package com.microsoft.aad.adal;

import android.util.Base64;
import com.facebook.ads.ExtraHints;
import com.facebook.appevents.codeless.CodelessMatcher;
import com.google.gson.Gson;
import e.l.a.a.l;
import e.l.a.a.m;
import e.l.a.a.p;
import h.e;
import java.io.UnsupportedEncodingException;
import java.lang.reflect.InvocationTargetException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Locale;
import java.util.StringTokenizer;

/* compiled from: src */
/* loaded from: classes2.dex */
public class ChallangeResponseBuilder {
    public m a;

    /* compiled from: src */
    /* loaded from: classes2.dex */
    public enum RequestField {
        Nonce,
        CertAuthorities,
        Version,
        SubmitUrl,
        Context,
        CertThumbprint
    }

    /* compiled from: src */
    /* loaded from: classes2.dex */
    public class a {
        public List<String> c;
        public String a = "";
        public String b = "";
        public String d = "";

        /* renamed from: e, reason: collision with root package name */
        public String f613e = null;

        /* renamed from: f, reason: collision with root package name */
        public String f614f = "";

        public a(ChallangeResponseBuilder challangeResponseBuilder) {
        }
    }

    /* compiled from: src */
    /* loaded from: classes2.dex */
    public class b {
        public String a;
        public String b;

        public b(ChallangeResponseBuilder challangeResponseBuilder) {
        }
    }

    public ChallangeResponseBuilder(m mVar) {
        this.a = mVar;
    }

    public final b a(a aVar) {
        b bVar = new b(this);
        bVar.a = aVar.f614f;
        bVar.b = String.format("%s Context=\"%s\",Version=\"%s\"", "PKeyAuth", aVar.b, aVar.f613e);
        bVar.a = aVar.f614f;
        Class<?> cls = AuthenticationSettings.INSTANCE.mClazzDeviceCertProxy;
        if (cls != null) {
            try {
                l lVar = (l) cls.getDeclaredConstructor(new Class[0]).newInstance(null);
                if (lVar.a(aVar.c) || (lVar.c() != null && lVar.c().equalsIgnoreCase(aVar.d))) {
                    RSAPrivateKey b2 = lVar.b();
                    if (b2 == null) {
                        throw new AuthenticationException(ADALError.KEY_CHAIN_PRIVATE_KEY_EXCEPTION);
                    }
                    m mVar = this.a;
                    String str = aVar.a;
                    String str2 = aVar.f614f;
                    RSAPublicKey a2 = lVar.a();
                    X509Certificate d = lVar.d();
                    p pVar = (p) mVar;
                    if (pVar == null) {
                        throw null;
                    }
                    if (e.a(str)) {
                        throw new IllegalArgumentException("nonce");
                    }
                    if (e.a(str2)) {
                        throw new IllegalArgumentException("audience");
                    }
                    if (a2 == null) {
                        throw new IllegalArgumentException("pubKey");
                    }
                    Gson gson = new Gson();
                    p.a aVar2 = new p.a(pVar);
                    aVar2.c = str;
                    aVar2.a = str2;
                    aVar2.b = System.currentTimeMillis() / 1000;
                    p.b bVar2 = new p.b(pVar);
                    bVar2.a = "RS256";
                    bVar2.b = "JWT";
                    try {
                        bVar2.c = r10;
                        String[] strArr = {new String(Base64.encode(d.getEncoded(), 2), "UTF_8")};
                        String json = gson.toJson(bVar2);
                        String json2 = gson.toJson(aVar2);
                        Logger.a("JWSBuilder", "Client certificate challange response JWS Header:" + json);
                        String str3 = e.b(json.getBytes("UTF_8")) + CodelessMatcher.CURRENT_CLASS_NAME + e.b(json2.getBytes("UTF_8"));
                        bVar.b = String.format("%s AuthToken=\"%s\",Context=\"%s\",Version=\"%s\"", "PKeyAuth", e.c.c.a.a.a(str3, CodelessMatcher.CURRENT_CLASS_NAME, p.a(b2, str3.getBytes("UTF_8"))), aVar.b, aVar.f613e);
                        StringBuilder b3 = e.c.c.a.a.b("Challange response:");
                        b3.append(bVar.b);
                        Logger.a("ChallangeResponseBuilder", b3.toString());
                    } catch (UnsupportedEncodingException unused) {
                        throw new AuthenticationException(ADALError.ENCODING_IS_NOT_SUPPORTED);
                    } catch (CertificateEncodingException unused2) {
                        throw new AuthenticationException(ADALError.CERTIFICATE_ENCODING_ERROR);
                    }
                }
            } catch (IllegalAccessException e2) {
                throw new AuthenticationException(ADALError.DEVICE_CERTIFICATE_API_EXCEPTION, "WPJ Api constructor is not defined", e2);
            } catch (IllegalArgumentException e3) {
                throw new AuthenticationException(ADALError.DEVICE_CERTIFICATE_API_EXCEPTION, "WPJ Api constructor is not defined", e3);
            } catch (InstantiationException e4) {
                throw new AuthenticationException(ADALError.DEVICE_CERTIFICATE_API_EXCEPTION, "WPJ Api constructor is not defined", e4);
            } catch (NoSuchMethodException e5) {
                throw new AuthenticationException(ADALError.DEVICE_CERTIFICATE_API_EXCEPTION, "WPJ Api constructor is not defined", e5);
            } catch (InvocationTargetException e6) {
                throw new AuthenticationException(ADALError.DEVICE_CERTIFICATE_API_EXCEPTION, "WPJ Api constructor is not defined", e6);
            }
        }
        return bVar;
    }

