package com.microsoft.workaccount.workplacejoin;

import android.accounts.Account;
import android.accounts.AccountAuthenticatorResponse;
import android.accounts.AccountManager;
import android.accounts.AccountManagerCallback;
import android.accounts.AccountManagerFuture;
import android.accounts.AuthenticatorDescription;
import android.accounts.AuthenticatorException;
import android.accounts.OperationCanceledException;
import android.app.Activity;
import android.content.Context;
import android.content.ContextWrapper;
import android.content.Intent;
import android.os.Build;
import android.os.Bundle;
import android.os.Handler;
import android.os.Looper;
import android.os.Process;
import android.text.TextUtils;
import android.util.Log;
import android.widget.Toast;
import com.google.gson.Gson;
import com.microsoft.aad.adal.unity.ADALError;
import com.microsoft.aad.adal.unity.AccountActivity;
import com.microsoft.aad.adal.unity.AuthenticationConstants;
import com.microsoft.aad.adal.unity.AuthenticationContext;
import com.microsoft.aad.adal.unity.AuthenticationException;
import com.microsoft.aad.adal.unity.AuthenticationResult;
import com.microsoft.aad.adal.unity.AuthenticationSettings;
import com.microsoft.aad.adal.unity.BrokerClient;
import com.microsoft.aad.adal.unity.BrokerClientException;
import com.microsoft.aad.adal.unity.BrokerRequest;
import com.microsoft.aad.adal.unity.BrokerTokenResult;
import com.microsoft.aad.adal.unity.Oauth2;
import com.microsoft.aad.adal.unity.PRTResult;
import com.microsoft.aad.adal.unity.PackageHelper;
import com.microsoft.aad.adal.unity.PromptBehavior;
import com.microsoft.aad.adal.unity.StringExtensions;
import com.microsoft.aad.adal.unity.UserInfo;
import com.microsoft.omadm.apppolicy.DatabaseAppPolicy;
import com.microsoft.workaccount.R;
import com.microsoft.workaccount.authenticatorservice.AccountManagerCache;
import com.microsoft.workaccount.authenticatorservice.KeyHandler;
import com.microsoft.workaccount.workplacejoin.PrtSetupTask;
import com.microsoft.workaccount.workplacejoin.WorkplaceJoin;
import com.microsoft.workaccount.workplacejoin.core.CertificateData;
import com.microsoft.workaccount.workplacejoin.core.DRSMetadata;
import com.microsoft.workaccount.workplacejoin.core.DeviceEnrollment;
import com.microsoft.workaccount.workplacejoin.core.PKCS10CertGenerator;
import com.microsoft.workaccount.workplacejoin.core.PKCS12CertGenerator;
import com.microsoft.workaccount.workplacejoin.core.SessionTransportKey;
import com.microsoft.workaccount.workplacejoin.core.StringHelper;
import com.microsoft.workaccount.workplacejoin.core.WorkplaceJoinApplication;
import com.microsoft.workaccount.workplacejoin.core.WorkplaceJoinFailure;
import com.microsoft.workaccount.workplacejoin.core.WorkplaceJoinService;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.net.URLDecoder;
import java.security.KeyPair;
import java.security.NoSuchAlgorithmException;
import java.util.GregorianCalendar;
import java.util.HashMap;
import java.util.Map;
import java.util.StringTokenizer;
import java.util.TimeZone;
import java.util.UUID;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.Executors;
import org.json.JSONException;

/* loaded from: classes.dex */
public class BrokerContext {
    public static final int BROKER_ADD_ACCOUNT_PRT_BROKER_REQUEST = 2228;
    public static final int BROKER_ADD_ACCOUNT_REGISTER_DEVICE = 2227;
    public static final int BROKER_ADD_ACCOUNT_REQUEST = 2222;
    public static final int BROKER_ADD_ACCOUNT_RESOLVE_INTERRUPT = 2226;
    public static final int BROKER_ADD_ACCOUNT_SSO_BROKER_REQUEST = 2223;
    public static final String BROKER_AUTHORITY_PPE = "https://login.windows-ppe.net/common";
    public static final String BROKER_AUTHORITY_PROD = "https://login.windows.net/common";
    public static final int BROKER_CHOOSE_ACCOUNT_REQUEST = 2224;
    public static final String BROKER_CLIENT_ID = "29d9ed98-a469-4536-ade2-f981bc1d605e";
    public static final String BROKER_REDIRECT = "urn:ietf:wg:oauth:2.0:oob";
    public static final String BROKER_REDIRECT_CLIENT = "urn:ietf:wg:oauth:2.0:oob";
    public static final String BROKER_RESOURCE_DRS_PPE = "urn:ms-drs:enterpriseregistration-ppe.windows.net";
    public static final String BROKER_RESOURCE_DRS_PROD = "urn:ms-drs:enterpriseregistration.windows.net";
    public static final String BROKER_RESOURCE_GRAPH = "00000002-0000-0000-c000-000000000000";
    public static final int BROKER_SHOW_ACCOUNTS = 2225;
    public static final String EXTRA_QP_FOR_DRS_TOKEN_REQUEST = "nux=1&msafed=0";
    static final String FAIL_TO_CREATE_CACHE = "fail_to_create_cache";
    public static final int sPRTSetupTotalTimeInMiliSeconds = 120000;
    private AccountManagerCache mAccountManagerCache;
    private AccountManagerStorageHelper mAccountManagerStorageHelper;
    private int mCallingAppUid;
    private String mCallingPackage;
    private Context mContext;
    private UUID mCorrelationId;
    private DiscoveryEndpoint mDiscoveryEndpoint;
    Handler mHandler;
    private int mWaitingRequestId;
    private static final String TAG = BrokerContext.class.getSimpleName() + "#";
    protected static final CharSequence DEFAULT_AUTHORIZE_ENDPOINT = Oauth2.DEFAULT_AUTHORIZE_ENDPOINT;
    private static ExecutorService sThreadExecutor = Executors.newSingleThreadExecutor();
    private static final String[] ALLOWED_QPS = {"mamver", "msafed"};
    BrokerRequest mAuthRequest = null;
    private AccountAuthenticatorResponse mAccountAuthenticatorResponse = null;
    private Bundle mAuthenticatorResultBundle = null;
    private boolean mIsJsonResponse = false;

    /* loaded from: classes.dex */
    public interface OnAccountCallback<T> {
        void onException(Exception exc);

        void onSuccess(T t);
    }

    /* loaded from: classes.dex */
    public interface OnPrtRequestListener {
        void onResult(PrtTaskResult prtTaskResult);
    }

    public BrokerContext(Context context) {
        this.mHandler = new Handler();
        this.mContext = context;
        this.mHandler = new Handler(context.getMainLooper());
        BrokerClient.setBrokerVersion(WorkplaceJoin.API_VERSION);
    }

    private void acquireTokenForForcePrompt(final Activity activity, boolean z, final String str) {
        Logger.v(TAG + "acquireTokenForForcePrompt", "Force prompt is set on the request, try to launch UI.");
        if (!z) {
            launchAccount(activity, false, BROKER_ADD_ACCOUNT_REQUEST);
        } else if (isSTKMissing(this.mContext)) {
            updateAccount(this.mContext, new WorkplaceJoinService.OnUpdateDeviceListener() { // from class: com.microsoft.workaccount.workplacejoin.BrokerContext.1
                @Override // com.microsoft.workaccount.workplacejoin.core.WorkplaceJoinService.OnUpdateDeviceListener
                public void onComplete(boolean z2, Exception exc) {
                    if (z2) {
                        Logger.v(BrokerContext.TAG + "acquireTokenForForcePrompt", "STK patching completed successfully.");
                        BrokerContext.this.launchAccountForBrokerRT(activity, true, str, BrokerContext.BROKER_ADD_ACCOUNT_PRT_BROKER_REQUEST);
                    } else if (exc != null) {
                        Logger.e(BrokerContext.TAG + "acquireTokenForForcePrompt", "STK patching failed with exception " + exc.getMessage(), WorkplaceJoinFailure.DRS);
                        BrokerContext.this.returnError(activity, ADALError.SERVER_ERROR, exc.getMessage());
                    } else {
                        Logger.v(BrokerContext.TAG + "acquireTokenForForcePrompt", "STK patching doesn't complete successfully.");
                        BrokerContext.this.returnError(activity, ADALError.AUTH_FAILED_BAD_STATE, "STK patching failed, cannot continue with prt acquisition.");
                    }
                }
            });
        } else {
            launchAccountForBrokerRT(activity, true, str, BROKER_ADD_ACCOUNT_PRT_BROKER_REQUEST);
        }
    }

    private void acquireTokenForNonJoinedAccount(Activity activity, Account account) {
        AuthenticationResult authenticationResult = null;
        try {
            authenticationResult = acquireTokenSilentWithBrokerCache(this.mAccountManagerCache, shouldBlockMSAAccount(account, this.mAuthRequest.getExtraQueryParamsAuthentication(), getAccountManagerStorageHelper()));
        } catch (AuthenticationException e) {
            Logger.v(TAG, "Silent request fails for non-joined account, try to launch UI");
        }
        if (authenticationResult == null || StringHelper.IsNullOrBlank(authenticationResult.getAccessToken())) {
            launchAccount(activity, false, BROKER_ADD_ACCOUNT_REQUEST);
        } else {
            returnAuthenticationResult(activity, authenticationResult, account.name);
        }
    }

