package com.microsoft.identity.broker4j.broker.prt;

import com.microsoft.identity.broker4j.broker.MicrosoftStsNonceUtil;
import com.microsoft.identity.broker4j.broker.platform.components.IAccountDataStorage;
import com.microsoft.identity.broker4j.broker.platform.components.IBrokerPlatformComponents;
import com.microsoft.identity.broker4j.workplacejoin.data.IWorkplaceJoinController;
import com.microsoft.identity.broker4j.workplacejoin.data.WorkplaceJoinData;
import com.microsoft.identity.common.java.authorities.Authority;
import com.microsoft.identity.common.java.broker.IBrokerAccount;
import com.microsoft.identity.common.java.commands.AcquirePrtSsoTokenResult;
import com.microsoft.identity.common.java.commands.parameters.AcquirePrtSsoTokenCommandParameters;
import com.microsoft.identity.common.java.commands.parameters.BrokerInteractiveTokenCommandParameters;
import com.microsoft.identity.common.java.commands.parameters.BrokerSilentTokenCommandParameters;
import com.microsoft.identity.common.java.commands.parameters.TokenCommandParameters;
import com.microsoft.identity.common.java.controllers.ExceptionAdapter;
import com.microsoft.identity.common.java.exception.BaseException;
import com.microsoft.identity.common.java.exception.ClientException;
import com.microsoft.identity.common.java.exception.ServiceException;
import com.microsoft.identity.common.java.logging.Logger;
import com.microsoft.identity.common.java.providers.microsoft.azureactivedirectory.ClientInfo;
import com.microsoft.identity.common.java.providers.microsoft.microsoftsts.MicrosoftStsAuthorizationRequest;
import com.microsoft.identity.common.java.providers.microsoft.microsoftsts.MicrosoftStsAuthorizationResponse;
import com.microsoft.identity.common.java.providers.microsoft.microsoftsts.MicrosoftStsAuthorizationResult;
import com.microsoft.identity.common.java.providers.microsoft.microsoftsts.MicrosoftStsTokenResponse;
import com.microsoft.identity.common.java.providers.oauth2.IDToken;
import com.microsoft.identity.common.java.providers.oauth2.TokenResult;
import com.microsoft.identity.common.java.request.BrokerRequestType;
import com.microsoft.identity.common.java.util.ResultUtil;
import com.microsoft.identity.common.java.util.SchemaUtil;
import com.microsoft.identity.common.java.util.StringUtil;
import com.microsoft.identity.common.java.util.ported.PropertyBag;
import cz.msebera.android.httpclient.NameValuePair;
import cz.msebera.android.httpclient.client.utils.URIBuilder;
import edu.umd.cs.findbugs.annotations.Nullable;
import java.net.URISyntaxException;
import java.util.Collections;
import java.util.Date;
import java.util.List;
import java.util.concurrent.TimeUnit;
import lombok.NonNull;

/* loaded from: classes3.dex */
public class PrtController implements IPrtController {
    private static final String TAG = "PrtController";

    @NonNull
    private final IAccountDataStorage mAccountDataStorage;

    @NonNull
    private final IBrokerPlatformComponents mBrokerPlatformComponents;
    private IPrtAuthorizationStrategy mPrtAuthorizationStrategy;

    @NonNull
    private final PrtLoader mPrtLoader;

    @NonNull
    private final IPrtStrategyFactory mPrtStrategyFactory;

    @NonNull
    private final IWorkplaceJoinController mWpjController;

    /* JADX INFO: Access modifiers changed from: package-private */
    public PrtController(@NonNull IBrokerPlatformComponents iBrokerPlatformComponents, @NonNull PrtLoader prtLoader, @NonNull IPrtStrategyFactory iPrtStrategyFactory) {
        if (iBrokerPlatformComponents == null) {
            throw new NullPointerException("brokerPlatformComponents is marked non-null but is null");
        }
        if (prtLoader == null) {
            throw new NullPointerException("prtLoader is marked non-null but is null");
        }
        if (iPrtStrategyFactory == null) {
            throw new NullPointerException("prtStrategyFactory is marked non-null but is null");
        }
        this.mBrokerPlatformComponents = iBrokerPlatformComponents;
        this.mAccountDataStorage = iBrokerPlatformComponents.getBrokerAccountDataStorage();
        this.mWpjController = iBrokerPlatformComponents.getWpjController();
        this.mPrtStrategyFactory = iPrtStrategyFactory;
        this.mPrtLoader = prtLoader;
    }

