package com.microsoft.aad.adal;

import a.a.a.a.a;
import android.net.Uri;
import android.os.Build;
import android.util.Base64;
import com.microsoft.aad.adal.AuthenticationConstants;
import io.fabric.sdk.android.services.network.HttpRequest;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.net.URL;
import java.net.URLEncoder;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.UUID;
import org.json.JSONException;
import org.json.JSONObject;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: classes2.dex */
public class Oauth2 {

    /* renamed from: a, reason: collision with root package name */
    private AuthenticationRequest f4212a;
    private IWebRequestHandler b;
    private IJWSBuilder c;

    /* JADX INFO: Access modifiers changed from: package-private */
    public Oauth2(AuthenticationRequest authenticationRequest) {
        this.c = new JWSBuilder();
        this.f4212a = authenticationRequest;
        this.b = null;
        this.c = null;
    }

    public Oauth2(AuthenticationRequest authenticationRequest, IWebRequestHandler iWebRequestHandler) {
        this.c = new JWSBuilder();
        this.f4212a = authenticationRequest;
        this.b = iWebRequestHandler;
        this.c = null;
    }

    public Oauth2(AuthenticationRequest authenticationRequest, IWebRequestHandler iWebRequestHandler, IJWSBuilder iJWSBuilder) {
        this.c = new JWSBuilder();
        this.f4212a = authenticationRequest;
        this.b = iWebRequestHandler;
        this.c = iJWSBuilder;
    }

    private AuthenticationResult a(HttpWebResponse httpWebResponse) {
        AuthenticationResult authenticationResult;
        List<String> list;
        String str = (httpWebResponse.getResponseHeaders() == null || !httpWebResponse.getResponseHeaders().containsKey(AuthenticationConstants.AAD.CLIENT_REQUEST_ID) || (list = httpWebResponse.getResponseHeaders().get(AuthenticationConstants.AAD.CLIENT_REQUEST_ID)) == null || list.size() <= 0) ? null : list.get(0);
        int statusCode = httpWebResponse.getStatusCode();
        if (statusCode == 200 || statusCode == 400 || statusCode == 401) {
            try {
                byte[] body = httpWebResponse.getBody();
                HashMap hashMap = new HashMap();
                a((HashMap<String, String>) hashMap, new String(body));
                authenticationResult = a((HashMap<String, String>) hashMap);
            } catch (JSONException e) {
                Logger.e("Oauth", e.getMessage(), "", ADALError.SERVER_INVALID_JSON_RESPONSE, e);
                authenticationResult = new AuthenticationResult("It failed to parse response as json", e.getMessage(), null);
            }
        } else {
            String str2 = new String(httpWebResponse.getBody());
            Logger.e("Oauth", "Server response", str2, ADALError.SERVER_ERROR);
            authenticationResult = new AuthenticationResult(String.valueOf(httpWebResponse.getStatusCode()), str2, null);
        }
        if (str != null && !str.isEmpty()) {
            try {
                if (!UUID.fromString(str).equals(this.f4212a.d())) {
                    Logger.w("Oauth", "CorrelationId is not matching", "", ADALError.CORRELATION_ID_NOT_MATCHING_REQUEST_RESPONSE);
                }
                Logger.v("Oauth", "Response correlationId:" + str);
            } catch (IllegalArgumentException e2) {
                Logger.e("Oauth", a.a("Wrong format of the correlation ID:", str), "", ADALError.CORRELATION_ID_FORMAT, e2);
            }
        }
        return authenticationResult;
    }

