package com.microsoft.launcher.identity;

import android.accounts.AuthenticatorException;
import android.accounts.OperationCanceledException;
import android.app.Activity;
import android.content.Context;
import android.content.Intent;
import android.os.Build;
import android.text.TextUtils;
import android.util.Log;
import android.view.View;
import android.webkit.CookieManager;
import android.webkit.CookieSyncManager;
import com.microsoft.aad.adal.ADALAuthenticationContext;
import com.microsoft.aad.adal.ADALError;
import com.microsoft.aad.adal.AuthenticationCallback;
import com.microsoft.aad.adal.AuthenticationException;
import com.microsoft.aad.adal.AuthenticationResult;
import com.microsoft.aad.adal.AuthenticationSettings;
import com.microsoft.aad.adal.ITokenCacheStore;
import com.microsoft.aad.adal.PromptBehavior;
import com.microsoft.aad.adal.TokenCacheItem;
import com.microsoft.aad.adal.UserInfo;
import com.microsoft.appcenter.persistence.DatabasePersistence;
import com.microsoft.intune.mam.client.app.MAMComponents;
import com.microsoft.intune.mam.policy.MAMCAComplianceStatus;
import com.microsoft.intune.mam.policy.MAMUserInfo;
import com.microsoft.intune.mam.policy.notification.MAMComplianceNotification;
import com.microsoft.launcher.IntuneManager;
import com.microsoft.launcher.MAMCompanyPortalRequiredActivity;
import com.microsoft.launcher.R;
import com.microsoft.launcher.identity.MRRTAADIdentityProvider;
import com.microsoft.launcher.utils.ViewUtils;
import com.microsoft.launcher.utils.threadpool.ThreadPool;
import com.onedrive.sdk.authentication.ADALAuthenticator;
import e.b.a.c.a;
import e.i.o.G.A;
import e.i.o.G.B;
import e.i.o.G.C;
import e.i.o.G.C0505v;
import e.i.o.G.C0506w;
import e.i.o.G.C0507x;
import e.i.o.G.C0508y;
import e.i.o.G.C0509z;
import e.i.o.G.r;
import e.i.o.R.d.m;
import e.i.o.ma.C1263ha;
import e.i.o.ma.C1278p;
import e.i.o.ma.C1283s;
import e.i.o.ma.C1285t;
import e.i.o.ma.j.k;
import e.i.o.y.C2107a;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.security.NoSuchAlgorithmException;
import java.security.spec.InvalidKeySpecException;
import java.util.HashMap;
import java.util.Iterator;
import java.util.concurrent.ConcurrentHashMap;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.SecretKeySpec;
import org.greenrobot.eventbus.EventBus;

/* loaded from: classes2.dex */
public abstract class MRRTAADIdentityProvider implements AadIdentityProvider {

    /* renamed from: a, reason: collision with root package name */
    public static final String f9504a = "MRRTAADIdentityProvider";

    /* renamed from: b, reason: collision with root package name */
    public static ConcurrentHashMap<String, C> f9505b = new ConcurrentHashMap<>();

    /* renamed from: c, reason: collision with root package name */
    public static final r f9506c = new r(25, "auth_aad");

    /* renamed from: d, reason: collision with root package name */
    public Context f9507d;

    /* renamed from: e, reason: collision with root package name */
    public ADALAuthenticationContext f9508e;

    /* loaded from: classes.dex */
    public enum AuthConfig {
        AuthConfigLegacy(ADALAuthenticator.LOGIN_AUTHORITY, "d3590ed6-52b3-4102-aeff-aad2292ab01c", false),
        AuthConfigCurrent(ADALAuthenticator.LOGIN_AUTHORITY, "cb5b7de5-2ef8-4fb2-9600-9feadb91dc45", true);

        public boolean allowBroker;
        public String authorityUrl;
        public String clientId;

