package com.microsoft.office.msohttp;

import android.accounts.AuthenticatorException;
import android.accounts.OperationCanceledException;
import android.app.Activity;
import android.content.Context;
import android.content.Intent;
import android.os.Bundle;
import com.microsoft.aad.adal.ADALError;
import com.microsoft.aad.adal.AuthenticationCallback;
import com.microsoft.aad.adal.AuthenticationContext;
import com.microsoft.aad.adal.AuthenticationException;
import com.microsoft.aad.adal.AuthenticationResult;
import com.microsoft.aad.adal.AuthenticationSettings;
import com.microsoft.aad.adal.PromptBehavior;
import com.microsoft.aad.adal.UserInfo;
import com.microsoft.office.OMServices.ApplicationControlState;
import com.microsoft.office.OMServices.BaseLogActivity;
import com.microsoft.office.plat.ContextConnector;
import com.microsoft.office.plat.keystore.AccountType;
import com.microsoft.office.plat.logging.Trace;
import java.io.IOException;
import java.security.NoSuchAlgorithmException;
import java.util.concurrent.Executors;
import javax.crypto.NoSuchPaddingException;

/* loaded from: classes.dex */
public final class AuthenticationController extends BaseLogActivity {
    static final /* synthetic */ boolean $assertionsDisabled;
    private static final int ACTIVITY_REQUEST_CODE_HRD_EMAIL = 1;
    private static final String ADAL_NETWORK_ERROR_MESSGAE = "ERR_PROXY_CONNECTION_FAILED";
    private static final String CRED_AUTHORITY_URL = "AUTHORITY_URL";
    private static final String CRED_EMAIL = "EMAIL";
    private static final String CRED_ISCACHEONLY = "ISCACHEONLY";
    private static final String CRED_RESOURCE = "RESOURCE";
    private static final String CRED_USER_DATA = "USER_DATA";
    private static final String EXTRA_QUERY_PARAMETER = "msafed=0&nux=1&restrict_to_hint=true";
    private static final String LOG_TAG = "AuthenticationController";
    private static final String TEST_ACTIVITY_CLASS = "com.microsoft.office.msohttp.tests.auth.OrgIdAuthLoginActivityTest";
    private static boolean promptBehaviourAlways;
    private AuthenticationContext mAuthContext;
    private String mAuthorityUrl;
    private UserInfo mCurrentBrokerUser;
    private String mEmail;
    private boolean mIsCacheOnly;
    private String mResource;
    private long mUserData;
    private boolean mIsBrokerAppConfigured = false;
    AuthenticationCallback<AuthenticationResult> callback = new AuthenticationCallback<AuthenticationResult>() { // from class: com.microsoft.office.msohttp.AuthenticationController.2
        @Override // com.microsoft.aad.adal.AuthenticationCallback
        public void onError(Exception exc) {
            Trace.e(AuthenticationController.LOG_TAG, Trace.getStackTraceString(exc));
            ADALError aDALError = ADALError.AUTH_FAILED;
            if (exc instanceof AuthenticationException) {
                AuthenticationException authenticationException = (AuthenticationException) exc;
                aDALError = authenticationException.getCode();
                String message = authenticationException.getMessage();
                Trace.d(AuthenticationController.LOG_TAG, "ErrrorCode:" + aDALError + " DetailedErrorMessage:" + message);
                if (message.contains(AuthenticationController.ADAL_NETWORK_ERROR_MESSGAE)) {
                    aDALError = ADALError.DEVICE_CONNECTION_IS_NOT_AVAILABLE;
                }
            }
            AuthenticationController.this.onFinish(AuthenticationController.getAuthStatus(aDALError.toString()), "", "");
        }