    private AuthenticationResult a(String str, HashMap<String, String> hashMap) throws IOException, AuthenticationException {
        AuthenticationResult authenticationResult;
        String str2;
        URL e = ExceptionExtensions.e(a.a(new StringBuilder(), this.f4212a.a(), "/oauth2/token"));
        if (e == null) {
            throw new AuthenticationException(ADALError.DEVELOPER_AUTHORITY_IS_NOT_VALID_URL);
        }
        try {
            try {
                this.b.setRequestCorrelationId(this.f4212a.d());
                ClientMetrics.INSTANCE.a(e, this.f4212a.d(), hashMap);
                HttpWebResponse sendPost = this.b.sendPost(e, hashMap, str.getBytes(AuthenticationConstants.ENCODING_UTF8), HttpRequest.CONTENT_TYPE_FORM);
                if (sendPost.getStatusCode() == 401) {
                    if (sendPost.getResponseHeaders() == null || !sendPost.getResponseHeaders().containsKey("WWW-Authenticate")) {
                        Logger.v("Oauth", "401 http status code is returned without authorization header");
                    } else {
                        String str3 = sendPost.getResponseHeaders().get("WWW-Authenticate").get(0);
                        Logger.v("Oauth", "Device certificate challenge request:" + str3);
                        if (ExceptionExtensions.a(str3)) {
                            throw new AuthenticationException(ADALError.DEVICE_CERTIFICATE_REQUEST_INVALID, "Challenge header is empty");
                        }
                        if (ExceptionExtensions.b(str3, AuthenticationConstants.Broker.CHALLENGE_RESPONSE_TYPE)) {
                            Logger.v("Oauth", "Challenge is related to device certificate");
                            ChallengeResponseBuilder challengeResponseBuilder = new ChallengeResponseBuilder(this.c);
                            Logger.v("Oauth", "Processing device challenge");
                            hashMap.put("Authorization", challengeResponseBuilder.a(str3, e.toString()).b);
                            Logger.v("Oauth", "Sending request with challenge response");
                            sendPost = this.b.sendPost(e, hashMap, str.getBytes(AuthenticationConstants.ENCODING_UTF8), HttpRequest.CONTENT_TYPE_FORM);
                        }
                    }
                }
                byte[] body = sendPost.getBody();
                boolean z = body == null || body.length == 0;
                if (z) {
                    authenticationResult = null;
                } else {
                    Logger.v("Oauth", "Token request does not have exception");
                    authenticationResult = a(sendPost);
                    ClientMetrics.INSTANCE.a((String) null);
                }
                if (authenticationResult != null) {
                    ClientMetrics.INSTANCE.a(authenticationResult.b());
                    return authenticationResult;
                }
                if (z) {
                    str2 = "Status code:" + sendPost.getStatusCode();
                } else {
                    str2 = new String(body);
                }
                Logger.e("Oauth", "Server error message", str2, ADALError.SERVER_ERROR);
                if (sendPost.getResponseException() != null) {
                    throw sendPost.getResponseException();
                }
                throw new AuthenticationException(ADALError.SERVER_ERROR, str2);
            } catch (UnsupportedEncodingException e2) {
                ClientMetrics.INSTANCE.a((String) null);
                Logger.e("Oauth", e2.getMessage(), "", ADALError.ENCODING_IS_NOT_SUPPORTED, e2);
                throw e2;
            } catch (IOException e3) {
                ClientMetrics.INSTANCE.a((String) null);
                Logger.e("Oauth", e3.getMessage(), "", ADALError.SERVER_ERROR, e3);
                throw e3;
            }
        } finally {
            ClientMetrics.INSTANCE.a("token", this.f4212a.d());
        }
    }

    /* JADX WARN: Removed duplicated region for block: B:41:0x0186  */
    /* JADX WARN: Removed duplicated region for block: B:48:0x018e  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static com.microsoft.aad.adal.AuthenticationResult a(java.util.HashMap<java.lang.String, java.lang.String> r13) {
        /*
            Method dump skipped, instructions count: 463
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.microsoft.aad.adal.Oauth2.a(java.util.HashMap):com.microsoft.aad.adal.AuthenticationResult");
    }

    private static void a(HashMap<String, String> hashMap, String str) throws JSONException {
        JSONObject jSONObject = new JSONObject(str);
        Iterator<String> keys = jSONObject.keys();
        while (keys.hasNext()) {
            String next = keys.next();
            hashMap.put(next, jSONObject.getString(next));
        }
    }

    private HashMap<String, String> c() {
        HashMap<String, String> hashMap = new HashMap<>();
        hashMap.put("Accept", "application/json");
        return hashMap;
    }

    public String a() throws UnsupportedEncodingException {
        String format = String.format("response_type=%s&client_id=%s&resource=%s&redirect_uri=%s&state=%s", AuthenticationConstants.OAuth2.CODE, URLEncoder.encode(this.f4212a.c(), AuthenticationConstants.ENCODING_UTF8), URLEncoder.encode(this.f4212a.k(), AuthenticationConstants.ENCODING_UTF8), URLEncoder.encode(this.f4212a.i(), AuthenticationConstants.ENCODING_UTF8), Base64.encodeToString(String.format("a=%s&r=%s", this.f4212a.a(), this.f4212a.k()).getBytes(), 9));
        if (this.f4212a.g() != null && !this.f4212a.g().isEmpty()) {
            format = String.format("%s&%s=%s", format, AuthenticationConstants.AAD.LOGIN_HINT, URLEncoder.encode(this.f4212a.g(), AuthenticationConstants.ENCODING_UTF8));
        }
        String format2 = String.format("%s&%s=%s", String.format("%s&%s=%s", format, AuthenticationConstants.AAD.ADAL_ID_PLATFORM, "Android"), AuthenticationConstants.AAD.ADAL_ID_VERSION, URLEncoder.encode(AuthenticationContext.getVersionName(), AuthenticationConstants.ENCODING_UTF8));
        StringBuilder b = a.b("");
        b.append(Build.VERSION.SDK_INT);
        Object[] objArr = {format2, AuthenticationConstants.AAD.ADAL_ID_OS_VER, URLEncoder.encode(b.toString(), AuthenticationConstants.ENCODING_UTF8)};
        StringBuilder b2 = a.b("");
        b2.append(Build.MODEL);
        String format3 = String.format("%s&%s=%s", String.format("%s&%s=%s", objArr), AuthenticationConstants.AAD.ADAL_ID_DM, URLEncoder.encode(b2.toString(), AuthenticationConstants.ENCODING_UTF8));
        if (this.f4212a.d() != null) {
            format3 = String.format("%s&%s=%s", format3, AuthenticationConstants.AAD.CLIENT_REQUEST_ID, URLEncoder.encode(this.f4212a.d().toString(), AuthenticationConstants.ENCODING_UTF8));
        }
        if (this.f4212a.h() == PromptBehavior.Always) {
            format3 = String.format("%s&%s=%s", format3, "prompt", URLEncoder.encode("login", AuthenticationConstants.ENCODING_UTF8));
        } else if (this.f4212a.h() == PromptBehavior.REFRESH_SESSION) {
            format3 = String.format("%s&%s=%s", format3, "prompt", URLEncoder.encode(AuthenticationConstants.AAD.QUERY_PROMPT_REFRESH_SESSION_VALUE, AuthenticationConstants.ENCODING_UTF8));
        }
        if (ExceptionExtensions.a(this.f4212a.e())) {
            return format3;
        }
        String e = this.f4212a.e();
        if (!e.startsWith("&")) {
            e = a.a("&", e);
        }
        return a.a(format3, e);
    }

