package com.microsoft.identity.client;

import android.accounts.Account;
import android.accounts.AccountManager;
import android.app.Activity;
import android.app.ActivityManager;
import android.content.Context;
import android.os.Binder;
import android.os.Bundle;
import android.os.Process;
import android.text.TextUtils;
import android.util.Pair;
import com.microsoft.identity.common.adal.internal.AuthenticationConstants;
import com.microsoft.identity.common.exception.ClientException;
import com.microsoft.identity.common.exception.ErrorStrings;
import com.microsoft.identity.common.internal.authorities.Authority;
import com.microsoft.identity.common.internal.authorities.AzureActiveDirectoryAuthority;
import com.microsoft.identity.common.internal.cache.BrokerOAuth2TokenCache;
import com.microsoft.identity.common.internal.cache.CacheRecord;
import com.microsoft.identity.common.internal.cache.SchemaUtil;
import com.microsoft.identity.common.internal.dto.AccountRecord;
import com.microsoft.identity.common.internal.dto.IAccountRecord;
import com.microsoft.identity.common.internal.dto.IdTokenRecord;
import com.microsoft.identity.common.internal.logging.Logger;
import com.microsoft.identity.common.internal.migration.TokenCacheItemMigrationAdapter;
import com.microsoft.identity.common.internal.providers.microsoft.MicrosoftAccount;
import com.microsoft.identity.common.internal.providers.microsoft.MicrosoftRefreshToken;
import com.microsoft.identity.common.internal.providers.microsoft.azureactivedirectory.AzureActiveDirectory;
import com.microsoft.identity.common.internal.providers.microsoft.azureactivedirectory.AzureActiveDirectoryCloud;
import com.microsoft.identity.common.internal.providers.microsoft.microsoftsts.MicrosoftStsAuthorizationRequest;
import com.microsoft.identity.common.internal.providers.microsoft.microsoftsts.MicrosoftStsOAuth2Strategy;
import com.microsoft.identity.common.internal.providers.microsoft.microsoftsts.MicrosoftStsTokenResponse;
import com.microsoft.identity.common.internal.providers.oauth2.OpenIdConnectPromptParameter;
import com.microsoft.identity.common.internal.request.BrokerAcquireTokenOperationParameters;
import com.microsoft.identity.common.internal.request.BrokerAcquireTokenSilentOperationParameters;
import com.microsoft.identity.common.internal.request.BrokerRequestAdapterFactory;
import com.microsoft.identity.common.internal.request.SdkType;
import com.microsoft.identity.common.internal.ui.AuthorizationAgent;
import com.microsoft.identity.common.internal.util.StringUtil;
import com.microsoft.workaccount.authenticatorservice.KeyHandler;
import com.microsoft.workaccount.authenticatorservice.ReencryptionManager;
import com.microsoft.workaccount.workplacejoin.AccountManagerStorageHelper;
import com.microsoft.workaccount.workplacejoin.core.WorkplaceJoinApplication;
import java.net.MalformedURLException;
import java.net.URL;
import java.util.ArrayList;
import java.util.HashSet;
import java.util.regex.Pattern;

/* loaded from: classes.dex */
public class BrokerUtils {
    private static final String TAG = "com.microsoft.identity.client.BrokerUtils";

    public static boolean checkForCallerPackageName(Context context, String str) {
        String[] packagesForUid = context.getPackageManager().getPackagesForUid(Binder.getCallingUid());
        if (packagesForUid != null) {
            for (String str2 : packagesForUid) {
                if (str.equalsIgnoreCase(str2)) {
                    return true;
                }
            }
        }
        return false;
    }

