package com.microsoft.delvemobile.shared.data_access.auth;

import android.app.Activity;
import android.content.Context;
import android.content.Intent;
import android.net.Uri;
import android.util.Log;
import android.webkit.CookieManager;
import android.webkit.CookieSyncManager;
import com.google.common.base.Optional;
import com.google.common.base.Strings;
import com.microsoft.aad.adal.AuthenticationCallback;
import com.microsoft.aad.adal.AuthenticationContext;
import com.microsoft.aad.adal.AuthenticationException;
import com.microsoft.aad.adal.AuthenticationResult;
import com.microsoft.aad.adal.AuthenticationSettings;
import com.microsoft.aad.adal.ITokenCacheStore;
import com.microsoft.aad.adal.PromptBehavior;
import com.microsoft.aad.adal.TokenCacheItem;
import com.microsoft.delvemobile.flavor.FlavorEndpoint;
import com.microsoft.delvemobile.shared.UserIdentity;
import com.microsoft.delvemobile.shared.data_access.auth.tokencache.TokenCache;
import com.microsoft.delvemobile.shared.data_access.error_handler.AuthenticationExceptionWithServiceInfo;
import com.microsoft.delvemobile.shared.instrumentation.AnalyticsContext;
import com.microsoft.delvemobile.shared.instrumentation.Critter;
import com.microsoft.delvemobile.shared.model.discovery.ServiceInfo;
import com.mixpanel.android.mpmetrics.MixpanelAPI;

/* loaded from: classes.dex */
public class Authenticator {
    private static final String TAG = Authenticator.class.getSimpleName();
    private static final boolean VALIDATE_AUTHORITY = false;
    private final AnalyticsContext analytics;
    private AuthenticationContext authenticationContext;
    private final Context context;
    private final ITokenCacheStore cookieCache;
    private final Critter critter;
    private final TokenToCookie tokenToCookie;
    private final UserIdentity userIdentity;
    private final Object spoidcrlLock = new Object();
    private boolean isInitialized = false;
    private Exception initializationException = null;

    public Authenticator(Context context, UserIdentity userIdentity, Critter critter, MixpanelAPI mixpanelAPI) {
        this.context = context;
        this.userIdentity = userIdentity;
        this.critter = critter;
        this.analytics = new AnalyticsContext(critter, mixpanelAPI, getClass().getSimpleName());
        this.cookieCache = TokenCache.createNew(context);
        this.tokenToCookie = new TokenToCookie(context, this.analytics, critter);
        initialize();
    }

    private TokenCacheItem buildTokenCacheItemFromSPOIDCRL(String str, AuthenticationResult authenticationResult, ServiceInfo serviceInfo) {
        TokenCacheItem tokenCacheItem = new TokenCacheItem();
        tokenCacheItem.setAccessToken(str);
        tokenCacheItem.setAuthority(FlavorEndpoint.AUTHORITY);
        tokenCacheItem.setClientId(Client.ID);
        tokenCacheItem.setIsMultiResourceRefreshToken(false);
        tokenCacheItem.setResource(serviceInfo.ServiceResourceId);
        tokenCacheItem.setExpiresOn(authenticationResult.getExpiresOn());
        tokenCacheItem.setUserInfo(authenticationResult.getUserInfo());
        tokenCacheItem.setTenantId(authenticationResult.getTenantId());
        return tokenCacheItem;
    }

    private AuthenticationResult getAuthenticationResultSilentSync(ServiceInfo serviceInfo) {
        try {
            AuthenticationResult acquireTokenSilentSync = this.authenticationContext.acquireTokenSilentSync(serviceInfo.ServiceResourceId, Client.ID, this.userIdentity.getAdUserId());
            this.critter.getMetaData().logAuthenticationResult(acquireTokenSilentSync, serviceInfo);
            return acquireTokenSilentSync;
        } catch (AuthenticationException e) {
            throw new AuthenticationExceptionWithServiceInfo(e, serviceInfo, serviceInfo.Capability);
        }
    }

