package com.microsoft.identity.client;

import android.accounts.Account;
import android.content.Context;
import android.content.Intent;
import android.text.TextUtils;
import androidx.arch.core.util.Function;
import com.microsoft.identity.common.adal.internal.AuthenticationConstants;
import com.microsoft.identity.common.adal.internal.net.HttpWebRequest;
import com.microsoft.identity.common.adal.internal.util.StringExtensions;
import com.microsoft.identity.common.exception.ArgumentException;
import com.microsoft.identity.common.exception.BaseException;
import com.microsoft.identity.common.exception.ClientException;
import com.microsoft.identity.common.exception.ErrorStrings;
import com.microsoft.identity.common.exception.ServiceException;
import com.microsoft.identity.common.internal.authorities.Authority;
import com.microsoft.identity.common.internal.authscheme.AbstractAuthenticationScheme;
import com.microsoft.identity.common.internal.authscheme.PopAuthenticationSchemeInternal;
import com.microsoft.identity.common.internal.broker.JoinedAccountRequestHandler;
import com.microsoft.identity.common.internal.cache.BrokerOAuth2TokenCache;
import com.microsoft.identity.common.internal.cache.ICacheRecord;
import com.microsoft.identity.common.internal.cache.SchemaUtil;
import com.microsoft.identity.common.internal.commands.parameters.BrokerInteractiveTokenCommandParameters;
import com.microsoft.identity.common.internal.commands.parameters.BrokerSilentTokenCommandParameters;
import com.microsoft.identity.common.internal.commands.parameters.InteractiveTokenCommandParameters;
import com.microsoft.identity.common.internal.commands.parameters.SilentTokenCommandParameters;
import com.microsoft.identity.common.internal.commands.parameters.TokenCommandParameters;
import com.microsoft.identity.common.internal.dto.AccessTokenRecord;
import com.microsoft.identity.common.internal.dto.AccountRecord;
import com.microsoft.identity.common.internal.dto.Credential;
import com.microsoft.identity.common.internal.dto.CredentialType;
import com.microsoft.identity.common.internal.dto.IdTokenRecord;
import com.microsoft.identity.common.internal.dto.RefreshTokenRecord;
import com.microsoft.identity.common.internal.logging.Logger;
import com.microsoft.identity.common.internal.platform.Device;
import com.microsoft.identity.common.internal.platform.IDevicePopManager;
import com.microsoft.identity.common.internal.providers.microsoft.MicrosoftTokenResponse;
import com.microsoft.identity.common.internal.providers.microsoft.azureactivedirectory.AzureActiveDirectory;
import com.microsoft.identity.common.internal.providers.microsoft.azureactivedirectory.AzureActiveDirectoryCloud;
import com.microsoft.identity.common.internal.providers.microsoft.azureactivedirectory.ClientInfo;
import com.microsoft.identity.common.internal.providers.microsoft.microsoftsts.MicrosoftStsOAuth2Strategy;
import com.microsoft.identity.common.internal.providers.microsoft.microsoftsts.MicrosoftStsTokenResponse;
import com.microsoft.identity.common.internal.providers.oauth2.IDToken;
import com.microsoft.identity.common.internal.providers.oauth2.OpenIdConnectPromptParameter;
import com.microsoft.identity.common.internal.providers.oauth2.TokenResult;
import com.microsoft.identity.common.internal.request.BrokerRequestType;
import com.microsoft.identity.common.internal.request.SdkType;
import com.microsoft.identity.common.internal.result.AcquireTokenResult;
import com.microsoft.identity.common.internal.result.LocalAuthenticationResult;
import com.microsoft.identity.common.internal.ui.webview.WebViewUtil;
import com.microsoft.identity.common.internal.util.DateUtilities;
import com.microsoft.workaccount.workplacejoin.AccountManagerStorageHelper;
import com.microsoft.workaccount.workplacejoin.WorkplaceJoinData;
import com.microsoft.workaccount.workplacejoin.WorkplaceJoinDataStore;
import com.microsoft.workaccount.workplacejoin.core.StringHelper;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.net.MalformedURLException;
import java.net.URL;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.HashSet;
import java.util.List;
import java.util.concurrent.ExecutionException;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.TimeoutException;