    private AuthenticationResult acquireTokenSilentWithBrokerCache(AccountManagerCache accountManagerCache, boolean z) {
        if (z) {
            Logger.v(TAG + "acquireTokenSilentWithBrokerCache", "msafed=0 is passed, stored account is MSA account. Cannot returned the token silently.");
            return null;
        }
        AuthenticationSettings.INSTANCE.setSkipBroker(true);
        AuthenticationContext authenticationContext = new AuthenticationContext(this.mContext, this.mAuthRequest.getAuthority(), false, accountManagerCache);
        authenticationContext.setRequestCorrelationId(this.mAuthRequest.getCorrelationId());
        Logger.v(TAG + "acquireTokenSilentWithBrokerCache", "Request for resource:" + this.mAuthRequest.getResource() + " clientid:" + this.mAuthRequest.getClientId());
        Logger.v(TAG + "acquireTokenSilentWithBrokerCache", "Acquiring token silently. Resource: " + this.mAuthRequest.getResource() + " clientId: " + this.mAuthRequest.getClientId());
        return authenticationContext.acquireTokenSilentSync(this.mAuthRequest.getResource(), this.mAuthRequest.getClientId(), null, BrokerClient.getBrokerRedirectUri(this.mContext, this.mCallingPackage));
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void acquireTokenWithPRT(final AccountManagerStorageHelper accountManagerStorageHelper, final Account account, final AccountManagerCache accountManagerCache, final String str, final Activity activity) {
        Logger.v(TAG + "acquireTokenWithPRT", "Try to use PRT to get a new access token.");
        if (isSTKMissing(this.mContext)) {
            Logger.v(TAG + "acquireTokenWithPRT", "Joined but stk is missing, starting doing stk patching.");
            updateAccount(this.mContext, new WorkplaceJoinService.OnUpdateDeviceListener() { // from class: com.microsoft.workaccount.workplacejoin.BrokerContext.2
                @Override // com.microsoft.workaccount.workplacejoin.core.WorkplaceJoinService.OnUpdateDeviceListener
                public void onComplete(boolean z, Exception exc) {
                    if (z) {
                        Logger.v(BrokerContext.TAG + "acquireTokenWithPRT", "STK patching completed successfully. ");
                        BrokerContext.this.setupPRTandAcquireToken(activity, account, accountManagerStorageHelper, accountManagerCache, str);
                    } else if (exc != null) {
                        Logger.e(BrokerContext.TAG + "acquireTokenWithPRT", "STK patching failed with exception " + exc.getMessage(), WorkplaceJoinFailure.DRS);
                        BrokerContext.this.handleSTKPatchingFailure(activity, str, ADALError.SERVER_ERROR, exc.getMessage());
                    } else {
                        Logger.v(BrokerContext.TAG + "acquireTokenWithPRT", "STK patching doesn't complete successfully.");
                        BrokerContext.this.handleSTKPatchingFailure(activity, str, ADALError.AUTH_FAILED_BAD_STATE, "STK patching failed, cannot continue with prt acquisition.");
                    }
                }
            });
        } else {
            Logger.v(TAG + "acquireTokenWithPRT", "Joined and stk is not missing, start prt acquisition.");
            setupPRTandAcquireToken(activity, account, accountManagerStorageHelper, accountManagerCache, str);
        }
    }

    private Account addAccountOnDeviceRegistrationSuccess(Activity activity, String str, AuthenticationResult authenticationResult) {
        String string = activity.getResources().getString(R.string.account_type);
        String str2 = str;
        if (!TextUtils.isEmpty(WorkplaceJoinApplication.DisplayableId)) {
            str2 = WorkplaceJoinApplication.DisplayableId;
        }
        AccountManagerStorageHelper accountManagerStorageHelper = new AccountManagerStorageHelper(activity);
        Logger.v(TAG + "addAccountOnDeviceRegistrationSuccess", "Creating account: '" + str2 + "'");
        Account createAccount = accountManagerStorageHelper.createAccount(str2, str, "", string);
        accountManagerStorageHelper.initAccount(createAccount, WorkplaceJoinApplication.certData, WorkplaceJoinApplication.cert, WorkplaceJoinApplication.UPN, WorkplaceJoinApplication.UPN, WorkplaceJoinApplication.getDeviceId(), false);
        UserInfo userInfo = authenticationResult.getUserInfo();
        if (userInfo != null) {
            accountManagerStorageHelper.setAccountUserId(createAccount, userInfo.getUserId());
            accountManagerStorageHelper.setAccountGivenName(createAccount, userInfo.getGivenName());
            accountManagerStorageHelper.setAccountFamilyName(createAccount, userInfo.getFamilyName());
            accountManagerStorageHelper.setAccountIdp(createAccount, userInfo.getIdentityProvider());
            accountManagerStorageHelper.setAccountDisplayableUserId(createAccount, userInfo.getDisplayableId());
        }
        try {
            saveBrokerRT(accountManagerStorageHelper, authenticationResult.getRefreshToken(), createAccount);
        } catch (UnsupportedEncodingException | NoSuchAlgorithmException e) {
            Logger.e(TAG + "addAccountOnDeviceRegistrationSuccess", "Fail to save broker RT " + e.getMessage(), WorkplaceJoinFailure.INTERNAL, e);
        }
        return createAccount;
    }

    private AccountManagerCache createAccountManagerCacheFromReturnedResult(AuthenticationResult authenticationResult) throws BrokerClientException {
        if (authenticationResult == null || authenticationResult.getUserInfo() == null || TextUtils.isEmpty(authenticationResult.getUserInfo().getDisplayableId())) {
            throw new BrokerClientException(FAIL_TO_CREATE_CACHE);
        }
        return new AccountManagerCache(new Account(authenticationResult.getUserInfo().getDisplayableId(), "com.microsoft.workaccount"), this.mCallingAppUid, this.mContext);
    }

    private Map<String, String> decodeUrlToMap(String str) throws UnsupportedEncodingException {
        HashMap hashMap = new HashMap();
        if (!TextUtils.isEmpty(str)) {
            StringTokenizer stringTokenizer = new StringTokenizer(str, "&");
            while (stringTokenizer.hasMoreTokens()) {
                String[] split = stringTokenizer.nextToken().split("=");
                if (split.length == 2) {
                    String urlDecode = urlDecode(split[0]);
                    String urlDecode2 = urlDecode(split[1]);
                    if (!TextUtils.isEmpty(urlDecode) && !TextUtils.isEmpty(urlDecode2)) {
                        hashMap.put(urlDecode, urlDecode2);
                    }
                }
            }
        }
        return hashMap;
    }

    private String filterQueryString(String str) throws UnsupportedEncodingException {
        Map<String, String> decodeUrlToMap = decodeUrlToMap(str);
        StringBuilder sb = new StringBuilder();
        for (int i = 0; i < ALLOWED_QPS.length; i++) {
            String str2 = decodeUrlToMap.get(ALLOWED_QPS[i]);
            if (!TextUtils.isEmpty(str2)) {
                sb.append(String.format("&%s=%s", ALLOWED_QPS[i], str2));
            }
        }
        return sb.toString();
    }

    private void finish(Activity activity) {
        if (this.mAccountAuthenticatorResponse != null) {
            if (this.mAuthenticatorResultBundle != null) {
                this.mAccountAuthenticatorResponse.onResult(this.mAuthenticatorResultBundle);
            } else {
                this.mAccountAuthenticatorResponse.onError(4, "canceled");
            }
            this.mAccountAuthenticatorResponse = null;
        }
        activity.finish();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void forceBrokerRTAcquisition(Activity activity, KeyHandler keyHandler, AccountManagerStorageHelper accountManagerStorageHelper, Account account) {
        Logger.v(TAG, "update PRT and refresh token for broker. ");
        keyHandler.deletePRT();
        try {
            accountManagerStorageHelper.setAccountData(account, StringExtensions.createHash(AuthenticationConstants.Broker.USERDATA_BROKER_RT + account.name), "");
        } catch (UnsupportedEncodingException | NoSuchAlgorithmException e) {
            Logger.e(TAG, "Fail to create hash for broker RT", WorkplaceJoinFailure.INTERNAL, e);
        }
        launchAccountForBrokerRT(activity, false, account.name, BROKER_ADD_ACCOUNT_PRT_BROKER_REQUEST);
    }

    private Account getAccount(AccountManager accountManager, String str) {
        Account[] accountsByType = accountManager.getAccountsByType("com.microsoft.workaccount");
        if (accountsByType.length <= 0) {
            throw new IllegalArgumentException("Empty account list");
        }
        for (Account account : accountsByType) {
            if (account.name.equalsIgnoreCase(str)) {
                return account;
            }
        }
        return null;
    }

    private Account[] getAccountList() {
        return AccountManager.get(this.mContext).getAccountsByType("com.microsoft.workaccount");
    }

    /* JADX INFO: Access modifiers changed from: private */
    public AccountManagerCache getAccountManagerCache(Account account) {
        return this.mAccountManagerCache == null ? new AccountManagerCache(account, this.mCallingAppUid, this.mContext) : this.mAccountManagerCache;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public AccountManagerStorageHelper getAccountManagerStorageHelper() {
        return this.mAccountManagerStorageHelper == null ? new AccountManagerStorageHelper(this.mContext) : this.mAccountManagerStorageHelper;
    }

    private String getAuthority() {
        return this.mDiscoveryEndpoint == DiscoveryEndpoint.PPE ? BROKER_AUTHORITY_PPE : BROKER_AUTHORITY_PROD;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public UUID getCorrelationId() {
        if (this.mCorrelationId == null) {
            this.mCorrelationId = UUID.randomUUID();
        }
        return this.mCorrelationId;
    }

    private String getCurrentActiveAuthencationVersion(Account account) {
        Logger.v(TAG + "getCurrentActiveAuthencationVersion", "Retrieving the version for current authenticator service.");
        if (Looper.myLooper() == Looper.getMainLooper()) {
            Logger.e(TAG + "getCurrentActiveAuthencationVersion", "Calling getCurrentActiveAuthencationVersion from main thread.", WorkplaceJoinFailure.INTERNAL);
            throw new IllegalArgumentException("Calling getCurrentActiveAuthencationVersion on main thread");
        }
        AccountManager accountManager = AccountManager.get(this.mContext);
        try {
            Bundle bundle = new Bundle();
            bundle.putBoolean(WorkplaceJoinApplication.DATA_VERSION, true);
            Bundle result = accountManager.updateCredentials(account, "adal.authtoken.type", bundle, null, null, null).getResult();
            if (result != null) {
                String string = result.getString(WorkplaceJoinApplication.DATA_VERSION, null);
                if (string != null) {
                    return string;
                }
                Logger.v(TAG + "getCurrentActiveAuthencationVersion", "Retrieved version of current active authenticator is null.");
                return null;
            }
        } catch (Exception e) {
            Logger.e(TAG + "getCurrentActiveAuthencationVersion", "Received exception when retrieving current active authenticator version " + e.getMessage(), WorkplaceJoinFailure.INTERNAL);
        }
        return null;
    }

    private void getDeviceState(Context context, WorkplaceJoinService.OnQueryDeviceListener onQueryDeviceListener) {
        try {
            AccountManagerStorageHelper accountManagerStorageHelper = new AccountManagerStorageHelper(context);
            accountManagerStorageHelper.restoreWPJAccount();
            String wpjUPN = accountManagerStorageHelper.getWpjUPN();
            if (TextUtils.isEmpty(wpjUPN)) {
                Logger.v(TAG + "getDeviceState", "No workaccount found, will not query DRS for device state.");
            } else {
                byte[] wpjPKCS12Certificate = accountManagerStorageHelper.getWpjPKCS12Certificate();
                String wpjDeviceId = accountManagerStorageHelper.getWpjDeviceId();
                if (!StringHelper.IsNullOrBlank(accountManagerStorageHelper.getDeviceIdForExistingAccount(getAccount(accountManagerStorageHelper.getAccountManager(), wpjUPN)))) {
                    Logger.v(TAG + "getDeviceState", "Device is joined, will query DRS for device state...");
                    WorkplaceJoinService.getDeviceRegistrationStatus(context, wpjDeviceId, wpjUPN, getCorrelationId(), wpjPKCS12Certificate, onQueryDeviceListener);
                } else {
                    Logger.v(TAG + "getDeviceState", "Device is not joined, will not query DRS for device state.");
                }
            }
        } catch (Exception e) {
            Logger.e(TAG + "getDeviceState", "Failed to retrieve device state.", WorkplaceJoinFailure.INTERNAL, e);
            onQueryDeviceListener.onError(e);
        }
    }

