

    private static String e(String str, String str2) throws IOException {
        if (TextUtils.isEmpty(str) || TextUtils.isEmpty(str2)) {
            return null;
        }
        HttpURLConnection httpURLConnection = (HttpURLConnection) new URL("https", str2, "_api/SP.OAuth.NativeClient/Authenticate").openConnection();
        try {
            httpURLConnection.setRequestProperty("Authorization", String.format(Locale.ROOT, "Bearer %s", str));
            if ("f05ff7c9-f75a-4acd-a3b5-f4b6a870245d".equals(i.a())) {
                httpURLConnection.setRequestProperty("X-FeatureVersion", SchemaConstants.CURRENT_SCHEMA_VERSION);
            }
            httpURLConnection.setRequestMethod(HttpRequest.REQUEST_METHOD_POST);
            if (httpURLConnection.getResponseCode() == 200) {
                return httpURLConnection.getHeaderField("Set-Cookie");
            }
            return null;
        } finally {
            httpURLConnection.disconnect();
        }
    }

    public static v0 f(String str, SecurityScope securityScope, String str2, Uri uri, Authenticator authenticator) throws IOException {
        return g(str, securityScope, str2, uri, authenticator, false);
    }

    public static v0 g(String str, SecurityScope securityScope, String str2, Uri uri, Authenticator authenticator, boolean z) throws IOException {
        InputStream inputStream = null;
        if (TextUtils.isEmpty(securityScope.a)) {
            return null;
        }
        Request.Builder method = new Request.Builder().url(Uri.parse(uri.getScheme() + "://" + securityScope.a).buildUpon().appendPath(BaseOdbItem.API_PATH).appendPath("contextinfo").build().toString()).method(HttpRequest.REQUEST_METHOD_POST, RequestBody.create((MediaType) null, new byte[0]));
        method.header("Cookie", str);
        OkHttpClient.Builder builder = new OkHttpClient.Builder();
        if (authenticator != null) {
            builder.authenticator(authenticator);
        }
        if (z) {
            builder.protocols(Collections.singletonList(Protocol.HTTP_1_1));
        }
        Response execute = builder.build().newCall(method.build()).execute();
        if (!execute.isSuccessful() || execute.body() == null) {
            throw new r(execute.message());
        }
        try {
            try {
                inputStream = execute.body().byteStream();
                b bVar = new b(DocumentBuilderFactory.newInstance().newDocumentBuilder().parse(inputStream));
                return new v0(bVar.b, new Date(System.currentTimeMillis() + ((bVar.a != null ? bVar.a.longValue() : 0L) * 1000)), null, securityScope, str2);
            } catch (ParserConfigurationException | XPathExpressionException | SAXException unused) {
                throw new IOException(execute.code() + " : " + execute.message());
            }
        } finally {
            com.microsoft.odsp.l0.d.c(inputStream);
        }
    }

    static String h(String str) {
        int indexOf;
        if (!TextUtils.isEmpty(str) && (indexOf = str.indexOf(" ")) > 0) {
            return str.substring(0, indexOf);
        }
        return null;
    }

    private boolean k(AccountManager accountManager, Account account) {
        u parse = u.parse(accountManager.getUserData(account, "com.microsoft.skydrive.business_fp"));
        if (!j(parse)) {
            com.microsoft.odsp.l0.e.b("OdbNetworkTasks", "refreshFederationProviderAsNeeded - No need to refresh federation provider.");
            return false;
        }
        com.microsoft.odsp.l0.e.h("OdbNetworkTasks", "refreshFederationProviderAsNeeded - start");
        s sVar = new s();
        AtomicReference atomicReference = new AtomicReference();
        String h = h(account.name);
        CountDownLatch countDownLatch = new CountDownLatch(1);
        if (TextUtils.isEmpty(h)) {
            com.microsoft.odsp.l0.e.e("OdbNetworkTasks", "refreshFederationProviderAsNeeded - account email is not available.");
            return false;
        }
        sVar.e(h, false, new a(this, atomicReference, countDownLatch));
        try {
            countDownLatch.await();
        } catch (InterruptedException e) {
            com.microsoft.odsp.l0.e.f("OdbNetworkTasks", "refreshFederationProviderAsNeeded - InterruptedException received", e);
        }
        u uVar = (u) atomicReference.get();
        if (uVar != null && uVar != parse) {
            try {
                com.microsoft.odsp.l0.e.h("OdbNetworkTasks", "refreshFederationProviderAsNeeded - getADALConfigurationSync");
                a.b c = new com.microsoft.authorization.j1.a().c(uVar, false);
                accountManager.setUserData(account, "com.microsoft.skydrive.business_fp", uVar.toString());
                accountManager.setUserData(account, "com.microsoft.skydrive.business_authority", c.a());
                d(c.a());
                com.microsoft.odsp.l0.e.h("OdbNetworkTasks", "refreshFederationProviderAsNeeded - updated account federation provider from " + parse + " to " + uVar);
                c0 m2 = c1.s().m(this.a, account.name);
                new n.g.e.p.a("FPOld", parse.toString());
                n.g.e.p.b.e().h(new com.microsoft.authorization.l1.a(this.a, com.microsoft.authorization.l1.e.z, new n.g.e.p.a[]{new n.g.e.p.a("FPOld", parse.toString()), new n.g.e.p.a("FPNew", uVar.toString())}, (n.g.e.p.a[]) null, m2));
                return true;
            } catch (IOException | XPathExpressionException e2) {
                com.microsoft.odsp.l0.e.f("OdbNetworkTasks", "refreshFederationProviderAsNeeded - failed to fetch adal configuration for " + uVar, e2);
            }
        }
        return false;
    }