    public static Bundle createHelloResultBundle(Bundle bundle) {
        String string = bundle.getString(AuthenticationConstants.Broker.CLIENT_ADVERTISED_MAXIMUM_BP_VERSION_KEY);
        String string2 = bundle.getString(AuthenticationConstants.Broker.CLIENT_CONFIGURED_MINIMUM_BP_VERSION_KEY);
        Logger.info(TAG + "#createHelloResultBundle", "The broker protocol version of the calling app is [" + string + "], the required broker protocol version of the calling app is [" + string2 + "], the broker protocol version of broker app is [" + AuthenticationConstants.Broker.BROKER_PROTOCOL_VERSION_CODE + "]");
        if (StringUtil.compareSemanticVersion(AuthenticationConstants.Broker.BROKER_PROTOCOL_VERSION_CODE, string) != -1) {
            Logger.info(TAG + "#createHelloResultBundle", "BROKER_PROTOCOL_VERSION_CODE[ + 3.0] >= CLIENT_ADVERTISED_MAXIMUM_BP_VERSION_KEY[" + string + "]. Able to establish the connect, protocol version in common is " + string);
            Bundle bundle2 = new Bundle();
            bundle2.putString(AuthenticationConstants.Broker.NEGOTIATED_BP_VERSION_KEY, string);
            return bundle2;
        }
        if (StringUtil.isEmpty(string2) || !(StringUtil.isEmpty(string2) || StringUtil.compareSemanticVersion(string2, AuthenticationConstants.Broker.BROKER_PROTOCOL_VERSION_CODE) == 1)) {
            Logger.info(TAG + "#createHelloResultBundle", "BROKER_PROTOCOL_VERSION_CODE[ + 3.0] >= CLIENT_CONFIGURED_MINIMUM_BP_VERSION_KEY[" + string2 + "].Able to establish the connect, the broker protocol version in common is [" + AuthenticationConstants.Broker.BROKER_PROTOCOL_VERSION_CODE + "]");
            Bundle bundle3 = new Bundle();
            bundle3.putString(AuthenticationConstants.Broker.NEGOTIATED_BP_VERSION_KEY, AuthenticationConstants.Broker.BROKER_PROTOCOL_VERSION_CODE);
            return bundle3;
        }
        Logger.warn(TAG + "#createHelloResultBundle", "BROKER_PROTOCOL_VERSION_CODE[ + 3.0] < CLIENT_CONFIGURED_MINIMUM_BP_VERSION_KEY[" + string2 + "].Unable to establish the connect, the required broker protocol version of the calling app is [" + string2 + "], the broker protocol version in common[" + AuthenticationConstants.Broker.BROKER_PROTOCOL_VERSION_CODE + "]");
        Bundle bundle4 = new Bundle();
        bundle4.putString("error", ErrorStrings.UNSUPPORTED_BROKER_VERSION);
        bundle4.putString("error_description", "The calling app is not supported by the broker.");
        return bundle4;
    }

    public static void deleteBrokerRT(Account account, Context context) {
        try {
            saveBrokerRT(account, context, "");
        } catch (ClientException e) {
            Logger.error(TAG + ":deleteBrokerRT", "Fail to create hash for broker RT", e);
        }
    }

    public static void deletePRT(Account account, Context context) {
        new KeyHandler(context).deletePRT(account);
    }

    public static String getAccountUpnFromCache(Context context, AccountManagerStorageHelper accountManagerStorageHelper, String str, String str2) {
        IAccountRecord accountWithLocalAccountId = BrokerClientApplication.getInstance(context).getAccountWithLocalAccountId(str, str2, Binder.getCallingUid(), context);
        if (accountWithLocalAccountId != null && !TextUtils.isEmpty(accountWithLocalAccountId.getUsername())) {
            String username = accountWithLocalAccountId.getUsername();
            Logger.info(TAG, "Account found in unified cache, username retrieved");
            return username;
        }
        Logger.info(TAG, "Account not find in unified cache, trying to get username from Account manager cache");
        for (Account account : getAllAccounts(context)) {
            String accountHomeAccountId = accountManagerStorageHelper.getAccountHomeAccountId(account);
            String accountUserIdList = accountManagerStorageHelper.getAccountUserIdList(account);
            if ((!TextUtils.isEmpty(accountHomeAccountId) && accountHomeAccountId.contains(str)) || (!TextUtils.isEmpty(accountUserIdList) && accountUserIdList.contains(str))) {
                String str3 = account.name;
                Logger.info(TAG, "Account found in AccountManager cache, username retrieved");
                return str3;
            }
        }
        return "";
    }

