package com.microsoft.authorization;

import android.accounts.AbstractAccountAuthenticator;
import android.accounts.Account;
import android.accounts.AccountAuthenticatorResponse;
import android.accounts.AccountManager;
import android.accounts.AuthenticatorException;
import android.accounts.NetworkErrorException;
import android.content.ComponentName;
import android.content.Context;
import android.content.Intent;
import android.os.Bundle;
import android.os.Parcelable;
import android.text.TextUtils;
import androidx.annotation.NonNull;
import com.microsoft.aad.adal.ADALAuthenticationContext;
import com.microsoft.aad.adal.ADALError;
import com.microsoft.aad.adal.AuthenticationException;
import com.microsoft.aad.adal.AuthenticationSettings;
import com.microsoft.authorization.adal.ADALConfigurationFetcher;
import com.microsoft.authorization.instrumentation.InstrumentationIDs;
import com.microsoft.authorization.instrumentation.SignInInstrumentationEvent;
import com.microsoft.authorization.instrumentation.SignInTelemetryManager;
import com.microsoft.authorization.intunes.MAMEnrollmentException;
import com.microsoft.authorization.live.LiveAuthenticationException;
import com.microsoft.authorization.live.LiveNetworkTasks;
import com.microsoft.authorization.odb.BrokerUtils;
import com.microsoft.authorization.odb.MamEnrollmentTask;
import com.microsoft.authorization.odb.OdbNetworkTasks;
import com.microsoft.authorization.odbonprem.FBANetworkTasks;
import com.microsoft.authorization.odbonprem.NTLMNetworkTasks;
import com.microsoft.instrumentation.applicationinsights.BasicNameValuePair;
import com.microsoft.instrumentation.applicationinsights.ClientAnalyticsSession;
import com.microsoft.instrumentation.applicationinsights.InstrumentationEvent;
import com.microsoft.intune.mam.policy.MAMEnrollmentManager;
import com.microsoft.odsp.io.Log;
import com.microsoft.odsp.office.OfficeUtils;
import com.microsoft.tokenshare.AccountInfo;
import com.microsoft.tokenshare.AccountNotFoundException;
import com.microsoft.tokenshare.RefreshToken;
import com.microsoft.tokenshare.TokenSharingManager;
import java.io.IOException;
import java.util.Arrays;
import java.util.Date;
import java.util.Iterator;
import java.util.List;
import java.util.concurrent.TimeoutException;

/* loaded from: classes.dex */
public class OneDriveAuthenticator extends AbstractAccountAuthenticator {
    public static final Object c = new Object();
    public static final String[] d = {OfficeUtils.ONEDRIVE_PACKAGE_NAME, "com.microsoft.sharepoint"};
    public static final String e = OneDriveAuthenticator.class.getName();
    public final Context a;
    public final AccountManager b;

    /* loaded from: classes.dex */
    public class b {
        public SecurityToken a;
        public int b;
        public String c;
        public MAMEnrollmentManager.Result d;

        public b(OneDriveAuthenticator oneDriveAuthenticator) {
        }
    }

    public OneDriveAuthenticator(Context context) {
        super(context);
        this.a = context;
        this.b = AccountManager.get(context);
    }

    public Bundle a(Parcelable parcelable, Bundle bundle) throws NetworkErrorException {
        Log.vPiiFree(e, "addAccount()");
        Intent f = f(bundle != null ? bundle.getString("androidPackageName") : null);
        f.putExtra("accountAuthenticatorResponse", parcelable);
        if (accountExists(this.a) && !i(bundle)) {
            if (bundle.getString(StartSignInActivity.PARAM_LOGIN_ENDPOINT_URL) != null) {
                j(OneDriveAccountType.BUSINESS_ON_PREMISE);
                f.putExtra(StartSignInActivity.PARAM_LOGIN_ENDPOINT_URL, bundle.getString(StartSignInActivity.PARAM_LOGIN_ENDPOINT_URL));
            } else if (!hasAccountWithOneDriveType(this.a, OneDriveAccountType.PERSONAL)) {
                j(OneDriveAccountType.PERSONAL);
                f.putExtra(StartSignInActivity.PARAM_IS_SIGNIN_PASSTHROUGH, true);
            } else if (OneDriveAccountTypeHelper.isOneDriveAccountTypeSupported(this.a, OneDriveAccountType.BUSINESS)) {
                j(OneDriveAccountType.BUSINESS);
                f.putExtra(StartSignInActivity.PARAM_IS_SIGNIN_PASSTHROUGH, true);
                f.putExtra(StartSignInActivity.PARAM_ACCOUNT_TYPE, OneDriveAccountType.BUSINESS.toString());
            }
        }
        if (bundle != null) {
            f.putExtras(bundle);
        }
        Bundle bundle2 = new Bundle();
        bundle2.putParcelable("intent", f);
        return bundle2;
    }