    private Bundle getUserInfoBundleForAccount(Account account) {
        if (Looper.myLooper() == Looper.getMainLooper()) {
            Logger.e(TAG + "getUserInfoBundleForAccount", "Calling getUserInfoBundleForAccount from main thread.", WorkplaceJoinFailure.INTERNAL);
            throw new IllegalArgumentException("Calling getUserInfoBundleForAccount on main thread");
        }
        AccountManager accountManager = AccountManager.get(this.mContext);
        try {
            Bundle bundle = new Bundle();
            bundle.putBoolean("com.microsoft.workaccount.user.info", true);
            return accountManager.updateCredentials(account, "adal.authtoken.type", bundle, null, null, null).getResult();
        } catch (Exception e) {
            Logger.e(TAG + "getUserInfoBundleForAccount", e.getMessage(), WorkplaceJoinFailure.INTERNAL, e);
            return null;
        }
    }

    private UserInfo getUserInfoFromBundleResult(Bundle bundle) {
        if (bundle != null) {
            return new UserInfo(bundle.getString("account.userinfo.userid"), bundle.getString("account.userinfo.given.name"), bundle.getString("account.userinfo.family.name"), bundle.getString("account.userinfo.identity.provider"), bundle.getString("account.userinfo.userid.displayable"));
        }
        return null;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void handlePRTFailure(final Activity activity, final ADALError aDALError, final String str, final boolean z, final Account account) {
        getDeviceState(this.mContext, new WorkplaceJoinService.OnQueryDeviceListener() { // from class: com.microsoft.workaccount.workplacejoin.BrokerContext.14
            @Override // com.microsoft.workaccount.workplacejoin.core.WorkplaceJoinService.OnQueryDeviceListener
            public void onComplete(boolean z2) {
                Logger.v(BrokerContext.TAG + "handlePRTFailure", "Device state " + Boolean.toString(z2));
                if (!z2) {
                    BrokerContext.this.launchAccount(activity, false, BrokerContext.BROKER_ADD_ACCOUNT_REQUEST);
                } else if (z) {
                    BrokerContext.this.returnError(activity, aDALError, str);
                } else {
                    BrokerContext.this.forceBrokerRTAcquisition(activity, new KeyHandler(BrokerContext.this.mContext), BrokerContext.this.getAccountManagerStorageHelper(), account);
                }
            }

            @Override // com.microsoft.workaccount.workplacejoin.core.WorkplaceJoinService.OnQueryDeviceListener
            public void onError(Exception exc) {
                Logger.e(BrokerContext.TAG + "handlePRTFailure", exc.getMessage(), WorkplaceJoinFailure.INTERNAL);
                BrokerContext.this.returnError(activity, aDALError, str);
            }
        });
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void handleSTKPatchingFailure(final Activity activity, final String str, final ADALError aDALError, final String str2) {
        getDeviceState(this.mContext, new WorkplaceJoinService.OnQueryDeviceListener() { // from class: com.microsoft.workaccount.workplacejoin.BrokerContext.15
            @Override // com.microsoft.workaccount.workplacejoin.core.WorkplaceJoinService.OnQueryDeviceListener
            public void onComplete(boolean z) {
                if (z) {
                    BrokerContext.this.returnError(activity, aDALError, str2);
                } else {
                    Logger.v(BrokerContext.TAG + "handleSTKPatchingFailure", "STK patching fails because device state is no longer valid, start rejoining.");
                    BrokerContext.this.rejoinAccount(activity, str);
                }
            }

            @Override // com.microsoft.workaccount.workplacejoin.core.WorkplaceJoinService.OnQueryDeviceListener
            public void onError(Exception exc) {
                Logger.e(BrokerContext.TAG + "handleSTKPatchingFailure", exc.getMessage(), WorkplaceJoinFailure.INTERNAL);
                BrokerContext.this.returnError(activity, aDALError, str2);
            }
        });
    }

    private boolean hasAccount(Account[] accountArr, String str) {
        if (accountArr == null || accountArr.length <= 0) {
            return false;
        }
        for (Account account : accountArr) {
            if (account != null && account.name.equalsIgnoreCase(str)) {
                return true;
            }
        }
        return false;
    }

    private boolean isRequestFailedOrCancelled(int i) {
        return i == 0 || i == 2001 || i == 2002;
    }

    private boolean isRequestFromBrokerResumeRequest(Activity activity) {
        Intent intent = activity.getIntent();
        if (intent == null || StringHelper.IsNullOrBlank(intent.getStringExtra("com.microsoft.aadbroker.adal.broker.request.resume")) || StringHelper.IsNullOrBlank(this.mCallingPackage)) {
            Logger.v(TAG + "isRequestFromBrokerResumeRequest", "Not a broker resume request.");
            return false;
        }
        Logger.v(TAG + "isRequestFromBrokerResumeRequest", "Launching intent for package:" + this.mCallingPackage);
        return true;
    }

    private boolean isSTKMissing(Context context) {
        return new SessionTransportKey(context).getSessionTransportKey() == null;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void joinAccount(final Activity activity, final String str) {
        setRequest(activity);
        WorkplaceJoinService.saveDiscoveryFlag(activity, getDiscoveryEndpoint());
        WorkplaceJoinService.RequestDeviceRegistrationDiscovery(activity, str, getCorrelationId(), false, new WorkplaceJoinService.OnDeviceRegistrationDiscovery() { // from class: com.microsoft.workaccount.workplacejoin.BrokerContext.9
            @Override // com.microsoft.workaccount.workplacejoin.core.WorkplaceJoinService.OnDeviceRegistrationDiscovery
            public void onEndpointsDiscovery(DRSMetadata dRSMetadata, Exception exc) {
                if (dRSMetadata == null) {
                    Logger.e(BrokerContext.TAG + "joinAccount", "Discovery failed", WorkplaceJoinFailure.DRS, exc);
                    BrokerContext.this.returnError(activity, ADALError.BROKER_ACCOUNT_DEVICE_REGISTRY_FAILURE, "Discovery endpoint failure");
                } else {
                    Logger.d(BrokerContext.TAG + "joinAccount", "Discovery complete, result obtained, obtaining token.  DRSMetadata = " + dRSMetadata);
                    WorkplaceJoinApplication.mDRSMetadata = dRSMetadata;
                    BrokerContext.this.obtainTokenForDRS(activity, str, dRSMetadata, BrokerContext.BROKER_ADD_ACCOUNT_SSO_BROKER_REQUEST);
                }
            }
        });
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void launchAccount(Activity activity, boolean z, int i) {
        Intent intent = new Intent(this.mContext, (Class<?>) AccountActivity.class);
        BrokerRequest brokerRequest = this.mAuthRequest;
        if (brokerRequest == null || activity.getIntent() == null || brokerRequest.getClientId() == null) {
            Logger.v(TAG + "launchAccount", "Creating broker request.");
            brokerRequest = new BrokerRequest(getAuthority(), BROKER_RESOURCE_GRAPH, "29d9ed98-a469-4536-ade2-f981bc1d605e", "urn:ietf:wg:oauth:2.0:oob", null, null, null, null, BrokerClient.AccountRequestType.AddAccount);
            intent.putExtra("caller.info.package", this.mContext.getPackageName());
        } else {
            Logger.v(TAG + "launchAccount", "Broker request is passed.");
            if (TextUtils.isEmpty(this.mCallingPackage)) {
                Logger.v(TAG + "launchAccount", "Calling package is empty, using activity's package.");
                this.mCallingPackage = activity.getCallingPackage();
            }
            Logger.v(TAG + "launchAccount", "Intent's caller package name: " + this.mCallingPackage);
            intent.putExtra("caller.info.package", this.mCallingPackage);
        }
        intent.putExtra("com.microsoft.aadbroker.adal.broker.request", new Gson().toJson(brokerRequest));
        intent.putExtra(AuthenticationConstants.Broker.BROKER_RETURN_JSON, true);
        if (z) {
            Logger.v(TAG + "launchAccount", "New account request.");
            intent.putExtra(AuthenticationConstants.Broker.ACCOUNT_ADD_NEW, AuthenticationConstants.Broker.ACCOUNT_ADD_NEW);
        }
        activity.startActivityForResult(intent, i);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void launchAccountForBrokerRT(Activity activity, boolean z, String str, int i) {
        Logger.v(TAG + "launchAccountForBrokerRT", "Acquire new broker RT.");
        Intent intent = new Intent(this.mContext, (Class<?>) AccountActivity.class);
        BrokerRequest brokerRequest = new BrokerRequest(getAuthority(), BROKER_RESOURCE_GRAPH, "29d9ed98-a469-4536-ade2-f981bc1d605e", "urn:ietf:wg:oauth:2.0:oob", str, null, null, this.mCorrelationId, BrokerClient.AccountRequestType.AddAccount);
        if (z) {
            brokerRequest.setPrompt(PromptBehavior.FORCE_PROMPT);
        }
        intent.putExtra("caller.info.package", this.mContext.getPackageName());
        intent.putExtra("com.microsoft.aadbroker.adal.broker.request", new Gson().toJson(brokerRequest));
        intent.putExtra(AuthenticationConstants.Broker.BROKER_RETURN_JSON, true);
        activity.startActivityForResult(intent, i);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void onDeviceRegistrationSuccess(final Activity activity, String str, String str2, AuthenticationResult authenticationResult) {
        try {
            WorkplaceJoinApplication.cert = str;
            CertificateData pKCS12Cert = PKCS12CertGenerator.getPKCS12Cert(str, PKCS10CertGenerator.getKeyPair(), str2);
            WorkplaceJoinApplication.UPN = str2;
            WorkplaceJoinApplication.certData = pKCS12Cert;
            Logger.i(TAG + "onDeviceRegistrationSuccess", "Add account without installing certificate");
            Account addAccountOnDeviceRegistrationSuccess = addAccountOnDeviceRegistrationSuccess(activity, str2, authenticationResult);
            Logger.i(TAG + "onDeviceRegistrationSuccess", "Setup PRT for joined account attempt1. ThreadId:" + Process.myTid());
            setupPrt(activity, addAccountOnDeviceRegistrationSuccess, authenticationResult.getRefreshToken(), true);
        } catch (Exception e) {
            Logger.e(TAG + "onDeviceRegistrationSuccess", "Cert generation from DRS response is failed", WorkplaceJoinFailure.CERTIFICATE);
            WorkplaceJoinService.deleteCertAfterInstallFailure(activity.getApplicationContext(), WorkplaceJoinApplication.mDRSMetadata, this.mHandler, new Runnable() { // from class: com.microsoft.workaccount.workplacejoin.BrokerContext.10
                @Override // java.lang.Runnable
                public void run() {
                    Logger.v(BrokerContext.TAG + "onDeviceRegistrationSuccess", "onResultCertInstall: Received response from delete request");
                    BrokerContext.this.returnError(activity, ADALError.BROKER_ACCOUNT_DEVICE_REGISTRY_FAILURE, e.getMessage());
                }
            });
        }
    }

