package com.microsoft.identity.common.internal.providers.microsoft.microsoftsts;

import android.net.Uri;
import android.util.Pair;
import com.microsoft.identity.common.adal.internal.AuthenticationConstants;
import com.microsoft.identity.common.adal.internal.util.StringExtensions;
import com.microsoft.identity.common.exception.ClientException;
import com.microsoft.identity.common.exception.ServiceException;
import com.microsoft.identity.common.internal.controllers.BaseController;
import com.microsoft.identity.common.internal.dto.IAccountRecord;
import com.microsoft.identity.common.internal.logging.DiagnosticContext;
import com.microsoft.identity.common.internal.logging.Logger;
import com.microsoft.identity.common.internal.net.HttpRequest;
import com.microsoft.identity.common.internal.net.HttpResponse;
import com.microsoft.identity.common.internal.net.ObjectMapper;
import com.microsoft.identity.common.internal.platform.Device;
import com.microsoft.identity.common.internal.providers.microsoft.MicrosoftTokenErrorResponse;
import com.microsoft.identity.common.internal.providers.microsoft.azureactivedirectory.AzureActiveDirectory;
import com.microsoft.identity.common.internal.providers.microsoft.azureactivedirectory.AzureActiveDirectoryCloud;
import com.microsoft.identity.common.internal.providers.microsoft.azureactivedirectory.ClientInfo;
import com.microsoft.identity.common.internal.providers.microsoft.microsoftsts.MicrosoftStsAuthorizationRequest;
import com.microsoft.identity.common.internal.providers.oauth2.AuthorizationResult;
import com.microsoft.identity.common.internal.providers.oauth2.AuthorizationResultFactory;
import com.microsoft.identity.common.internal.providers.oauth2.AuthorizationStrategy;
import com.microsoft.identity.common.internal.providers.oauth2.IDToken;
import com.microsoft.identity.common.internal.providers.oauth2.OAuth2Strategy;
import com.microsoft.identity.common.internal.providers.oauth2.TokenErrorResponse;
import com.microsoft.identity.common.internal.providers.oauth2.TokenResult;
import com.microsoft.identity.common.internal.telemetry.CliTelemInfo;
import com.microsoft.identity.common.internal.ui.webview.challengehandlers.PKeyAuthChallengeFactory;
import com.microsoft.identity.common.internal.ui.webview.challengehandlers.PKeyAuthChallengeHandler;
import com.microsoft.identity.common.internal.util.HeaderSerializationUtil;
import com.microsoft.identity.common.internal.util.StringUtil;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.net.MalformedURLException;
import java.net.URL;
import java.util.List;
import java.util.Map;
import java.util.TreeMap;
import java.util.UUID;

/* loaded from: classes4.dex */
public class MicrosoftStsOAuth2Strategy extends OAuth2Strategy<MicrosoftStsAccessToken, MicrosoftStsAccount, MicrosoftStsAuthorizationRequest, MicrosoftStsAuthorizationRequest.Builder, AuthorizationStrategy, MicrosoftStsOAuth2Configuration, MicrosoftStsAuthorizationResponse, MicrosoftStsRefreshToken, MicrosoftStsTokenRequest, MicrosoftStsTokenResponse, TokenResult, AuthorizationResult> {
    private static final String TAG = MicrosoftStsOAuth2Strategy.class.getSimpleName();

    public MicrosoftStsOAuth2Strategy(MicrosoftStsOAuth2Configuration microsoftStsOAuth2Configuration) {
        super(microsoftStsOAuth2Configuration);
        setTokenEndpoint(microsoftStsOAuth2Configuration.getTokenEndpoint().toString());
    }

    private String getCloudSpecificTenantEndpoint(MicrosoftStsAuthorizationResponse microsoftStsAuthorizationResponse) {
        return !StringUtil.isEmpty(microsoftStsAuthorizationResponse.getCloudGraphHostName()) ? Uri.parse(this.mTokenEndpoint).buildUpon().authority(microsoftStsAuthorizationResponse.getCloudInstanceHostName()).build().toString() : this.mTokenEndpoint;
    }

