package com.microsoft.skype.teams.services.authorization.msal;

import a.a$$ExternalSyntheticOutline0;
import android.app.Activity;
import android.content.Context;
import androidx.collection.MapCollections;
import bolts.Task$6$$ExternalSyntheticOutline0;
import coil.size.Dimensions;
import com.microsoft.identity.client.AcquireTokenParameters;
import com.microsoft.identity.client.AcquireTokenSilentParameters;
import com.microsoft.identity.client.AuthenticationCallback;
import com.microsoft.identity.client.IAccount;
import com.microsoft.identity.client.IAuthenticationResult;
import com.microsoft.identity.client.IMultipleAccountPublicClientApplication;
import com.microsoft.identity.client.IPublicClientApplication;
import com.microsoft.identity.client.ITokenShare;
import com.microsoft.identity.client.PoPAuthenticationScheme;
import com.microsoft.identity.client.Prompt;
import com.microsoft.identity.client.claims.ClaimsRequest;
import com.microsoft.identity.client.claims.RequestedClaimAdditionalInformation;
import com.microsoft.identity.client.exception.MsalException;
import com.microsoft.skype.teams.logger.Logger;
import com.microsoft.skype.teams.models.auth.TeamsAuthProviderParameters;
import com.microsoft.skype.teams.models.auth.TeamsPopTokenParams;
import com.microsoft.skype.teams.services.authorization.AuthConfiguration;
import com.microsoft.skype.teams.services.authorization.AuthorizationError;
import com.microsoft.skype.teams.services.authorization.IAuthenticationCallback;
import com.microsoft.skype.teams.services.authorization.helpers.AuthorizationUtilities;
import com.microsoft.skype.teams.services.configuration.ExperimentationManager;
import com.microsoft.skype.teams.services.diagnostics.SuppressEmail;
import com.microsoft.skype.teams.services.diagnostics.telemetryschema.HttpEvent;
import com.microsoft.skype.teams.storage.IExperimentationManager;
import com.microsoft.skype.teams.utilities.AccountSignUpUtilities;
import com.microsoft.skype.teams.utilities.java.StringUtils;
import com.microsoft.teams.core.app.ITeamsApplication;
import com.microsoft.teams.ecs.ExperimentationPreferences;
import com.microsoft.teams.nativecore.logger.ILogger;
import com.microsoft.teams.search.core.data.SearchAppData$$ExternalSyntheticLambda3;
import com.microsoft.tokenshare.AccountInfo;
import java.net.MalformedURLException;
import java.net.URL;
import java.util.AbstractMap;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
import java.util.Locale;
import java.util.Map;
import java.util.UUID;
import java.util.concurrent.ConcurrentHashMap;
import okio.Segment;

/* loaded from: classes4.dex */
public abstract class MsalAuthenticationProvider extends MapCollections {
    public static final ConcurrentHashMap ACCOUNT_CACHE = new ConcurrentHashMap();
    public static final SuppressEmail SUPPRESS_EMAIL = new SuppressEmail();
    public static boolean logInitialized;
    public final ILogger mLogger;
    public final ITeamsApplication mTeamsApplication;
    public final ITokenShare mTokenShare;

    /* renamed from: com.microsoft.skype.teams.services.authorization.msal.MsalAuthenticationProvider$1, reason: invalid class name */
    /* loaded from: classes4.dex */
    public final class AnonymousClass1 implements AuthenticationCallback {
        public final /* synthetic */ IAuthenticationCallback val$callback;
        public final /* synthetic */ boolean val$interactive;
        public final /* synthetic */ String val$resource;
        public final /* synthetic */ String[] val$scopes;
        public final /* synthetic */ long val$startTime;
        public final /* synthetic */ String val$tenantId;
        public final /* synthetic */ String val$userId;

        public AnonymousClass1(String[] strArr, String str, String str2, String str3, long j, boolean z, IAuthenticationCallback iAuthenticationCallback) {
            this.val$scopes = strArr;
            this.val$resource = str;
            this.val$userId = str2;
            this.val$tenantId = str3;
            this.val$startTime = j;
            this.val$interactive = z;
            this.val$callback = iAuthenticationCallback;
        }