/* loaded from: classes2.dex */
public class BrokerJoinedAccountController extends AbstractBrokerController {
    private static final String TAG = BrokerJoinedAccountController.class.getSimpleName();

    private AcquireTokenResult acquireBRT(BrokerInteractiveTokenCommandParameters brokerInteractiveTokenCommandParameters, WorkplaceJoinData workplaceJoinData) throws InterruptedException, ClientException, TimeoutException, ServiceException, ExecutionException, ArgumentException, IOException {
        Logger.info(TAG + ":acquireBRT", "Start BRT acquisition.");
        if (!brokerInteractiveTokenCommandParameters.isRequestFromBroker()) {
            brokerInteractiveTokenCommandParameters = BrokerOperationParametersUtils.getBrokerRTAcquireTokenParametersWithDRSDiscovery(brokerInteractiveTokenCommandParameters, workplaceJoinData.getTenantId());
        }
        return acquireTokenInternal(brokerInteractiveTokenCommandParameters);
    }

    private AcquireTokenResult acquireTokenWithPRT(BrokerSilentTokenCommandParameters brokerSilentTokenCommandParameters, JoinedAccountRequestHandler joinedAccountRequestHandler) throws ClientException, ServiceException {
        HttpWebRequest.throwIfNetworkNotAvailable(brokerSilentTokenCommandParameters.getAndroidApplicationContext(), brokerSilentTokenCommandParameters.isPowerOptCheckEnabled());
        Authority.KnownAuthorityResult knownAuthorityResult = Authority.getKnownAuthorityResult(brokerSilentTokenCommandParameters.getAuthority());
        if (!knownAuthorityResult.getKnown()) {
            throw knownAuthorityResult.getClientException();
        }
        new AccountManagerStorageHelper(brokerSilentTokenCommandParameters.getAndroidApplicationContext()).deleteBRT(brokerSilentTokenCommandParameters.getAccountManagerAccount());
        MicrosoftStsTokenResponse requestAccessTokenWithPrt = joinedAccountRequestHandler.requestAccessTokenWithPrt(brokerSilentTokenCommandParameters.getAccountManagerAccount(), brokerSilentTokenCommandParameters);
        List<ICacheRecord> saveToCache = saveToCache(brokerSilentTokenCommandParameters, brokerSilentTokenCommandParameters.getSdkType(), (BrokerOAuth2TokenCache) brokerSilentTokenCommandParameters.getOAuth2TokenCache(), requestAccessTokenWithPrt);
        AcquireTokenResult acquireTokenResult = new AcquireTokenResult();
        TokenResult tokenResult = new TokenResult(requestAccessTokenWithPrt);
        logResult(TAG + ":acquireTokenWithPRT", tokenResult);
        LocalAuthenticationResult localAuthenticationResult = new LocalAuthenticationResult(finalizeCacheRecordForResult(saveToCache.get(0), brokerSilentTokenCommandParameters.getAuthenticationScheme()), saveToCache, brokerSilentTokenCommandParameters.getSdkType(), false);
        localAuthenticationResult.setSpeRing(requestAccessTokenWithPrt.getSpeRing());
        localAuthenticationResult.setRefreshTokenAge(requestAccessTokenWithPrt.getRefreshTokenAge());
        acquireTokenResult.setTokenResult(tokenResult);
        acquireTokenResult.setLocalAuthenticationResult(localAuthenticationResult);
        return acquireTokenResult;
    }

    private boolean cachedAccessTokenKidMatchesKeystoreKid(ICacheRecord iCacheRecord) throws ClientException {
        String asymmetricKeyThumbprint = Device.getDevicePoPManagerInstance().getAsymmetricKeyThumbprint();
        if (StringExtensions.isNullOrBlank(iCacheRecord.getAccessToken().getKid())) {
            return false;
        }
        return asymmetricKeyThumbprint.equals(iCacheRecord.getAccessToken().getKid());
    }