    private HttpResponse performPKeyAuthRequest(HttpResponse httpResponse, MicrosoftStsTokenRequest microsoftStsTokenRequest) throws IOException, ClientException {
        String serializeObjectToFormUrlEncoded = ObjectMapper.serializeObjectToFormUrlEncoded(microsoftStsTokenRequest);
        TreeMap treeMap = new TreeMap();
        treeMap.put("client-request-id", DiagnosticContext.getRequestContext().get("correlation_id"));
        treeMap.putAll(Device.getPlatformIdParameters());
        String str = httpResponse.getHeaders().get("WWW-Authenticate").get(0);
        Logger.info(TAG + "#performPkeyAuthRequest", "Device certificate challenge request. ");
        Logger.infoPII(TAG + "#performPkeyAuthRequest", "Challenge header: " + str);
        try {
            PKeyAuthChallengeFactory pKeyAuthChallengeFactory = new PKeyAuthChallengeFactory();
            URL url = StringExtensions.getUrl(this.mTokenEndpoint);
            treeMap.putAll(PKeyAuthChallengeHandler.getChallengeHeader(pKeyAuthChallengeFactory.getPKeyAuthChallenge(str, url.toString())));
            return HttpRequest.sendPost(url, treeMap, serializeObjectToFormUrlEncoded.getBytes("UTF-8"), "application/x-www-form-urlencoded");
        } catch (UnsupportedEncodingException e) {
            throw new ClientException("unsupported_encoding", "Unsupported encoding", e);
        }
    }

    @Override // com.microsoft.identity.common.internal.providers.oauth2.OAuth2Strategy
    public MicrosoftStsAccount createAccount(MicrosoftStsTokenResponse microsoftStsTokenResponse) {
        Logger.verbose(TAG + ":createAccount", "Creating account from TokenResponse...");
        URL url = null;
        try {
            MicrosoftStsAccount microsoftStsAccount = new MicrosoftStsAccount(new IDToken(microsoftStsTokenResponse.getIdToken()), new ClientInfo(microsoftStsTokenResponse.getClientInfo()));
            try {
                url = new URL(this.mTokenEndpoint);
            } catch (MalformedURLException unused) {
                Logger.verbose(TAG + ":createAccount", "Creating account from TokenResponse failed due to malformed URL (mTokenEndpoint)...");
            }
            if (url != null) {
                microsoftStsAccount.setEnvironment(getIssuerCacheIdentifierFromAuthority(url));
            }
            return microsoftStsAccount;
        } catch (ServiceException e) {
            Logger.error(TAG + ":createAccount", "Failed to construct IDToken or ClientInfo", null);
            Logger.errorPII(TAG + ":createAccount", "Failed with Exception", e);
            throw new RuntimeException();
        }
    }

    /* JADX WARN: Can't rename method to resolve collision */
    @Override // com.microsoft.identity.common.internal.providers.oauth2.OAuth2Strategy
    public MicrosoftStsAuthorizationRequest.Builder createAuthorizationRequestBuilder() {
        Logger.verbose(TAG + ":createAuthorizationRequestBuilder", "Creating AuthorizationRequestBuilder...");
        MicrosoftStsAuthorizationRequest.Builder builder = new MicrosoftStsAuthorizationRequest.Builder();
        builder.setAuthority(((MicrosoftStsOAuth2Configuration) this.mConfig).getAuthorityUrl());
        if (((MicrosoftStsOAuth2Configuration) this.mConfig).getSlice() != null) {
            Logger.verbose(TAG + ":createAuthorizationRequestBuilder", "Setting slice params...");
            builder.setSlice(((MicrosoftStsOAuth2Configuration) this.mConfig).getSlice());
        }
        Map<String, String> platformIdParameters = Device.getPlatformIdParameters();
        builder.setLibraryName(platformIdParameters.get("x-client-SKU"));
        builder.setLibraryVersion(platformIdParameters.get("x-client-Ver"));
        builder.setFlightParameters(((MicrosoftStsOAuth2Configuration) this.mConfig).getFlightParameters());
        builder.setMultipleCloudAware(((MicrosoftStsOAuth2Configuration) this.mConfig).getMultipleCloudsSupported().booleanValue());
        return builder;
    }

    /* JADX WARN: Can't rename method to resolve collision */
    @Override // com.microsoft.identity.common.internal.providers.oauth2.OAuth2Strategy
    public MicrosoftStsAuthorizationRequest.Builder createAuthorizationRequestBuilder(IAccountRecord iAccountRecord) {
        Logger.verbose(TAG + ":createAuthorizationRequestBuilder", "Creating AuthorizationRequestBuilder");
        MicrosoftStsAuthorizationRequest.Builder createAuthorizationRequestBuilder = createAuthorizationRequestBuilder();
        if (iAccountRecord != null) {
            Pair<String, String> tenantInfo = StringUtil.getTenantInfo(iAccountRecord.getHomeAccountId());
            if (!StringExtensions.isNullOrBlank((String) tenantInfo.first) && !StringExtensions.isNullOrBlank((String) tenantInfo.second)) {
                createAuthorizationRequestBuilder.setUid((String) tenantInfo.first);
                createAuthorizationRequestBuilder.setUtid((String) tenantInfo.second);
                Logger.verbosePII(TAG + ":createAuthorizationRequestBuilder", "Builder w/ uid: [" + ((String) tenantInfo.first) + "]");
                StringBuilder sb = new StringBuilder();
                sb.append(TAG);
                sb.append(":createAuthorizationRequestBuilder");
                Logger.verbosePII(sb.toString(), "Builder w/ utid: [" + ((String) tenantInfo.second) + "]");
            }
        }
        return createAuthorizationRequestBuilder;
    }