        @Override // com.microsoft.identity.client.AuthenticationCallback
        public final void onCancel() {
            ILogger iLogger = MsalAuthenticationProvider.this.mLogger;
            Object[] objArr = new Object[4];
            objArr[0] = Long.valueOf(System.currentTimeMillis() - this.val$startTime);
            objArr[1] = this.val$interactive ? HttpEvent.ALREADY_SCRUBBED : this.val$userId;
            MsalAuthenticationProvider msalAuthenticationProvider = MsalAuthenticationProvider.this;
            String[] strArr = this.val$scopes;
            msalAuthenticationProvider.getClass();
            objArr[2] = MsalAuthenticationProvider.getAggregatedScope(strArr);
            objArr[3] = this.val$resource;
            ((Logger) iLogger).log(2, "MsalAuthenticationProvider", "onCancel:timeTaken:[%d][%s][%s][%s]", objArr);
            this.val$callback.onCancel();
        }

        @Override // com.microsoft.identity.client.SilentAuthenticationCallback
        public final void onError(MsalException msalException) {
            MsalAuthenticationProvider msalAuthenticationProvider = MsalAuthenticationProvider.this;
            String str = this.val$userId;
            String str2 = this.val$resource;
            msalAuthenticationProvider.getClass();
            MsalAuthenticationProvider.getKey(str, str2);
            this.val$callback.onError(msalAuthenticationProvider.handleOnError(((IPublicClientApplication) MsalAuthenticationProvider.this.mEntrySet).getConfiguration().getClientId(), this.val$interactive ? HttpEvent.ALREADY_SCRUBBED : this.val$userId, "null", this.val$resource, this.val$startTime, msalException));
        }

        @Override // com.microsoft.identity.client.SilentAuthenticationCallback
        public final void onSuccess(IAuthenticationResult iAuthenticationResult) {
            try {
                this.val$callback.onSuccess(MsalAuthenticationProvider.this.handleOnSuccess(this.val$scopes, this.val$resource, this.val$userId, this.val$tenantId, this.val$startTime, this.val$interactive, iAuthenticationResult, false));
            } catch (AuthorizationError e) {
                this.val$callback.onError(e);
            }
        }
    }

    /* renamed from: com.microsoft.skype.teams.services.authorization.msal.MsalAuthenticationProvider$2, reason: invalid class name */
    /* loaded from: classes4.dex */
    public final class AnonymousClass2 implements IMultipleAccountPublicClientApplication.GetAccountCallback {
        public final /* synthetic */ IAccount val$account;
        public final /* synthetic */ Activity val$activity;
        public final /* synthetic */ String val$authorityUrl;
        public final /* synthetic */ IAuthenticationCallback val$callback;
        public final /* synthetic */ String val$claims;
        public final /* synthetic */ UUID val$correlationId;
        public final /* synthetic */ List val$extraQueryParameters;
        public final /* synthetic */ boolean val$forcePrompt;
        public final /* synthetic */ String val$loginHint;
        public final /* synthetic */ String[] val$scopes;
        public final /* synthetic */ long val$startTime;

        public AnonymousClass2(long j, IAccount iAccount, Activity activity, String[] strArr, String str, String str2, UUID uuid, String str3, boolean z, List list, IAuthenticationCallback iAuthenticationCallback) {
            this.val$startTime = j;
            this.val$account = iAccount;
            this.val$activity = activity;
            this.val$scopes = strArr;
            this.val$loginHint = str;
            this.val$claims = str2;
            this.val$correlationId = uuid;
            this.val$authorityUrl = str3;
            this.val$forcePrompt = z;
            this.val$extraQueryParameters = list;
            this.val$callback = iAuthenticationCallback;
        }

