package com.microsoft.authorization;

import android.accounts.AbstractAccountAuthenticator;
import android.accounts.Account;
import android.accounts.AccountAuthenticatorResponse;
import android.accounts.AccountManager;
import android.accounts.AuthenticatorException;
import android.accounts.NetworkErrorException;
import android.content.ComponentName;
import android.content.Context;
import android.content.Intent;
import android.os.Bundle;
import android.os.Parcelable;
import android.text.TextUtils;
import com.google.a.t;
import com.microsoft.aad.adal.ADALAuthenticationContext;
import com.microsoft.aad.adal.ADALError;
import com.microsoft.aad.adal.AuthenticationConstants;
import com.microsoft.aad.adal.AuthenticationException;
import com.microsoft.aad.adal.AuthenticationSettings;
import com.microsoft.authorization.adal.ADALConfigurationFetcher;
import com.microsoft.authorization.instrumentation.SignInInstrumentationEvent;
import com.microsoft.authorization.instrumentation.SignInTelemetryManager;
import com.microsoft.authorization.intunes.MAMEnrollmentException;
import com.microsoft.authorization.live.LiveAuthenticationException;
import com.microsoft.authorization.live.LiveNetworkTasks;
import com.microsoft.authorization.odb.BrokerUtils;
import com.microsoft.authorization.odb.MamEnrollmentTask;
import com.microsoft.authorization.odb.OdbNetworkTasks;
import com.microsoft.c.a.d;
import com.microsoft.c.a.f;
import com.microsoft.intune.mam.policy.MAMEnrollmentManager;
import com.microsoft.intune.mam.policy.MAMServiceLookupCache;
import com.microsoft.odsp.PermissionsUtils;
import com.microsoft.odsp.io.Log;
import com.microsoft.tokenshare.AccountInfo;
import com.microsoft.tokenshare.b;
import com.microsoft.tokenshare.m;
import com.microsoft.tokenshare.s;
import java.io.IOException;
import java.util.Arrays;
import java.util.Date;
import java.util.List;
import java.util.Locale;
import java.util.concurrent.TimeoutException;

/* loaded from: classes.dex */
public class OneDriveAuthenticator extends AbstractAccountAuthenticator {

    /* renamed from: a, reason: collision with root package name */
    private static final Object f2670a = new Object();

    /* renamed from: b, reason: collision with root package name */
    private static final String[] f2671b = {"com.microsoft.skydrive", "com.microsoft.sharepoint"};

    /* renamed from: c, reason: collision with root package name */
    private static final String f2672c = OneDriveAuthenticator.class.getName();
    private final Context d;
    private final AccountManager e;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes.dex */
    public class RefreshTokenResult {

        /* renamed from: b, reason: collision with root package name */
        private SecurityToken f2674b;

        /* renamed from: c, reason: collision with root package name */
        private int f2675c;
        private String d;
        private MAMEnrollmentManager.Result e;

        private RefreshTokenResult() {
        }
    }

    public OneDriveAuthenticator(Context context) {
        super(context);
        this.d = context;
        this.e = AccountManager.get(this.d);
    }

    private Intent a(String str) {
        if (!Arrays.asList(f2671b).contains(str)) {
            return new Intent(this.d, (Class<?>) StartSignInActivity.class);
        }
        Intent intent = new Intent();
        intent.setComponent(new ComponentName(str, StartSignInActivity.class.getName()));
        return intent;
    }

    private SecurityToken a(Account account, String str) {
        String peekAuthToken = this.e.peekAuthToken(account, str);
        SecurityToken securityToken = null;
        if (!TextUtils.isEmpty(peekAuthToken)) {
            try {
                securityToken = SecurityToken.a(peekAuthToken);
            } catch (t e) {
                Log.a(f2672c, "Parse cached token failure", e);
            }
        }
        if (TestHookSettings.a(this.d)) {
            return null;
        }
        return securityToken;
    }

    private AccountInfo a(List<AccountInfo> list, AccountInfo.AccountType accountType, String str, boolean z) {
        for (AccountInfo accountInfo : list) {
            if (accountType.equals(accountInfo.getAccountType()) && str.equalsIgnoreCase(accountInfo.getPrimaryEmail()) && (!z || Arrays.asList(f2671b).contains(accountInfo.getProviderPackageId()))) {
                return accountInfo;
            }
        }
        return null;
    }