    public boolean accountExists(Context context) {
        return AccountHelper.accountExists(context);
    }

    @Override // android.accounts.AbstractAccountAuthenticator
    public Bundle addAccount(AccountAuthenticatorResponse accountAuthenticatorResponse, String str, String str2, String[] strArr, Bundle bundle) throws NetworkErrorException {
        return a(accountAuthenticatorResponse, bundle);
    }

    public Bundle b(Parcelable parcelable, Account account, String str, Bundle bundle) throws NetworkErrorException {
        Bundle d2;
        SecurityToken c2 = c(account, str);
        if (c2 == null || !c2.isValid()) {
            synchronized (c) {
                d2 = d(parcelable, account, str, bundle);
            }
            return d2;
        }
        Log.vPiiFree(e, "Cached valid token available for: " + str);
        Bundle bundle2 = new Bundle();
        bundle2.putString("authAccount", account.name);
        bundle2.putString(StartSignInActivity.PARAM_ACCOUNT_TYPE, Constants.ACCOUNT_TYPE);
        bundle2.putString("authtoken", c2.toString());
        return bundle2;
    }

    /* JADX WARN: Removed duplicated region for block: B:6:0x0024  */
    /* JADX WARN: Removed duplicated region for block: B:9:? A[RETURN, SYNTHETIC] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public final com.microsoft.authorization.SecurityToken c(android.accounts.Account r3, java.lang.String r4) {
        /*
            r2 = this;
            android.accounts.AccountManager r0 = r2.b
            java.lang.String r3 = r0.peekAuthToken(r3, r4)
            boolean r4 = android.text.TextUtils.isEmpty(r3)
            r0 = 0
            if (r4 != 0) goto L1a
            com.microsoft.authorization.SecurityToken r3 = com.microsoft.authorization.SecurityToken.parse(r3)     // Catch: com.google.gson.JsonSyntaxException -> L12
            goto L1b
        L12:
            r3 = move-exception
            java.lang.String r4 = com.microsoft.authorization.OneDriveAuthenticator.e
            java.lang.String r1 = "Parse cached token failure"
            com.microsoft.odsp.io.Log.ePiiFree(r4, r1, r3)
        L1a:
            r3 = r0
        L1b:
            android.content.Context r4 = r2.a
            boolean r4 = com.microsoft.authorization.TestHookSettings.forceRefreshTokenToFail(r4)
            if (r4 == 0) goto L24
            goto L25
        L24:
            r0 = r3
        L25:
            return r0
        */
        throw new UnsupportedOperationException("Method not decompiled: com.microsoft.authorization.OneDriveAuthenticator.c(android.accounts.Account, java.lang.String):com.microsoft.authorization.SecurityToken");
    }