        AuthConfig(String str, String str2, boolean z) {
            this.authorityUrl = str;
            this.clientId = str2;
            this.allowBroker = z;
        }

        public static String getAuthorityUrl() {
            return getConfig().authorityUrl;
        }

        public static String getClientId() {
            return getConfig().clientId;
        }

        public static AuthConfig getConfig() {
            return isNeedFallbackToLegacyConfig() ? AuthConfigLegacy : AuthConfigCurrent;
        }

        public static String getRedirectUrl(Context context) {
            return ADALAuthenticationContext.getRedirectUri(context);
        }

        public static boolean isAllowBroker() {
            return getConfig().allowBroker;
        }

        public static boolean isNeedFallbackToLegacyConfig() {
            return C1283s.a("ADAL_KEY_NEED_FALL_BACK_TO_LEGACY", false);
        }

        public static void setNeedFallbackToLegacyConfig(boolean z) {
            C1283s.b("ADAL_KEY_NEED_FALL_BACK_TO_LEGACY", z);
            AuthenticationSettings.INSTANCE.setUseBroker(isAllowBroker());
        }
    }

    public MRRTAADIdentityProvider() {
    }

    public MRRTAADIdentityProvider(Context context, String str) {
        this.f9507d = context;
        try {
            if (AuthenticationSettings.INSTANCE.getSecretKeyData() == null) {
                AuthenticationSettings.INSTANCE.setSecretKey(new SecretKeySpec(SecretKeyFactory.getInstance("PBEWithSHA256And256BitAES-CBC-BC").generateSecret(new PBEKeySpec("ssgardfahikl".toCharArray(), "fjsklfjskadf".getBytes("UTF-8"), 100, 256)).getEncoded(), "AES").getEncoded());
            }
        } catch (UnsupportedEncodingException | NoSuchAlgorithmException | InvalidKeySpecException e2) {
            e2.printStackTrace();
        }
        AuthenticationSettings.INSTANCE.setUseBroker(AuthConfig.isAllowBroker());
        ThreadPool.b((k) new C0505v(this, "MRRTAADIdentityProvider-MRRTAADIdentityProvider"));
    }

    public final AuthenticationCallback<AuthenticationResult> a(Activity activity, IdentityCallback identityCallback) {
        return new C0507x(this, identityCallback, activity);
    }

    public final MruAccessToken a() {
        MruAccessToken mruAccessToken = null;
        for (C c2 : f9505b.values()) {
            MruAccessToken mruAccessToken2 = c2.f9481d;
            if (c2.f() && !TextUtils.isEmpty(mruAccessToken2.accountId)) {
                if (mruAccessToken == null) {
                    mruAccessToken = mruAccessToken2;
                } else if (!TextUtils.equals(mruAccessToken2.accountId, mruAccessToken.accountId)) {
                    HashMap b2 = a.b("type", DatabasePersistence.COLUMN_LOG, "sub_type", "auth_aad_inconsistency");
                    b2.put("origin", "getCurrentTokenInCache");
                    b2.put("aad", Boolean.valueOf(AccountsManager.f9484a.f9485b.f()));
                    b2.put("aad_pendingReAuth", Boolean.valueOf(AccountsManager.f9484a.f9485b.g()));
                    b2.put("outlookAad_pendingReAuth", Boolean.valueOf(AccountsManager.f9484a.f9489f.g()));
                    b2.put("last_token_type", mruAccessToken.provider);
                    b2.put("current_token_type", mruAccessToken2.provider);
                    C1263ha.a("ErrorEvent", b2, 0.25f, C1263ha.f26359o);
                    return null;
                }
            }
        }
        return mruAccessToken;
    }

    public MruAccessToken a(AuthenticationResult authenticationResult) {
        MruAccessToken mruAccessToken;
        MruAccessToken mruAccessToken2 = new MruAccessToken();
        mruAccessToken2.accessToken = authenticationResult.getAccessToken();
        mruAccessToken2.expireOn = authenticationResult.getExpiresOn();
        mruAccessToken2.refreshToken = authenticationResult.getRefreshToken();
        mruAccessToken2.tenantId = authenticationResult.getTenantId();
        if (authenticationResult.getUserInfo() != null) {
            a(authenticationResult.getUserInfo(), mruAccessToken2);
        } else {
            C c2 = f9505b.get(getProviderName());
            if (c2 != null && (mruAccessToken = c2.f9481d) != null && !TextUtils.isEmpty(mruAccessToken.accountId)) {
                String str = c2.f9481d.accountId;
                ITokenCacheStore cache = this.f9508e.getCache();
                if (cache != null) {
                    Iterator<TokenCacheItem> all = cache.getAll();
                    while (true) {
                        if (!all.hasNext()) {
                            break;
                        }
                        TokenCacheItem next = all.next();
                        if (next != null && next.getUserInfo() != null && str.equals(next.getUserInfo().getUserId())) {
                            a(next.getUserInfo(), mruAccessToken2);
                            break;
                        }
                    }
                }
            }
        }
        return mruAccessToken2;
    }