    private TokenResult acquireAtUsingPrt(@NonNull BrokerSilentTokenCommandParameters brokerSilentTokenCommandParameters, @NonNull PRT prt, boolean z) throws BaseException {
        if (brokerSilentTokenCommandParameters == null) {
            throw new NullPointerException("parameters is marked non-null but is null");
        }
        if (prt == null) {
            throw new NullPointerException("currentPrt is marked non-null but is null");
        }
        String str = TAG + ":acquireAtUsingPrt";
        Logger.info(str, "Acquiring AT using PRT. shouldRefreshPrt: " + z);
        IAcquirePrtStrategy<BrokerSilentTokenCommandParameters> createAcquireATUsingPrtStrategy = this.mPrtStrategyFactory.createAcquireATUsingPrtStrategy(this.mBrokerPlatformComponents, prt, z);
        TokenResult acquireToken = createAcquireATUsingPrtStrategy.acquireToken(createAcquireATUsingPrtStrategy.createTokenRequest(brokerSilentTokenCommandParameters));
        ResultUtil.logResult(str, acquireToken);
        if (!acquireToken.getSuccess()) {
            Logger.info(str, "Token acquisition failed");
            ServiceException exceptionFromTokenResult = ExceptionAdapter.exceptionFromTokenResult(acquireToken, brokerSilentTokenCommandParameters);
            exceptionFromTokenResult.setUsername(brokerSilentTokenCommandParameters.getBrokerAccount().getUsername());
            throw exceptionFromTokenResult;
        }
        MicrosoftStsTokenResponse microsoftStsTokenResponse = (MicrosoftStsTokenResponse) acquireToken.getSuccessResponse();
        IBrokerAccount createAccount = createAccount(microsoftStsTokenResponse);
        if (z) {
            this.mPrtLoader.savePrt(createAccount, createAcquireATUsingPrtStrategy.extractPrtFromTokenResponse(microsoftStsTokenResponse));
            microsoftStsTokenResponse.setRefreshToken(null);
            microsoftStsTokenResponse.setRefreshTokenExpiresIn(null);
            microsoftStsTokenResponse.setRefreshTokenAge(null);
            microsoftStsTokenResponse.setSessionKeyJwe(null);
        }
        return acquireToken;
    }

    private PRT acquireRegisteredDevicePrtIfRequired(@NonNull PRT prt, @NonNull IBrokerAccount iBrokerAccount, @NonNull BrokerSilentTokenCommandParameters brokerSilentTokenCommandParameters) throws BaseException {
        if (prt == null) {
            throw new NullPointerException("prt is marked non-null but is null");
        }
        if (iBrokerAccount == null) {
            throw new NullPointerException("account is marked non-null but is null");
        }
        if (brokerSilentTokenCommandParameters == null) {
            throw new NullPointerException("parameters is marked non-null but is null");
        }
        String str = TAG + ":acquireRegisteredDevicePrtIfRequired";
        if (prt.isRegisteredDevicePrt()) {
            Logger.info(str, "PRT is already registered-device PRT");
            return prt;
        }
        Logger.info(str, "PRT is unregistered-device PRT");
        WorkplaceJoinData wpjData = getWpjData(iBrokerAccount, brokerSilentTokenCommandParameters.getCorrelationId());
        if (wpjData != null) {
            return executePrtTokenStrategy(this.mPrtStrategyFactory.createUpgradeToRegisteredDevicePrtStrategy(this.mBrokerPlatformComponents, prt, wpjData), brokerSilentTokenCommandParameters).getPrt();
        }
        Logger.info(str, "There's no device registration data. Not upgrading.");
        return prt;
    }