    private Boolean a(Account account, String str, SecurityScope securityScope) {
        SecurityScope securityScope2 = null;
        try {
            OneDriveLocalAccount oneDriveLocalAccount = new OneDriveLocalAccount(this.d, account);
            if (OneDriveAccountType.BUSINESS.equals(oneDriveLocalAccount.a())) {
                if ((oneDriveLocalAccount.e() != null ? oneDriveLocalAccount.e() : oneDriveLocalAccount.f()) == null) {
                    return null;
                }
            }
            securityScope2 = SecurityScope.a(oneDriveLocalAccount);
        } catch (AuthenticatorException e) {
        }
        if (!securityScope.equals(securityScope2)) {
            return null;
        }
        String userData = this.e.getUserData(account, "com.microsoft.skydrive.account_state");
        this.e.setUserData(account, "com.microsoft.skydrive.account_state", str);
        return Boolean.valueOf((str.equalsIgnoreCase(userData) || TextUtils.isEmpty(userData)) ? false : true);
    }

    private String a(Account account, SecurityScope securityScope) throws IOException {
        Bundle bundle = null;
        try {
            bundle = getAuthToken(null, account, securityScope.toString(), null);
        } catch (NetworkErrorException e) {
        }
        if (bundle == null) {
            return null;
        }
        if (1002 == bundle.getInt("errorCode")) {
            throw new IOException(bundle.getString("errorMessage"));
        }
        String string = bundle.getString("authtoken");
        if (TextUtils.isEmpty(string)) {
            return null;
        }
        return SecurityToken.a(string).d();
    }

    private boolean a(Account account, boolean z) {
        m a2;
        AccountInfo.AccountType accountType = OneDriveAccountType.PERSONAL.equals(AccountHelper.b(this.d, account)) ? AccountInfo.AccountType.MSA : AccountInfo.AccountType.ORGID;
        String c2 = AccountHelper.a(this.d, account).c();
        if (TextUtils.isEmpty(c2)) {
            return false;
        }
        long currentTimeMillis = System.currentTimeMillis();
        String userData = this.e.getUserData(account, "TokenRecoveryTimeStamp");
        if (!TextUtils.isEmpty(userData) && !z && currentTimeMillis - Long.parseLong(userData) < MAMServiceLookupCache.MINIMUM_REQUERY_TIME_MS) {
            return false;
        }
        try {
            try {
                List<AccountInfo> a3 = s.a().a(this.d);
                if (a3.isEmpty()) {
                    Log.j(f2672c, "Failed to get token with token share because there is no shared accounts");
                }
                AccountInfo a4 = a(a3, accountType, c2, false);
                if (a4 == null) {
                    Log.j(f2672c, "Failed to get token with token share because there is no token for specific accounts");
                    return false;
                }
                try {
                    a2 = s.a().a(this.d, a4);
                } catch (b e) {
                    String providerPackageId = a4.getProviderPackageId();
                    a4 = null;
                    if (a3.size() > 1 && !Arrays.asList(f2671b).contains(providerPackageId)) {
                        a4 = a(a3, accountType, c2, true);
                    }
                    if (a4 == null) {
                        throw e;
                    }
                    a2 = s.a().a(this.d, a4);
                }
                if (AccountInfo.AccountType.MSA.equals(a4.getAccountType())) {
                    this.e.setUserData(account, "com.microsoft.skydrive.refresh", a2.a());
                } else {
                    String userData2 = this.e.getUserData(account, "com.microsoft.skydrive.business_authority");
                    if (!TextUtils.isEmpty(userData2)) {
                        new ADALAuthenticationContext(this.d, userData2, false).deserialize(a2.a());
                    }
                }
                this.e.setUserData(account, "TokenRecoveryTimeStamp", Long.toString(currentTimeMillis));
                Date refreshTokenAcquireTime = a4.getRefreshTokenAcquireTime();
                this.e.setUserData(account, "com.microsoft.skydrive.refresh.time", refreshTokenAcquireTime != null ? Long.toString(refreshTokenAcquireTime.getTime()) : null);
                if (AccountHelper.h(this.d, account)) {
                    return true;
                }
                AccountHelper.i(this.d, account);
                OneDriveLocalAccount oneDriveLocalAccount = new OneDriveLocalAccount(this.d, account);
                d.a().a(new SignInInstrumentationEvent().a(oneDriveLocalAccount.a()).d(oneDriveLocalAccount.a(this.d)).c(oneDriveLocalAccount.c()).a(oneDriveLocalAccount.c(this.d)).b(oneDriveLocalAccount.e(this.d)).a(oneDriveLocalAccount.k()).a(SignInInstrumentationEvent.AuthStage.TokenRecoveryFromPartnerApp).a(SignInTelemetryManager.AuthResult.Succeeded, this.d));
                return true;
            } catch (b e2) {
                e = e2;
                this.e.setUserData(account, "TokenRecoveryTimeStamp", Long.toString(currentTimeMillis));
                Log.a(f2672c, "Failed to get token with token share", e);
                return false;
            }
        } catch (AuthenticationException e3) {
            e = e3;
            this.e.setUserData(account, "TokenRecoveryTimeStamp", Long.toString(currentTimeMillis));
            Log.a(f2672c, "Failed to get token with token share", e);
            return false;
        } catch (IOException e4) {
            e = e4;
            Log.a(f2672c, "Failed to get token with token share", e);
            return false;
        } catch (InterruptedException e5) {
            e = e5;
            Log.a(f2672c, "Failed to get token with token share", e);
            return false;
        } catch (TimeoutException e6) {
            e = e6;
            Log.a(f2672c, "Failed to get token with token share", e);
            return false;
        }
    }