    private void processAuthenticationResultForBrokerResumeRequest(Activity activity, Intent intent) {
        Intent launchIntentForPackage = activity.getPackageManager().getLaunchIntentForPackage(this.mCallingPackage);
        if (launchIntentForPackage == null) {
            Logger.v(TAG + "processAuthenticationResultForBrokerResumeRequest", "Cannot launch intent for pakcage: " + this.mCallingPackage + " and cannot deliever result back to client.");
            return;
        }
        Logger.v(TAG + "processAuthenticationResultForBrokerResumeRequest", "Launching intent for package:" + this.mCallingPackage);
        launchIntentForPackage.setFlags(335544320);
        activity.startActivity(launchIntentForPackage);
        finish(activity);
        Logger.v(TAG + "processAuthenticationResultForBrokerResumeRequest", "Also sending result back to client app through broadcast");
        Intent intent2 = new Intent("com.microsoft.aadbroker.adal.broker.request.resume" + this.mCallingPackage);
        intent2.putExtra("com.microsoft.aad.adal:RequestId", intent.getIntExtra("com.microsoft.aad.adal:RequestId", 0));
        if (intent == null || intent.getStringExtra("com.microsoft.aad.adal:BrowserErrorCode") == null) {
            Logger.v(TAG + "processAuthenticationResultForBrokerResumeRequest", "Sending completion flag to caller app.");
            intent2.putExtra("broker.result.returned", true);
            intent2.putExtra("account.userinfo.userid", intent.getStringExtra("account.userinfo.userid"));
        } else {
            Logger.v(TAG + "processAuthenticationResultForBrokerResumeRequest", "Sending error code and errorMessage to caller.");
            intent2.putExtra("com.microsoft.aad.adal:BrowserErrorCode", intent.getStringExtra("com.microsoft.aad.adal:BrowserErrorCode"));
            intent2.putExtra("com.microsoft.aad.adal:BrowserErrorMessage", intent.getStringExtra("com.microsoft.aad.adal:BrowserErrorMessage"));
        }
        new ContextWrapper(this.mContext).sendBroadcast(intent2);
    }

    /* JADX WARN: Multi-variable type inference failed */
    private void processBrokerAddAccountPrtBrokerRequest(final Activity activity, int i, Intent intent) {
        if (isRequestFailedOrCancelled(i)) {
            processFailureFromOnActivityResult(activity, i, intent);
            return;
        }
        if (i != 2004) {
            throw new IllegalStateException("unexpected result code");
        }
        Logger.i(TAG + "onActivityResult", "Token is returned for broker refresh token");
        ((IAccountManagerActivity) activity).showSpinner(true);
        final Account account = getAccount(AccountManager.get(this.mContext), intent.getStringExtra("account.name"));
        final AuthenticationResult authenticationResult = (AuthenticationResult) new Gson().fromJson(intent.getStringExtra("account.result"), AuthenticationResult.class);
        if (authenticationResult != null) {
            try {
                saveBrokerRT(getAccountManagerStorageHelper(), authenticationResult.getRefreshToken(), account);
            } catch (UnsupportedEncodingException | NoSuchAlgorithmException e) {
                Logger.e(TAG, "Fail to store RT for broker", WorkplaceJoinFailure.INTERNAL, e);
            }
            Logger.i(TAG + "onActivityResult", "Setting up PRT to get token for calling app");
            sThreadExecutor.execute(new Runnable() { // from class: com.microsoft.workaccount.workplacejoin.BrokerContext.6
                @Override // java.lang.Runnable
                public void run() {
                    KeyHandler keyHandler = new KeyHandler(BrokerContext.this.mContext);
                    try {
                        PRTResult pRTWithRefreshToken = new BrokerClient(BrokerContext.this.mContext, BrokerContext.this.mAuthRequest, BrokerContext.this.mCallingPackage).getPRTWithRefreshToken(keyHandler, authenticationResult.getRefreshToken());
                        if (pRTWithRefreshToken == null || TextUtils.isEmpty(pRTWithRefreshToken.getPrimaryRefreshToken())) {
                            BrokerContext.this.handlePRTFailure(activity, ADALError.BROKER_PRT_FAILED, "PRT is not received", false, account);
                        } else {
                            keyHandler.savePRT(pRTWithRefreshToken);
                            BrokerContext.this.acquireTokenWithPRT(BrokerContext.this.getAccountManagerStorageHelper(), account, BrokerContext.this.getAccountManagerCache(account), account.name, activity);
                        }
                    } catch (IOException | JSONException e2) {
                        Logger.e(BrokerContext.TAG + "processBrokerAddAccountPrtBrokerRequest", "Fail to get token with PRT.", WorkplaceJoinFailure.INTERNAL, e2);
                        BrokerContext.this.returnError(activity, ADALError.AUTH_FAILED_NO_TOKEN, e2.getMessage());
                    }
                }
            });
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    private void processBrokerAddAccountRequest(Activity activity, int i, Intent intent) {
        IAccountManagerActivity iAccountManagerActivity = (IAccountManagerActivity) activity;
        switch (i) {
            case 0:
            case 2001:
            case 2002:
                processFailureFromOnActivityResult(activity, i, intent);
                return;
            case 2004:
                iAccountManagerActivity.showSpinner(false);
                processTokenBrokerResponseForAddAccountRequest(activity, i, intent);
                return;
            case 2006:
                iAccountManagerActivity.showSpinner(true);
                processDeviceRegisterForAddAccountRequest(activity, i, intent);
                return;
            default:
                throw new IllegalStateException("Unexpected result code");
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    private void processBrokerAddAccountResolveInterrupt(Activity activity, int i, Intent intent) {
        if (isRequestFailedOrCancelled(i)) {
            processFailureFromOnActivityResult(activity, i, intent);
        } else {
            if (i != 2004) {
                throw new IllegalStateException("Unexpected result code");
            }
            Logger.i(TAG + "processBrokerAddAccountResolveInterrupt", "Token is returned for add account request");
            ((IAccountManagerActivity) activity).showSpinner(true);
            processInterrupt(activity, intent);
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    private void processBrokerAddAccountSSOBrokerRequest(Activity activity, int i, Intent intent) {
        if (isRequestFailedOrCancelled(i)) {
            processFailureFromOnActivityResult(activity, i, intent);
        } else {
            if (i != 2004) {
                throw new IllegalStateException("Unexpected result code");
            }
            Logger.i(TAG + "processBrokerAddAccountSSOBrokerRequest", "Token is returned for wpj");
            ((IAccountManagerActivity) activity).showSpinner(true);
            registerDevice(activity, intent);
        }
    }

    private void processDeviceRegisterForAddAccountRequest(final Activity activity, int i, Intent intent) {
        Logger.i(TAG + "processDeviceRegisterForAddAccountRequest", "Device needs to be registered, start device register.");
        final String stringExtra = intent.getStringExtra("account.name");
        sThreadExecutor.execute(new Runnable() { // from class: com.microsoft.workaccount.workplacejoin.BrokerContext.5
            @Override // java.lang.Runnable
            public void run() {
                WorkplaceJoin.getInstance().getWorkplaceJoinedUPN(BrokerContext.this.mContext, new WorkplaceJoin.OnUPNCallback() { // from class: com.microsoft.workaccount.workplacejoin.BrokerContext.5.1
                    @Override // com.microsoft.workaccount.workplacejoin.WorkplaceJoin.OnUPNCallback
                    public void onError(String str, WorkplaceJoinFailure workplaceJoinFailure, Exception exc) {
                        Logger.v(BrokerContext.TAG + "processDeviceRegisterForAddAccountRequest", "Failed to retrieve UPN.");
                        BrokerContext.this.showToastInUiThread(activity, str);
                        BrokerContext.this.returnError(activity, ADALError.BROKER_ACCOUNT_DEVICE_REGISTRY_FAILURE, str);
                    }

                    @Override // com.microsoft.workaccount.workplacejoin.WorkplaceJoin.OnUPNCallback
                    public void onSuccess(String str) {
                        if (TextUtils.isEmpty(str)) {
                            if (StringHelper.IsNullOrBlank(stringExtra)) {
                                Logger.e(BrokerContext.TAG + "processDeviceRegisterForAddAccountRequest", "There is no workplace joined account existed, but the account to be joined is empty or blank, cannot proceed with workplace join.", WorkplaceJoinFailure.INTERNAL);
                                BrokerContext.this.returnError(activity, ADALError.BROKER_ACCOUNT_DEVICE_REGISTRY_FAILURE, "The account to be joined is empty or blank, cannot proceed with workplace join.");
                                return;
                            } else {
                                Logger.v(BrokerContext.TAG + "processDeviceRegisterForAddAccountRequest", "No joined account exists, joining account" + stringExtra);
                                this.joinAccount(activity, stringExtra);
                                return;
                            }
                        }
                        if (str.trim().equalsIgnoreCase(stringExtra.trim())) {
                            Logger.v(BrokerContext.TAG + "processDeviceRegisterForAddAccountRequest", "Re-joining account.");
                            this.rejoinAccount(activity, stringExtra);
                        } else {
                            Logger.v(BrokerContext.TAG + "processDeviceRegisterForAddAccountRequest", "Already joined.");
                            String string = activity.getResources().getString(R.string.already_joined_workplace);
                            BrokerContext.this.showToastInUiThread(activity, string);
                            BrokerContext.this.returnError(activity, ADALError.BROKER_ACCOUNT_DEVICE_REGISTRY_FAILURE, string);
                        }
                    }
                });
            }
        });
    }

    private void processFailureFromOnActivityResult(Activity activity, int i, Intent intent) {
        Logger.i(TAG, "Request is cancelled or error received, result code is: " + i);
        if (i == 0) {
            i = 2001;
        }
        returnToCaller(activity, i, intent);
    }