    public static BrokerAcquireTokenOperationParameters getAcquireTokenParametersForBrokerRTRequest(Activity activity, String str, String str2, String str3) {
        BrokerAcquireTokenOperationParameters brokerAcquireTokenOperationParameters = new BrokerAcquireTokenOperationParameters();
        brokerAcquireTokenOperationParameters.setAuthority(Authority.getAuthorityFromAuthorityUrl(str2));
        HashSet hashSet = new HashSet();
        hashSet.add(TokenCacheItemMigrationAdapter.getScopeFromResource(str3));
        brokerAcquireTokenOperationParameters.setScopes(hashSet);
        brokerAcquireTokenOperationParameters.setAuthorizationAgent(AuthorizationAgent.WEBVIEW);
        brokerAcquireTokenOperationParameters.setClientId(WorkplaceJoinApplication.CLIENT_ID);
        brokerAcquireTokenOperationParameters.setRedirectUri(WorkplaceJoinApplication.OAuthRedirectUrl);
        brokerAcquireTokenOperationParameters.setLoginHint(str);
        ArrayList arrayList = new ArrayList();
        arrayList.add(new Pair<>("msafed", "0"));
        brokerAcquireTokenOperationParameters.setExtraQueryStringParameters(arrayList);
        brokerAcquireTokenOperationParameters.setAppContext(activity.getApplicationContext());
        brokerAcquireTokenOperationParameters.setActivity(activity);
        brokerAcquireTokenOperationParameters.setOpenIdConnectPromptParameter(OpenIdConnectPromptParameter.NONE);
        brokerAcquireTokenOperationParameters.setRequestType(BrokerAcquireTokenOperationParameters.RequestType.BROKER_RT_REQUEST);
        brokerAcquireTokenOperationParameters.setSdkType(SdkType.ADAL);
        return brokerAcquireTokenOperationParameters;
    }

    public static Account[] getAllAccounts(Context context) {
        return AccountManager.get(context).getAccountsByType("com.microsoft.workaccount");
    }

    public static String getBrokerRT(Account account, Context context) throws ClientException {
        return new AccountManagerStorageHelper(context).getBRT(account);
    }

    public static CacheRecord getCacheRecordFromWPJAccount(Context context, String str) {
        AccountManagerStorageHelper accountManagerStorageHelper = new AccountManagerStorageHelper(context);
        Account wPJAccount = accountManagerStorageHelper.getWPJAccount();
        if (wPJAccount == null) {
            Logger.info(TAG + ":getCacheRecordFromWPJAccount", "No WPJ account, cache record cannot be added ");
            return null;
        }
        String pRTAuthority = accountManagerStorageHelper.getPRTAuthority(wPJAccount);
        String environmentFromAuthority = TextUtils.isEmpty(pRTAuthority) ? null : getEnvironmentFromAuthority(pRTAuthority);
        String accountTenantId = accountManagerStorageHelper.getAccountTenantId(wPJAccount);
        String accountHomeAccountId = accountManagerStorageHelper.getAccountHomeAccountId(wPJAccount);
        AccountRecord accountRecord = new AccountRecord();
        accountRecord.setUsername(wPJAccount.name);
        accountRecord.setRealm(accountTenantId);
        accountRecord.setHomeAccountId(accountHomeAccountId);
        accountRecord.setLocalAccountId(getUIdFromHomeAccountId(accountHomeAccountId));
        accountRecord.setAuthorityType(MicrosoftAccount.AUTHORITY_TYPE_V1_V2);
        accountRecord.setFirstName(accountManagerStorageHelper.getAccountGivenName(wPJAccount));
        accountRecord.setName(accountManagerStorageHelper.getAccountGivenName(wPJAccount));
        accountRecord.setFamilyName(accountManagerStorageHelper.getAccountFamilyName(wPJAccount));
        accountRecord.setEnvironment(environmentFromAuthority);
        String prtIdToken = accountManagerStorageHelper.getPrtIdToken(wPJAccount);
        IdTokenRecord idTokenRecord = new IdTokenRecord();
        idTokenRecord.setHomeAccountId(accountHomeAccountId);
        idTokenRecord.setRealm(accountTenantId);
        idTokenRecord.setCredentialType(SchemaUtil.getCredentialTypeFromVersion(prtIdToken));
        idTokenRecord.setSecret(prtIdToken);
        idTokenRecord.setAuthority(pRTAuthority);
        idTokenRecord.setClientId(str);
        idTokenRecord.setEnvironment(environmentFromAuthority);
        CacheRecord cacheRecord = new CacheRecord();
        cacheRecord.setAccount(accountRecord);
        cacheRecord.setIdToken(idTokenRecord);
        return cacheRecord;
    }