    private IBrokerAccount createAccount(@NonNull MicrosoftStsTokenResponse microsoftStsTokenResponse) throws ServiceException {
        if (microsoftStsTokenResponse == null) {
            throw new NullPointerException("tokenResponse is marked non-null but is null");
        }
        String str = TAG + ":createAccount";
        IDToken iDToken = new IDToken(microsoftStsTokenResponse.getIdToken());
        String displayableId = SchemaUtil.getDisplayableId(iDToken.getTokenClaims());
        IBrokerAccount account = this.mAccountDataStorage.getAccount(displayableId, "com.microsoft.workaccount");
        if (account == null) {
            account = this.mAccountDataStorage.createAccount(displayableId, "com.microsoft.workaccount");
        }
        String stringClaim = iDToken.getStringClaim("given_name");
        String stringClaim2 = iDToken.getStringClaim("family_name");
        String stringClaim3 = iDToken.getStringClaim("tid");
        String homeAccountId = SchemaUtil.getHomeAccountId(new ClientInfo(microsoftStsTokenResponse.getClientInfo()));
        this.mAccountDataStorage.setAccountDisplayableUserId(account, displayableId);
        this.mAccountDataStorage.setAccountHomeAccountId(account, homeAccountId);
        this.mAccountDataStorage.setAccountHomeTenantId(account, stringClaim3);
        this.mAccountDataStorage.setAccountGivenName(account, stringClaim);
        this.mAccountDataStorage.setAccountFamilyName(account, stringClaim2);
        Logger.info(str, "Broker account created");
        return account;
    }

    private <T extends TokenCommandParameters> PrtResult executePrtTokenStrategy(@NonNull IAcquirePrtStrategy<T> iAcquirePrtStrategy, @NonNull T t) throws BaseException {
        if (iAcquirePrtStrategy == null) {
            throw new NullPointerException("acquirePrtStrategy is marked non-null but is null");
        }
        if (t == null) {
            throw new NullPointerException("parameters is marked non-null but is null");
        }
        String str = TAG + ":executePrtStrategy";
        TokenResult acquireToken = iAcquirePrtStrategy.acquireToken(iAcquirePrtStrategy.createTokenRequest(t));
        if (!acquireToken.getSuccess()) {
            Logger.info(str, "Prt acquisition failed for strategy: " + iAcquirePrtStrategy.getClass().getSimpleName());
            throw ExceptionAdapter.exceptionFromTokenResult(acquireToken, t);
        }
        MicrosoftStsTokenResponse microsoftStsTokenResponse = (MicrosoftStsTokenResponse) acquireToken.getSuccessResponse();
        IBrokerAccount createAccount = createAccount(microsoftStsTokenResponse);
        PRT extractPrtFromTokenResponse = iAcquirePrtStrategy.extractPrtFromTokenResponse(microsoftStsTokenResponse);
        this.mPrtLoader.savePrt(createAccount, extractPrtFromTokenResponse);
        Logger.info(str, "Prt acquisition succeeded for strategy: " + iAcquirePrtStrategy.getClass().getSimpleName());
        return new PrtResult(extractPrtFromTokenResponse, createAccount);
    }

    private String getSsoNonceFromSsoUrl(@NonNull String str) throws ClientException {
        if (str == null) {
            throw new NullPointerException("ssoUrl is marked non-null but is null");
        }
        try {
            List<NameValuePair> queryParams = new URIBuilder(str).getQueryParams();
            if (queryParams == null) {
                return null;
            }
            for (NameValuePair nameValuePair : queryParams) {
                if (PrtConstants.SSO_NONCE_QUERY_PARAM_KEY.equalsIgnoreCase(nameValuePair.getName())) {
                    return nameValuePair.getValue();
                }
            }
            return null;
        } catch (URISyntaxException e) {
            throw new ClientException("malformed_url", "The SSO token url is malformed", e);
        }
    }

    private WorkplaceJoinData getWpjData(@NonNull IBrokerAccount iBrokerAccount, @NonNull String str) throws BaseException {
        if (iBrokerAccount == null) {
            throw new NullPointerException("account is marked non-null but is null");
        }
        if (str == null) {
            throw new NullPointerException("correlationId is marked non-null but is null");
        }
        String str2 = TAG + ":getWpjData";
        String accountHomeTenantId = this.mAccountDataStorage.getAccountHomeTenantId(iBrokerAccount);
        if (StringUtil.isNullOrEmpty(accountHomeTenantId)) {
            Logger.info(str2, "Using account username to get WPJ data");
            return this.mWpjController.getWorkplaceJoinDataByIdentifier(iBrokerAccount.getUsername(), str);
        }
        Logger.info(str2, "Using home tenant to get WPJ data.");
        return this.mWpjController.getWorkplaceJoinDataForTenantId(accountHomeTenantId);
    }