    private AccessTokenRecord getAccessTokenRecord(MicrosoftStsTokenResponse microsoftStsTokenResponse, AccountRecord accountRecord, TokenCommandParameters tokenCommandParameters) throws ClientException {
        AccessTokenRecord accessTokenRecord = new AccessTokenRecord();
        accessTokenRecord.setHomeAccountId(accountRecord.getHomeAccountId());
        accessTokenRecord.setRealm(accountRecord.getRealm());
        if (PopAuthenticationSchemeInternal.SCHEME_POP.equals(tokenCommandParameters.getAuthenticationScheme().getName())) {
            IDevicePopManager devicePoPManagerInstance = Device.getDevicePoPManagerInstance();
            accessTokenRecord.setCredentialType(CredentialType.AccessToken_With_AuthScheme.name());
            accessTokenRecord.setKid(devicePoPManagerInstance.getAsymmetricKeyThumbprint());
        } else {
            accessTokenRecord.setCredentialType(CredentialType.AccessToken.name());
        }
        accessTokenRecord.setClientId(tokenCommandParameters.getClientId());
        accessTokenRecord.setSecret(microsoftStsTokenResponse.getAccessToken());
        accessTokenRecord.setAccessTokenType(microsoftStsTokenResponse.getTokenType());
        accessTokenRecord.setTarget(TextUtils.join(" ", tokenCommandParameters.getScopes()));
        setCredentialEnvironment(accessTokenRecord, tokenCommandParameters.getAuthority(), microsoftStsTokenResponse);
        if (microsoftStsTokenResponse.getExpiresIn() != null) {
            accessTokenRecord.setExpiresOn(String.valueOf(DateUtilities.getExpiresOn(microsoftStsTokenResponse.getExpiresIn().longValue())));
        }
        if (microsoftStsTokenResponse.getExtExpiresIn() != null) {
            accessTokenRecord.setExtendedExpiresOn(String.valueOf(DateUtilities.getExpiresOn(microsoftStsTokenResponse.getExtExpiresIn().longValue())));
        }
        accessTokenRecord.setCachedAt(String.valueOf(TimeUnit.MILLISECONDS.toSeconds(System.currentTimeMillis())));
        return accessTokenRecord;
    }

    private String getEnrollmentId(AccountManagerStorageHelper accountManagerStorageHelper, BrokerInteractiveTokenCommandParameters brokerInteractiveTokenCommandParameters) throws UnsupportedEncodingException {
        Account account = accountManagerStorageHelper.getAccount(brokerInteractiveTokenCommandParameters.getLoginHint(), "com.microsoft.workaccount");
        return BrokerUtils.getMicrosoftEnrollmentId(BrokerOperationParametersUtils.getSilentParamsFromInteractive(brokerInteractiveTokenCommandParameters).accountManagerAccount(account).homeAccountId(account != null ? accountManagerStorageHelper.getAccountHomeAccountId(account) : null).build());
    }

    private String getHomeTenantIdForBRTResult(TokenResult tokenResult) throws ServiceException {
        return new ClientInfo(((MicrosoftStsTokenResponse) tokenResult.getTokenResponse()).getClientInfo()).getUtid();
    }

    private IdTokenRecord getIdTokenRecord(MicrosoftStsTokenResponse microsoftStsTokenResponse, AccountRecord accountRecord, TokenCommandParameters tokenCommandParameters) {
        IdTokenRecord idTokenRecord = new IdTokenRecord();
        idTokenRecord.setHomeAccountId(accountRecord.getHomeAccountId());
        idTokenRecord.setRealm(accountRecord.getRealm());
        idTokenRecord.setCredentialType(SchemaUtil.getCredentialTypeFromVersion(microsoftStsTokenResponse.getIdToken()));
        idTokenRecord.setClientId(tokenCommandParameters.getClientId());
        idTokenRecord.setSecret(microsoftStsTokenResponse.getIdToken());
        setCredentialEnvironment(idTokenRecord, tokenCommandParameters.getAuthority(), microsoftStsTokenResponse);
        return idTokenRecord;
    }

    private String getInterruptFlowRefreshTokenCredential(BrokerInteractiveTokenCommandParameters brokerInteractiveTokenCommandParameters, AccountManagerStorageHelper accountManagerStorageHelper, JoinedAccountRequestHandler joinedAccountRequestHandler) throws ClientException {
        if (!brokerInteractiveTokenCommandParameters.isShouldResolveInterrupt()) {
            return null;
        }
        Account account = accountManagerStorageHelper.getAccount(brokerInteractiveTokenCommandParameters.getLoginHint(), "com.microsoft.workaccount");
        if (account == null) {
            throw new ClientException("Account is null");
        }
        try {
            return joinedAccountRequestHandler.getResolveInterruptRefreshCredential(account, brokerInteractiveTokenCommandParameters.getCorrelationId(), brokerInteractiveTokenCommandParameters.getAuthority());
        } catch (ClientException e) {
            Logger.error(TAG, "Exception when trying to resolve interrupt refresh credential", e);
            return null;
        }
    }