    private p m(String str, String str2, String str3) throws AuthenticationException, j {
        if (!l.f()) {
            AuthenticationResult c = c(str2, str, str3);
            if (c != null) {
                return new p(c);
            }
            return null;
        }
        g n2 = this.c.n(str, str2, str3);
        if (n2 == null) {
            com.microsoft.odsp.l0.e.e("OdbNetworkTasks", "Could not execute token refresh for userId" + str + "; No account found for given userId");
            return null;
        }
        p pVar = new p(n2);
        if (n2.c() == null) {
            return pVar;
        }
        com.microsoft.odsp.l0.e.c("OdbNetworkTasks", "Tokenrefresh with oneAuth returned with error: " + n2.c().getStatus() + " and substatus: " + n2.c().getSubStatus());
        throw new j(n2.c());
    }

    protected String i(String str) {
        return t.b().get(str);
    }

    boolean j(u uVar) {
        if (uVar == null) {
            com.microsoft.odsp.l0.e.e("OdbNetworkTasks", "isRefreshFederationProviderAllowed - FederationProvider value is null.");
            return false;
        }
        if (!Boolean.parseBoolean(i("FederationProviderRefresh"))) {
            com.microsoft.odsp.l0.e.e("OdbNetworkTasks", "isRefreshFederationProviderAllowed - ramp is off.");
            return false;
        }
        String i = i("FederationProviderRefreshAllowed");
        if (TextUtils.isEmpty(i)) {
            com.microsoft.odsp.l0.e.e("OdbNetworkTasks", "isRefreshFederationProviderAllowed - Allowed list empty.");
            return false;
        }
        for (String str : i.split(";")) {
            if (u.parse(str) == uVar) {
                return true;
            }
        }
        com.microsoft.odsp.l0.e.e("OdbNetworkTasks", "isRefreshFederationProviderAllowed - not in allowed list: " + uVar.toString());
        return false;
    }

    public v0 l(AccountManager accountManager, Account account, SecurityScope securityScope, String str) throws IOException, com.google.gson.s, AuthenticationException, j {
        String uri;
        p m2;
        String e;
        String userData = accountManager.getUserData(account, "com.microsoft.skydrive.cid");
        if (TextUtils.isEmpty(userData)) {
            return null;
        }
        if (!"ODB_ACCESSTOKEN".equalsIgnoreCase(securityScope.b) && !"ODB_ACCESSTOKEN_BY_GUID".equalsIgnoreCase(securityScope.b)) {
            if (!"ODB_COOKIE".equalsIgnoreCase(securityScope.b)) {
                if (!"ODB_FORM_DIGEST".equalsIgnoreCase(securityScope.b)) {
                    return null;
                }
                v0 l2 = l(accountManager, account, SecurityScope.f(d0.BUSINESS, Uri.parse("https://" + securityScope.a), "ODB_COOKIE"), null);
                return f(l2 != null ? l2.b() : "", securityScope, userData, com.microsoft.authorization.e.v(this.a, account), null);
            }
            p m3 = m(userData, new Uri.Builder().scheme("https").authority(securityScope.a).build().toString(), str);
            if (m3 == null || m3.g() != AuthenticationResult.AuthenticationStatus.Succeeded || (e = e(m3.b(), securityScope.a)) == null) {
                return null;
            }
            Date d = m3.d();
            if ("f05ff7c9-f75a-4acd-a3b5-f4b6a870245d".equals(i.a())) {
                d = new Date(System.currentTimeMillis() + 432000000);
            }
            return new v0(e, d, null, securityScope, userData);
        }
        if ("ODB_ACCESSTOKEN_BY_GUID".equalsIgnoreCase(securityScope.b)) {
            uri = securityScope.a;
        } else {
            uri = Uri.parse("https://" + securityScope.a).toString();
        }
        try {
            m2 = m(userData, uri, str);
            StringBuilder sb = new StringBuilder();
            sb.append("refreshSecurityToken -- result: ");
            sb.append(m2 != null ? m2.g().toString() : null);
            com.microsoft.odsp.l0.e.h("OdbNetworkTasks", sb.toString());
        } catch (AuthenticationException e2) {
            if (!k(accountManager, account)) {
                throw e2;
            }
            m2 = m(userData, uri, str);
        }
        if (m2 == null || m2.g() != AuthenticationResult.AuthenticationStatus.Succeeded) {
            return null;
        }
        return new v0(m2.b(), m2.d(), m2.f(), securityScope, userData);
    }
}