    private PRT refreshPrt(@NonNull PRT prt, @NonNull BrokerSilentTokenCommandParameters brokerSilentTokenCommandParameters) throws BaseException {
        if (prt == null) {
            throw new NullPointerException("prt is marked non-null but is null");
        }
        if (brokerSilentTokenCommandParameters == null) {
            throw new NullPointerException("parameters is marked non-null but is null");
        }
        Logger.info(TAG + ":refreshPrt", "refreshing PRT");
        return executePrtTokenStrategy(this.mPrtStrategyFactory.createRefreshPrtStrategy(this.mBrokerPlatformComponents, prt), brokerSilentTokenCommandParameters).getPrt();
    }

    private boolean shouldRefreshPrt(@NonNull PRT prt, @Nullable BrokerRequestType brokerRequestType) {
        if (prt != null) {
            return !BrokerRequestType.BROKER_RT_REQUEST.equals(brokerRequestType) && new Date().getTime() >= prt.getAcquisitionTimeMillis() + TimeUnit.HOURS.toMillis(4L);
        }
        throw new NullPointerException("prt is marked non-null but is null");
    }

    @Override // com.microsoft.identity.broker4j.broker.prt.IPrtController
    public TokenResult acquireAtUsingPrt(@NonNull BrokerSilentTokenCommandParameters brokerSilentTokenCommandParameters) throws BaseException {
        PRT acquireRegisteredDevicePrtIfRequired;
        if (brokerSilentTokenCommandParameters == null) {
            throw new NullPointerException("parameters is marked non-null but is null");
        }
        String str = TAG + ":acquireAtUsingPrt";
        IBrokerAccount brokerAccount = brokerSilentTokenCommandParameters.getBrokerAccount();
        PRT loadPrt = this.mPrtLoader.loadPrt(brokerAccount, brokerSilentTokenCommandParameters.getAuthority());
        if (loadPrt == null) {
            Logger.info(str, "No PRT was found for the account");
            ClientException clientException = new ClientException("no_tokens_found", "No PRT was found for the account");
            clientException.setUsername(brokerAccount.getUsername());
            throw clientException;
        }
        Logger.info(str, "PRT found.");
        if (loadPrt.isPrtV2()) {
            Logger.info(str, "Exchange PRTv2 for PRTv3");
            acquireRegisteredDevicePrtIfRequired = refreshPrt(loadPrt, brokerSilentTokenCommandParameters);
        } else {
            acquireRegisteredDevicePrtIfRequired = acquireRegisteredDevicePrtIfRequired(loadPrt, brokerAccount, brokerSilentTokenCommandParameters);
            if (shouldRefreshPrt(acquireRegisteredDevicePrtIfRequired, brokerSilentTokenCommandParameters.getRequestType())) {
                acquireRegisteredDevicePrtIfRequired = refreshPrt(acquireRegisteredDevicePrtIfRequired, brokerSilentTokenCommandParameters);
            }
        }
        return acquireAtUsingPrt(brokerSilentTokenCommandParameters, acquireRegisteredDevicePrtIfRequired, brokerSilentTokenCommandParameters.getRequestType() == BrokerRequestType.BROKER_RT_REQUEST);
    }

    /* JADX WARN: Multi-variable type inference failed */
    @Override // com.microsoft.identity.broker4j.broker.prt.IPrtController
    public PrtResult acquirePrt(@NonNull BrokerInteractiveTokenCommandParameters brokerInteractiveTokenCommandParameters) throws BaseException {
        if (brokerInteractiveTokenCommandParameters == null) {
            throw new NullPointerException("requestParameters is marked non-null but is null");
        }
        IPrtAuthorizationStrategy createPrtAuthorizationStrategy = this.mPrtStrategyFactory.createPrtAuthorizationStrategy(this.mBrokerPlatformComponents);
        this.mPrtAuthorizationStrategy = createPrtAuthorizationStrategy;
        MicrosoftStsAuthorizationRequest createAuthorizationRequest = createPrtAuthorizationStrategy.createAuthorizationRequest(brokerInteractiveTokenCommandParameters);
        MicrosoftStsAuthorizationResult requestAuthorization = this.mPrtAuthorizationStrategy.requestAuthorization(createAuthorizationRequest);
        if (requestAuthorization.getSuccess()) {
            return executePrtTokenStrategy(this.mPrtStrategyFactory.createInteractivePrtAcquisitionStrategy(this.mBrokerPlatformComponents, createAuthorizationRequest, (MicrosoftStsAuthorizationResponse) requestAuthorization.getAuthorizationResponse()), brokerInteractiveTokenCommandParameters);
        }
        throw ExceptionAdapter.exceptionFromAuthorizationResult(requestAuthorization, brokerInteractiveTokenCommandParameters);
    }