    @Override // android.accounts.AbstractAccountAuthenticator
    public Bundle confirmCredentials(AccountAuthenticatorResponse accountAuthenticatorResponse, Account account, Bundle bundle) throws NetworkErrorException {
        Log.vPiiFree(e, "confirmCredentials()");
        return null;
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Removed duplicated region for block: B:63:0x008d  */
    /* JADX WARN: Removed duplicated region for block: B:66:0x00c8  */
    /* JADX WARN: Removed duplicated region for block: B:74:0x00e8  */
    /* JADX WARN: Removed duplicated region for block: B:80:0x0102  */
    /* JADX WARN: Removed duplicated region for block: B:82:0x0136  */
    /* JADX WARN: Removed duplicated region for block: B:84:0x00ef  */
    /* JADX WARN: Removed duplicated region for block: B:86:0x00d1  */
    /* JADX WARN: Removed duplicated region for block: B:87:0x009c  */
    /* JADX WARN: Type inference failed for: r22v3 */
    /* JADX WARN: Type inference failed for: r22v4 */
    /* JADX WARN: Type inference failed for: r22v5 */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public final android.os.Bundle d(android.os.Parcelable r24, android.accounts.Account r25, java.lang.String r26, android.os.Bundle r27) throws android.accounts.NetworkErrorException {
        /*
            Method dump skipped, instructions count: 631
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.microsoft.authorization.OneDriveAuthenticator.d(android.os.Parcelable, android.accounts.Account, java.lang.String, android.os.Bundle):android.os.Bundle");
    }

    public final SecurityScope e(Account account) {
        try {
            OneDriveLocalAccount oneDriveLocalAccount = new OneDriveLocalAccount(this.a, account);
            if (OneDriveAccountType.BUSINESS.equals(oneDriveLocalAccount.getAccountType())) {
                if ((oneDriveLocalAccount.getAccountEndpoint() != null ? oneDriveLocalAccount.getAccountEndpoint() : oneDriveLocalAccount.getAccountEndpointTeamSite()) == null) {
                    return null;
                }
            }
            return SecurityScope.getDefaultSecurityScope(oneDriveLocalAccount);
        } catch (AuthenticatorException unused) {
            return null;
        }
    }

    @Override // android.accounts.AbstractAccountAuthenticator
    public Bundle editProperties(AccountAuthenticatorResponse accountAuthenticatorResponse, String str) {
        Log.vPiiFree(e, "editProperties()");
        throw new UnsupportedOperationException();
    }

    public final Intent f(String str) {
        if (!Arrays.asList(d).contains(str)) {
            return new Intent(this.a, (Class<?>) StartSignInActivity.class);
        }
        Intent intent = new Intent();
        intent.setComponent(new ComponentName(str, StartSignInActivity.class.getName()));
        return intent;
    }

    /* JADX WARN: Removed duplicated region for block: B:34:0x0102  */
    /* JADX WARN: Removed duplicated region for block: B:37:0x0127  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public android.os.Bundle g(android.os.Parcelable r9, android.accounts.Account r10, java.lang.String[] r11) throws android.accounts.NetworkErrorException {
        /*
            Method dump skipped, instructions count: 512
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.microsoft.authorization.OneDriveAuthenticator.g(android.os.Parcelable, android.accounts.Account, java.lang.String[]):android.os.Bundle");
    }

    @Override // android.accounts.AbstractAccountAuthenticator
    public Bundle getAuthToken(AccountAuthenticatorResponse accountAuthenticatorResponse, Account account, String str, Bundle bundle) throws NetworkErrorException {
        return b(accountAuthenticatorResponse, account, str, bundle);
    }

    @Override // android.accounts.AbstractAccountAuthenticator
    public String getAuthTokenLabel(String str) {
        return null;
    }