    private List<Function<BrokerInteractiveTokenCommandParameters.BrokerInteractiveTokenCommandParametersBuilder, BrokerInteractiveTokenCommandParameters.BrokerInteractiveTokenCommandParametersBuilder>> getJoinedAccountRequestDecorators(final BrokerInteractiveTokenCommandParameters brokerInteractiveTokenCommandParameters, final AccountManagerStorageHelper accountManagerStorageHelper) {
        ArrayList arrayList = new ArrayList(2);
        arrayList.add(new Function() { // from class: com.microsoft.identity.client.-$$Lambda$BrokerJoinedAccountController$BmD52fu2XGQ-gPbLhOW5vL_9yNA
            @Override // androidx.arch.core.util.Function
            public final Object apply(Object obj) {
                return BrokerJoinedAccountController.this.lambda$getJoinedAccountRequestDecorators$0$BrokerJoinedAccountController(brokerInteractiveTokenCommandParameters, accountManagerStorageHelper, (BrokerInteractiveTokenCommandParameters.BrokerInteractiveTokenCommandParametersBuilder) obj);
            }
        });
        arrayList.add(new Function() { // from class: com.microsoft.identity.client.-$$Lambda$BrokerJoinedAccountController$TiEvqmuWPN-n5a9-aXB4ubZeoQ8
            @Override // androidx.arch.core.util.Function
            public final Object apply(Object obj) {
                return BrokerJoinedAccountController.this.lambda$getJoinedAccountRequestDecorators$1$BrokerJoinedAccountController(brokerInteractiveTokenCommandParameters, (BrokerInteractiveTokenCommandParameters.BrokerInteractiveTokenCommandParametersBuilder) obj);
            }
        });
        return arrayList;
    }

    private BrokerSilentTokenCommandParameters getPrtToAtParamsAfterInterrupt(BrokerInteractiveTokenCommandParameters brokerInteractiveTokenCommandParameters, String str, Account account, Authority authority, String str2, String str3) {
        BrokerSilentTokenCommandParameters.BrokerSilentTokenCommandParametersBuilder silentParamsFromInteractive = BrokerOperationParametersUtils.getSilentParamsFromInteractive(brokerInteractiveTokenCommandParameters);
        silentParamsFromInteractive.loginHint(str);
        silentParamsFromInteractive.accountManagerAccount(account);
        silentParamsFromInteractive.authority(authority);
        silentParamsFromInteractive.homeAccountId(str2);
        silentParamsFromInteractive.localAccountId(str3);
        silentParamsFromInteractive.authority(authority);
        return silentParamsFromInteractive.build();
    }

    private RefreshTokenRecord getRefreshTokenRecord(MicrosoftStsTokenResponse microsoftStsTokenResponse, AccountRecord accountRecord, TokenCommandParameters tokenCommandParameters) {
        RefreshTokenRecord refreshTokenRecord = new RefreshTokenRecord();
        refreshTokenRecord.setHomeAccountId(accountRecord.getHomeAccountId());
        refreshTokenRecord.setCredentialType(CredentialType.RefreshToken.name());
        setCredentialEnvironment(refreshTokenRecord, tokenCommandParameters.getAuthority(), microsoftStsTokenResponse);
        refreshTokenRecord.setClientId(tokenCommandParameters.getClientId());
        refreshTokenRecord.setSecret(microsoftStsTokenResponse.getRefreshToken());
        refreshTokenRecord.setFamilyId(microsoftStsTokenResponse.getFamilyId());
        refreshTokenRecord.setTarget(TextUtils.join(" ", tokenCommandParameters.getScopes()));
        refreshTokenRecord.setCachedAt(String.valueOf(TimeUnit.MILLISECONDS.toSeconds(System.currentTimeMillis())));
        return refreshTokenRecord;
    }

    private String getUpnOverride(BrokerInteractiveTokenCommandParameters brokerInteractiveTokenCommandParameters, AccountManagerStorageHelper accountManagerStorageHelper) {
        Account account = accountManagerStorageHelper.getAccount(brokerInteractiveTokenCommandParameters.getLoginHint(), "com.microsoft.workaccount");
        return account != null ? account.name : brokerInteractiveTokenCommandParameters.getLoginHint();
    }