    private Bundle b(Parcelable parcelable, Account account, String str, Bundle bundle) throws NetworkErrorException {
        SecurityScope securityScope = new SecurityScope(str);
        Bundle bundle2 = new Bundle();
        boolean z = false;
        Log.a(f2672c, "Getting token for: " + str);
        SecurityToken a2 = a(account, str);
        if (a2 == null || !a2.a()) {
            Log.a(f2672c, "Cached token invalid, attempt to refresh token");
            RefreshTokenResult b2 = b(account, securityScope);
            if (1001 == b2.f2675c) {
                if (a(account, bundle != null && bundle.getBoolean("IgnoreTokenRecoveryTimeStamp", false))) {
                    z = true;
                    b2 = b(account, securityScope);
                }
            }
            a2 = b2.f2674b;
            if (b2.f2675c > 0) {
                bundle2.putInt("errorCode", b2.f2675c);
                bundle2.putString("errorMessage", b2.d);
            } else if (a2 == null || !a2.a()) {
                bundle2.putInt("errorCode", 1004);
            } else {
                this.e.setAuthToken(account, str, a2.toString());
                this.e.setUserData(account, "com.microsoft.skydrive.refresh.time", Long.toString(System.currentTimeMillis()));
            }
            Boolean a3 = a(account, bundle2.containsKey("errorCode") ? bundle2.get("errorCode").toString() : "Success", securityScope);
            f a4 = SignInTelemetryManager.a((a2 == null || !a2.a()) ? SignInTelemetryManager.AuthResult.Failed : SignInTelemetryManager.AuthResult.Succeeded, securityScope, this.d, account, bundle2, b2.e, z);
            if (a3 != null) {
                a4.a("IsChanged", a3.toString());
            }
            d.a().a(a4);
        }
        if (a2 == null || !a2.a()) {
            Log.a(f2672c, "Refresh token invalid");
            boolean z2 = account != null && AccountHelper.b(this.d, account.name) == null;
            boolean z3 = bundle2.getInt("errorCode") == 1002;
            if (z2 || z3) {
                Log.a(f2672c, String.format(Locale.ROOT, "Don't force re-SignIn, account removed: %b, network error occurred: %b", Boolean.valueOf(z2), Boolean.valueOf(z3)));
                bundle2.putString("authtoken", null);
            } else {
                Log.a(f2672c, String.format(Locale.ROOT, "force re-SignIn, error code: %s, error message: %s", bundle2.get("errorCode").toString(), !TextUtils.isEmpty(bundle2.getString("errorMessage")) ? bundle2.getString("errorMessage") : ""));
                OneDriveAccountType parse = OneDriveAccountType.parse(this.e.getUserData(account, "com.microsoft.skydrive.account_type"));
                Intent a5 = a(bundle != null ? bundle.getString("androidPackageName") : null);
                a5.putExtra("skipDisambiguation", true);
                a5.putExtra("accountType", parse.toString());
                Profile a6 = AccountHelper.a(this.d, account);
                if (!TextUtils.isEmpty((a6 == null || TextUtils.isEmpty(a6.c())) ? account.name : a6.c())) {
                    a5.putExtra("emailAddress", a6.c());
                    a5.putExtra("isPassThrough", true);
                }
                a5.putExtra("accountAuthenticatorResponse", parcelable);
                a5.setFlags(131072);
                bundle2.putParcelable("intent", a5);
            }
        } else {
            Log.a(f2672c, "Valid token available");
            bundle2.putString("authAccount", account.name);
            bundle2.putString("accountType", "com.microsoft.skydrive");
            bundle2.putString("authtoken", a2.toString());
        }
        return bundle2;
    }