    private void processInterrupt(final Activity activity, Intent intent) {
        Logger.v(TAG + "processInterrupt", "process interrupt request.");
        AuthenticationResult authenticationResult = (AuthenticationResult) new Gson().fromJson(intent.getStringExtra("account.result"), AuthenticationResult.class);
        String refreshToken = authenticationResult.getRefreshToken();
        if (TextUtils.isEmpty(refreshToken)) {
            returnError(activity, ADALError.AUTH_FAILED, "Failed to resolve interruption.");
            return;
        }
        final BrokerRequest brokerRequest = (BrokerRequest) intent.getSerializableExtra("com.microsoft.aad.adal:BrowserRequestInfo");
        Account account = getAccount(AccountManager.get(this.mContext), (authenticationResult.getUserInfo() == null || TextUtils.isEmpty(authenticationResult.getUserInfo().getDisplayableId())) ? brokerRequest.getBrokerAccountName() : authenticationResult.getUserInfo().getDisplayableId());
        try {
            saveBrokerRT(getAccountManagerStorageHelper(), refreshToken, account);
        } catch (UnsupportedEncodingException | NoSuchAlgorithmException e) {
            Logger.e(TAG, "Fail to store RT for broker", WorkplaceJoinFailure.INTERNAL, e);
        }
        new PrtInteractionTask(this.mContext, brokerRequest, account, this.mCallingAppUid, this.mCallingPackage, new OnPrtRequestListener() { // from class: com.microsoft.workaccount.workplacejoin.BrokerContext.13
            @Override // com.microsoft.workaccount.workplacejoin.BrokerContext.OnPrtRequestListener
            public void onResult(PrtTaskResult prtTaskResult) {
                if (prtTaskResult.exception == null) {
                    BrokerContext.this.returnAuthenticationResult(activity, prtTaskResult.result, brokerRequest.getBrokerAccountName());
                } else {
                    Logger.e(BrokerContext.TAG + "processInterrupt", prtTaskResult.exception.getMessage(), WorkplaceJoinFailure.ADAL, prtTaskResult.exception);
                    BrokerContext.this.returnError(activity, ADALError.BROKER_ACCOUNT_FAILED_RESOLVED_INTERRUPT, prtTaskResult.exception.getMessage());
                }
            }
        }).execute(refreshToken);
    }

    private void processTokenBrokerResponseForAddAccountRequest(Activity activity, int i, Intent intent) {
        Logger.i(TAG, "Token is returned for add account request");
        WorkplaceJoinApplication.WAITING_RESULT = intent;
        if (activity.getIntent() != null) {
            int intExtra = activity.getIntent().getIntExtra("com.microsoft.aad.adal:RequestId", 0);
            if (this.mAuthRequest == null) {
                setRequest(activity);
            }
            intent.putExtra("com.microsoft.aad.adal:RequestId", intExtra);
        }
        returnResult(activity, i, intent);
    }

    private void registerDevice(final Activity activity, Intent intent) {
        final AuthenticationResult authenticationResult = (AuthenticationResult) new Gson().fromJson(intent.getStringExtra("account.result"), AuthenticationResult.class);
        final Context applicationContext = activity.getApplicationContext();
        if (authenticationResult == null) {
            Logger.e(TAG + "registerDevice", "Authentication result is empty.", WorkplaceJoinFailure.ADAL);
            returnError(activity, ADALError.BROKER_ACCOUNT_DEVICE_REGISTRY_FAILURE, "Authentication result for DRS is empty");
        } else if (authenticationResult.getUserInfo() != null) {
            PKCS10CertGenerator.getPKCS10CertFromAccessToken(authenticationResult.getAccessToken(), new PKCS10CertGenerator.OnPKCS10CertificateGeneration() { // from class: com.microsoft.workaccount.workplacejoin.BrokerContext.8
                @Override // com.microsoft.workaccount.workplacejoin.core.PKCS10CertGenerator.OnPKCS10CertificateGeneration
                public void onCertGenerated(String str) {
                    if (str != null && !str.isEmpty()) {
                        WorkplaceJoinService.RequestDeviceRegistrationEnrollment(applicationContext, authenticationResult.getAccessToken(), str, BrokerContext.this.getCorrelationId(), new WorkplaceJoinService.OnDVRDRegistrationListener() { // from class: com.microsoft.workaccount.workplacejoin.BrokerContext.8.1
                            @Override // com.microsoft.workaccount.workplacejoin.core.WorkplaceJoinService.OnDVRDRegistrationListener
                            public void onDVRDRegistration(int i, String str2, String str3, String str4, Exception exc) {
                                if (i == DeviceEnrollment.STATUS_SUCCESS) {
                                    BrokerContext.this.onDeviceRegistrationSuccess(activity, str2, str4, authenticationResult);
                                } else if (i == DeviceEnrollment.STATUS_ERROR) {
                                    Logger.e(BrokerContext.TAG + "registerDevice", "DRS request is failed:" + str2, WorkplaceJoinFailure.CERTIFICATE);
                                    BrokerContext.this.returnError(activity, ADALError.BROKER_ACCOUNT_DEVICE_REGISTRY_FAILURE, "DRS request is failed:" + str2);
                                }
                            }
                        });
                    } else {
                        Logger.e(BrokerContext.TAG + "registerDevice", "PKCS10 certificate generation failed", WorkplaceJoinFailure.CERTIFICATE);
                        BrokerContext.this.returnError(activity, ADALError.BROKER_ACCOUNT_DEVICE_REGISTRY_FAILURE, "PKCS10 certificate generation failed");
                    }
                }
            });
        } else {
            Logger.e(TAG + "registerDevice", "User info is empty.", WorkplaceJoinFailure.ADAL);
            returnError(activity, ADALError.BROKER_ACCOUNT_DEVICE_REGISTRY_FAILURE, "Authentication result returns empty username");
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void rejoinAccount(final Activity activity, final String str) {
        Logger.v(TAG + "rejoinAccount", "Device is joined. Starting leaving...");
        WorkplaceJoin.getInstance().leave(this.mContext, str, new WorkplaceJoin.OnLeave() { // from class: com.microsoft.workaccount.workplacejoin.BrokerContext.7
            @Override // com.microsoft.workaccount.workplacejoin.WorkplaceJoin.OnLeave
            public void onError(Boolean bool, Boolean bool2, String str2, WorkplaceJoinFailure workplaceJoinFailure, Exception exc) {
                Logger.v(BrokerContext.TAG + "rejoinAccount", "Failed to leave.");
                String string = activity.getResources().getString(R.string.already_joined_workplace);
                BrokerContext.this.showToastInUiThread(activity, string);
                BrokerContext.this.returnError(activity, ADALError.BROKER_ACCOUNT_DEVICE_REGISTRY_FAILURE, string);
            }

            @Override // com.microsoft.workaccount.workplacejoin.WorkplaceJoin.OnLeave
            public void onSuccess() {
                Logger.v(BrokerContext.TAG + "rejoinAccount", "Device leave was successful.");
                this.joinAccount(activity, str);
            }
        });
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void resolveInterrupt(Activity activity, String str, String str2) {
        Intent intent = new Intent(this.mContext, (Class<?>) AccountActivity.class);
        BrokerRequest create = BrokerRequest.create(this.mAuthRequest, this.mAuthRequest.getRequestType());
        create.setPrompt(PromptBehavior.Auto);
        if (create == null || activity.getIntent() == null) {
            Logger.v(TAG + "resolveInterrupt", "Creating broker request.");
            create = new BrokerRequest(getAuthority(), BROKER_RESOURCE_GRAPH, "29d9ed98-a469-4536-ade2-f981bc1d605e", "urn:ietf:wg:oauth:2.0:oob", null, null, null, null, BrokerClient.AccountRequestType.AddAccount);
        } else {
            Logger.v(TAG + "resolveInterrupt", "Broker request is specified.");
            intent.putExtra("caller.info.package", activity.getCallingPackage());
        }
        create.setBrokerAccountName(str2);
        intent.putExtra("com.microsoft.aadbroker.adal.broker.request", new Gson().toJson(create));
        intent.putExtra(AuthenticationConstants.Broker.ACCOUNT_RESOLVE_INTERRUPT, str);
        Logger.v(TAG + "resolveInterrupt", "Launch AccountActivity to resolve the interrupt");
        activity.startActivityForResult(intent, BROKER_ADD_ACCOUNT_RESOLVE_INTERRUPT);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void returnAuthenticationResult(Activity activity, AuthenticationResult authenticationResult, String str) {
        Intent intent = new Intent();
        if (authenticationResult == null || authenticationResult.getStatus() != AuthenticationResult.AuthenticationStatus.Succeeded) {
            Logger.e(TAG + "returnAuthenticationResult", authenticationResult.getErrorLogInfo(), WorkplaceJoinFailure.ADAL);
            returnError(activity, ADALError.AUTHORIZATION_CODE_NOT_EXCHANGED_FOR_TOKEN, authenticationResult.getErrorLogInfo());
            return;
        }
        if (this.mWaitingRequestId == 0 && activity.getIntent() != null) {
            this.mWaitingRequestId = activity.getIntent().getIntExtra("com.microsoft.aad.adal:RequestId", 0);
        }
        intent.putExtra("com.microsoft.aad.adal:RequestId", this.mWaitingRequestId);
        intent.putExtra("account.name", str);
        intent.putExtra("account.result", new Gson().toJson(authenticationResult));
        Logger.v(TAG + "returnAuthenticationResult", "Return token broker response");
        returnResult(activity, 2004, intent);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void returnError(Activity activity, ADALError aDALError, String str) {
        Log.w(TAG + "returnError", "Return Error:" + str + DatabaseAppPolicy.ARRAY_SEPARATOR + aDALError.name());
        Intent intent = new Intent();
        intent.putExtra("com.microsoft.aad.adal:BrowserErrorCode", aDALError.name());
        intent.putExtra("com.microsoft.aad.adal:BrowserErrorMessage", str);
        if (this.mAuthRequest != null) {
            intent.putExtra("com.microsoft.aad.adal:RequestId", this.mWaitingRequestId);
        }
        if (isRequestFromBrokerResumeRequest(activity)) {
            Logger.v(TAG + "returnError", "Returning error the broker resume request.");
            processAuthenticationResultForBrokerResumeRequest(activity, intent);
        } else {
            activity.setResult(2002, intent);
            finish(activity);
        }
    }