    public /* synthetic */ void a(Activity activity, IdentityCallback identityCallback, MAMComplianceNotification mAMComplianceNotification) {
        MAMCAComplianceStatus complianceStatus = mAMComplianceNotification.getComplianceStatus();
        String str = f9504a;
        StringBuilder c2 = a.c("handleComplianceNotification with MAMCAComplianceStatus: ");
        c2.append(complianceStatus.name());
        c2.toString();
        String str2 = f9504a;
        StringBuilder c3 = a.c("activity: ");
        c3.append(activity.getComponentName());
        c3.toString();
        if (complianceStatus == MAMCAComplianceStatus.COMPLIANT) {
            this.f9508e.acquireToken(activity, c(), AuthConfig.getClientId(), AuthConfig.getRedirectUrl(this.f9507d), ((MAMUserInfo) MAMComponents.get(MAMUserInfo.class)).getPrimaryUser(), PromptBehavior.Auto, "", new C0507x(this, identityCallback, activity));
            return;
        }
        String str3 = f9504a;
        StringBuilder c4 = a.c("remediate Compliance failed with title: ");
        c4.append(mAMComplianceNotification.getComplianceErrorTitle());
        c4.append(", error: ");
        c4.append(mAMComplianceNotification.getComplianceErrorMessage());
        c4.toString();
        identityCallback.onFailed(false, "Compliance remediation failed!");
        if (activity.isFinishing()) {
            return;
        }
        ViewUtils.a(activity.getWindow().getDecorView(), mAMComplianceNotification.getComplianceErrorMessage(), activity.getString(R.string.common_get_it), (View.OnClickListener) null);
    }

    public final void a(Activity activity, Exception exc, IdentityCallback identityCallback) {
        if (exc == null) {
            Log.e(f9504a, "handle login Exception: null");
        } else {
            String str = f9504a;
            StringBuilder c2 = a.c("handle login Exception: ");
            c2.append(exc.getMessage());
            Log.e(str, c2.toString());
            exc.printStackTrace();
        }
        boolean z = false;
        if (exc instanceof AuthenticationException) {
            String str2 = f9504a;
            StringBuilder c3 = a.c("Auth error code: ");
            AuthenticationException authenticationException = (AuthenticationException) exc;
            c3.append(authenticationException.getCode());
            Log.e(str2, c3.toString());
            ADALError code = authenticationException.getCode();
            int ordinal = code.ordinal();
            if (ordinal == 25) {
                z = !f9506c.c();
                C1278p.j();
            } else if (ordinal == 62) {
                C1278p.j();
            }
            HashMap hashMap = new HashMap();
            hashMap.put("error", code.name());
            hashMap.put("provider", getProviderName());
            EventBus.getDefault().post(new C2107a(3, hashMap));
        }
        if (a(exc, activity, (MruAccessToken) null, identityCallback)) {
            return;
        }
        Log.e(f9504a, "Failed to get access token", exc);
        if (exc == null || !(exc instanceof AuthenticationException)) {
            identityCallback.onFailed(z, exc == null ? "auth_failed_without_exception" : "unknown_exception");
            return;
        }
        AuthenticationException authenticationException2 = (AuthenticationException) exc;
        identityCallback.onFailed(z, "(needLogin: " + z + ",code:" + authenticationException2.getCode() + ",message:" + authenticationException2.getMessage() + ",criticalErrorCount:" + f9506c.a() + ")");
    }

    public final void a(Activity activity, String str, IdentityCallback identityCallback) {
        String b2 = b();
        if (TextUtils.isEmpty(b2)) {
            this.f9508e.acquireToken(activity, c(), AuthConfig.getClientId(), AuthConfig.getRedirectUrl(this.f9507d), str, PromptBehavior.Auto, "", new C0507x(this, identityCallback, activity));
            return;
        }
        try {
            this.f9508e.acquireTokenSilentAsync(c(), AuthConfig.getClientId(), b2, new C0507x(this, new C0506w(this, identityCallback, activity, str), activity));
        } catch (Exception unused) {
            this.f9508e.acquireToken(activity, c(), AuthConfig.getClientId(), AuthConfig.getRedirectUrl(this.f9507d), str, PromptBehavior.Auto, "", new C0507x(this, identityCallback, activity));
        }
    }

    public final synchronized void a(ADALAuthenticationContext aDALAuthenticationContext) {
        if (this.f9508e == null) {
            this.f9508e = aDALAuthenticationContext;
        }
    }