    private String getUsernameForBRTResult(TokenResult tokenResult) throws ServiceException {
        return SchemaUtil.getDisplayableId(new IDToken(tokenResult.getTokenResponse().getIdToken()).getTokenClaims());
    }

    private List<ICacheRecord> saveToCache(TokenCommandParameters tokenCommandParameters, SdkType sdkType, BrokerOAuth2TokenCache brokerOAuth2TokenCache, MicrosoftStsTokenResponse microsoftStsTokenResponse) throws ClientException, ServiceException {
        Logger.verbose(TAG + ":saveToCache", "Saving tokens to cache..");
        AccountRecord accountRecord = getAccountRecord(sdkType, tokenCommandParameters, microsoftStsTokenResponse);
        AccessTokenRecord accessTokenRecord = getAccessTokenRecord(microsoftStsTokenResponse, accountRecord, tokenCommandParameters);
        RefreshTokenRecord refreshTokenRecord = getRefreshTokenRecord(microsoftStsTokenResponse, accountRecord, tokenCommandParameters);
        IdTokenRecord idTokenRecord = getIdTokenRecord(microsoftStsTokenResponse, accountRecord, tokenCommandParameters);
        List<ICacheRecord> saveAndLoadAggregatedAccountData = brokerOAuth2TokenCache.saveAndLoadAggregatedAccountData(accountRecord, idTokenRecord, accessTokenRecord, refreshTokenRecord, microsoftStsTokenResponse.getFamilyId(), tokenCommandParameters.getAuthenticationScheme());
        saveResultToAccountManager(tokenCommandParameters.getAndroidApplicationContext(), accountRecord, idTokenRecord, tokenCommandParameters.getAuthority(), microsoftStsTokenResponse);
        return saveAndLoadAggregatedAccountData;
    }

    private void setCredentialEnvironment(Credential credential, Authority authority, MicrosoftTokenResponse microsoftTokenResponse) {
        URL authorityURL = authority.getAuthorityURL();
        if (!microsoftTokenResponse.getAuthority().isEmpty()) {
            try {
                authorityURL = new URL(microsoftTokenResponse.getAuthority());
            } catch (MalformedURLException e) {
                Logger.error(TAG, "Authority url construction failed, setting request authority to result", e);
            }
        }
        AzureActiveDirectoryCloud azureActiveDirectoryCloud = AzureActiveDirectory.getAzureActiveDirectoryCloud(authorityURL);
        if (azureActiveDirectoryCloud != null) {
            Logger.info(TAG, "Using preferred cache host name...");
            credential.setEnvironment(azureActiveDirectoryCloud.getPreferredCacheHostName());
        } else {
            credential.setEnvironment(authorityURL.getHost());
        }
        if (credential instanceof IdTokenRecord) {
            ((IdTokenRecord) credential).setAuthority(authorityURL.toString());
        }
        if (credential instanceof AccessTokenRecord) {
            ((AccessTokenRecord) credential).setAuthority(authorityURL.toString());
        }
    }

    private void throwIfThereIsAlreadyASignedInAccountInSharedDeviceMode(String str, AccountManagerStorageHelper accountManagerStorageHelper, WorkplaceJoinData workplaceJoinData, Context context) throws ClientException {
        if (workplaceJoinData.isSharedDevice()) {
            List<Account> signedInAccounts = accountManagerStorageHelper.getSignedInAccounts();
            if (signedInAccounts.isEmpty() || signedInAccounts.get(0).name.equalsIgnoreCase(str)) {
                return;
            }
            Logger.error(TAG + ":throwIfThereIsAlreadyASignedInAccountInSharedDeviceMode", "There is already a signed in account.", null);
            Logger.errorPII(TAG + ":throwIfThereIsAlreadyASignedInAccountInSharedDeviceMode", "BRT holder upn: " + signedInAccounts.get(0) + " | upn of the token result: " + str, null);
            WebViewUtil.removeCookiesFromWebView(context);
            throw new ClientException(ErrorStrings.BROKER_REQUEST_CANCELLED, "This device is in shared mode and can only be signed in by one account.");
        }
    }

