package com.microsoft.mmx.agents.ypp.authclient.service;

import Microsoft.Windows.MobilityExperience.Agents.AuthServiceClientAnomalyEvent;
import Microsoft.Windows.MobilityExperience.BaseActivity;
import androidx.annotation.NonNull;
import androidx.annotation.Nullable;
import androidx.annotation.VisibleForTesting;
import com.microsoft.appmanager.telemetry.DependencyCoreParameters;
import com.microsoft.appmanager.telemetry.ILogger;
import com.microsoft.appmanager.telemetry.LogDestination;
import com.microsoft.appmanager.telemetry.TelemetryUtils;
import com.microsoft.appmanager.telemetry.TraceContext;
import com.microsoft.mmx.agents.remoteconfiguration.ExpManager;
import com.microsoft.mmx.agents.remoteconfiguration.Feature;
import com.microsoft.mmx.agents.ypp.DcgClient;
import com.microsoft.mmx.agents.ypp.EnvironmentScopedClassProvider;
import com.microsoft.mmx.agents.ypp.EnvironmentType;
import com.microsoft.mmx.agents.ypp.authclient.auth.AccessToken;
import com.microsoft.mmx.agents.ypp.authclient.auth.AuthManager;
import com.microsoft.mmx.agents.ypp.authclient.auth.IAuthStorage;
import com.microsoft.mmx.agents.ypp.authclient.auth.identitytokenprovider.IdentityTokenProvider;
import com.microsoft.mmx.agents.ypp.authclient.auth.identitytokenprovider.IdentityTokenProviderException;
import com.microsoft.mmx.agents.ypp.authclient.auth.identitytokenprovider.IdentityTokenResult;
import com.microsoft.mmx.agents.ypp.authclient.auth.identitytokenprovider.IdentityTokenType;
import com.microsoft.mmx.agents.ypp.authclient.crypto.CryptoManager;
import com.microsoft.mmx.agents.ypp.authclient.utils.AuthTelemetryUtils;
import com.microsoft.mmx.agents.ypp.configuration.PlatformConfiguration;
import com.microsoft.mmx.agents.ypp.services.CircuitBreakerSingle;
import com.microsoft.mmx.agents.ypp.services.YppServicesFactory;
import com.microsoft.mmx.agents.ypp.services.utils.HttpCallTelemetryContext;
import com.microsoft.mmx.agents.ypp.servicesclient.interfaces.AuthService;
import com.microsoft.mmx.agents.ypp.servicesclient.models.AuthSignInOrCreateIdentityBody;
import com.microsoft.mmx.agents.ypp.servicesclient.models.NonceRequestBody;
import com.microsoft.mmx.agents.ypp.servicesclient.models.NonceResponse;
import com.microsoft.mmx.agents.ypp.servicesclient.models.TokenResponse;
import com.microsoft.mmx.agents.ypp.utils.Resiliency;
import com.microsoft.mmx.agents.ypp.utils.RetryStrategy;
import com.microsoft.mmx.logging.ContentProperties;
import io.reactivex.Single;
import io.reactivex.SingleSource;
import java.util.Collections;
import java.util.Map;
import java.util.Objects;
import java.util.concurrent.Callable;
import javax.inject.Inject;
import javax.inject.Named;
import kotlin.jvm.functions.Function1;
import org.apache.commons.lang3.concurrent.CircuitBreaker;
import org.jetbrains.annotations.NotNull;
import org.joda.time.DateTime;

/* loaded from: classes3.dex */
public class AuthServiceClient implements IAuthServiceClient {
    private final EnvironmentScopedClassProvider<AuthService> authServiceProvider;
    private final IAuthStorage authStorage;
    private final CircuitBreaker<Integer> circuitBreaker;
    private final CryptoManager cryptoManager;
    private final ILogger iLogger;
    private final IdentityTokenProvider identityTokenProvider;
    private final Log logger;
    private final PlatformConfiguration platformConfiguration;
    private final UuidGenerator uuidGenerator;