    public b a(String str) {
        if (e.a(str)) {
            throw new IllegalArgumentException("redirectUri");
        }
        a aVar = new a(this);
        HashMap<String, String> i2 = e.i(str);
        a(i2, true);
        RequestField requestField = RequestField.Nonce;
        String str2 = i2.get("Nonce");
        aVar.a = str2;
        if (e.a(str2)) {
            RequestField requestField2 = RequestField.Nonce;
            aVar.a = i2.get("Nonce".toLowerCase(Locale.US));
        }
        RequestField requestField3 = RequestField.CertAuthorities;
        String str3 = i2.get("CertAuthorities");
        Logger.a("ChallangeResponseBuilder", "Cert authorities:" + str3);
        StringTokenizer stringTokenizer = new StringTokenizer(str3, ExtraHints.KEYWORD_SEPARATOR);
        ArrayList arrayList = new ArrayList();
        if (stringTokenizer.hasMoreTokens()) {
            while (stringTokenizer.hasMoreTokens()) {
                String nextToken = stringTokenizer.nextToken();
                if (!e.a(nextToken)) {
                    arrayList.add(nextToken);
                }
            }
        }
        aVar.c = arrayList;
        RequestField requestField4 = RequestField.Version;
        aVar.f613e = i2.get("Version");
        RequestField requestField5 = RequestField.SubmitUrl;
        aVar.f614f = i2.get("SubmitUrl");
        RequestField requestField6 = RequestField.Context;
        aVar.b = i2.get("Context");
        return a(aVar);
    }

    public b a(String str, String str2) throws UnsupportedEncodingException {
        if (e.a(str)) {
            throw new IllegalArgumentException("headerValue");
        }
        if (!e.c(str, "PKeyAuth")) {
            throw new AuthenticationException(ADALError.DEVICE_CERTIFICATE_REQUEST_INVALID, str);
        }
        a aVar = new a(this);
        String substring = str.substring(8);
        ArrayList<String> a2 = e.a(substring, ',');
        HashMap<String, String> hashMap = new HashMap<>();
        Iterator<String> it = a2.iterator();
        while (it.hasNext()) {
            ArrayList<String> a3 = e.a(it.next(), '=');
            if (a3.size() != 2 || e.a(a3.get(0)) || e.a(a3.get(1))) {
                throw new AuthenticationException(ADALError.DEVICE_CERTIFICATE_REQUEST_INVALID, substring);
            }
            String str3 = a3.get(0);
            String str4 = a3.get(1);
            String b2 = e.b(str3);
            String b3 = e.b(str4);
            String trim = b2.trim();
            String trim2 = b3.trim();
            hashMap.put(trim, !e.a(trim2) ? trim2.replace("\"", "") : null);
        }
        a(hashMap, false);
        RequestField requestField = RequestField.Nonce;
        String str5 = hashMap.get("Nonce");
        aVar.a = str5;
        if (e.a(str5)) {
            RequestField requestField2 = RequestField.Nonce;
            aVar.a = hashMap.get("Nonce".toLowerCase(Locale.US));
        }
        RequestField requestField3 = RequestField.CertThumbprint;
        String str6 = hashMap.get("CertThumbprint");
        aVar.d = str6;
        if (e.a(str6)) {
            throw new AuthenticationException(ADALError.DEVICE_CERTIFICATE_REQUEST_INVALID, "CertThumbprint is not present in the header");
        }
        RequestField requestField4 = RequestField.Version;
        aVar.f613e = hashMap.get("Version");
        RequestField requestField5 = RequestField.Context;
        aVar.b = hashMap.get("Context");
        aVar.f614f = str2;
        return a(aVar);
    }

    public final void a(HashMap<String, String> hashMap, boolean z) {
        RequestField requestField = RequestField.Nonce;
        if (!hashMap.containsKey("Nonce")) {
            RequestField requestField2 = RequestField.Nonce;
            if (!hashMap.containsKey("Nonce".toLowerCase(Locale.US))) {
                throw new AuthenticationException(ADALError.DEVICE_CERTIFICATE_REQUEST_INVALID, "Nonce");
            }
        }
        RequestField requestField3 = RequestField.Version;
        if (!hashMap.containsKey("Version")) {
            throw new AuthenticationException(ADALError.DEVICE_CERTIFICATE_REQUEST_INVALID, "Version");
        }
        if (z) {
            RequestField requestField4 = RequestField.SubmitUrl;
            if (!hashMap.containsKey("SubmitUrl")) {
                throw new AuthenticationException(ADALError.DEVICE_CERTIFICATE_REQUEST_INVALID, "SubmitUrl");
            }
        }
        RequestField requestField5 = RequestField.Context;
        if (!hashMap.containsKey("Context")) {
            throw new AuthenticationException(ADALError.DEVICE_CERTIFICATE_REQUEST_INVALID, "Context");
        }
        if (z) {
            RequestField requestField6 = RequestField.CertAuthorities;
            if (!hashMap.containsKey("CertAuthorities")) {
                throw new AuthenticationException(ADALError.DEVICE_CERTIFICATE_REQUEST_INVALID, "CertAuthorities");
            }
        }
    }
}