        @Override // com.microsoft.aad.adal.AuthenticationCallback
        public void onSuccess(AuthenticationResult authenticationResult) {
            Trace.d(AuthenticationController.LOG_TAG, "ADAL acquireToken OnSucc: result=" + authenticationResult);
            if (authenticationResult.getStatus() != AuthenticationResult.AuthenticationStatus.Succeeded || authenticationResult.getAccessToken().isEmpty()) {
                AuthenticationController.this.onFinish(authenticationResult.getStatus() == AuthenticationResult.AuthenticationStatus.Cancelled ? AuthStatus.CANCEL : AuthenticationController.getAuthStatus(authenticationResult.getErrorCode()), "", "");
                return;
            }
            ADALKeyStoreAdapter.SaveUserId(AuthenticationController.this.mAuthorityUrl, authenticationResult.getUserInfo().getDisplayableId(), authenticationResult.getUserInfo().getUserId());
            if (AuthenticationController.this.mEmail.equalsIgnoreCase(authenticationResult.getUserInfo().getDisplayableId())) {
                AuthenticationController authenticationController = AuthenticationController.this;
                boolean unused = AuthenticationController.promptBehaviourAlways = false;
                AuthenticationController.this.onFinish(AuthStatus.COMPLETE, authenticationResult.getUserInfo().getDisplayableId(), authenticationResult.getAccessToken());
            } else {
                Trace.d(AuthenticationController.LOG_TAG, "ADAL BUG BUG: Requested emaild is not matching with what we get from server so forcing login prompt");
                AuthenticationController authenticationController2 = AuthenticationController.this;
                boolean unused2 = AuthenticationController.promptBehaviourAlways = true;
                AuthenticationController.this.mIsCacheOnly = false;
                AuthenticationController.this.getADALToken();
            }
        }
    };

    static {
        $assertionsDisabled = !AuthenticationController.class.desiredAssertionStatus();
        promptBehaviourAlways = false;
    }

    private static void ClearADALCache() {
        new ADALKeyStoreAdapter().removeAll();
    }

    private static void GetADALAccessToken(long j, String str, String str2, String str3, boolean z) {
        Class<?> activity = AuthActivitySelector.getActivity(AuthenticationController.class, TEST_ACTIVITY_CLASS);
        Context context = ContextConnector.getInstance().getContext();
        AuthDialogHook.onAuthUIStart(AccountType.ORG_ID_PASSWORD);
        Intent intent = new Intent(context, activity);
        if (!(context instanceof Activity)) {
            intent.addFlags(268435456);
        }
        intent.putExtra(CRED_USER_DATA, j);
        intent.putExtra(CRED_AUTHORITY_URL, str);
        intent.putExtra(CRED_RESOURCE, str2);
        intent.putExtra(CRED_EMAIL, str3);
        intent.putExtra(CRED_ISCACHEONLY, z);
        context.startActivity(intent);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void acquireTokenFromAuthority(String str, String str2) {
        this.mAuthContext.acquireToken(this, this.mResource, str, str2, this.mEmail, promptBehaviourAlways ? PromptBehavior.Always : PromptBehavior.Auto, EXTRA_QUERY_PARAMETER, this.callback);
    }

    private static native void adalAuthComplete(long j, int i, String str, String str2);