    /* loaded from: classes3.dex */
    public static final class Log {
        private final ILogger logger;
        private final String tag = "AuthServiceClient";

        public Log(@NonNull ILogger iLogger) {
            this.logger = iLogger;
        }

        public void a(@NonNull Throwable th, @NonNull TraceContext traceContext) {
            this.logger.logEvent(new AuthServiceClientAnomalyEvent(), "ClaimIdentityException", AuthCustomEventDetails.getSerializedDefaultAnomalyData(th), Collections.emptyMap(), traceContext, LogDestination.Remote);
        }

        public void b(AccessToken accessToken) {
            this.logger.logDebug(this.tag, ContentProperties.NO_PII, "Created identity successfully with deviceId: %s", accessToken.getDeviceId());
        }

        public void c(@NonNull Throwable th, @NonNull TraceContext traceContext) {
            this.logger.logEvent(new AuthServiceClientAnomalyEvent(), "DeviceIdCollisionAnomaly", AuthCustomEventDetails.getSerializedDefaultAnomalyData(th), Collections.emptyMap(), traceContext, LogDestination.Remote);
        }

        public void d(@NonNull Throwable th, @NonNull TraceContext traceContext) {
            this.logger.logException(this.tag, ContentProperties.NO_PII, "DeviceIdCollisionException", th, traceContext, LogDestination.Remote);
        }

        public void e(@NonNull Throwable th, @NonNull TraceContext traceContext) {
            this.logger.logEvent(new AuthServiceClientAnomalyEvent(), "DeviceIdInvalidException", AuthCustomEventDetails.getSerializedDefaultAnomalyData(th), Collections.emptyMap(), traceContext, LogDestination.Remote);
        }

        public void f(@NonNull Throwable th, @NonNull TraceContext traceContext) {
            this.logger.logEvent(new AuthServiceClientAnomalyEvent(), "InvalidNonceException", AuthCustomEventDetails.getSerializedDefaultAnomalyData(th), Collections.emptyMap(), traceContext, LogDestination.Remote);
        }

        public void g(@NonNull Throwable th, @NonNull TraceContext traceContext) {
            this.logger.logException(this.tag, ContentProperties.NO_PII, "CreateIdentityError", th, traceContext, LogDestination.Remote);
        }

        public void h(@NonNull Throwable th, @NonNull TraceContext traceContext) {
            this.logger.logException(this.tag, ContentProperties.NO_PII, "SignInError", th, traceContext, LogDestination.Remote);
        }

        public void i(AccessToken accessToken) {
            this.logger.logDebug(this.tag, ContentProperties.NO_PII, "Signed in successfully with deviceId: %s", accessToken.getDeviceId());
        }
    }

    /* loaded from: classes3.dex */
    public interface ServiceCall {
        Single<TokenResponse> getTokenCall(@NonNull AuthSignInOrCreateIdentityBody authSignInOrCreateIdentityBody, @NonNull Map<String, String> map, @Nullable HttpCallTelemetryContext httpCallTelemetryContext);
    }

    @Inject
    public AuthServiceClient(@NonNull final YppServicesFactory yppServicesFactory, @NonNull UuidGenerator uuidGenerator, @NonNull CryptoManager cryptoManager, @NonNull ILogger iLogger, @NonNull PlatformConfiguration platformConfiguration, @NonNull IAuthStorage iAuthStorage, @NonNull @Named("Auth") CircuitBreaker<Integer> circuitBreaker, @NonNull IdentityTokenProvider identityTokenProvider) {
        Objects.requireNonNull(yppServicesFactory);
        this.authServiceProvider = new EnvironmentScopedClassProvider<>(new Function1() { // from class: com.microsoft.mmx.agents.ypp.authclient.service.h
            @Override // kotlin.jvm.functions.Function1
            public final Object invoke(Object obj) {
                return YppServicesFactory.this.getAuthService((EnvironmentType) obj);
            }
        });
        this.uuidGenerator = uuidGenerator;
        this.cryptoManager = cryptoManager;
        this.logger = new Log(iLogger);
        this.platformConfiguration = platformConfiguration;
        this.iLogger = iLogger;
        this.circuitBreaker = circuitBreaker;
        this.authStorage = iAuthStorage;
        this.identityTokenProvider = identityTokenProvider;
    }

