package com.microsoft.authorization.odb;

import android.accounts.Account;
import android.accounts.AccountManager;
import android.content.Context;
import android.net.Uri;
import android.text.TextUtils;
import androidx.annotation.NonNull;
import androidx.annotation.Nullable;
import androidx.annotation.VisibleForTesting;
import com.google.gson.JsonSyntaxException;
import com.microsoft.aad.adal.AuthenticationException;
import com.microsoft.aad.adal.AuthenticationResult;
import com.microsoft.authorization.AccountHelper;
import com.microsoft.authorization.EmailDisambiguationNetworkTask;
import com.microsoft.authorization.FederationProvider;
import com.microsoft.authorization.OneDriveAccount;
import com.microsoft.authorization.OneDriveAccountType;
import com.microsoft.authorization.SecurityScope;
import com.microsoft.authorization.SecurityToken;
import com.microsoft.authorization.SignInManager;
import com.microsoft.authorization.adal.ADALConfigurationFetcher;
import com.microsoft.authorization.adal.ADALNetworkTasks;
import com.microsoft.authorization.adal.Constants;
import com.microsoft.authorization.communication.UnexpectedServerResponseException;
import com.microsoft.authorization.instrumentation.AccountInstrumentationEvent;
import com.microsoft.authorization.instrumentation.EventMetaDataIDs;
import com.microsoft.identity.common.internal.authscheme.TokenAuthenticationScheme;
import com.microsoft.identity.common.internal.eststelemetry.SchemaConstants;
import com.microsoft.identity.common.internal.net.HttpRequest;
import com.microsoft.odsp.RampManager;
import com.microsoft.odsp.io.FileUtils;
import com.microsoft.odsp.io.Log;
import com.microsoft.tokenshare.c;
import g.g.d.h.a;
import g.g.d.h.b;
import g.g.d.h.d;
import java.io.Closeable;
import java.io.IOException;
import java.io.InputStream;
import java.net.HttpURLConnection;
import java.net.URL;
import java.util.Collections;
import java.util.Date;
import java.util.Locale;
import java.util.concurrent.CountDownLatch;
import java.util.concurrent.atomic.AtomicReference;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.parsers.ParserConfigurationException;
import javax.xml.xpath.XPath;
import javax.xml.xpath.XPathConstants;
import javax.xml.xpath.XPathExpression;
import javax.xml.xpath.XPathExpressionException;
import javax.xml.xpath.XPathFactory;
import okhttp3.Authenticator;
import okhttp3.MediaType;
import okhttp3.OkHttpClient;
import okhttp3.Protocol;
import okhttp3.Request;
import okhttp3.RequestBody;
import okhttp3.Response;
import org.w3c.dom.Document;
import org.xml.sax.SAXException;

/* loaded from: classes2.dex */
public class OdbNetworkTasks extends ADALNetworkTasks {

    @Deprecated
    /* loaded from: classes2.dex */
    public static class GetContextWebInformation {
        private static final XPathExpression c;

        /* renamed from: d, reason: collision with root package name */
        private static final XPathExpression f7231d;
        public final Double a;
        public final String b;

        static {
            XPath newXPath = XPathFactory.newInstance().newXPath();
            try {
                c = newXPath.compile("/GetContextWebInformation/FormDigestValue");
                f7231d = newXPath.compile("/GetContextWebInformation/FormDigestTimeoutSeconds");
            } catch (XPathExpressionException e2) {
                throw new ExceptionInInitializerError(e2);
            }
        }

        public GetContextWebInformation(Document document) throws XPathExpressionException {
            this.b = (String) c.evaluate(document, XPathConstants.STRING);
            this.a = (Double) f7231d.evaluate(document, XPathConstants.NUMBER);
        }
    }

    public OdbNetworkTasks(Context context, ADALConfigurationFetcher.ADALConfiguration aDALConfiguration) {
        super(context, aDALConfiguration.a());
    }

    public static SecurityToken a(String str, SecurityScope securityScope, String str2, Uri uri, Authenticator authenticator) throws IOException {
        return a(str, securityScope, str2, uri, authenticator, false);
    }