    private void returnResult(Activity activity, int i, Intent intent) {
        AuthenticationResult authenticationResult = (AuthenticationResult) new Gson().fromJson(intent.getStringExtra("account.result"), AuthenticationResult.class);
        if (authenticationResult == null) {
            Logger.i(TAG, "Null result is returned, sending back empty result.");
            sendBackTokenBrokerResponse(activity, i, intent);
            return;
        }
        saveAuthResultIntoCache(authenticationResult);
        intent.putExtra("account.access.token", authenticationResult.getAccessToken());
        intent.putExtra("account.idtoken", authenticationResult.getIdToken());
        intent.putExtra("account.userinfo.tenantid", authenticationResult.getTenantId());
        if (authenticationResult.getExpiresOn() != null) {
            Logger.v(TAG + "returnResult", "Expire date is provided");
            intent.putExtra("account.expiredate", authenticationResult.getExpiresOn().getTime());
        } else {
            Logger.v(TAG + "returnResult", "Expire date is not provided, set it to be current date plus one hour");
            GregorianCalendar gregorianCalendar = new GregorianCalendar(TimeZone.getTimeZone("UTC"));
            gregorianCalendar.add(13, 3600);
            intent.putExtra("account.expiredate", gregorianCalendar.getTimeInMillis());
        }
        if (authenticationResult.getUserInfo() != null) {
            Logger.v(TAG + "returnResult", "IdToken exists, extracting userinfo from idtoken. ");
            UserInfo userInfo = authenticationResult.getUserInfo();
            intent.putExtra("account.name", userInfo.getDisplayableId());
            intent.putExtra("account.userinfo.userid", userInfo.getUserId());
            intent.putExtra("account.userinfo.given.name", userInfo.getGivenName());
            intent.putExtra("account.userinfo.family.name", userInfo.getFamilyName());
            intent.putExtra("account.userinfo.identity.provider", userInfo.getIdentityProvider());
            intent.putExtra("account.userinfo.userid.displayable", userInfo.getDisplayableId());
        } else {
            Logger.v(TAG + "returnResult", "IdToken does not exist, cannot extract userinfo from idtoken. ");
        }
        sendBackTokenBrokerResponse(activity, i, intent);
    }

    /* JADX WARN: Multi-variable type inference failed */
    private void returnToCaller(Activity activity, int i, Intent intent) {
        Logger.v(TAG + "returnToCaller", "Return To Caller:" + i);
        ((IAccountManagerActivity) activity).showSpinner(false);
        Intent intent2 = new Intent();
        if (this.mAuthRequest != null) {
            Logger.v(TAG + "returnToCaller", "Return to caller with REQUEST_ID:" + this.mAuthRequest.getRequestId());
            intent2.putExtra("com.microsoft.aad.adal:RequestId", this.mAuthRequest.getRequestId());
        } else {
            Logger.v(TAG + "returnToCaller", "Request object is null");
        }
        if (intent.getStringExtra("com.microsoft.aad.adal:BrowserErrorCode") != null) {
            intent2.putExtra("com.microsoft.aad.adal:BrowserErrorCode", intent.getStringExtra("com.microsoft.aad.adal:BrowserErrorCode"));
        }
        if (intent.getStringExtra("com.microsoft.aad.adal:BrowserErrorMessage") != null) {
            intent2.putExtra("com.microsoft.aad.adal:BrowserErrorMessage", intent.getStringExtra("com.microsoft.aad.adal:BrowserErrorMessage"));
        }
        activity.setResult(i, intent2);
        finish(activity);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void saveAuthResultIntoCache(AuthenticationResult authenticationResult) {
        try {
            new BrokerClient(this.mContext, this.mAuthRequest, this.mCallingPackage).saveTokenIntoCache(createAccountManagerCacheFromReturnedResult(authenticationResult), authenticationResult);
        } catch (BrokerClientException e) {
            Logger.e(TAG, "No user info returned from token response, unable to create account in account manager", WorkplaceJoinFailure.ADAL);
        }
    }

    private void saveBrokerRT(AccountManagerStorageHelper accountManagerStorageHelper, String str, Account account) throws NoSuchAlgorithmException, UnsupportedEncodingException {
        if (account == null) {
            Logger.e(TAG + "saveBrokerRT", "Account is null", WorkplaceJoinFailure.INTERNAL, null);
            return;
        }
        String createHash = StringExtensions.createHash(AuthenticationConstants.Broker.USERDATA_BROKER_RT + account.name);
        if (TextUtils.isEmpty(str)) {
            return;
        }
        accountManagerStorageHelper.setAccountData(account, createHash, str);
    }

    private void sendBackTokenBrokerResponse(Activity activity, int i, Intent intent) {
        if (isRequestFromBrokerResumeRequest(activity)) {
            Logger.v(TAG + "sendBackTokenBrokerResponse", "Returning the result for broker resume request.");
            processAuthenticationResultForBrokerResumeRequest(activity, intent);
        } else {
            Logger.v(TAG + "sendBackTokenBrokerResponse", "Returning AuthenticationResult back to calling activity.");
            setAccountAuthenticatorResult(intent.getExtras());
            activity.setResult(i, intent);
            finish(activity);
        }
    }

    private void sendTokenForAccount(Activity activity, String str) {
        AccountManagerStorageHelper accountManagerStorageHelper = getAccountManagerStorageHelper();
        Account account = getAccount(accountManagerStorageHelper.getAccountManager(), str);
        if (account == null) {
            returnError(activity, ADALError.AUTH_FAILED_BAD_STATE, "No account exists, cannot process with token acquisition. ");
            return;
        }
        this.mAccountManagerCache = getAccountManagerCache(account);
        boolean z = !StringHelper.IsNullOrBlank(accountManagerStorageHelper.getDeviceIdForExistingAccount(account));
        if (PromptBehavior.FORCE_PROMPT == this.mAuthRequest.getPrompt()) {
            Logger.v(TAG + "sendTokenForAccount", "Force prompt is set on the request, will skip account manager cache lookup as well as token acquisition with PRT.");
            acquireTokenForForcePrompt(activity, z, str);
        } else if (z) {
            acquireTokenWithPRT(accountManagerStorageHelper, account, this.mAccountManagerCache, str, activity);
        } else {
            acquireTokenForNonJoinedAccount(activity, account);
        }
    }

    private final void setAccountAuthenticatorResult(Bundle bundle) {
        this.mAuthenticatorResultBundle = bundle;
    }

    private void setExtraQueryParameter() throws UnsupportedEncodingException {
        String filterQueryString = filterQueryString(this.mAuthRequest.getExtraQueryParamsAuthentication());
        this.mAuthRequest.setExtraQueryParamsAuthentication(TextUtils.isEmpty(filterQueryString) ? "nux=1" : filterQueryString + "&nux=1");
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void setupPRTandAcquireToken(final Activity activity, final Account account, final AccountManagerStorageHelper accountManagerStorageHelper, AccountManagerCache accountManagerCache, final String str) {
        new AcquireTokenWithPrtTask(this.mContext, this.mAuthRequest, account, this.mCallingPackage, new OnPrtRequestListener() { // from class: com.microsoft.workaccount.workplacejoin.BrokerContext.12
            @Override // com.microsoft.workaccount.workplacejoin.BrokerContext.OnPrtRequestListener
            public void onResult(PrtTaskResult prtTaskResult) {
                if (prtTaskResult.exception != null) {
                    accountManagerStorageHelper.restoreWPJAccount();
                    if (prtTaskResult.result == null || prtTaskResult.result.getError() == null || !prtTaskResult.result.getError().isInvalidGrant() || TextUtils.isEmpty(accountManagerStorageHelper.getWpjDeviceId())) {
                        Logger.v(BrokerContext.TAG + "setupPRTandAcquireToken", "Acquire PRT failed for unhandled reason.");
                        BrokerContext.this.returnError(activity, ADALError.AUTH_FAILED_NO_TOKEN, prtTaskResult.exception.getMessage());
                        return;
                    } else {
                        Logger.v(BrokerContext.TAG + "setupPRTandAcquireToken", "Acquire PRT failed with 'invalid grant' error and the Device is Joined. Device state needs to be queried.");
                        BrokerContext.this.handlePRTFailure(activity, ADALError.AUTH_FAILED_NO_TOKEN, prtTaskResult.exception.getMessage(), false, account);
                        return;
                    }
                }
                BrokerTokenResult brokerTokenResult = prtTaskResult.result;
                KeyHandler keyHandler = new KeyHandler(BrokerContext.this.mContext);
                if (!TextUtils.isEmpty(brokerTokenResult.getAccessToken())) {
                    Logger.v(BrokerContext.TAG + "setupPRTandAcquireToken", "Authenticator returning token");
                    BrokerContext.this.saveAuthResultIntoCache(brokerTokenResult);
                    accountManagerStorageHelper.setAccountData(account, AccountActivity.ACCOUNT_INTERACTION_HEADER_REQUIRED, "");
                    BrokerContext.this.returnAuthenticationResult(activity, brokerTokenResult, str);
                    return;
                }
                if (brokerTokenResult.getError() != null && brokerTokenResult.getError().isInteractionRequired()) {
                    try {
                        Logger.v(BrokerContext.TAG + "setupPRTandAcquireToken", "Broker saving refreshtokencredential to be used in interrupt");
                        String resolveInterruptRefreshCredential = new BrokerClient(BrokerContext.this.mContext, BrokerContext.this.mAuthRequest, BrokerContext.this.mCallingPackage).getResolveInterruptRefreshCredential(account, keyHandler);
                        accountManagerStorageHelper.setAccountData(account, AccountActivity.ACCOUNT_INTERACTION_HEADER_REQUIRED, resolveInterruptRefreshCredential);
                        BrokerContext.this.resolveInterrupt(activity, resolveInterruptRefreshCredential, str);
                        return;
                    } catch (Exception e) {
                        Logger.e(BrokerContext.TAG + "setupPRTandAcquireToken", e.getMessage(), WorkplaceJoinFailure.INTERNAL, e);
                        BrokerContext.this.returnError(activity, ADALError.AUTH_FAILED_NO_TOKEN, prtTaskResult.exception.getMessage());
                        return;
                    }
                }
                PRTResult prt = keyHandler.getPRT(account);
                if (prt == null || TextUtils.isEmpty(prt.getPrimaryRefreshToken()) || (brokerTokenResult.getError() != null && brokerTokenResult.getError().isInvalidGrant())) {
                    BrokerContext.this.forceBrokerRTAcquisition(activity, keyHandler, accountManagerStorageHelper, account);
                } else {
                    Logger.v(BrokerContext.TAG + "setupPRTandAcquireToken", "Token request with PRT failed");
                    BrokerContext.this.returnError(activity, ADALError.AUTH_FAILED_NO_TOKEN, brokerTokenResult.getErrorDescription());
                }
            }
        }).execute(new String[0]);
    }