    public static String getEnvironmentFromAuthority(String str) {
        try {
            URL url = new URL(str);
            AzureActiveDirectoryCloud azureActiveDirectoryCloud = AzureActiveDirectory.getAzureActiveDirectoryCloud(url);
            if (azureActiveDirectoryCloud == null) {
                return url.getHost();
            }
            String preferredCacheHostName = azureActiveDirectoryCloud.getPreferredCacheHostName();
            Logger.info(TAG + ":getEnvironmentFromAuthority", "Using preferred cache host name...");
            Logger.infoPII(TAG + ":getEnvironmentFromAuthority", "Preferred cache hostname: [" + preferredCacheHostName + "]");
            return preferredCacheHostName;
        } catch (MalformedURLException e) {
            Logger.error(TAG + ":getEnvironmentFromAuthority", " Malformed authority", e);
            return null;
        }
    }

    public static BrokerAcquireTokenOperationParameters getInteractiveOperationParameters(Activity activity) {
        BrokerAcquireTokenOperationParameters brokerInteractiveParametersFromActivity = BrokerRequestAdapterFactory.getBrokerRequestAdapter(activity.getIntent().getExtras()).brokerInteractiveParametersFromActivity(activity);
        brokerInteractiveParametersFromActivity.setTokenCache(BrokerClientApplication.getInstance(brokerInteractiveParametersFromActivity.getAppContext()).getBrokerCache(activity.getApplicationContext(), brokerInteractiveParametersFromActivity.getCallerUId()));
        return brokerInteractiveParametersFromActivity;
    }

    public static BrokerAcquireTokenSilentOperationParameters getSilentOperationParameters(Context context, Bundle bundle, Account account) {
        BrokerAcquireTokenSilentOperationParameters brokerSilentParametersFromBundle = BrokerRequestAdapterFactory.getBrokerRequestAdapter(bundle).brokerSilentParametersFromBundle(bundle, context, account);
        BrokerOAuth2TokenCache<MicrosoftStsOAuth2Strategy, MicrosoftStsAuthorizationRequest, MicrosoftStsTokenResponse, MicrosoftAccount, MicrosoftRefreshToken> brokerCache = BrokerClientApplication.getInstance(context).getBrokerCache(context, brokerSilentParametersFromBundle.getCallerUId());
        brokerSilentParametersFromBundle.setTokenCache(brokerCache);
        AccountManagerStorageHelper accountManagerStorageHelper = new AccountManagerStorageHelper(context);
        if (TextUtils.isEmpty(brokerSilentParametersFromBundle.getHomeAccountId())) {
            brokerSilentParametersFromBundle.setHomeAccountId(accountManagerStorageHelper.getAccountHomeAccountId(account));
        }
        if (TextUtils.isEmpty(brokerSilentParametersFromBundle.getLocalAccountId())) {
            brokerSilentParametersFromBundle.setLocalAccountId(getUserIdFromAccount(account, context, brokerSilentParametersFromBundle.getAuthority()));
        }
        if (!TextUtils.isEmpty(brokerSilentParametersFromBundle.getClientId()) && !TextUtils.isEmpty(brokerSilentParametersFromBundle.getLocalAccountId())) {
            brokerSilentParametersFromBundle.setAccount(brokerCache.getAccountByLocalAccountId(null, brokerSilentParametersFromBundle.getClientId(), brokerSilentParametersFromBundle.getLocalAccountId()));
        }
        return brokerSilentParametersFromBundle;
    }