    private void initialize() {
        if (this.isInitialized) {
            return;
        }
        try {
            this.authenticationContext = new AuthenticationContext(this.context, FlavorEndpoint.AUTHORITY, false);
            AuthenticationSettings.INSTANCE.setSkipBroker(true);
            OdbEncryption.setupSecretKey(this.context, this.analytics);
            this.isInitialized = true;
        } catch (Exception e) {
            this.analytics.logError(e);
            this.initializationException = e;
        }
    }

    private void throwIfNotInitialized() {
        if (!this.isInitialized) {
            throw new IllegalStateException("Must call initialize() before calling this method");
        }
    }

    public void emptyCaches() {
        this.cookieCache.removeAll();
        this.authenticationContext.getCache().removeAll();
        CookieSyncManager.createInstance(this.context);
        CookieManager.getInstance().removeSessionCookie();
        CookieSyncManager.getInstance().sync();
    }

    public String getAccessTokenSilentSync(ServiceInfo serviceInfo) {
        throwIfNotInitialized();
        return getAuthenticationResultSilentSync(serviceInfo).getAccessToken();
    }

    public void getAccessTokenUi(Activity activity, ServiceInfo serviceInfo, String str, AuthenticationCallback<AuthenticationResult> authenticationCallback) {
        throwIfNotInitialized();
        Log.d(TAG, "AcquireToken for : " + serviceInfo.ServiceEndpointUri);
        this.authenticationContext.acquireToken(activity, serviceInfo.ServiceResourceId, Client.ID, Client.REDIRECT_URI, str, PromptBehavior.Auto, "nux=1&msafed=0", authenticationCallback);
    }

    public Exception getInitializationException() {
        return this.initializationException;
    }

    public String getSPOIDCRLSilentSync(ServiceInfo serviceInfo) {
        throwIfNotInitialized();
        Log.d(TAG, "getting SPOIDCRL for: " + Uri.parse(serviceInfo.ServiceEndpointUri).getHost());
        synchronized (this.spoidcrlLock) {
            Optional<String> tryGetCachedSPOIDCRL = tryGetCachedSPOIDCRL(serviceInfo);
            if (tryGetCachedSPOIDCRL.isPresent()) {
                return tryGetCachedSPOIDCRL.get();
            }
            String str = serviceInfo.ServiceResourceId;
            this.cookieCache.removeItem(str);
            AuthenticationResult authenticationResultSilentSync = getAuthenticationResultSilentSync(serviceInfo);
            if (authenticationResultSilentSync.getStatus() != AuthenticationResult.AuthenticationStatus.Succeeded) {
                throw new TokenToCookieTranslationException("authentication result not succeeded");
            }
            String str2 = null;
            String accessToken = authenticationResultSilentSync.getAccessToken();
            try {
                str2 = this.tokenToCookie.getCookie(accessToken, serviceInfo, true);
            } catch (TokenToCookieTranslationException e) {
                this.analytics.logError(e, TAG, String.format("Error 1st try getting spodicrl for %s", str));
            }
            if (Strings.isNullOrEmpty(str2)) {
                try {
                    str2 = this.tokenToCookie.getCookie(accessToken, serviceInfo, false);
                } catch (TokenToCookieTranslationException e2) {
                    Log.e(TAG, String.format("Error 2nd try getting spodicrl for %s", str));
                    throw e2;
                }
            }
            this.cookieCache.setItem(str, buildTokenCacheItemFromSPOIDCRL(str2, authenticationResultSilentSync, serviceInfo));
            this.critter.getMetaData().logSuccessOnceSpoidcrl(serviceInfo);
            return str2;
        }
    }

    public boolean isInitialized() {
        return this.isInitialized;
    }

    public void onActivityResult(int i, int i2, Intent intent) {
        throwIfNotInitialized();
        if (i == 1001) {
            this.authenticationContext.onActivityResult(i, i2, intent);
        }
    }

    public Optional<String> tryGetCachedSPOIDCRL(ServiceInfo serviceInfo) {
        throwIfNotInitialized();
        String str = serviceInfo.ServiceResourceId;
        synchronized (this.spoidcrlLock) {
            if (this.cookieCache.contains(str)) {
                TokenCacheItem item = this.cookieCache.getItem(str);
                if (!TokenCacheItem.isTokenExpired(item.getExpiresOn())) {
                    return Optional.of(item.getAccessToken());
                }
            }
            return Optional.absent();
        }
    }
}