    /* JADX WARN: Can't rename method to resolve collision */
    @Override // com.microsoft.identity.common.internal.providers.oauth2.OAuth2Strategy
    public MicrosoftStsTokenRequest createRefreshTokenRequest() {
        Logger.verbose(TAG + ":createRefreshTokenRequest", "Creating refresh token request");
        MicrosoftStsTokenRequest microsoftStsTokenRequest = new MicrosoftStsTokenRequest();
        microsoftStsTokenRequest.setGrantType("refresh_token");
        return microsoftStsTokenRequest;
    }

    @Override // com.microsoft.identity.common.internal.providers.oauth2.OAuth2Strategy
    public MicrosoftStsTokenRequest createTokenRequest(MicrosoftStsAuthorizationRequest microsoftStsAuthorizationRequest, MicrosoftStsAuthorizationResponse microsoftStsAuthorizationResponse) {
        Logger.verbose(TAG + ":createTokenRequest", "Creating TokenRequest...");
        if (((MicrosoftStsOAuth2Configuration) this.mConfig).getMultipleCloudsSupported().booleanValue() || microsoftStsAuthorizationRequest.getMultipleCloudAware().booleanValue()) {
            Logger.verbose(TAG, "get cloud specific authority based on authorization response.");
            setTokenEndpoint(getCloudSpecificTenantEndpoint(microsoftStsAuthorizationResponse));
        }
        MicrosoftStsTokenRequest microsoftStsTokenRequest = new MicrosoftStsTokenRequest();
        microsoftStsTokenRequest.setCodeVerifier(microsoftStsAuthorizationRequest.getPkceChallenge().getCodeVerifier());
        microsoftStsTokenRequest.setCode(microsoftStsAuthorizationResponse.getCode());
        microsoftStsTokenRequest.setRedirectUri(microsoftStsAuthorizationRequest.getRedirectUri());
        microsoftStsTokenRequest.setClientId(microsoftStsAuthorizationRequest.getClientId());
        try {
            microsoftStsTokenRequest.setCorrelationId(UUID.fromString(DiagnosticContext.getRequestContext().get("correlation_id")));
        } catch (IllegalArgumentException e) {
            Logger.error("MicrosoftSTSOAuth2Strategy", "Correlation id on diagnostic context is not a UUID.", e);
        }
        return microsoftStsTokenRequest;
    }

    @Override // com.microsoft.identity.common.internal.providers.oauth2.OAuth2Strategy
    public MicrosoftStsAccessToken getAccessTokenFromResponse(MicrosoftStsTokenResponse microsoftStsTokenResponse) {
        Logger.verbose(TAG + ":getAccessTokenFromResponse", "Getting AT from TokenResponse...");
        return new MicrosoftStsAccessToken(microsoftStsTokenResponse);
    }

    @Override // com.microsoft.identity.common.internal.providers.oauth2.OAuth2Strategy
    public AuthorizationResultFactory getAuthorizationResultFactory() {
        return new MicrosoftStsAuthorizationResultFactory();
    }

    @Override // com.microsoft.identity.common.internal.providers.oauth2.OAuth2Strategy
    public String getIssuerCacheIdentifier(MicrosoftStsAuthorizationRequest microsoftStsAuthorizationRequest) {
        URL authority = microsoftStsAuthorizationRequest.getAuthority();
        AzureActiveDirectoryCloud azureActiveDirectoryCloud = AzureActiveDirectory.getAzureActiveDirectoryCloud(authority);
        if (azureActiveDirectoryCloud == null) {
            return authority.getHost();
        }
        String preferredCacheHostName = azureActiveDirectoryCloud.getPreferredCacheHostName();
        Logger.info(TAG + ":getIssuerCacheIdentifier", "Using preferred cache host name...");
        Logger.infoPII(TAG + ":getIssuerCacheIdentifier", "Preferred cache hostname: [" + preferredCacheHostName + "]");
        return preferredCacheHostName;
    }

    public String getIssuerCacheIdentifierFromAuthority(URL url) {
        AzureActiveDirectoryCloud azureActiveDirectoryCloud = AzureActiveDirectory.getAzureActiveDirectoryCloud(url);
        if (azureActiveDirectoryCloud == null) {
            return url.getHost();
        }
        String preferredCacheHostName = azureActiveDirectoryCloud.getPreferredCacheHostName();
        Logger.info(TAG + ":getIssuerCacheIdentifierFromAuthority", "Using preferred cache host name...");
        Logger.infoPII(TAG + ":getIssuerCacheIdentifierFromAuthority", "Preferred cache hostname: [" + preferredCacheHostName + "]");
        return preferredCacheHostName;
    }