    public final boolean h(Account account, boolean z) {
        RefreshToken refreshToken;
        AccountInfo.AccountType accountType = OneDriveAccountType.PERSONAL.equals(AccountHelper.getAccountType(this.a, account)) ? AccountInfo.AccountType.MSA : AccountInfo.AccountType.ORGID;
        String primaryEmail = AccountHelper.getUserProfile(this.a, account).getPrimaryEmail();
        boolean z2 = false;
        if (TextUtils.isEmpty(primaryEmail)) {
            return false;
        }
        long currentTimeMillis = System.currentTimeMillis();
        String userData = this.b.getUserData(account, "TokenRecoveryTimeStamp");
        if (!TextUtils.isEmpty(userData) && !z && currentTimeMillis - Long.parseLong(userData) < 86400000) {
            return false;
        }
        try {
            try {
                List<AccountInfo> accounts = TokenSharingManager.getInstance().getAccounts(this.a);
                if (accounts.isEmpty()) {
                    Log.e(e, "Failed to get token with token share because there is no shared accounts");
                }
                AccountInfo p = p(accounts, accountType, primaryEmail, false);
                if (p == null) {
                    Log.e(e, "Failed to get token with token share because there is no token for specific accounts");
                    return false;
                }
                try {
                    refreshToken = TokenSharingManager.getInstance().getRefreshToken(this.a, p);
                } catch (AccountNotFoundException e2) {
                    p = (accounts.size() <= 1 || Arrays.asList(d).contains(p.getProviderPackageId())) ? null : p(accounts, accountType, primaryEmail, true);
                    if (p == null) {
                        throw e2;
                    }
                    refreshToken = TokenSharingManager.getInstance().getRefreshToken(this.a, p);
                }
                if (AccountInfo.AccountType.MSA.equals(p.getAccountType())) {
                    this.b.setUserData(account, Constants.REFRESH_TOKEN, refreshToken.getRefreshToken());
                } else {
                    String userData2 = this.b.getUserData(account, Constants.ADAL_AUTHORITY_URL);
                    if (!TextUtils.isEmpty(userData2)) {
                        new ADALAuthenticationContext(this.a, userData2, false).deserialize(refreshToken.getRefreshToken());
                    }
                }
                try {
                    this.b.setUserData(account, "TokenRecoveryTimeStamp", Long.toString(currentTimeMillis));
                    Date refreshTokenAcquireTime = p.getRefreshTokenAcquireTime();
                    this.b.setUserData(account, Constants.REFRESH_TOKEN_TIMESTAMP, refreshTokenAcquireTime != null ? Long.toString(refreshTokenAcquireTime.getTime()) : null);
                    if (!AccountHelper.i(this.a, account)) {
                        AccountHelper.setSignInEventSent(this.a, account);
                        Profile userProfile = AccountHelper.getUserProfile(this.a, account);
                        ClientAnalyticsSession.getInstance().logEvent((InstrumentationEvent) new SignInInstrumentationEvent().setOneDriveAccountType(AccountHelper.getAccountType(this.a, account)).setEmail(userProfile.getPrimaryEmail()).setUserId(AccountHelper.g(this.a, account)).setUserPuid(AccountHelper.h(this.a, account)).setTenantId(this.b.getUserData(account, Constants.TENANT_ID)).setFederationProvider(AccountHelper.getAccountFederationProvider(this.a, account)).setCompanyDisplayName(userProfile.getProviderName()).setAuthStage(SignInInstrumentationEvent.AuthStage.TokenRecoveryFromPartnerApp).flushSessionData(SignInTelemetryManager.AuthResult.Succeeded, this.a));
                    }
                    return true;
                } catch (AuthenticationException e3) {
                    e = e3;
                    z2 = true;
                    e = e;
                    this.b.setUserData(account, "TokenRecoveryTimeStamp", Long.toString(currentTimeMillis));
                    Log.ePiiFree(e, "Failed to get token with token share", e);
                    return z2;
                } catch (AccountNotFoundException e4) {
                    e = e4;
                    z2 = true;
                    e = e;
                    this.b.setUserData(account, "TokenRecoveryTimeStamp", Long.toString(currentTimeMillis));
                    Log.ePiiFree(e, "Failed to get token with token share", e);
                    return z2;
                } catch (IOException e5) {
                    e = e5;
                    z2 = true;
                    Log.ePiiFree(e, "Failed to get token with token share", e);
                    return z2;
                } catch (InterruptedException e6) {
                    e = e6;
                    z2 = true;
                    Log.ePiiFree(e, "Failed to get token with token share", e);
                    return z2;
                } catch (TimeoutException e7) {
                    e = e7;
                    z2 = true;
                    Log.ePiiFree(e, "Failed to get token with token share", e);
                    return z2;
                }
            } catch (AccountNotFoundException e8) {
                e = e8;
            }
        } catch (AuthenticationException e9) {
            e = e9;
        } catch (IOException e10) {
            e = e10;
        } catch (InterruptedException e11) {
            e = e11;
        } catch (TimeoutException e12) {
            e = e12;
        }
    }

    public boolean hasAccountWithOneDriveType(Context context, OneDriveAccountType oneDriveAccountType) {
        return AccountHelper.hasAccountWithOneDriveType(context, oneDriveAccountType);
    }