    @VisibleForTesting
    /* renamed from: createAccessTokenFromResponse */
    public AccessToken lambda$getServiceCallChain$7(@NonNull TokenResponse tokenResponse, @NonNull DcgClient dcgClient, @NonNull String str, @NonNull TraceContext traceContext) {
        if (!dcgClient.getDcgClientId().equals(tokenResponse.deviceId())) {
            AuthServiceException authServiceException = new AuthServiceException("Service returned token with different deviceId");
            this.logger.e(authServiceException, traceContext);
            throw authServiceException;
        }
        DateTime expirationTime = tokenResponse.expirationTime();
        if (ExpManager.isFeatureOn(Feature.YPP_AUTH_V2_ENABLED)) {
            this.authStorage.updateKeyValidityTime(tokenResponse.keyValidRemainingDays());
        }
        if (expirationTime.isAfter(DateTime.now().plusDays(1)) || expirationTime.isBeforeNow()) {
            expirationTime = DateTime.now().plusDays(1);
        }
        return new AccessToken(tokenResponse.accessToken(), expirationTime, str, dcgClient.getDcgClientId());
    }

    private Single<AccessToken> createIdentityInternal(@NonNull Single<AccessToken> single, @NonNull RetryStrategy<AccessToken> retryStrategy, @NonNull TraceContext traceContext) {
        Single<R> compose = single.compose(retryStrategy);
        Log log = this.logger;
        Objects.requireNonNull(log);
        return new CircuitBreakerSingle(compose.doOnSuccess(new c(log, 0)).doOnError(new d(this, traceContext, 0)), this.circuitBreaker, this.iLogger, i.b);
    }

    private AuthService getAuthService(@NonNull EnvironmentType environmentType) {
        AuthService chooseAndEnsureInitialized;
        synchronized (this.authServiceProvider) {
            chooseAndEnsureInitialized = this.authServiceProvider.chooseAndEnsureInitialized(environmentType);
        }
        return chooseAndEnsureInitialized;
    }

    private Single<String> getNonceJwt(@NonNull DcgClient dcgClient, @NonNull TraceContext traceContext) {
        NonceRequestBody withDeviceId = new NonceRequestBody().withDeviceId(dcgClient.getDcgClientId());
        HttpCallTelemetryContext httpCallTelemetryContext = new HttpCallTelemetryContext(traceContext, AuthTelemetryUtils.GET_NONCE_DEP_PARAMS);
        return getAuthService(dcgClient.getEnvironmentType()).getNonce(withDeviceId, Collections.emptyMap(), httpCallTelemetryContext).flatMap(new com.microsoft.mmx.agents.ypp.authclient.crypto.d(this, dcgClient, traceContext, 3)).compose(Resiliency.getNetworkIssueRetryStrategy(this.platformConfiguration)).compose(Resiliency.getAuthDefaultTransientErrorRetry(httpCallTelemetryContext));
    }

    private Single<AccessToken> getServiceCallChain(@NonNull DcgClient dcgClient, @NonNull ServiceCall serviceCall, @NonNull String str, @NonNull TraceContext traceContext, @NotNull DependencyCoreParameters dependencyCoreParameters) {
        return getNonceJwt(dcgClient, traceContext).flatMap(new e(this, serviceCall, traceContext, dependencyCoreParameters, 0)).map(new e(this, dcgClient, str, traceContext)).compose(new RetryStrategy.Builder().setMaxRetryCount(3).setWaitTimeHandler(l.f4274d).doBeforeRetry(new j(this.logger, traceContext, 2)).addErrorPredicate(k.c).build()).compose(new AuthErrorResponseOperator());
    }