    private RefreshTokenResult b(Account account, SecurityScope securityScope) {
        RefreshTokenResult refreshTokenResult = new RefreshTokenResult();
        OneDriveAccountType b2 = AccountHelper.b(this.d, account);
        if (OneDriveAccountType.PERSONAL.equals(b2)) {
            return c(account, securityScope);
        }
        if (!OneDriveAccountType.BUSINESS.equals(b2)) {
            throw new IllegalArgumentException("OneDriveAccountType");
        }
        if (!TestHookSettings.b(this.d)) {
            return d(account, securityScope);
        }
        refreshTokenResult.f2675c = 1003;
        refreshTokenResult.d = "Test hook to fail enrollment";
        return refreshTokenResult;
    }

    private RefreshTokenResult c(Account account, SecurityScope securityScope) {
        RefreshTokenResult refreshTokenResult = new RefreshTokenResult();
        try {
            refreshTokenResult.f2674b = new LiveNetworkTasks(this.d).a(this.e, account, securityScope);
            if (refreshTokenResult.f2674b != null && TextUtils.isEmpty(this.e.getUserData(account, "com.microsoft.skydrive.cid"))) {
                this.e.setUserData(account, "com.microsoft.skydrive.cid", refreshTokenResult.f2674b.g());
            }
        } catch (LiveAuthenticationException e) {
            Log.a(f2672c, "refresh token LiveAuthenticationException", e);
            refreshTokenResult.f2675c = AuthenticationConstants.UIRequest.BROWSER_FLOW;
            refreshTokenResult.d = e.getMessage();
        } catch (IOException e2) {
            Log.a(f2672c, "refresh token IOException", e2);
            refreshTokenResult.f2675c = 1002;
            refreshTokenResult.d = e2.getMessage();
        }
        return refreshTokenResult;
    }

    private RefreshTokenResult d(Account account, SecurityScope securityScope) {
        RefreshTokenResult refreshTokenResult = new RefreshTokenResult();
        Boolean.getBoolean(this.e.getUserData(account, "com.microsoft.onedrive.is_int_or_ppe"));
        ADALConfigurationFetcher.ADALConfiguration a2 = ADALConfigurationFetcher.a(this.d, account);
        AuthenticationSettings.INSTANCE.setUseBroker(PermissionsUtils.a(this.d, PermissionsUtils.PermissionRequest.ADAL_PERMISSIONS_REQUEST) && BrokerUtils.a(this.d));
        try {
            refreshTokenResult.f2674b = new OdbNetworkTasks(this.d, a2).a(this.e, account, securityScope);
        } catch (AuthenticationException e) {
            Log.a(f2672c, "refresh token AuthenticationException", e);
            String message = e.getMessage() != null ? e.getMessage() : "";
            String str = e.getCause() != null ? " :" + e.getCause().getMessage() : "";
            if (e.getCode() == ADALError.AUTH_REFRESH_FAILED_PROMPT_NOT_ALLOWED) {
                refreshTokenResult.f2675c = AuthenticationConstants.UIRequest.BROWSER_FLOW;
                refreshTokenResult.d = message + str;
            } else if (e.getCode() == ADALError.DEVICE_CONNECTION_IS_NOT_AVAILABLE || e.getCode() == ADALError.AUTH_FAILED_NO_TOKEN) {
                refreshTokenResult.f2675c = 1002;
                refreshTokenResult.d = message + str;
            } else {
                refreshTokenResult.f2675c = 1004;
                refreshTokenResult.d = e.getCode().getDescription() + ":" + message + str;
            }
        } catch (IOException e2) {
            Log.a(f2672c, "refresh token IOException", e2);
            refreshTokenResult.f2675c = 1002;
            refreshTokenResult.d = e2.getMessage();
        }
        String userData = this.e.getUserData(account, "com.microsoft.skydrive.passport_name");
        if (refreshTokenResult.f2674b != null && refreshTokenResult.f2674b.a() && !TextUtils.isEmpty(userData)) {
            try {
                refreshTokenResult.e = new MamEnrollmentTask().a(this.d, userData, a2.a());
                if (!AccountHelper.h(this.d, account)) {
                    AccountHelper.i(this.d, account);
                }
            } catch (MAMEnrollmentException e3) {
                refreshTokenResult.f2675c = 1003;
                refreshTokenResult.d = e3.getMessage();
                refreshTokenResult.f2674b = null;
            }
        }
        return refreshTokenResult;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Bundle a(Parcelable parcelable, Account account, String str, Bundle bundle) throws NetworkErrorException {
        Bundle b2;
        SecurityToken a2 = a(account, str);
        if (a2 == null || !a2.a()) {
            synchronized (f2670a) {
                b2 = b(parcelable, account, str, bundle);
            }
            return b2;
        }
        Log.a(f2672c, "Cached valid token available for: " + str);
        Bundle bundle2 = new Bundle();
        bundle2.putString("authAccount", account.name);
        bundle2.putString("accountType", "com.microsoft.skydrive");
        bundle2.putString("authtoken", a2.toString());
        return bundle2;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* JADX WARN: Removed duplicated region for block: B:15:0x0158  */
    /* JADX WARN: Removed duplicated region for block: B:18:0x017b  */
    /* JADX WARN: Removed duplicated region for block: B:20:0x0197  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public android.os.Bundle a(android.os.Parcelable r20, android.accounts.Account r21, java.lang.String[] r22) throws android.accounts.NetworkErrorException {
        /*
            Method dump skipped, instructions count: 504
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.microsoft.authorization.OneDriveAuthenticator.a(android.os.Parcelable, android.accounts.Account, java.lang.String[]):android.os.Bundle");
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Bundle a(Parcelable parcelable, Bundle bundle) throws NetworkErrorException {
        Log.a(f2672c, "addAccount()");
        Intent a2 = a(bundle != null ? bundle.getString("androidPackageName") : null);
        a2.putExtra("accountAuthenticatorResponse", parcelable);
        if (a(this.d)) {
            if (!a(this.d, OneDriveAccountType.PERSONAL)) {
                d.a().a("AddAccount/Started", new com.microsoft.c.a.b[]{new com.microsoft.c.a.b("AccountType", OneDriveAccountType.PERSONAL.toString())}, (com.microsoft.c.a.b[]) null);
                a2.putExtra("isSignInPassThrough", true);
            } else if (OneDriveAccountTypeHelper.a(this.d, OneDriveAccountType.BUSINESS)) {
                d.a().a("AddAccount/Started", new com.microsoft.c.a.b[]{new com.microsoft.c.a.b("AccountType", OneDriveAccountType.BUSINESS.toString())}, (com.microsoft.c.a.b[]) null);
                a2.putExtra("isSignInPassThrough", true);
                a2.putExtra("accountType", OneDriveAccountType.BUSINESS.toString());
            }
        }
        if (bundle != null) {
            a2.putExtras(bundle);
        }
        Bundle bundle2 = new Bundle();
        bundle2.putParcelable("intent", a2);
        return bundle2;
    }