    @Override // android.accounts.AbstractAccountAuthenticator
    public Bundle hasFeatures(AccountAuthenticatorResponse accountAuthenticatorResponse, Account account, String[] strArr) throws NetworkErrorException {
        return g(accountAuthenticatorResponse, account, strArr);
    }

    public final boolean i(Bundle bundle) {
        return bundle.getBoolean(StartSignInActivity.PARAM_IS_RE_ADDITION, false);
    }

    public final void j(OneDriveAccountType oneDriveAccountType) {
        ClientAnalyticsSession.getInstance().logEvent(new InstrumentationEvent(InstrumentationIDs.ADD_ACCOUNT_START_ID, new BasicNameValuePair[]{new BasicNameValuePair(com.microsoft.odsp.instrumentation.InstrumentationIDs.OPERATION_ACCOUNT_TYPE_ID, oneDriveAccountType.toString())}, (BasicNameValuePair[]) null));
    }

    public final b k(Account account, SecurityScope securityScope) {
        b bVar = new b();
        Boolean.getBoolean(this.b.getUserData(account, Constants.IS_INT_OR_PPE));
        ADALConfigurationFetcher.ADALConfiguration aDALConfigurationForAccount = ADALConfigurationFetcher.getADALConfigurationForAccount(this.a, account);
        AuthenticationSettings.INSTANCE.setUseBroker(BrokerUtils.isUseBrokerRequired(this.a));
        try {
            bVar.a = new OdbNetworkTasks(this.a, aDALConfigurationForAccount).refreshSecurityToken(this.b, account, securityScope);
        } catch (AuthenticationException e2) {
            Log.ePiiFree(e, "refresh token AuthenticationException", e2);
            String str = "";
            String message = e2.getMessage() != null ? e2.getMessage() : "";
            if (e2.getCause() != null) {
                str = " :" + e2.getCause().getMessage();
            }
            if (e2.getCode() == ADALError.AUTH_REFRESH_FAILED_PROMPT_NOT_ALLOWED) {
                bVar.b = 1001;
                bVar.c = message + str;
            } else if (e2.getCode() == ADALError.DEVICE_CONNECTION_IS_NOT_AVAILABLE || e2.getCode() == ADALError.AUTH_FAILED_NO_TOKEN || e2.getCode() == ADALError.NO_NETWORK_CONNECTION_POWER_OPTIMIZATION) {
                bVar.b = 1002;
                bVar.c = message + str;
            } else if (e2.getCode() == ADALError.DEVELOPER_BROKER_PERMISSIONS_MISSING) {
                bVar.b = 1006;
                bVar.c = message + str;
            } else {
                bVar.b = 1004;
                bVar.c = e2.getCode().getDescription() + com.microsoft.appcenter.Constants.COMMON_SCHEMA_PREFIX_SEPARATOR + message + str;
            }
        } catch (IOException e3) {
            Log.ePiiFree(e, "refresh token IOException", e3);
            bVar.b = 1002;
            bVar.c = e3.getMessage();
        }
        String userData = this.b.getUserData(account, Constants.PROFILE_PASSPORT_NAME);
        if (bVar.a != null && bVar.a.isValid() && !TextUtils.isEmpty(userData) && securityScope.equals(e(account))) {
            try {
                bVar.d = new MamEnrollmentTask().enrollMAMService(this.a, userData, this.b.getUserData(account, Constants.USER_CID), this.b.getUserData(account, Constants.TENANT_ID));
            } catch (MAMEnrollmentException e4) {
                bVar.b = 1003;
                bVar.c = e4.getMessage().toString();
                bVar.a = null;
            }
        }
        if (bVar.a != null && !AccountHelper.i(this.a, account)) {
            AccountHelper.setSignInEventSent(this.a, account);
        }
        return bVar;
    }