    public final void a(UserInfo userInfo, MruAccessToken mruAccessToken) {
        if (userInfo != null) {
            mruAccessToken.accountId = userInfo.getUserId();
            mruAccessToken.userName = userInfo.getDisplayableId();
            mruAccessToken.displayName = userInfo.getGivenName() + ' ' + userInfo.getFamilyName();
            mruAccessToken.provider = userInfo.getIdentityProvider();
            mruAccessToken.firstName = userInfo.getGivenName();
            mruAccessToken.lastName = userInfo.getFamilyName();
        }
    }

    public void a(C c2) {
        String providerName = getProviderName();
        if (c2 == null) {
            throw new IllegalStateException("Invalid token manager");
        }
        if (TextUtils.isEmpty(providerName)) {
            throw new IllegalStateException("Invalid providerName for MRRT");
        }
        f9505b.put(providerName, c2);
    }

    public abstract void a(boolean z);

    public final boolean a(IdentityCallback identityCallback) {
        if (this.f9508e != null) {
            return true;
        }
        if (identityCallback != null) {
            identityCallback.onFailed(false, "ADALContext is null");
        }
        return false;
    }

    public final boolean a(Exception exc, final Activity activity, MruAccessToken mruAccessToken, final IdentityCallback identityCallback) {
        boolean z;
        HashMap<String, String> httpResponseBody;
        boolean z2 = exc instanceof AuthenticationException;
        if (z2 && activity != null) {
            AuthenticationException authenticationException = (AuthenticationException) exc;
            if (authenticationException.getCode() == ADALError.AUTH_FAILED_INTUNE_POLICY_REQUIRED && IntuneManager.a(authenticationException, true, new IntuneManager.MAMComplianceNotificationCallback() { // from class: e.i.o.G.a
                @Override // com.microsoft.launcher.IntuneManager.MAMComplianceNotificationCallback
                public final void handleComplianceNotification(MAMComplianceNotification mAMComplianceNotification) {
                    MRRTAADIdentityProvider.this.a(activity, identityCallback, mAMComplianceNotification);
                }
            })) {
                return true;
            }
        }
        String message = exc == null ? "" : exc.getMessage();
        if (z2 && (httpResponseBody = ((AuthenticationException) exc).getHttpResponseBody()) != null) {
            if (httpResponseBody.containsKey("error_description")) {
                String str = httpResponseBody.get("error_description");
                if (!TextUtils.isEmpty(str) && !message.contains(str)) {
                    message = a.c(message, " ErrorDescription: ", str);
                }
            }
            if (httpResponseBody.containsKey("error")) {
                String str2 = httpResponseBody.get("error");
                if (!TextUtils.isEmpty(str2) && !message.contains(str2)) {
                    message = a.c(message, " Error: ", str2);
                }
            }
            if (httpResponseBody.containsKey("error_codes")) {
                String str3 = httpResponseBody.get("error_codes");
                if (!TextUtils.isEmpty(str3) && !message.contains(str3)) {
                    message = a.c(message, " Error_codes: ", str3);
                }
            }
        }
        Log.e(f9504a, "handleErrorForIntune | processed error message: " + message);
        String[] strArr = {"AADSTS50131", "AADSTS530003", "AADSTS53000", "AADSTS50127", "AADSTS50079", "AADSTS50097"};
        if (message != null) {
            for (String str4 : strArr) {
                if (message.contains(str4) || message.contains(str4.toLowerCase())) {
                    z = true;
                    break;
                }
            }
        }
        z = false;
        if (z) {
            AuthConfig.setNeedFallbackToLegacyConfig(false);
        }
        if (!TextUtils.isEmpty(message) && (message.contains("interaction_required") || message.contains("login_required") || message.contains("invalid_grant"))) {
            if (z) {
                if (identityCallback != null) {
                    identityCallback.onFailed(false, message);
                }
                MruAccessToken a2 = a();
                if (a2 != null) {
                    EventBus.getDefault().post(new C2107a(1, a2.userName));
                }
                return true;
            }
            if (activity != null && mruAccessToken != null && this.f9508e != null) {
                a(activity, mruAccessToken.userName, identityCallback);
                return true;
            }
        }
        return false;
    }

    @Override // com.microsoft.launcher.identity.IdentityProvider
    public void acquireToken(Activity activity, String str, IdentityCallback identityCallback) {
        if (a(identityCallback)) {
            a(activity, str, identityCallback);
        }
    }