    @Override // com.microsoft.identity.common.internal.providers.oauth2.OAuth2Strategy
    public MicrosoftStsRefreshToken getRefreshTokenFromResponse(MicrosoftStsTokenResponse microsoftStsTokenResponse) {
        Logger.verbose(TAG + ":getRefreshTokenFromResponse", "Getting RT from TokenResponse...");
        return new MicrosoftStsRefreshToken(microsoftStsTokenResponse);
    }

    @Override // com.microsoft.identity.common.internal.providers.oauth2.OAuth2Strategy
    protected TokenResult getTokenResultFromHttpResponse(HttpResponse httpResponse) {
        TokenErrorResponse tokenErrorResponse;
        List<String> list;
        Logger.verbose(TAG + ":getTokenResultFromHttpResponse", "Getting TokenResult from HttpResponse...");
        MicrosoftStsTokenResponse microsoftStsTokenResponse = null;
        if (httpResponse.getStatusCode() >= 400) {
            tokenErrorResponse = (TokenErrorResponse) ObjectMapper.deserializeJsonStringToObject(httpResponse.getBody(), MicrosoftTokenErrorResponse.class);
            tokenErrorResponse.setStatusCode(httpResponse.getStatusCode());
            if (httpResponse.getHeaders() != null) {
                tokenErrorResponse.setResponseHeadersJson(HeaderSerializationUtil.toJson(httpResponse.getHeaders()));
            }
            tokenErrorResponse.setResponseBody(httpResponse.getBody());
        } else {
            microsoftStsTokenResponse = (MicrosoftStsTokenResponse) ObjectMapper.deserializeJsonStringToObject(httpResponse.getBody(), MicrosoftStsTokenResponse.class);
            tokenErrorResponse = null;
        }
        TokenResult tokenResult = new TokenResult(microsoftStsTokenResponse, tokenErrorResponse);
        BaseController.logResult(TAG, tokenResult);
        if (httpResponse.getHeaders() != null && (list = httpResponse.getHeaders().get(AuthenticationConstants.HeaderField.X_MS_CLITELEM)) != null && !list.isEmpty()) {
            CliTelemInfo fromXMsCliTelemHeader = CliTelemInfo.fromXMsCliTelemHeader(list.get(0));
            tokenResult.setCliTelemInfo(fromXMsCliTelemHeader);
            if (microsoftStsTokenResponse != null && fromXMsCliTelemHeader != null) {
                microsoftStsTokenResponse.setSpeRing(fromXMsCliTelemHeader.getSpeRing());
                microsoftStsTokenResponse.setRefreshTokenAge(fromXMsCliTelemHeader.getRefreshTokenAge());
                microsoftStsTokenResponse.setCliTelemErrorCode(fromXMsCliTelemHeader.getServerErrorCode());
                microsoftStsTokenResponse.setCliTelemSubErrorCode(fromXMsCliTelemHeader.getServerSubErrorCode());
            }
        }
        return tokenResult;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.microsoft.identity.common.internal.providers.oauth2.OAuth2Strategy
    public HttpResponse performTokenRequest(MicrosoftStsTokenRequest microsoftStsTokenRequest) throws IOException, ClientException {
        HttpResponse performTokenRequest = super.performTokenRequest((MicrosoftStsOAuth2Strategy) microsoftStsTokenRequest);
        if (performTokenRequest.getStatusCode() != 401 || performTokenRequest.getHeaders() == null || !performTokenRequest.getHeaders().containsKey("WWW-Authenticate")) {
            return performTokenRequest;
        }
        Logger.info(TAG + ":performTokenRequest", "Receiving device certificate challenge request. ");
        return performPKeyAuthRequest(performTokenRequest, microsoftStsTokenRequest);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.microsoft.identity.common.internal.providers.oauth2.OAuth2Strategy
    public void validateAuthorizationRequest(MicrosoftStsAuthorizationRequest microsoftStsAuthorizationRequest) {
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.microsoft.identity.common.internal.providers.oauth2.OAuth2Strategy
    public void validateTokenRequest(MicrosoftStsTokenRequest microsoftStsTokenRequest) {
    }
}
