package com.microsoft.aad.adal;

import android.net.Uri;
import android.os.Build;
import android.text.TextUtils;
import android.util.Base64;
import com.facebook.AccessToken;
import com.facebook.internal.NativeProtocol;
import com.facebook.internal.ServerProtocol;
import com.linkedin.android.mobilesdk.BuildConfig;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.net.URL;
import java.net.URLEncoder;
import java.util.GregorianCalendar;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.UUID;
import org.json.JSONException;
import org.json.JSONObject;

/* compiled from: Oauth2.java */
/* loaded from: classes.dex */
class an {

    /* renamed from: a, reason: collision with root package name */
    private h f11393a;

    /* renamed from: b, reason: collision with root package name */
    private ah f11394b;

    /* renamed from: c, reason: collision with root package name */
    private af f11395c;

    /* JADX INFO: Access modifiers changed from: package-private */
    public an(h hVar) {
        this.f11395c = new al();
        this.f11393a = hVar;
        this.f11394b = null;
        this.f11395c = null;
    }

    public an(h hVar, ah ahVar) {
        this.f11395c = new al();
        this.f11393a = hVar;
        this.f11394b = ahVar;
        this.f11395c = null;
    }

    public an(h hVar, ah ahVar, af afVar) {
        this.f11395c = new al();
        this.f11393a = hVar;
        this.f11394b = ahVar;
        this.f11395c = afVar;
    }

    private j a(ab abVar) {
        List<String> list;
        String str = (abVar.b() == null || !abVar.b().containsKey("client-request-id") || (list = abVar.b().get("client-request-id")) == null || list.size() <= 0) ? null : list.get(0);
        switch (abVar.a()) {
            case 200:
            case 400:
            case 401:
                try {
                    j g2 = g(abVar.c());
                    if (str != null && !str.isEmpty()) {
                        try {
                            if (!UUID.fromString(str).equals(this.f11393a.f())) {
                                am.f("Oauth", "CorrelationId is not matching", "", a.CORRELATION_ID_NOT_MATCHING_REQUEST_RESPONSE);
                            }
                            am.c("Oauth", "Response correlationId:" + str);
                        } catch (IllegalArgumentException e2) {
                            am.b("Oauth", "Wrong format of the correlation ID:" + str, "", a.CORRELATION_ID_FORMAT, e2);
                        }
                    }
                    return g2;
                } catch (JSONException e3) {
                    throw new g(a.SERVER_INVALID_JSON_RESPONSE, "Can't parse server response " + abVar.c(), e3);
                }
            default:
                throw new g(a.SERVER_ERROR, "Unexpected server response " + abVar.c());
        }
    }

    private j a(String str, HashMap<String, String> hashMap) {
        j jVar;
        ab abVar;
        URL e2 = at.e(b());
        try {
            if (e2 == null) {
                throw new g(a.DEVELOPER_AUTHORITY_IS_NOT_VALID_URL);
            }
            try {
                this.f11394b.a(this.f11393a.f());
                r.INSTANCE.a(e2, this.f11393a.f(), hashMap);
                ab a2 = this.f11394b.a(e2, hashMap, str.getBytes("UTF_8"), "application/x-www-form-urlencoded");
                if (a2.a() == 401) {
                    if (a2.b() == null || !a2.b().containsKey("WWW-Authenticate")) {
                        am.c("Oauth", "401 http status code is returned without authorization header");
                    } else {
                        String str2 = a2.b().get("WWW-Authenticate").get(0);
                        am.c("Oauth", "Device certificate challenge request:" + str2);
                        if (at.a(str2)) {
                            throw new g(a.DEVICE_CERTIFICATE_REQUEST_INVALID, "Challenge header is empty");
                        }
                        if (at.b(str2, "PKeyAuth")) {
                            am.c("Oauth", "Challenge is related to device certificate");
                            p pVar = new p(this.f11395c);
                            am.c("Oauth", "Processing device challenge");
                            hashMap.put("Authorization", pVar.a(str2, e2.toString()).f11576b);
                            am.c("Oauth", "Sending request with challenge response");
                            abVar = this.f11394b.a(e2, hashMap, str.getBytes("UTF_8"), "application/x-www-form-urlencoded");
                        } else {
                            abVar = a2;
                        }
                        a2 = abVar;
                    }
                }
                boolean isEmpty = TextUtils.isEmpty(a2.c());
                if (isEmpty) {
                    jVar = null;
                } else {
                    am.c("Oauth", "Token request does not have exception");
                    jVar = a(a2);
                    r.INSTANCE.a((String) null);
                }
                if (jVar != null) {
                    r.INSTANCE.a(jVar.m());
                    return jVar;
                }
                String c2 = isEmpty ? "Status code:" + a2.a() : a2.c();
                am.g("Oauth", "Server error message", c2, a.SERVER_ERROR);
                throw new g(a.SERVER_ERROR, c2);
            } catch (UnsupportedEncodingException e3) {
                r.INSTANCE.a((String) null);
                am.b("Oauth", e3.getMessage(), "", a.ENCODING_IS_NOT_SUPPORTED, e3);
                throw e3;
            } catch (IOException e4) {
                r.INSTANCE.a((String) null);
                am.b("Oauth", e4.getMessage(), "", a.SERVER_ERROR, e4);
                throw e4;
            }
        } finally {
            r.INSTANCE.a("token", this.f11393a.f());
        }
    }