    public static SecurityToken a(String str, SecurityScope securityScope, String str2, Uri uri, Authenticator authenticator, boolean z) throws IOException {
        InputStream inputStream = null;
        if (TextUtils.isEmpty(securityScope.a)) {
            return null;
        }
        Request.Builder method = new Request.Builder().url(Uri.parse(uri.getScheme() + "://" + securityScope.a).buildUpon().appendPath("_api").appendPath("contextinfo").build().toString()).method(HttpRequest.REQUEST_METHOD_POST, RequestBody.create((MediaType) null, new byte[0]));
        method.header("Cookie", str);
        OkHttpClient.Builder builder = new OkHttpClient.Builder();
        if (authenticator != null) {
            builder.authenticator(authenticator);
        }
        if (z) {
            builder.protocols(Collections.singletonList(Protocol.HTTP_1_1));
        }
        Response execute = builder.build().newCall(method.build()).execute();
        if (!execute.isSuccessful() || execute.body() == null) {
            throw new UnexpectedServerResponseException(execute.message());
        }
        try {
            try {
                inputStream = execute.body().byteStream();
                GetContextWebInformation getContextWebInformation = new GetContextWebInformation(DocumentBuilderFactory.newInstance().newDocumentBuilder().parse(inputStream));
                return new SecurityToken(getContextWebInformation.b, new Date(System.currentTimeMillis() + ((getContextWebInformation.a != null ? getContextWebInformation.a.longValue() : 0L) * 1000)), null, securityScope, str2);
            } catch (ParserConfigurationException | XPathExpressionException | SAXException unused) {
                throw new IOException(execute.code() + " : " + execute.message());
            }
        } finally {
            FileUtils.a((Closeable) inputStream);
        }
    }

    private static String a(String str, String str2) throws IOException {
        if (TextUtils.isEmpty(str) || TextUtils.isEmpty(str2)) {
            return null;
        }
        HttpURLConnection httpURLConnection = (HttpURLConnection) new URL("https", str2, "_api/SP.OAuth.NativeClient/Authenticate").openConnection();
        try {
            httpURLConnection.setRequestProperty("Authorization", String.format(Locale.ROOT, "Bearer %s", str));
            if ("f05ff7c9-f75a-4acd-a3b5-f4b6a870245d".equals(Constants.a())) {
                httpURLConnection.setRequestProperty("X-FeatureVersion", SchemaConstants.CURRENT_SCHEMA_VERSION);
            }
            httpURLConnection.setRequestMethod(HttpRequest.REQUEST_METHOD_POST);
            if (httpURLConnection.getResponseCode() == 200) {
                return httpURLConnection.getHeaderField("Set-Cookie");
            }
            return null;
        } finally {
            httpURLConnection.disconnect();
        }
    }

    private boolean a(AccountManager accountManager, Account account) {
        FederationProvider a = FederationProvider.a(accountManager.getUserData(account, "com.microsoft.skydrive.business_fp"));
        if (!a(a)) {
            Log.b("OdbNetworkTasks", "refreshFederationProviderAsNeeded - No need to refresh federation provider.");
            return false;
        }
        Log.f("OdbNetworkTasks", "refreshFederationProviderAsNeeded - start");
        EmailDisambiguationNetworkTask emailDisambiguationNetworkTask = new EmailDisambiguationNetworkTask();
        final AtomicReference atomicReference = new AtomicReference();
        String c = c(account.name);
        final CountDownLatch countDownLatch = new CountDownLatch(1);
        if (TextUtils.isEmpty(c)) {
            Log.d("OdbNetworkTasks", "refreshFederationProviderAsNeeded - account email is not available.");
            return false;
        }
        emailDisambiguationNetworkTask.a(c, false, new c<FederationProvider>(this) { // from class: com.microsoft.authorization.odb.OdbNetworkTasks.1
            @Override // com.microsoft.tokenshare.c
            /* renamed from: a, reason: merged with bridge method [inline-methods] */
            public void onSuccess(FederationProvider federationProvider) {
                atomicReference.set(federationProvider);
                countDownLatch.countDown();
            }

            @Override // com.microsoft.tokenshare.c
            public void onError(Throwable th) {
                countDownLatch.countDown();
            }
        });
        try {
            countDownLatch.await();
        } catch (InterruptedException e2) {
            Log.b("OdbNetworkTasks", "refreshFederationProviderAsNeeded - InterruptedException received", e2);
        }
        FederationProvider federationProvider = (FederationProvider) atomicReference.get();
        if (federationProvider != null && federationProvider != a) {
            try {
                Log.f("OdbNetworkTasks", "refreshFederationProviderAsNeeded - getADALConfigurationSync");
                ADALConfigurationFetcher.ADALConfiguration a2 = new ADALConfigurationFetcher().a(federationProvider, false);
                accountManager.setUserData(account, "com.microsoft.skydrive.business_fp", federationProvider.toString());
                accountManager.setUserData(account, "com.microsoft.skydrive.business_authority", a2.a());
                a(a2.a());
                Log.f("OdbNetworkTasks", "refreshFederationProviderAsNeeded - updated account federation provider from " + a + " to " + federationProvider);
                OneDriveAccount b = SignInManager.a().b(this.a, account.name);
                new a("FPOld", a.toString());
                b.c().a((d) new AccountInstrumentationEvent(this.a, EventMetaDataIDs.v, new a[]{new a("FPOld", a.toString()), new a("FPNew", federationProvider.toString())}, (a[]) null, b));
                return true;
            } catch (IOException | XPathExpressionException e3) {
                Log.b("OdbNetworkTasks", "refreshFederationProviderAsNeeded - failed to fetch adal configuration for " + federationProvider, e3);
            }
        }
        return false;
    }