        /* JADX WARN: Can't rename method to resolve collision */
        @Override // com.microsoft.identity.common.java.util.TaskCompletedCallbackWithError
        public final void onError(MsalException msalException) {
            MsalAuthenticationProvider msalAuthenticationProvider = MsalAuthenticationProvider.this;
            Activity activity = this.val$activity;
            String[] strArr = this.val$scopes;
            String str = this.val$loginHint;
            String str2 = this.val$claims;
            UUID uuid = this.val$correlationId;
            String str3 = this.val$authorityUrl;
            boolean z = this.val$forcePrompt;
            List list = this.val$extraQueryParameters;
            IAuthenticationCallback iAuthenticationCallback = this.val$callback;
            new MsalAuthorizationError("MSAL_ERROR", msalException, MsalAuthenticationProvider.this.mTeamsApplication.getExperimentationManager(null));
            msalAuthenticationProvider.acquireTokenInteractive(activity, strArr, str, str2, uuid, str3, z, list, iAuthenticationCallback);
        }

        @Override // com.microsoft.identity.common.java.util.TaskCompletedCallback
        public final void onTaskCompleted(IAccount iAccount) {
            int i = 1;
            if (iAccount != null) {
                MsalAuthenticationProvider.this.acquireTokenSilentAsync(new TeamsAuthProviderParameters.Builder(this.val$scopes[0], iAccount.getId(), this.val$authorityUrl).forceRefresh(false).claims(this.val$claims).build(), new AccountSignUpUtilities.AnonymousClass1.C01181(this, i));
                return;
            }
            ((Logger) MsalAuthenticationProvider.this.mLogger).log(6, "MsalAuthenticationProvider", "account is null!:timeTaken:[%d][%s]", Long.valueOf(System.currentTimeMillis() - this.val$startTime), this.val$account.getId());
            MsalAuthenticationProvider msalAuthenticationProvider = MsalAuthenticationProvider.this;
            IAccount iAccount2 = this.val$account;
            msalAuthenticationProvider.getClass();
            MsalAuthenticationProvider.removeAccountFromCache(iAccount2);
            MsalAuthenticationProvider.this.acquireTokenInteractive(this.val$activity, this.val$scopes, this.val$loginHint, this.val$claims, this.val$correlationId, this.val$authorityUrl, this.val$forcePrompt, this.val$extraQueryParameters, this.val$callback);
        }
    }

    public MsalAuthenticationProvider(IPublicClientApplication iPublicClientApplication, ITeamsApplication iTeamsApplication, ILogger iLogger, boolean z) {
        this.mTeamsApplication = iTeamsApplication;
        this.mLogger = iLogger;
        this.mEntrySet = iPublicClientApplication;
        this.mTokenShare = iPublicClientApplication instanceof ITokenShare ? (ITokenShare) iPublicClientApplication : null;
        this.mKeySet = new AuthConfiguration(iPublicClientApplication.getConfiguration().getClientId(), AuthorizationUtilities.getPrimaryResourceUrl(z), z);
        this.mValues = new Segment.Companion();
    }

    public static String getAggregatedScope(String[] strArr) {
        StringBuilder sb = new StringBuilder();
        for (String str : strArr) {
            sb.append(str);
            sb.append(';');
        }
        return sb.toString();
    }

    public static String getKey(String str, String str2) {
        return a$$ExternalSyntheticOutline0.m(str, StringUtils.UNDERSCORE, str2);
    }

    public static void removeAccountFromCache(IAccount iAccount) {
        for (Map.Entry entry : ACCOUNT_CACHE.entrySet()) {
            if (iAccount.getId().equalsIgnoreCase(((IAccount) entry.getValue()).getId())) {
                ACCOUNT_CACHE.remove(entry.getKey());
            }
        }
    }

    @Override // com.microsoft.skype.teams.services.authorization.IAuthenticationProvider
    public final void acquirePrimaryToken(String str, Activity activity, String str2, boolean z, UUID uuid, String str3, List list, IAuthenticationCallback iAuthenticationCallback) {
        acquireToken(activity, iAuthenticationCallback, str, str2, str3, list, uuid, z, new String[]{((AuthConfiguration) this.mKeySet).primaryResourceUrl});
    }