    public static String getUIdFromHomeAccountId(String str) {
        if (!TextUtils.isEmpty(str)) {
            String[] split = str.split(Pattern.quote("."));
            if (split.length == 2) {
                Logger.info(TAG + ":getUIdFromHomeAccountId", "Home account id is tenanted, returning uid ");
                return split[0];
            }
            if (split.length == 1) {
                Logger.info(TAG + ":getUIdFromHomeAccountId", "Home account id not tenanted, it's the uid added by v1 broker ");
                return split[0];
            }
        }
        Logger.warn(TAG + ":getUIdFromHomeAccountId", "Home Account id doesn't have uid or tenant id information, returning null ");
        return null;
    }

    private static String getUserIdFromAccount(Account account, Context context, Authority authority) {
        AccountManagerStorageHelper accountManagerStorageHelper = new AccountManagerStorageHelper(context);
        if (authority instanceof AzureActiveDirectoryAuthority) {
            String tenantId = ((AzureActiveDirectoryAuthority) authority).mAudience.getTenantId();
            if (!TextUtils.isEmpty(tenantId)) {
                if (tenantId.equalsIgnoreCase("common")) {
                    String uIdFromHomeAccountId = getUIdFromHomeAccountId(accountManagerStorageHelper.getAccountHomeAccountId(account));
                    if (TextUtils.isEmpty(uIdFromHomeAccountId)) {
                        Logger.warn(TAG + "getUserIdFromAccount", "Unable to get uId from home account id cache lookup will be skipped");
                    }
                    return uIdFromHomeAccountId;
                }
                for (String str : accountManagerStorageHelper.getAccountUserIdList(account).split(Pattern.quote("$"))) {
                    String[] split = str.split(Pattern.quote("."));
                    if (split.length == 2 && split[1].equalsIgnoreCase(tenantId)) {
                        Logger.info(TAG + "getUserIdFromAccount", "Guest Tenant, user id found in Account Manager data");
                        return split[0];
                    }
                    Logger.warn(TAG + "getUserIdFromAccount", "User id doesn't have tenant id information,cache lookup will be skipped");
                }
            }
        }
        Logger.info(TAG + "getUserIdFromAccount", "No user id found in Account Manager data, cache lookup will be skipped ");
        return null;
    }

    public static boolean isCallingAppBroker(String str) {
        return str.equalsIgnoreCase("com.azure.authenticator") || str.equalsIgnoreCase("com.microsoft.windowsintune.companyportal");
    }

    public static boolean isRunningOnAuthService(Context context) {
        String str = context.getPackageName() + ":auth";
        int myPid = Process.myPid();
        ActivityManager activityManager = (ActivityManager) context.getSystemService("activity");
        if (activityManager == null || activityManager.getRunningAppProcesses() == null) {
            return false;
        }
        for (ActivityManager.RunningAppProcessInfo runningAppProcessInfo : activityManager.getRunningAppProcesses()) {
            if (runningAppProcessInfo.pid == myPid && runningAppProcessInfo.processName.equalsIgnoreCase(str)) {
                return true;
            }
        }
        return false;
    }

    public static void reEncryptDataIfNeeded(String str, Context context) {
        new ReencryptionManager(context).execute(str);
    }

    public static void saveBrokerRT(Account account, Context context, String str) throws ClientException {
        new AccountManagerStorageHelper(context).setBRT(account, str);
    }
}