    public static j a(HashMap<String, String> hashMap) {
        String str;
        String str2;
        az azVar;
        if (hashMap.containsKey("error")) {
            String str3 = hashMap.get("correlation_id");
            if (!at.a(str3)) {
                try {
                    am.a(UUID.fromString(str3));
                } catch (IllegalArgumentException e2) {
                    am.g("Oauth", "CorrelationId is malformed: " + str3, "", a.CORRELATION_ID_FORMAT);
                }
            }
            am.c("Oauth", "OAuth2 error:" + hashMap.get("error") + " Description:" + hashMap.get(NativeProtocol.BRIDGE_ARG_ERROR_DESCRIPTION));
            return new j(hashMap.get("error"), hashMap.get(NativeProtocol.BRIDGE_ARG_ERROR_DESCRIPTION), hashMap.get("error_codes"));
        }
        if (hashMap.containsKey("code")) {
            return new j(hashMap.get("code"));
        }
        if (!hashMap.containsKey("access_token")) {
            return null;
        }
        boolean z = false;
        String str4 = hashMap.get(AccessToken.EXPIRES_IN_KEY);
        GregorianCalendar gregorianCalendar = new GregorianCalendar();
        gregorianCalendar.add(13, (str4 == null || str4.isEmpty()) ? 3600 : Integer.parseInt(str4));
        String str5 = hashMap.get("refresh_token");
        if (hashMap.containsKey("resource") && !at.a(str5)) {
            z = true;
        }
        if (hashMap.containsKey("id_token")) {
            String str6 = hashMap.get("id_token");
            if (at.a(str6)) {
                am.c("Oauth", "IdToken is not provided");
                str = str6;
                str2 = null;
                azVar = null;
            } else {
                aj ajVar = new aj(str6);
                str2 = ajVar.b();
                azVar = new az(ajVar);
                str = str6;
            }
        } else {
            str = null;
            str2 = null;
            azVar = null;
        }
        String str7 = hashMap.containsKey("foci") ? hashMap.get("foci") : null;
        j jVar = new j(hashMap.get("access_token"), str5, gregorianCalendar.getTime(), z, azVar, str2, str);
        jVar.d(str7);
        return jVar;
    }

    private static void a(HashMap<String, String> hashMap, String str) {
        JSONObject jSONObject = new JSONObject(str);
        Iterator<String> keys = jSONObject.keys();
        while (keys.hasNext()) {
            String next = keys.next();
            hashMap.put(next, jSONObject.getString(next));
        }
    }

    public static String f(String str) {
        if (at.a(str)) {
            return null;
        }
        return new String(Base64.decode(str, 9));
    }

    private HashMap<String, String> f() {
        HashMap<String, String> hashMap = new HashMap<>();
        hashMap.put(io.a.a.a.a.b.a.HEADER_ACCEPT, io.a.a.a.a.b.a.ACCEPT_JSON_VALUE);
        return hashMap;
    }

    private j g(String str) {
        HashMap hashMap = new HashMap();
        a((HashMap<String, String>) hashMap, str);
        return a((HashMap<String, String>) hashMap);
    }

    public String a() {
        return this.f11393a.a() + "/oauth2/authorize";
    }

    public String a(String str) {
        return String.format("%s=%s&%s=%s&%s=%s&%s=%s", "grant_type", at.c("authorization_code"), "code", at.c(str), "client_id", at.c(this.f11393a.d()), ServerProtocol.DIALOG_PARAM_REDIRECT_URI, at.c(this.f11393a.b()));
    }