    @Override // com.microsoft.skype.teams.services.authorization.IAuthenticationProvider
    public final void acquirePrimaryTokenSilentAsync(boolean z, String str, String str2, String str3, IAuthenticationCallback iAuthenticationCallback) {
        acquireTokenSilentAsync(new TeamsAuthProviderParameters.Builder(((AuthConfiguration) this.mKeySet).primaryResourceUrl, str, str3).forceRefresh(z).claims(str2).build(), iAuthenticationCallback);
    }

    public final void acquireToken(Activity activity, IAuthenticationCallback iAuthenticationCallback, String str, String str2, String str3, List list, UUID uuid, boolean z, String[] strArr) {
        IAccount iAccount = (IAccount) ACCOUNT_CACHE.get(str.toLowerCase(Locale.ENGLISH));
        if (iAccount == null || z || !(this.mEntrySet instanceof IMultipleAccountPublicClientApplication)) {
            acquireTokenInteractive(activity, strArr, str, str2, uuid, str3, z, list, iAuthenticationCallback);
        } else {
            ((IMultipleAccountPublicClientApplication) this.mEntrySet).getAccount(iAccount.getId(), new AnonymousClass2(System.currentTimeMillis(), iAccount, activity, strArr, str, str2, uuid, str3, z, list, iAuthenticationCallback));
        }
    }

    @Override // com.microsoft.skype.teams.services.authorization.IAuthenticationProvider
    public final void acquireToken(String str, String str2, Activity activity, String str3, boolean z, UUID uuid, String str4, List list, IAuthenticationCallback iAuthenticationCallback) {
        acquireToken(activity, iAuthenticationCallback, str, str3, str4, list, uuid, z, new String[]{str2});
    }

    public final void acquireTokenInteractive(Activity activity, String[] strArr, String str, String str2, UUID uuid, String str3, boolean z, List list, IAuthenticationCallback iAuthenticationCallback) {
        long currentTimeMillis = System.currentTimeMillis();
        Prompt prompt = z ? Prompt.LOGIN : Prompt.WHEN_REQUIRED;
        ArrayList m = Task$6$$ExternalSyntheticOutline0.m((Logger) this.mLogger, 2, "MsalAuthenticationProvider", "acquireToken:[%s][%s][%s]", new Object[]{((IPublicClientApplication) this.mEntrySet).getConfiguration().getClientId(), getAggregatedScope(strArr), str3});
        int i = 5;
        if (!Dimensions.isCollectionEmpty(list)) {
            list.forEach(new SearchAppData$$ExternalSyntheticLambda3(m, i));
        }
        if (((ExperimentationPreferences) ((ExperimentationManager) this.mTeamsApplication.getExperimentationManager(null)).mExperimentationPreferences).getSettingAsBoolean$1("MicrosoftTeamsClientAndroid", "enableCOA", false)) {
            m.add(new AbstractMap.SimpleEntry("coa", "1"));
        }
        AcquireTokenParameters.Builder withLoginHint = new AcquireTokenParameters.Builder().startAuthorizationFromActivity(activity).withScopes(Arrays.asList(strArr)).withPrompt(prompt).withClaims(generateClaims(str2)).withAuthorizationQueryStringParameters(m).fromAuthority(str3).withCallback(new AnonymousClass1(strArr, strArr[0], str, null, currentTimeMillis, true, iAuthenticationCallback)).withLoginHint(str);
        if (uuid != null) {
            withLoginHint = withLoginHint.withCorrelationId(uuid);
        }
        AcquireTokenParameters build = withLoginHint.build();
        ((Logger) this.mLogger).log(5, "MsalAuthenticationProvider", "handleUiRequiredError disabled; initiate acquireTokenInteractive flow [%b]", Boolean.valueOf(z));
        ((IPublicClientApplication) this.mEntrySet).acquireToken(build);
    }