    /* JADX INFO: Access modifiers changed from: private */
    public static String getADALResource(String str, String str2) {
        return (!isValidString(str) || str.equalsIgnoreCase(UrlFetcher.getServerUrlForUser(ServerUrlType.OFFICEAPPS_SERVICE.toInt(), str2)) || str.equalsIgnoreCase(UrlFetcher.getServerUrlForUser(ServerUrlType.OFFICEAPPS_SERVICE_ENDPOINT.toInt(), str2)) || str.startsWith(UrlFetcher.getServerUrlForUser(ServerUrlType.AUTO_DISCOVERY_SERVICE.toInt(), str2)) || str.equalsIgnoreCase(UrlFetcher.getServerUrlForUser(ServerUrlType.ROAMING_WEB_SERVICE_URL_PROD.toInt(), str2)) || str.equalsIgnoreCase(UrlFetcher.getServerUrlForUser(ServerUrlType.OFFICE_LICENSING_SERVICE_URL.toInt(), str2))) ? UrlFetcher.getServerUrlForUser(ServerUrlType.ADAL_RESOURCE_ID.toInt(), str2) : str;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void getADALToken() {
        Executors.newSingleThreadExecutor().execute(new Runnable() { // from class: com.microsoft.office.msohttp.AuthenticationController.3
            @Override // java.lang.Runnable
            public void run() {
                try {
                    if (!AuthenticationController.isValidString(AuthenticationController.this.mEmail)) {
                        AuthenticationController.this.mIsCacheOnly = false;
                        AuthenticationController.this.getEmailIdFromUser();
                        return;
                    }
                    if (!AuthenticationController.isValidString(AuthenticationController.this.mAuthorityUrl)) {
                        AuthenticationController.this.mAuthorityUrl = UrlFetcher.getServerUrlForUser(ServerUrlType.ADAL_AUTHORITY_URL.toInt(), AuthenticationController.this.mEmail);
                    }
                    AuthenticationController.this.mResource = AuthenticationController.getADALResource(AuthenticationController.this.mResource, AuthenticationController.this.mEmail);
                    AuthenticationController.this.initializeAuthContext(AuthenticationController.this.mEmail, AuthenticationController.this.mAuthorityUrl);
                    String serverUrlForUser = UrlFetcher.getServerUrlForUser(ServerUrlType.ADAL_CLIENT_ID.toInt(), AuthenticationController.this.mEmail);
                    String serverUrlForUser2 = UrlFetcher.getServerUrlForUser(ServerUrlType.ADAL_REDIRECT_URL.toInt(), AuthenticationController.this.mEmail);
                    if (!AuthenticationController.this.mIsCacheOnly) {
                        AuthenticationController authenticationController = AuthenticationController.this;
                        if (AuthenticationController.this.mIsBrokerAppConfigured) {
                            serverUrlForUser2 = AuthenticationController.this.mAuthContext.getRedirectUriForBroker();
                        }
                        authenticationController.acquireTokenFromAuthority(serverUrlForUser, serverUrlForUser2);
                        return;
                    }
                    String userId = AuthenticationController.this.mIsBrokerAppConfigured ? AuthenticationController.this.mCurrentBrokerUser.getUserId() : ADALKeyStoreAdapter.GetUserId(AuthenticationController.this.mAuthorityUrl, AuthenticationController.this.mEmail);
                    if (AuthenticationController.isValidString(userId)) {
                        AuthenticationController.this.mAuthContext.acquireTokenSilent(AuthenticationController.this.mResource, serverUrlForUser, userId, AuthenticationController.this.callback);
                        return;
                    }
                    AuthenticationController.this.mIsCacheOnly = false;
                    AuthenticationController authenticationController2 = AuthenticationController.this;
                    if (AuthenticationController.this.mIsBrokerAppConfigured) {
                        serverUrlForUser2 = AuthenticationController.this.mAuthContext.getRedirectUriForBroker();
                    }
                    authenticationController2.acquireTokenFromAuthority(serverUrlForUser, serverUrlForUser2);
                } catch (Exception e) {
                    Trace.e(AuthenticationController.LOG_TAG, Trace.getStackTraceString(e));
                    AuthenticationController.this.callback.onError(e);
                }
            }
        });
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static AuthStatus getAuthStatus(String str) {
        Trace.d(LOG_TAG, "ErrorCode::  " + str);
        AuthStatus authStatus = AuthStatus.ERROR;
        if (!isValidString(str)) {
            return authStatus;
        }
        if (str.equalsIgnoreCase(ADALError.AUTH_FAILED_CANCELLED.toString())) {
            authStatus = AuthStatus.CANCEL;
        } else if (str.equalsIgnoreCase(ADALError.DEVICE_CONNECTION_IS_NOT_AVAILABLE.toString())) {
            authStatus = AuthStatus.NETWORKERROR;
        }
        return authStatus;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void getEmailIdFromUser() {
        startActivityForResult(HRDActivity.getIntentToPickEmailId(this), 1);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void initializeAuthContext(String str, String str2) throws NoSuchPaddingException, NoSuchAlgorithmException, OperationCanceledException, AuthenticatorException, IOException {
        AuthenticationSettings.INSTANCE.setSkipBroker(false);
        this.mAuthContext = new AuthenticationContext((Context) this, str2, false);
        try {
            UserInfo[] brokerUsers = this.mAuthContext.getBrokerUsers();
            if (brokerUsers != null) {
                for (UserInfo userInfo : brokerUsers) {
                    if ((isValidString(userInfo.getDisplayableId()) && userInfo.getDisplayableId().equalsIgnoreCase(str)) || (isValidString(userInfo.getUserId()) && userInfo.getUserId().equalsIgnoreCase(str))) {
                        this.mCurrentBrokerUser = userInfo;
                        this.mIsBrokerAppConfigured = true;
                        Trace.d(LOG_TAG, "Authenticator/Broker is configured on the device");
                        break;
                    }
                }
            }
        } catch (Exception e) {
            Trace.e(LOG_TAG, Trace.getStackTraceString(e));
        }
        if (this.mIsBrokerAppConfigured) {
            return;
        }
        Trace.d(LOG_TAG, "Broker is not configured, so skipping broker");
        AuthenticationSettings.INSTANCE.setSkipBroker(true);
        this.mAuthContext = new AuthenticationContext(this, str2, true, new ADALKeyStoreAdapter());
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static boolean isValidString(String str) {
        return (str == null || str.isEmpty()) ? false : true;
    }