    @Override // com.microsoft.launcher.identity.AadIdentityProvider
    public void acquireTokenByRefresh(Activity activity, MruAccessToken mruAccessToken, IdentityCallback identityCallback) {
        if (a(identityCallback)) {
            C0508y c0508y = new C0508y(this, identityCallback, activity, mruAccessToken);
            if (!AuthConfig.isAllowBroker()) {
                try {
                    this.f9508e.acquireTokenByRefreshToken(mruAccessToken.refreshToken, AuthConfig.getClientId(), c(), new C0507x(this, c0508y, activity));
                    return;
                } catch (Exception e2) {
                    m.a("ADALError", e2);
                    if (identityCallback != null) {
                        identityCallback.onFailed(false, "login failed");
                        return;
                    }
                    return;
                }
            }
            if (TextUtils.isEmpty(mruAccessToken.accountId)) {
                if (identityCallback != null) {
                    identityCallback.onFailed(false, "refresh failed");
                }
            } else {
                try {
                    this.f9508e.acquireTokenSilentAsync(c(), AuthConfig.getClientId(), mruAccessToken.accountId, new C0507x(this, c0508y, activity));
                } catch (Exception e3) {
                    a(activity, e3, identityCallback);
                }
            }
        }
    }

    @Override // com.microsoft.launcher.identity.IdentityProvider
    public void acquireTokenSilent(IdentityCallback identityCallback) {
        if (a(identityCallback)) {
            String b2 = b();
            if (TextUtils.isEmpty(b2)) {
                if (identityCallback != null) {
                    identityCallback.onFailed(false, "refreshTokenSilent failed due to empty userId");
                }
            } else {
                try {
                    this.f9508e.acquireTokenSilentAsync(c(), AuthConfig.getClientId(), b2, new C0507x(this, new C0509z(this, identityCallback), null));
                } catch (Exception e2) {
                    a((Activity) null, e2, identityCallback);
                }
            }
        }
    }

    public String b() {
        MruAccessToken a2 = a();
        if (a2 != null) {
            return a2.accountId;
        }
        return null;
    }

    public abstract String c();

    public boolean d() {
        ADALAuthenticationContext aDALAuthenticationContext = this.f9508e;
        if (aDALAuthenticationContext == null) {
            return false;
        }
        try {
            UserInfo[] brokerUsers = aDALAuthenticationContext.getBrokerUsers();
            if (brokerUsers != null) {
                return brokerUsers.length > 0;
            }
            return false;
        } catch (AuthenticatorException e2) {
            e2.printStackTrace();
            return false;
        } catch (OperationCanceledException e3) {
            e3.printStackTrace();
            return false;
        } catch (IOException e4) {
            e4.printStackTrace();
            return false;
        }
    }

    public final void e() {
        try {
            ADALAuthenticationContext aDALAuthenticationContext = new ADALAuthenticationContext(this.f9507d, AuthConfig.getAuthorityUrl(), true);
            aDALAuthenticationContext.setExtendedLifetimeEnabled(true);
            a(aDALAuthenticationContext);
        } catch (Exception e2) {
            e2.printStackTrace();
        }
    }

    @Override // com.microsoft.launcher.identity.AadIdentityProvider
    public void handleActivityResult(int i2, int i3, Intent intent) {
        if (this.f9508e != null) {
            C1285t.a(new B(this, i2, i3, intent));
        }
    }

    @Override // com.microsoft.launcher.identity.IdentityProvider
    public boolean isAAD() {
        return true;
    }

    @Override // com.microsoft.launcher.identity.IdentityProvider
    public boolean isAccountLoggedIn() {
        return !TextUtils.isEmpty(b());
    }

    @Override // com.microsoft.launcher.identity.IdentityProvider
    public void logout() {
        MruAccessToken mruAccessToken;
        AuthConfig.setNeedFallbackToLegacyConfig(false);
        MAMCompanyPortalRequiredActivity.a(this.f9507d, false);
        C c2 = f9505b.get(getProviderName());
        if (c2 != null && (mruAccessToken = c2.f9481d) != null) {
            c2.f21238h = mruAccessToken.userName;
        }
        if (this.f9508e != null) {
            C1285t.a(new A(this));
        }
        if (Build.VERSION.SDK_INT >= 22) {
            CookieManager.getInstance().removeAllCookies(null);
            CookieManager.getInstance().flush();
        } else {
            CookieSyncManager.createInstance(this.f9507d.getApplicationContext());
            CookieManager cookieManager = CookieManager.getInstance();
            cookieManager.removeSessionCookie();
            cookieManager.removeAllCookie();
            CookieSyncManager.getInstance().sync();
        }
        a(true);
    }
}