    public final AcquireTokenSilentParameters buildAcquireTokenSilentParameters(TeamsAuthProviderParameters teamsAuthProviderParameters, IAccount iAccount, IAuthenticationCallback iAuthenticationCallback) {
        URL url;
        String[] strArr = {teamsAuthProviderParameters.sanitizedResource()};
        AcquireTokenSilentParameters.Builder forceRefresh = new AcquireTokenSilentParameters.Builder().withScopes(Arrays.asList(strArr)).forAccount(iAccount).fromAuthority(teamsAuthProviderParameters.authorityUrl()).withClaims(generateClaims(teamsAuthProviderParameters.claims())).forceRefresh(teamsAuthProviderParameters.forceRefresh());
        TeamsPopTokenParams popTokenParams = teamsAuthProviderParameters.popTokenParams();
        if (popTokenParams != null) {
            String sanitizedResource = StringUtils.isNotEmpty(popTokenParams.logicalUrl) ? popTokenParams.logicalUrl : teamsAuthProviderParameters.sanitizedResource();
            ILogger iLogger = this.mLogger;
            try {
                url = new URL(sanitizedResource);
            } catch (MalformedURLException unused) {
                ((Logger) iLogger).log(7, "AuthorizationUtilities", "malformed resource url", new Object[0]);
                url = null;
            }
            if (url != null) {
                forceRefresh.withAuthenticationScheme(PoPAuthenticationScheme.builder().withHttpMethod(popTokenParams.teamsClientHttpMethod.toHttMethod()).withNonce(popTokenParams.nonce).withUrl(url).build());
            }
        }
        if (iAuthenticationCallback != null) {
            forceRefresh.withCallback(new AnonymousClass1(strArr, teamsAuthProviderParameters.sanitizedResource(), teamsAuthProviderParameters.userId(), teamsAuthProviderParameters.tenantId(), System.currentTimeMillis(), false, iAuthenticationCallback));
        }
        return forceRefresh.build();
    }

    public final ClaimsRequest generateClaims(String str) {
        try {
            ClaimsRequest claimsRequestFromJsonString = ClaimsRequest.getClaimsRequestFromJsonString(str);
            if (str == null) {
                claimsRequestFromJsonString = new ClaimsRequest();
            }
            RequestedClaimAdditionalInformation requestedClaimAdditionalInformation = new RequestedClaimAdditionalInformation();
            ArrayList arrayList = new ArrayList();
            IExperimentationManager experimentationManager = this.mTeamsApplication.getExperimentationManager(null);
            arrayList.add("ProtApp");
            if (((ExperimentationManager) experimentationManager).isLLTEnabled()) {
                arrayList.add("CP1");
            }
            requestedClaimAdditionalInformation.setValues(arrayList);
            claimsRequestFromJsonString.requestClaimInAccessToken("xms_cc", requestedClaimAdditionalInformation);
            return claimsRequestFromJsonString;
        } catch (Exception e) {
            ((Logger) this.mLogger).log(7, "MsalAuthenticationProvider", "generate claims failed with exception: %s", SUPPRESS_EMAIL.suppressEUII(e.getMessage()));
            return null;
        }
    }

    @Override // com.microsoft.skype.teams.services.authorization.IAuthenticationProvider
    public final String getSerializedToken(Context context, String str, AccountInfo.AccountType accountType) {
        try {
            return accountType == AccountInfo.AccountType.ORGID ? this.mTokenShare.getOrgIdFamilyRefreshToken(str) : this.mTokenShare.getMsaFamilyRefreshToken(str);
        } catch (Exception e) {
            ((Logger) this.mTeamsApplication.getLogger(null)).log(7, "MsalAuthenticationProvider", SUPPRESS_EMAIL.suppressEUII(e.getMessage()), new Object[0]);
            return null;
        }
    }

    public final MsalAuthorizationError handleOnError(String str, String str2, String str3, String str4, long j, Exception exc) {
        ((Logger) this.mLogger).log(5, "MsalAuthenticationProvider", exc, "onError:timeTaken:[%d][%s][%s][%s][%s][%s]", Long.valueOf(System.currentTimeMillis() - j), str, str2, str3, str4, SUPPRESS_EMAIL.suppressEUII(exc.getMessage()));
        return new MsalAuthorizationError("MSAL_ERROR", exc, this.mTeamsApplication.getExperimentationManager(null));
    }