    @Override // android.app.Activity
    protected void onActivityResult(int i, int i2, Intent intent) {
        Trace.d(LOG_TAG, "onActivityResult::reqcode:" + i + " resultcode:" + i2);
        switch (i) {
            case 1:
                if (i2 != 2) {
                    Trace.d(LOG_TAG, "Not a valid org id");
                    onFinish(AuthStatus.ERROR, "", "");
                    break;
                } else {
                    this.mEmail = intent.getStringExtra(HRDActivity.RESULT_EMAIL);
                    Executors.newSingleThreadExecutor().execute(new Runnable() { // from class: com.microsoft.office.msohttp.AuthenticationController.1
                        @Override // java.lang.Runnable
                        public void run() {
                            if (new RealmDiscovery().FederationProviderDiscovery(AuthenticationController.this.mEmail)) {
                                AuthenticationController.this.getADALToken();
                            } else {
                                Trace.d(AuthenticationController.LOG_TAG, "Realm Discovery failed");
                                AuthenticationController.this.onFinish(AuthStatus.ERROR, "", "");
                            }
                        }
                    });
                    break;
                }
            default:
                if (this.mAuthContext != null) {
                    this.mAuthContext.onActivityResult(i, i2, intent);
                    break;
                }
                break;
        }
        super.onActivityResult(i, i2, intent);
    }

    @Override // android.app.Activity
    public void onBackPressed() {
        onFinish(AuthStatus.CANCEL, "", "");
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.microsoft.office.OMServices.BaseLogActivity, android.app.Activity
    public void onCreate(Bundle bundle) {
        Trace.d(LOG_TAG, "AuthenticationController::onCreate");
        super.onCreate(bundle);
        if (0 == ApplicationControlState.getSplashLaunchToken()) {
            Trace.i(LOG_TAG, "valid token is not found; finish the activity and let app handle the scenario");
            finish();
            return;
        }
        Intent intent = getIntent();
        Trace.d(LOG_TAG, "AuthenticationController::onCreate intent=" + intent);
        if (!$assertionsDisabled && intent == null) {
            throw new AssertionError();
        }
        Bundle extras = intent.getExtras();
        Trace.d(LOG_TAG, "onCreate extrasBundle=" + extras);
        if (!$assertionsDisabled && extras == null) {
            throw new AssertionError();
        }
        this.mUserData = extras.getLong(CRED_USER_DATA);
        Trace.d(LOG_TAG, "onCreate userData=" + this.mUserData);
        this.mIsCacheOnly = extras.getBoolean(CRED_ISCACHEONLY);
        Trace.d(LOG_TAG, "onCreate cache only=" + this.mIsCacheOnly);
        this.mResource = extras.getString(CRED_RESOURCE, "");
        Trace.d(LOG_TAG, "onCreate resource=" + this.mResource);
        this.mAuthorityUrl = extras.getString(CRED_AUTHORITY_URL, "");
        Trace.d(LOG_TAG, "onCreate authorityUrl=" + this.mAuthorityUrl);
        this.mEmail = extras.getString(CRED_EMAIL, "");
        getADALToken();
        Trace.d(LOG_TAG, "AuthenticationController::onCreate done");
    }

    public void onFinish(AuthStatus authStatus, String str, String str2) {
        AuthDialogHook.onAuthUIFinished(AccountType.ORG_ID_PASSWORD, authStatus);
        finish();
        if (!$assertionsDisabled && this.mUserData == 0) {
            throw new AssertionError();
        }
        Trace.d(LOG_TAG, "onFinish auth status passed to Native=" + authStatus);
        adalAuthComplete(this.mUserData, authStatus.toInt(), str2, str);
    }
}