    public /* synthetic */ SingleSource lambda$claimSpecificIdentity$2(BaseActivity baseActivity, DcgClient dcgClient, AuthService authService, TraceContext traceContext, IdentityTokenResult identityTokenResult) throws Exception {
        b bVar;
        AuthTelemetryUtils.populateBaseActivityWithIdentityTokenType(baseActivity, identityTokenResult);
        if (!identityTokenResult.isSuccess()) {
            return Single.error(new IdentityTokenProviderException("error getDefaultToken failed before claimSpecificIdentity", null));
        }
        if (identityTokenResult.getIdentityTokenType() == IdentityTokenType.IDENTITY_TOKEN_MSA) {
            Objects.requireNonNull(authService);
            bVar = new b(authService, 4);
        } else {
            Objects.requireNonNull(authService);
            bVar = new b(authService, 5);
        }
        return getServiceCallChain(dcgClient, bVar, AuthManager.DEFAULT_SCOPE, traceContext, AuthTelemetryUtils.ESTABLISH_ID_DEP_PARAMS);
    }

    public /* synthetic */ SingleSource lambda$createIdentity$0(BaseActivity baseActivity, DcgClient dcgClient, AuthService authService, TraceContext traceContext, IdentityTokenResult identityTokenResult) throws Exception {
        b bVar;
        AuthTelemetryUtils.populateBaseActivityWithIdentityTokenType(baseActivity, identityTokenResult);
        if (!identityTokenResult.isSuccess()) {
            return Single.error(new IdentityTokenProviderException("error getDefaultToken failed before createIdentity", null));
        }
        if (identityTokenResult.getIdentityTokenType() == IdentityTokenType.IDENTITY_TOKEN_MSA) {
            Objects.requireNonNull(authService);
            bVar = new b(authService, 0);
        } else {
            Objects.requireNonNull(authService);
            bVar = new b(authService, 1);
        }
        return getServiceCallChain(dcgClient, bVar, AuthManager.DEFAULT_SCOPE, traceContext, AuthTelemetryUtils.ESTABLISH_ID_DEP_PARAMS);
    }

    public /* synthetic */ SingleSource lambda$createIdentity$1(EnvironmentType environmentType, TraceContext traceContext, BaseActivity baseActivity, String str) throws Exception {
        return this.identityTokenProvider.getDefaultToken(environmentType, traceContext).flatMap(new f(this, baseActivity, new DcgClient(str, environmentType), getAuthService(environmentType), traceContext, 1));
    }

    public /* synthetic */ void lambda$createIdentityInternal$3(TraceContext traceContext, Throwable th) throws Exception {
        if (AuthServiceClientUtils.h(th)) {
            this.logger.c(TelemetryUtils.extractException(th), traceContext);
        } else {
            this.logger.g(TelemetryUtils.extractException(th), traceContext);
        }
    }

    public /* synthetic */ SingleSource lambda$getNonceJwt$8(DcgClient dcgClient, TraceContext traceContext, NonceResponse nonceResponse) throws Exception {
        return this.cryptoManager.getNonceJwtForDeviceId(dcgClient.getDcgClientId(), nonceResponse.nonce(), traceContext);
    }

    public /* synthetic */ void lambda$signIn$4(TraceContext traceContext, Throwable th) throws Exception {
        this.logger.h(TelemetryUtils.extractException(th), traceContext);
    }