    private void setupPrt(final Activity activity, final Account account, String str, final boolean z) {
        Logger.i(TAG + "setupPrt", "Setup PRT for joined account: ThreadId:" + Process.myTid());
        final StopWatch stopWatch = new StopWatch();
        stopWatch.start();
        new PrtSetupTask(activity, account, str, this.mCallingPackage, sPRTSetupTotalTimeInMiliSeconds, stopWatch, new PrtSetupTask.OnPrtSetupListener() { // from class: com.microsoft.workaccount.workplacejoin.BrokerContext.11
            @Override // com.microsoft.workaccount.workplacejoin.PrtSetupTask.OnPrtSetupListener
            public void onResult(boolean z2) {
                if (z2) {
                    Logger.v(BrokerContext.TAG + "setupPrt", "PrtSetupTask:onResult send Token for Account:" + account.name);
                    BrokerContext.this.acquireTokenWithPRT(BrokerContext.this.getAccountManagerStorageHelper(), account, BrokerContext.this.getAccountManagerCache(account), account.name, activity);
                } else {
                    Logger.v(BrokerContext.TAG + "setupPrt", "PRT is not received within " + stopWatch.getElapsedTimeSeconds() + " seconds");
                    BrokerContext.this.handlePRTFailure(activity, ADALError.BROKER_PRT_FAILED, "PRT is not received", z, account);
                }
                stopWatch.reset();
            }
        }).execute(new String[0]);
    }

    public static boolean shouldBlockMSAAccount(Account account, String str, AccountManagerStorageHelper accountManagerStorageHelper) {
        return str != null && str.contains("msafed=0") && "live.com".equalsIgnoreCase(accountManagerStorageHelper.getAccountIdp(account));
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void showToastInUiThread(final Activity activity, final String str) {
        if (activity == null || TextUtils.isEmpty(str)) {
            return;
        }
        activity.runOnUiThread(new Runnable() { // from class: com.microsoft.workaccount.workplacejoin.BrokerContext.16
            @Override // java.lang.Runnable
            public void run() {
                Toast.makeText(activity, str, 1).show();
            }
        });
    }

    static String urlDecode(String str) throws UnsupportedEncodingException {
        return TextUtils.isEmpty(str) ? "" : URLDecoder.decode(str, "UTF_8");
    }

    public void addAccount(Activity activity) {
        Logger.v(TAG + "addAccount", "Package:" + activity.getCallingPackage());
        if (setRequest(activity)) {
            launchAccount(activity, true, BROKER_ADD_ACCOUNT_REQUEST);
        }
    }

    public void cancelParallelRequests(Activity activity) {
        Logger.v(TAG, "Received parallel UI requests, cancelling request :" + this.mAuthRequest.getRequestId());
        Intent intent = new Intent();
        intent.putExtra("com.microsoft.aad.adal:BrowserErrorCode", ADALError.PARALLEL_UI_REQUESTS.name());
        intent.putExtra("com.microsoft.aad.adal:BrowserErrorMessage", "Received multiple parallel UI requests, cancelling the request.");
        returnToCaller(activity, 2001, intent);
    }

    public void cancelRequest(Activity activity) {
        Logger.v(TAG, "Cancel the request as user clicked on the back button. ");
        setRequest(activity);
        returnToCaller(activity, 2001, new Intent());
    }

    /* JADX WARN: Multi-variable type inference failed */
    public void chooseAccount(Activity activity, String str) {
        Intent intent = new Intent();
        IAccountManagerActivity iAccountManagerActivity = (IAccountManagerActivity) activity;
        if (activity.getIntent() == null) {
            Logger.e(TAG + "chooseAccount", "Intent is null", WorkplaceJoinFailure.INTERNAL);
            return;
        }
        intent.putExtras(activity.getIntent().getExtras());
        setRequest(activity);
        if (TextUtils.isEmpty(str)) {
            Logger.e(TAG + "chooseAccount", "Account name is expected.", WorkplaceJoinFailure.INTERNAL);
            throw new IllegalArgumentException("Account name is expected");
        }
        Logger.i(TAG + "chooseAccount", "User selected an account " + str);
        intent.putExtra("account.name", str);
        this.mAuthRequest.setBrokerAccountName(str);
        this.mAuthRequest.setUserName(str);
        iAccountManagerActivity.showSpinner(true);
        sendTokenForAccount(activity, str);
    }

    public AccountInfo[] getAccounts() throws Exception {
        Logger.v(TAG + "getAccounts", "Get a list of accounts with userinfo.");
        if (Looper.myLooper() == Looper.getMainLooper()) {
            Logger.e(TAG + "getAccounts", "Calling getAccounts from main thread.", WorkplaceJoinFailure.INTERNAL);
            throw new IllegalArgumentException("Calling getAccounts on main thread");
        }
        Account[] accountsByType = AccountManager.get(this.mContext).getAccountsByType("com.microsoft.workaccount");
        if (accountsByType == null || accountsByType.length == 0) {
            Logger.v(TAG + "getAccounts", "No account matching broker account type exists.");
            return null;
        }
        String currentActiveAuthencationVersion = getCurrentActiveAuthencationVersion(accountsByType[0]);
        if (currentActiveAuthencationVersion == null) {
            Logger.e(TAG + "getAccounts", "Retrieved current active authenticator version is null", WorkplaceJoinFailure.INTERNAL);
            return null;
        }
        if (!currentActiveAuthencationVersion.equalsIgnoreCase(WorkplaceJoinApplication.PROTOCOL_VERSION_CODE + "")) {
            Logger.v(TAG + "getAccounts", "The current active authenticator is on a older version without PRT supported, and there should be only one account existed.");
            if (accountsByType.length != 1) {
                throw new Exception("There should be only one broker account existed.");
            }
            AccountInfo[] accountInfoArr = {new AccountInfo()};
            accountInfoArr[0].mAccount = accountsByType[0].name;
            accountInfoArr[0].mUserInfo = getUserInfoFromBundleResult(getUserInfoBundleForAccount(accountsByType[0]));
            accountInfoArr[0].mIsWPJ = true;
            return accountInfoArr;
        }
        Logger.v(TAG + "getAccounts", "The current active authenticator is on the new version with PRT supported.");
        AccountInfo[] accountInfoArr2 = new AccountInfo[accountsByType.length];
        for (int i = 0; i < accountsByType.length; i++) {
            accountInfoArr2[i] = new AccountInfo();
            Bundle userInfoBundleForAccount = getUserInfoBundleForAccount(accountsByType[i]);
            accountInfoArr2[i].mAccount = accountsByType[i].name;
            accountInfoArr2[i].mIsWPJ = userInfoBundleForAccount.getBoolean(WorkplaceJoinApplication.DATA_IS_JOINED);
            accountInfoArr2[i].mUserInfo = getUserInfoFromBundleResult(userInfoBundleForAccount);
        }
        return accountInfoArr2;
    }

    public String getAuthenticatorPackage() {
        AuthenticatorDescription[] authenticatorTypes = AccountManager.get(this.mContext).getAuthenticatorTypes();
        if (authenticatorTypes != null) {
            for (AuthenticatorDescription authenticatorDescription : authenticatorTypes) {
                if (authenticatorDescription.type.equals("com.microsoft.workaccount")) {
                    Logger.v(TAG + "getAuthenticatorPackage", "Check signature for " + authenticatorDescription.packageName + " signature:" + new PackageHelper(this.mContext).getCurrentSignatureForPackage(authenticatorDescription.packageName) + " brokerSignature:" + AuthenticationSettings.INSTANCE.getBrokerSignature());
                    return authenticatorDescription.packageName;
                }
            }
            Logger.v(TAG + "getAuthenticatorPackage", "No authenticator found with type com.microsoft.workaccount.");
        } else {
            Logger.v(TAG + "getAuthenticatorPackage", "Authenticator list is null");
        }
        return "";
    }

    public DiscoveryEndpoint getDiscoveryEndpoint() {
        return this.mDiscoveryEndpoint;
    }

    public void handleRequest(Activity activity) {
        if (hasAccount(getAccountList(), this.mAuthRequest.getBrokerAccountName())) {
            Logger.v(TAG + "handleRequest", "Account exists, launching account manager activity.");
            chooseAccount(activity, this.mAuthRequest.getBrokerAccountName());
        } else {
            Logger.v(TAG + "handleRequest", "Account does not exist, adding account.");
            addAccount(activity);
        }
    }

    public boolean hasAnyAccount() {
        Account[] accountsByType = AccountManager.get(this.mContext).getAccountsByType("com.microsoft.workaccount");
        return accountsByType != null && accountsByType.length > 0;
    }

    public boolean isUserInteractionRequired(Activity activity) {
        Account[] accountList = getAccountList();
        if (accountList == null || accountList.length <= 0) {
            return false;
        }
        return TextUtils.isEmpty(this.mAuthRequest.getBrokerAccountName());
    }

    public void join(Activity activity, String str, DiscoveryEndpoint discoveryEndpoint, WorkplaceJoin.OnJoin onJoin) {
        if (WorkplaceJoin.getInstance().isWorkplaceJoined(activity)) {
            Logger.v(TAG + "join", "Device is already joined.");
            onJoin.onError(new WorkplaceJoinException(activity.getResources().getString(R.string.already_joined_workplace)));
        } else {
            Logger.v(TAG + "join", "Joining device...");
            WorkplaceJoin.getInstance().join(activity, str, discoveryEndpoint, true, onJoin);
        }
    }

    public void leave(Activity activity, final String str, final OnAccountCallback<String> onAccountCallback) {
        Logger.v(TAG + "leave", "Start");
        AccountManager accountManager = AccountManager.get(this.mContext);
        Account account = getAccount(accountManager, str);
        Bundle bundle = new Bundle();
        bundle.putBoolean(WorkplaceJoinApplication.DATA_DELETE, true);
        accountManager.updateCredentials(account, "", bundle, null, new AccountManagerCallback<Bundle>() { // from class: com.microsoft.workaccount.workplacejoin.BrokerContext.4
            @Override // android.accounts.AccountManagerCallback
            public void run(AccountManagerFuture<Bundle> accountManagerFuture) {
                Logger.v(BrokerContext.TAG + "leave", "Perform WPJ leave for account: " + str);
                try {
                    Bundle result = accountManagerFuture.getResult();
                    Logger.v(BrokerContext.TAG + "leave", "WPJ account:" + result.getString("authAccount"));
                    onAccountCallback.onSuccess(result.getString("authAccount"));
                } catch (AuthenticatorException e) {
                    Logger.e(BrokerContext.TAG + "leave", "Authenticator exception", WorkplaceJoinFailure.INTERNAL, e);
                    onAccountCallback.onException(e);
                } catch (OperationCanceledException e2) {
                    Logger.e(BrokerContext.TAG + "leave", "Operation Canceled", WorkplaceJoinFailure.INTERNAL, e2);
                    onAccountCallback.onException(e2);
                } catch (IOException e3) {
                    Logger.e(BrokerContext.TAG + "leave", "IO exception", WorkplaceJoinFailure.INTERNAL, e3);
                    onAccountCallback.onException(e3);
                }
            }
        }, null);
        Logger.v(TAG + "leave", "End");
    }