    protected boolean a(Context context) {
        return AccountHelper.a(context);
    }

    protected boolean a(Context context, OneDriveAccountType oneDriveAccountType) {
        return AccountHelper.a(context, oneDriveAccountType);
    }

    @Override // android.accounts.AbstractAccountAuthenticator
    public Bundle addAccount(AccountAuthenticatorResponse accountAuthenticatorResponse, String str, String str2, String[] strArr, Bundle bundle) throws NetworkErrorException {
        return a(accountAuthenticatorResponse, bundle);
    }

    @Override // android.accounts.AbstractAccountAuthenticator
    public Bundle confirmCredentials(AccountAuthenticatorResponse accountAuthenticatorResponse, Account account, Bundle bundle) throws NetworkErrorException {
        Log.a(f2672c, "confirmCredentials()");
        return null;
    }

    @Override // android.accounts.AbstractAccountAuthenticator
    public Bundle editProperties(AccountAuthenticatorResponse accountAuthenticatorResponse, String str) {
        Log.a(f2672c, "editProperties()");
        throw new UnsupportedOperationException();
    }

    @Override // android.accounts.AbstractAccountAuthenticator
    public Bundle getAuthToken(AccountAuthenticatorResponse accountAuthenticatorResponse, Account account, String str, Bundle bundle) throws NetworkErrorException {
        return a(accountAuthenticatorResponse, account, str, bundle);
    }

    @Override // android.accounts.AbstractAccountAuthenticator
    public String getAuthTokenLabel(String str) {
        return null;
    }

    @Override // android.accounts.AbstractAccountAuthenticator
    public Bundle hasFeatures(AccountAuthenticatorResponse accountAuthenticatorResponse, Account account, String[] strArr) throws NetworkErrorException {
        return a(accountAuthenticatorResponse, account, strArr);
    }

    @Override // android.accounts.AbstractAccountAuthenticator
    public Bundle updateCredentials(AccountAuthenticatorResponse accountAuthenticatorResponse, Account account, String str, Bundle bundle) throws NetworkErrorException {
        Log.b(f2672c, "updateCredentials()");
        return null;
    }
}