    public final MsalAuthenticationResult handleOnSuccess(String[] strArr, String str, String str2, String str3, long j, boolean z, IAuthenticationResult iAuthenticationResult, boolean z2) {
        boolean z3;
        int length = strArr.length;
        int i = 0;
        while (true) {
            if (i >= length) {
                z3 = false;
                break;
            }
            if (strArr[i].equalsIgnoreCase(((AuthConfiguration) this.mKeySet).primaryResourceUrl)) {
                z3 = true;
                break;
            }
            i++;
        }
        MsalAuthenticationResult msalAuthenticationResult = new MsalAuthenticationResult(iAuthenticationResult, z3);
        String str4 = z ? HttpEvent.ALREADY_SCRUBBED : str2;
        IAccount account = iAuthenticationResult.getAccount();
        ((Logger) this.mLogger).log(2, "MsalAuthenticationProvider", "onSuccess:[userid:%s][resource:%s][mauthority:%s]", str4, str, account.getAuthority());
        ((Logger) this.mLogger).log(3, "MsalAuthenticationProvider", "onSuccess:timeTaken:[%d][%s][userid:%s][homeuserid:%s][getIdentifier:%s][getOid:%s][mauthority:%s][resulttenantId:%s][correlationId:%s]", Long.valueOf(System.currentTimeMillis() - j), ((IPublicClientApplication) this.mEntrySet).getConfiguration().getClientId(), str4, account.getId(), msalAuthenticationResult.getIdentifier(), msalAuthenticationResult.getOid(), msalAuthenticationResult.getIss(), msalAuthenticationResult.getTenantId(), msalAuthenticationResult.getCorrelationId());
        if (!str2.equalsIgnoreCase(msalAuthenticationResult.getOid())) {
            ((Logger) this.mLogger).log(3, "MsalAuthenticationProvider", "onSuccess.different:[userid:%s][mauthority:%s][resulttenantId:%s][%s]", str4, msalAuthenticationResult.getIss(), msalAuthenticationResult.getTenantId(), String.valueOf(z));
            boolean z4 = (str3 == null || str3.equalsIgnoreCase(msalAuthenticationResult.getTenantId())) ? false : true;
            if ((!z && !z2) || z4) {
                ((Logger) this.mLogger).log(3, "MsalAuthenticationProvider", "Wrong userid, tenantId combination. Bailing out", new Object[0]);
                throw new AuthorizationError("RESULT_NOT_FOR_REQUEST", String.format("Auth result not for the right request [%s][%s]", str2, msalAuthenticationResult.getOid()));
            }
        }
        ConcurrentHashMap concurrentHashMap = ACCOUNT_CACHE;
        concurrentHashMap.put(msalAuthenticationResult.getIdentifier(), account);
        concurrentHashMap.put(msalAuthenticationResult.getUserPrincipalName().toLowerCase(Locale.ENGLISH), account);
        if (StringUtils.isNotEmpty(str2)) {
            concurrentHashMap.put(str2, account);
        }
        return msalAuthenticationResult;
    }

    @Override // com.microsoft.skype.teams.services.authorization.IAuthenticationProvider
    public final boolean isSharedDevice() {
        return ((IPublicClientApplication) this.mEntrySet).isSharedDevice();
    }

    @Override // com.microsoft.skype.teams.services.authorization.IAuthenticationProvider
    public final void saveRefreshTokenToProviderCache(Context context, String str, AccountInfo.AccountType accountType) {
        ILogger logger = this.mTeamsApplication.getLogger(null);
        try {
            ITokenShare iTokenShare = this.mTokenShare;
            if (iTokenShare == null) {
                ((Logger) logger).log(7, "MsalAuthenticationProvider", "mTokenShare is null", new Object[0]);
            } else if (accountType == AccountInfo.AccountType.ORGID) {
                iTokenShare.saveOrgIdFamilyRefreshToken(str);
            } else if (accountType == AccountInfo.AccountType.MSA) {
                iTokenShare.saveMsaFamilyRefreshToken(str);
            }
        } catch (Exception e) {
            ((Logger) logger).log(2, "MsalAuthenticationProvider", e);
        }
    }

    public final String toString() {
        return "MSAL";
    }
}