    protected void obtainTokenForDRS(Activity activity, String str, DRSMetadata dRSMetadata, int i) {
        Intent intent = new Intent(this.mContext, (Class<?>) AccountActivity.class);
        BrokerRequest brokerRequest = new BrokerRequest(dRSMetadata.getAuthCodeUrl().replace(Oauth2.DEFAULT_AUTHORIZE_ENDPOINT, ""), dRSMetadata.getRegistrationResourceId(), "29d9ed98-a469-4536-ade2-f981bc1d605e", "urn:ietf:wg:oauth:2.0:oob", str, null, EXTRA_QP_FOR_DRS_TOKEN_REQUEST, this.mCorrelationId, BrokerClient.AccountRequestType.AddAccountSSOBroker);
        brokerRequest.setVersion(AuthenticationContext.getVersionName());
        intent.putExtra("caller.info.package", this.mContext.getPackageName());
        intent.putExtra("com.microsoft.aadbroker.adal.broker.request", new Gson().toJson(brokerRequest));
        activity.startActivityForResult(intent, i);
    }

    public void onActivityResult(Activity activity, int i, int i2, Intent intent) {
        Logger.i(TAG + "onActivityResult", "RequestCode:" + i + " Resultcode:" + i2);
        switch (i) {
            case BROKER_ADD_ACCOUNT_REQUEST /* 2222 */:
                processBrokerAddAccountRequest(activity, i2, intent);
                return;
            case BROKER_ADD_ACCOUNT_SSO_BROKER_REQUEST /* 2223 */:
                processBrokerAddAccountSSOBrokerRequest(activity, i2, intent);
                return;
            case BROKER_CHOOSE_ACCOUNT_REQUEST /* 2224 */:
            case BROKER_SHOW_ACCOUNTS /* 2225 */:
            case BROKER_ADD_ACCOUNT_REGISTER_DEVICE /* 2227 */:
            default:
                throw new IllegalStateException("Unexpected request code received.");
            case BROKER_ADD_ACCOUNT_RESOLVE_INTERRUPT /* 2226 */:
                processBrokerAddAccountResolveInterrupt(activity, i2, intent);
                return;
            case BROKER_ADD_ACCOUNT_PRT_BROKER_REQUEST /* 2228 */:
                processBrokerAddAccountPrtBrokerRequest(activity, i2, intent);
                return;
        }
    }

    public void removeAccount(String str, final OnAccountCallback<Boolean> onAccountCallback) {
        Logger.v(TAG + "removeAccount", "Remove account " + str);
        AccountManager accountManager = AccountManager.get(this.mContext);
        if (accountManager.getAccountsByType("com.microsoft.workaccount").length > 0) {
            accountManager.removeAccount(getAccount(accountManager, str), new AccountManagerCallback<Boolean>() { // from class: com.microsoft.workaccount.workplacejoin.BrokerContext.3
                @Override // android.accounts.AccountManagerCallback
                public void run(AccountManagerFuture<Boolean> accountManagerFuture) {
                    try {
                        Boolean result = accountManagerFuture.getResult();
                        Logger.v(BrokerContext.TAG + "removeAccount", "WPJ account remove:" + result);
                        onAccountCallback.onSuccess(result);
                    } catch (AuthenticatorException e) {
                        Logger.e(BrokerContext.TAG + "removeAccount", "Authenticator exception", WorkplaceJoinFailure.INTERNAL, e);
                        onAccountCallback.onException(e);
                    } catch (OperationCanceledException e2) {
                        Logger.e(BrokerContext.TAG + "removeAccount", "Operation Canceled", WorkplaceJoinFailure.INTERNAL, e2);
                        onAccountCallback.onException(e2);
                    } catch (IOException e3) {
                        Logger.e(BrokerContext.TAG + "removeAccount", "IO exception", WorkplaceJoinFailure.INTERNAL, e3);
                        onAccountCallback.onException(e3);
                    }
                }
            }, null);
        } else {
            Logger.v(TAG + "removeAccount", "Account list is empty.");
            onAccountCallback.onException(new Exception("Empty account list"));
        }
    }

    public void setDiscoveryEndpoint(DiscoveryEndpoint discoveryEndpoint) {
        this.mDiscoveryEndpoint = discoveryEndpoint;
        WorkplaceJoinService.saveDiscoveryFlag(this.mContext, discoveryEndpoint);
    }

    public boolean setRequest(Activity activity) {
        Intent intent = activity.getIntent();
        this.mAuthRequest = BrokerRequest.create(intent);
        if (this.mAuthRequest != null) {
            if (this.mAuthRequest.getAuthority() == null || this.mAuthRequest.getAuthority().isEmpty()) {
                Logger.e(TAG + "setRequest", "Intent does not provide account authority.", WorkplaceJoinFailure.INTERNAL);
                returnError(activity, ADALError.ARGUMENT_EXCEPTION, "account.authority");
                return false;
            }
            if (this.mAuthRequest.getResource() == null || this.mAuthRequest.getResource().isEmpty()) {
                Logger.e(TAG + "setRequest", "Intent does not provide resource id.", WorkplaceJoinFailure.INTERNAL);
                returnError(activity, ADALError.ARGUMENT_EXCEPTION, "account.resource");
                return false;
            }
            if (this.mAuthRequest.getClientId() == null || this.mAuthRequest.getClientId().isEmpty()) {
                Logger.e(TAG + "setRequest", "Intent does not provide client id.", WorkplaceJoinFailure.INTERNAL);
                returnError(activity, ADALError.ARGUMENT_EXCEPTION, "account.clientid.key");
                return false;
            }
            if (this.mAuthRequest.getRedirectUri() == null || this.mAuthRequest.getRedirectUri().isEmpty()) {
                Logger.e(TAG + "setRequest", "Intent does not provide redirect uri.", WorkplaceJoinFailure.INTERNAL);
                returnError(activity, ADALError.ARGUMENT_EXCEPTION, "account.redirect");
                return false;
            }
            this.mCorrelationId = this.mAuthRequest.getCorrelationId();
            if (this.mCorrelationId == null) {
                Logger.v(TAG + "setRequest", "Request correlation id is not provided. A random one will be created.");
                this.mCorrelationId = UUID.randomUUID();
                this.mAuthRequest.setCorrelationId(this.mCorrelationId);
            }
            Logger.i(TAG + "setRequest", "Request CorrelationId:" + this.mCorrelationId.toString());
            try {
                setExtraQueryParameter();
            } catch (UnsupportedEncodingException e) {
                returnError(activity, ADALError.ARGUMENT_EXCEPTION, "account.extra.query.param");
                return false;
            }
        }
        this.mAccountAuthenticatorResponse = (AccountAuthenticatorResponse) intent.getParcelableExtra("accountAuthenticatorResponse");
        if (this.mAccountAuthenticatorResponse != null) {
            this.mAccountAuthenticatorResponse.onRequestContinued();
        }
        PackageHelper packageHelper = new PackageHelper(this.mContext);
        if (TextUtils.isEmpty(intent.getStringExtra("com.microsoft.aadbroker.adal.broker.request.resume"))) {
            this.mCallingPackage = activity.getCallingPackage();
            this.mCallingAppUid = packageHelper.getUIDForPackage(this.mCallingPackage);
            Logger.v(TAG + "setRequest", "Request will resume to calling application package.");
        } else {
            this.mCallingPackage = intent.getStringExtra("caller.info.package");
            Logger.v(TAG + "setRequest", "Request will resume to broker package.");
            this.mCallingAppUid = 0;
        }
        Logger.v(TAG + "setRequest", "OnCreate calling package:" + this.mCallingPackage + " signatureDigest:" + packageHelper.getCurrentSignatureForPackage(this.mCallingPackage) + " current Context Package: " + this.mContext.getPackageName() + " callingId:" + this.mCallingAppUid);
        Logger.i(TAG + "setRequest", "Calling package:" + this.mCallingPackage + " device:" + Build.VERSION.RELEASE + DatabaseAppPolicy.ARRAY_SEPARATOR + Build.MANUFACTURER + Build.MODEL);
        this.mWaitingRequestId = intent.getIntExtra("com.microsoft.aad.adal:RequestId", 0);
        if (intent.getBooleanExtra(AuthenticationConstants.Broker.BROKER_RETURN_JSON, false)) {
            this.mIsJsonResponse = true;
        }
        return true;
    }

    public void updateAccount(Context context, WorkplaceJoinService.OnUpdateDeviceListener onUpdateDeviceListener) {
        try {
            AccountManagerStorageHelper accountManagerStorageHelper = new AccountManagerStorageHelper(context);
            accountManagerStorageHelper.restoreWPJAccount();
            String wpjUPN = accountManagerStorageHelper.getWpjUPN();
            if (TextUtils.isEmpty(wpjUPN)) {
                Logger.v(TAG + "updateAccount", "Account '" + wpjUPN + "' was not found.");
                onUpdateDeviceListener.onComplete(false, null);
            } else {
                byte[] wpjPKCS12Certificate = accountManagerStorageHelper.getWpjPKCS12Certificate();
                String wpjDeviceId = accountManagerStorageHelper.getWpjDeviceId();
                boolean z = !StringHelper.IsNullOrBlank(accountManagerStorageHelper.getDeviceIdForExistingAccount(getAccount(AccountManager.get(context), wpjUPN)));
                KeyPair sessionTransportKey = new SessionTransportKey(context).getSessionTransportKey();
                if (!z) {
                    Logger.v(TAG + "updateAccount", "Account '" + wpjUPN + "' was found but it's not a WPJ account.");
                    onUpdateDeviceListener.onComplete(false, null);
                } else if (sessionTransportKey == null) {
                    Logger.v(TAG + "updateAccount", "Joined but it is missing stk");
                    WorkplaceJoinService.updateDeviceRegistrationEnrollment(context, wpjDeviceId, wpjUPN, getCorrelationId(), wpjPKCS12Certificate, onUpdateDeviceListener);
                } else {
                    Logger.v(TAG + "updateAccount", "Account is joined, and STK alreay exists.");
                    onUpdateDeviceListener.onComplete(true, null);
                }
            }
        } catch (Exception e) {
            Logger.e(TAG + "updateAccount", "Failed to register STK", WorkplaceJoinFailure.INTERNAL, e);
            onUpdateDeviceListener.onComplete(false, e);
        }
    }
}