    public String a(String str) throws UnsupportedEncodingException {
        String format = String.format("%s=%s&%s=%s&%s=%s", AuthenticationConstants.OAuth2.GRANT_TYPE, ExceptionExtensions.c(AuthenticationConstants.OAuth2.REFRESH_TOKEN), AuthenticationConstants.OAuth2.REFRESH_TOKEN, ExceptionExtensions.c(str), AuthenticationConstants.OAuth2.CLIENT_ID, ExceptionExtensions.c(this.f4212a.c()));
        return !ExceptionExtensions.a(this.f4212a.k()) ? String.format("%s&%s=%s", format, AuthenticationConstants.AAD.RESOURCE, ExceptionExtensions.c(this.f4212a.k())) : format;
    }

    public String b() throws UnsupportedEncodingException {
        return String.format("%s?%s", a.a(new StringBuilder(), this.f4212a.a(), "/oauth2/authorize"), a());
    }

    public String b(String str) throws UnsupportedEncodingException {
        return String.format("%s=%s&%s=%s&%s=%s&%s=%s", AuthenticationConstants.OAuth2.GRANT_TYPE, ExceptionExtensions.c(AuthenticationConstants.OAuth2.AUTHORIZATION_CODE), AuthenticationConstants.OAuth2.CODE, ExceptionExtensions.c(str), AuthenticationConstants.OAuth2.CLIENT_ID, ExceptionExtensions.c(this.f4212a.c()), AuthenticationConstants.OAuth2.REDIRECT_URI, ExceptionExtensions.c(this.f4212a.i()));
    }

    public AuthenticationResult c(String str) throws IOException, AuthenticationServerProtocolException, AuthenticationException {
        if (ExceptionExtensions.a(str)) {
            throw new IllegalArgumentException("authorizationUrl");
        }
        HashMap<String, String> f = ExceptionExtensions.f(str);
        String str2 = f.get(AuthenticationConstants.OAuth2.STATE);
        String str3 = !ExceptionExtensions.a(str2) ? new String(Base64.decode(str2, 9)) : null;
        if (ExceptionExtensions.a(str3)) {
            throw new AuthenticationException(ADALError.AUTH_FAILED_NO_STATE);
        }
        Uri parse = Uri.parse("http://state/path?" + str3);
        String queryParameter = parse.getQueryParameter("a");
        String queryParameter2 = parse.getQueryParameter("r");
        if (ExceptionExtensions.a(queryParameter) || ExceptionExtensions.a(queryParameter2) || !queryParameter2.equalsIgnoreCase(this.f4212a.k())) {
            throw new AuthenticationException(ADALError.AUTH_FAILED_BAD_STATE);
        }
        AuthenticationResult a2 = a(f);
        if (a2 == null || a2.a() == null || a2.a().isEmpty()) {
            return a2;
        }
        String a3 = a2.a();
        if (this.b == null) {
            throw new IllegalArgumentException("webRequestHandler");
        }
        try {
            return a(b(a3), c());
        } catch (UnsupportedEncodingException e) {
            Logger.e("Oauth", e.getMessage(), "", ADALError.ENCODING_IS_NOT_SUPPORTED, e);
            return null;
        }
    }

    public AuthenticationResult d(String str) throws IOException, AuthenticationException {
        if (this.b == null) {
            Logger.v("Oauth", "Web request is not set correctly");
            throw new IllegalArgumentException("webRequestHandler is null.");
        }
        try {
            String a2 = a(str);
            HashMap<String, String> hashMap = new HashMap<>();
            hashMap.put("Accept", "application/json");
            hashMap.put(AuthenticationConstants.Broker.CHALLENGE_TLS_INCAPABLE, "1.0");
            return a(a2, hashMap);
        } catch (UnsupportedEncodingException e) {
            Logger.e("Oauth", e.getMessage(), "", ADALError.ENCODING_IS_NOT_SUPPORTED, e);
            return null;
        }
    }
}