    public String b() {
        return this.f11393a.a() + "/oauth2/token";
    }

    public String b(String str) {
        String format = String.format("%s=%s&%s=%s&%s=%s", "grant_type", at.c("refresh_token"), "refresh_token", at.c(str), "client_id", at.c(this.f11393a.d()));
        return !at.a(this.f11393a.c()) ? String.format("%s&%s=%s", format, "resource", at.c(this.f11393a.c())) : format;
    }

    public j c(String str) {
        if (this.f11394b == null) {
            am.c("Oauth", "Web request is not set correctly");
            throw new IllegalArgumentException("webRequestHandler is null.");
        }
        try {
            String b2 = b(str);
            HashMap<String, String> f2 = f();
            f2.put("x-ms-PKeyAuth", BuildConfig.VERSION_NAME);
            return a(b2, f2);
        } catch (UnsupportedEncodingException e2) {
            am.b("Oauth", e2.getMessage(), "", a.ENCODING_IS_NOT_SUPPORTED, e2);
            return null;
        }
    }

    public String c() {
        String format = String.format("response_type=%s&client_id=%s&resource=%s&redirect_uri=%s&state=%s", "code", URLEncoder.encode(this.f11393a.d(), "UTF_8"), URLEncoder.encode(this.f11393a.c(), "UTF_8"), URLEncoder.encode(this.f11393a.b(), "UTF_8"), e());
        if (this.f11393a.e() != null && !this.f11393a.e().isEmpty()) {
            format = String.format("%s&%s=%s", format, "login_hint", URLEncoder.encode(this.f11393a.e(), "UTF_8"));
        }
        String format2 = String.format("%s&%s=%s", String.format("%s&%s=%s", String.format("%s&%s=%s", String.format("%s&%s=%s", format, "x-client-SKU", "Android"), "x-client-Ver", URLEncoder.encode(e.d(), "UTF_8")), "x-client-OS", URLEncoder.encode("" + Build.VERSION.SDK_INT, "UTF_8")), "x-client-DM", URLEncoder.encode("" + Build.MODEL, "UTF_8"));
        if (this.f11393a.f() != null) {
            format2 = String.format("%s&%s=%s", format2, "client-request-id", URLEncoder.encode(this.f11393a.f().toString(), "UTF_8"));
        }
        if (this.f11393a.i() == aq.Always) {
            format2 = String.format("%s&%s=%s", format2, "prompt", URLEncoder.encode("login", "UTF_8"));
        } else if (this.f11393a.i() == aq.REFRESH_SESSION) {
            format2 = String.format("%s&%s=%s", format2, "prompt", URLEncoder.encode("refresh_session", "UTF_8"));
        }
        if (at.a(this.f11393a.g())) {
            return format2;
        }
        String g2 = this.f11393a.g();
        if (!g2.startsWith("&")) {
            g2 = "&" + g2;
        }
        return format2 + g2;
    }

    public j d(String str) {
        if (at.a(str)) {
            throw new IllegalArgumentException("authorizationUrl");
        }
        HashMap<String, String> f2 = at.f(str);
        String f3 = f(f2.get(ServerProtocol.DIALOG_PARAM_STATE));
        if (at.a(f3)) {
            throw new g(a.AUTH_FAILED_NO_STATE);
        }
        Uri parse = Uri.parse("http://state/path?" + f3);
        String queryParameter = parse.getQueryParameter("a");
        String queryParameter2 = parse.getQueryParameter("r");
        if (at.a(queryParameter) || at.a(queryParameter2) || !queryParameter2.equalsIgnoreCase(this.f11393a.c())) {
            throw new g(a.AUTH_FAILED_BAD_STATE);
        }
        j a2 = a(f2);
        return (a2 == null || a2.i() == null || a2.i().isEmpty()) ? a2 : e(a2.i());
    }

    public String d() {
        return String.format("%s?%s", a(), c());
    }

    public j e(String str) {
        if (this.f11394b == null) {
            throw new IllegalArgumentException("webRequestHandler");
        }
        try {
            return a(a(str), f());
        } catch (UnsupportedEncodingException e2) {
            am.b("Oauth", e2.getMessage(), "", a.ENCODING_IS_NOT_SUPPORTED, e2);
            return null;
        }
    }

    public String e() {
        return Base64.encodeToString(String.format("a=%s&r=%s", this.f11393a.a(), this.f11393a.c()).getBytes(), 9);
    }
}