    public final b l(Account account, SecurityScope securityScope) {
        b bVar = new b();
        try {
            bVar.a = new LiveNetworkTasks(this.a).refreshSecurityToken(this.b, account, securityScope);
        } catch (LiveAuthenticationException e2) {
            Log.ePiiFree(e, "refresh token LiveAuthenticationException", e2);
            bVar.b = 1001;
            bVar.c = e2.getMessage();
        } catch (IOException e3) {
            Log.ePiiFree(e, "refresh token IOException", e3);
            bVar.b = 1002;
            bVar.c = e3.getMessage();
        }
        return bVar;
    }

    public final b m(@NonNull Account account, @NonNull SecurityScope securityScope) {
        b bVar = new b();
        try {
            OneDriveAuthenticationType authenticationType = AccountHelper.getAuthenticationType(this.a, account);
            if (OneDriveAuthenticationType.NTLM.equals(authenticationType)) {
                bVar.a = NTLMNetworkTasks.refreshSecurityToken(this.a, account, securityScope);
            } else if (OneDriveAuthenticationType.FBA.equals(authenticationType)) {
                bVar.a = FBANetworkTasks.refreshSecurityToken(this.a, account, securityScope);
            }
        } catch (FBANetworkTasks.FBAAuthenticationException e2) {
            e = e2;
            bVar.c = e.getMessage();
            bVar.b = 1001;
        } catch (NTLMNetworkTasks.NTLMAuthenticationException e3) {
            e = e3;
            bVar.c = e.getMessage();
            bVar.b = 1001;
        } catch (IOException e4) {
            bVar.c = e4.getMessage();
            bVar.b = 1002;
        }
        return bVar;
    }

    public final b n(Account account, SecurityScope securityScope) {
        b bVar = new b();
        OneDriveAccountType accountType = AccountHelper.getAccountType(this.a, account);
        if (OneDriveAccountType.PERSONAL.equals(accountType)) {
            return l(account, securityScope);
        }
        if (!OneDriveAccountType.BUSINESS.equals(accountType)) {
            if (OneDriveAccountType.BUSINESS_ON_PREMISE.equals(accountType)) {
                return m(account, securityScope);
            }
            throw new IllegalArgumentException("OneDriveAccountType");
        }
        if (!TestHookSettings.forceMamEnrollmentToFail(this.a)) {
            return k(account, securityScope);
        }
        bVar.b = 1003;
        bVar.c = "Test hook to fail enrollment";
        return bVar;
    }

    public final Boolean o(Account account, String str, SecurityScope securityScope) {
        SecurityScope e2 = e(account);
        boolean equalsIgnoreCase = String.valueOf(1002).equalsIgnoreCase(str);
        if (!securityScope.equals(e2) || equalsIgnoreCase) {
            return null;
        }
        String userData = this.b.getUserData(account, Constants.ONEDRIVE_ACCOUNT_STATE);
        this.b.setUserData(account, Constants.ONEDRIVE_ACCOUNT_STATE, str);
        return Boolean.valueOf((str.equalsIgnoreCase(userData) || TextUtils.isEmpty(userData)) ? false : true);
    }

    public final AccountInfo p(List<AccountInfo> list, AccountInfo.AccountType accountType, String str, boolean z) {
        Iterator<AccountInfo> it = list.iterator();
        while (it.hasNext()) {
            AccountInfo next = it.next();
            if (accountType.equals(next.getAccountType()) && str.equalsIgnoreCase(next.getPrimaryEmail()) && (!z || Arrays.asList(d).contains(next.getProviderPackageId()))) {
                return next;
            }
        }
        return null;
    }

    @Override // android.accounts.AbstractAccountAuthenticator
    public Bundle updateCredentials(AccountAuthenticatorResponse accountAuthenticatorResponse, Account account, String str, Bundle bundle) throws NetworkErrorException {
        Log.v(e, "updateCredentials()");
        return null;
    }
}