    @Override // com.microsoft.identity.broker4j.broker.prt.IPrtController
    public void completeAuthorization(int i, int i2, @NonNull PropertyBag propertyBag) {
        if (propertyBag == null) {
            throw new NullPointerException("data is marked non-null but is null");
        }
        this.mPrtAuthorizationStrategy.completeAuthorization(i, i, propertyBag);
    }

    @Override // com.microsoft.identity.broker4j.broker.prt.IPrtController
    public String getRefreshTokenCredential(@NonNull BrokerInteractiveTokenCommandParameters brokerInteractiveTokenCommandParameters, @NonNull IBrokerAccount iBrokerAccount) throws ClientException {
        if (brokerInteractiveTokenCommandParameters == null) {
            throw new NullPointerException("requestParameters is marked non-null but is null");
        }
        if (iBrokerAccount == null) {
            throw new NullPointerException("account is marked non-null but is null");
        }
        String str = TAG + ":getRefreshTokenCredential";
        Logger.info(str, "Getting Refresh token Credential");
        PRT loadPrt = this.mPrtLoader.loadPrt(iBrokerAccount, brokerInteractiveTokenCommandParameters.getAuthority());
        if (loadPrt == null) {
            Logger.info(str, "No PRT is present for the account.");
            return null;
        }
        return loadPrt.getSsoCookieFormat(this.mBrokerPlatformComponents, MicrosoftStsNonceUtil.getNonce(PrtUtils.getAuthorityForAcquiringToken(brokerInteractiveTokenCommandParameters.getAuthority().getAuthorityURL().toString(), loadPrt.getHomeAuthority()), brokerInteractiveTokenCommandParameters.getCorrelationId()));
    }

    @Override // com.microsoft.identity.broker4j.broker.prt.IPrtController
    public AcquirePrtSsoTokenResult getSsoCookieToken(@NonNull AcquirePrtSsoTokenCommandParameters acquirePrtSsoTokenCommandParameters, @NonNull IBrokerAccount iBrokerAccount) throws ClientException {
        if (acquirePrtSsoTokenCommandParameters == null) {
            throw new NullPointerException("ssoTokenCommandParameters is marked non-null but is null");
        }
        if (iBrokerAccount == null) {
            throw new NullPointerException("account is marked non-null but is null");
        }
        String str = TAG + ":getSsoCookieToken";
        Logger.info(str, "Getting sso cookie token");
        PRT loadPrt = this.mPrtLoader.loadPrt(iBrokerAccount, Authority.getAuthorityFromAuthorityUrl(acquirePrtSsoTokenCommandParameters.getRequestAuthority()));
        if (loadPrt == null) {
            Logger.info(str, "No PRT is present for the account and authority.");
            throw new ClientException(ClientException.TOKENS_MISSING, "No PRT found for the given account and parameters.");
        }
        if (StringUtil.isNullOrEmpty(acquirePrtSsoTokenCommandParameters.getSsoUrl())) {
            throw new ClientException(ClientException.MISSING_PARAMETER, "Sso Url is empty");
        }
        return AcquirePrtSsoTokenResult.builder().cookieName("x-ms-RefreshTokenCredential").cookieContent(loadPrt.getSsoCookieFormat(this.mBrokerPlatformComponents, getSsoNonceFromSsoUrl(acquirePrtSsoTokenCommandParameters.getSsoUrl()))).accountAuthority(loadPrt.getHomeAuthority()).telemetry(Collections.emptyMap()).build();
    }
}