    @Nullable
    @VisibleForTesting
    static String c(String str) {
        int indexOf;
        if (!TextUtils.isEmpty(str) && (indexOf = str.indexOf(TokenAuthenticationScheme.SCHEME_DELIMITER)) > 0) {
            return str.substring(0, indexOf);
        }
        return null;
    }

    public SecurityToken a(AccountManager accountManager, Account account, SecurityScope securityScope, String str) throws IOException, JsonSyntaxException, AuthenticationException {
        String uri;
        AuthenticationResult a;
        String a2;
        String userData = accountManager.getUserData(account, "com.microsoft.skydrive.cid");
        if (TextUtils.isEmpty(userData)) {
            return null;
        }
        if (!"ODB_ACCESSTOKEN".equalsIgnoreCase(securityScope.b) && !"ODB_ACCESSTOKEN_BY_GUID".equalsIgnoreCase(securityScope.b)) {
            if (!"ODB_COOKIE".equalsIgnoreCase(securityScope.b)) {
                if (!"ODB_FORM_DIGEST".equalsIgnoreCase(securityScope.b)) {
                    return null;
                }
                SecurityToken a3 = a(accountManager, account, SecurityScope.a(OneDriveAccountType.BUSINESS, Uri.parse("https://" + securityScope.a), "ODB_COOKIE"), null);
                return a(a3 != null ? a3.a() : "", securityScope, userData, AccountHelper.k(this.a, account), null);
            }
            AuthenticationResult a4 = a(new Uri.Builder().scheme("https").authority(securityScope.a).build().toString(), userData, (String) null);
            if (a4 == null || a4.getStatus() != AuthenticationResult.AuthenticationStatus.Succeeded || (a2 = a(a4.getAccessToken(), securityScope.a)) == null) {
                return null;
            }
            Date expiresOn = a4.getExpiresOn();
            if ("f05ff7c9-f75a-4acd-a3b5-f4b6a870245d".equals(Constants.a())) {
                expiresOn = new Date(System.currentTimeMillis() + 432000000);
            }
            return new SecurityToken(a2, expiresOn, null, securityScope, userData);
        }
        if ("ODB_ACCESSTOKEN_BY_GUID".equalsIgnoreCase(securityScope.b)) {
            uri = securityScope.a;
        } else {
            uri = Uri.parse("https://" + securityScope.a).toString();
        }
        try {
            a = a(uri, userData, str);
            Log.f("OdbNetworkTasks", "refreshSecurityToken -- result: " + a.getStatus().toString());
        } catch (AuthenticationException e2) {
            if (!a(accountManager, account)) {
                throw e2;
            }
            a = a(uri, userData, str);
        }
        if (a == null || a.getStatus() != AuthenticationResult.AuthenticationStatus.Succeeded) {
            return null;
        }
        return new SecurityToken(a.getAccessToken(), a.getExpiresOn(), a.getRefreshToken(), securityScope, userData);
    }

    @VisibleForTesting
    boolean a(FederationProvider federationProvider) {
        if (federationProvider == null) {
            Log.d("OdbNetworkTasks", "isRefreshFederationProviderAllowed - FederationProvider value is null.");
            return false;
        }
        if (!Boolean.parseBoolean(b("FederationProviderRefresh"))) {
            Log.d("OdbNetworkTasks", "isRefreshFederationProviderAllowed - ramp is off.");
            return false;
        }
        String b = b("FederationProviderRefreshAllowed");
        if (TextUtils.isEmpty(b)) {
            Log.d("OdbNetworkTasks", "isRefreshFederationProviderAllowed - Allowed list empty.");
            return false;
        }
        for (String str : b.split(";")) {
            if (FederationProvider.a(str) == federationProvider) {
                return true;
            }
        }
        Log.d("OdbNetworkTasks", "isRefreshFederationProviderAllowed - not in allowed list: " + federationProvider.toString());
        return false;
    }

    protected String b(@NonNull String str) {
        return RampManager.b().get(str);
    }
}