    public /* synthetic */ SingleSource lambda$signIn$5(BaseActivity baseActivity, DcgClient dcgClient, AuthService authService, String str, TraceContext traceContext, IdentityTokenResult identityTokenResult) throws Exception {
        b bVar;
        AuthTelemetryUtils.populateBaseActivityWithIdentityTokenType(baseActivity, identityTokenResult);
        if (!identityTokenResult.isSuccess()) {
            return Single.error(new IdentityTokenProviderException("error getDefaultToken failed before signIn", null));
        }
        if (identityTokenResult.getIdentityTokenType() == IdentityTokenType.IDENTITY_TOKEN_MSA) {
            Objects.requireNonNull(authService);
            bVar = new b(authService, 2);
        } else {
            Objects.requireNonNull(authService);
            bVar = new b(authService, 3);
        }
        Single<AccessToken> serviceCallChain = getServiceCallChain(dcgClient, bVar, str, traceContext, AuthTelemetryUtils.SIGN_IN_DEP_PARAMS);
        Log log = this.logger;
        Objects.requireNonNull(log);
        return serviceCallChain.doOnSuccess(new c(log, 1)).doOnError(new d(this, traceContext, 1));
    }

    /* renamed from: performServiceCall */
    public Single<TokenResponse> lambda$getServiceCallChain$6(@NonNull String str, @NonNull ServiceCall serviceCall, @NonNull TraceContext traceContext, @NotNull DependencyCoreParameters dependencyCoreParameters) {
        HttpCallTelemetryContext httpCallTelemetryContext = new HttpCallTelemetryContext(traceContext, dependencyCoreParameters);
        return serviceCall.getTokenCall(new AuthSignInOrCreateIdentityBody().withCertificateJWT(str), Collections.emptyMap(), httpCallTelemetryContext).compose(Resiliency.getNetworkIssueRetryStrategy(this.platformConfiguration)).compose(Resiliency.getAuthDefaultTransientErrorRetry(httpCallTelemetryContext));
    }

    @Override // com.microsoft.mmx.agents.ypp.authclient.service.IAuthServiceClient
    public Single<AccessToken> claimSpecificIdentity(@NonNull DcgClient dcgClient, @NonNull TraceContext traceContext, @NonNull BaseActivity baseActivity) {
        return createIdentityInternal(this.identityTokenProvider.getDefaultToken(dcgClient.getEnvironmentType(), traceContext).flatMap(new f(this, baseActivity, dcgClient, getAuthService(dcgClient.getEnvironmentType()), traceContext, 0)), new RetryStrategy.Builder().setMaxRetryCount(3).setWaitTimeHandler(l.b).doBeforeRetry(new j(this.logger, traceContext, 0)).addErrorPredicate(k.f4272d).build(), traceContext);
    }

    @Override // com.microsoft.mmx.agents.ypp.authclient.service.IAuthServiceClient
    public Single<AccessToken> createIdentity(@NonNull EnvironmentType environmentType, @NonNull TraceContext traceContext, @NonNull BaseActivity baseActivity) {
        final UuidGenerator uuidGenerator = this.uuidGenerator;
        Objects.requireNonNull(uuidGenerator);
        return createIdentityInternal(Single.fromCallable(new Callable() { // from class: com.microsoft.mmx.agents.ypp.authclient.service.g
            @Override // java.util.concurrent.Callable
            public final Object call() {
                return UuidGenerator.this.generateUuid();
            }
        }).flatMap(new e(this, environmentType, traceContext, baseActivity, 1)), new RetryStrategy.Builder().setMaxRetryCount(3).setWaitTimeHandler(l.c).doBeforeRetry(new j(this.logger, traceContext, 1)).addErrorPredicate(k.b).addErrorPredicate(k.e).build(), traceContext);
    }

    @Override // com.microsoft.mmx.agents.ypp.authclient.service.IAuthServiceClient
    public Single<AccessToken> signIn(@NonNull DcgClient dcgClient, @NonNull String str, @NonNull TraceContext traceContext, @NonNull BaseActivity baseActivity) {
        return new CircuitBreakerSingle(this.identityTokenProvider.getDefaultToken(dcgClient.getEnvironmentType(), traceContext).flatMap(new com.microsoft.mmx.agents.ypp.authclient.crypto.k(this, baseActivity, dcgClient, getAuthService(dcgClient.getEnvironmentType()), str, traceContext)), this.circuitBreaker, this.iLogger, i.c);
    }
}