    private void throwIfUnexpectedAccountIsReturned(String str, String str2, AccountManagerStorageHelper accountManagerStorageHelper, WorkplaceJoinData workplaceJoinData) throws ClientException {
        if (workplaceJoinData.isSharedDevice()) {
            if (!workplaceJoinData.getTenantId().equalsIgnoreCase(str2)) {
                throw new ClientException(ClientException.BRT_TENANT_MISMATCH, ErrorStrings.BRT_TENANT_MISMATCH_ERROR_MESSAGE);
            }
        } else if (!str.equalsIgnoreCase(workplaceJoinData.getUpn())) {
            throw new ClientException("user_mismatch", ErrorStrings.BRT_USER_MISMATCH_ERROR_MESSAGE);
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    private AcquireTokenResult updateBrt(BrokerInteractiveTokenCommandParameters brokerInteractiveTokenCommandParameters, WorkplaceJoinData workplaceJoinData, HashMap<String, String> hashMap) throws InterruptedException, ClientException, TimeoutException, ServiceException, ExecutionException, ArgumentException, IOException {
        BrokerInteractiveTokenCommandParameters brokerRTAcquireTokenParametersWithDRSDiscovery = BrokerOperationParametersUtils.getBrokerRTAcquireTokenParametersWithDRSDiscovery(brokerInteractiveTokenCommandParameters, workplaceJoinData.getTenantId());
        HashSet hashSet = new HashSet();
        hashSet.add(AuthenticationConstants.OAuth2Scopes.CLAIMS_UPDATE_RESOURCE);
        hashSet.add(AuthenticationConstants.OAuth2Scopes.OFFLINE_ACCESS_SCOPE);
        hashSet.add("openid");
        hashSet.add("profile");
        return acquireTokenInternal(((BrokerInteractiveTokenCommandParameters.BrokerInteractiveTokenCommandParametersBuilder) ((BrokerInteractiveTokenCommandParameters.BrokerInteractiveTokenCommandParametersBuilder) ((BrokerInteractiveTokenCommandParameters.BrokerInteractiveTokenCommandParametersBuilder) brokerRTAcquireTokenParametersWithDRSDiscovery.toBuilder().scopes(hashSet)).requestHeaders(hashMap)).prompt(OpenIdConnectPromptParameter.UNSET)).requestType(BrokerRequestType.RESOLVE_INTERRUPT).build());
    }

    private boolean validateCachedResult(AbstractAuthenticationScheme abstractAuthenticationScheme, ICacheRecord iCacheRecord) throws ClientException {
        if (MicrosoftStsOAuth2Strategy.authSchemeIsPoP(abstractAuthenticationScheme)) {
            return cachedAccessTokenKidMatchesKeystoreKid(iCacheRecord);
        }
        return true;
    }

    /* JADX WARN: Multi-variable type inference failed */
    @Override // com.microsoft.identity.common.internal.controllers.BaseController
    public AcquireTokenResult acquireToken(InteractiveTokenCommandParameters interactiveTokenCommandParameters) throws InterruptedException, ExecutionException, IOException, ArgumentException, ClientException, ServiceException {
        String str;
        AcquireTokenResult acquireBRT;
        Logger.info(TAG + ":acquireToken", "Acquiring token for Broker Joined account...");
        Context androidApplicationContext = interactiveTokenCommandParameters.getAndroidApplicationContext();
        AccountManagerStorageHelper accountManagerStorageHelper = new AccountManagerStorageHelper(androidApplicationContext);
        WorkplaceJoinData workplaceJoinData = new WorkplaceJoinDataStore(accountManagerStorageHelper).getWorkplaceJoinData();
        BrokerInteractiveTokenCommandParameters convertToBrokerInteractiveTokenCommandParameters = convertToBrokerInteractiveTokenCommandParameters(interactiveTokenCommandParameters, ArgumentException.ACQUIRE_TOKEN_OPERATION_NAME);
        BrokerInteractiveTokenCommandParameters commandParameters = getCommandParameters(convertToBrokerInteractiveTokenCommandParameters, getJoinedAccountRequestDecorators(convertToBrokerInteractiveTokenCommandParameters, accountManagerStorageHelper));
        if (workplaceJoinData == null) {
            throw new IllegalStateException("WorkplaceJoinData should not be null in joined flow.");
        }
        JoinedAccountRequestHandler joinedAccountRequestHandler = new JoinedAccountRequestHandler(androidApplicationContext, accountManagerStorageHelper, workplaceJoinData);
        boolean z = false;
        AcquireTokenResult acquireTokenResult = null;
        try {
            try {
                str = getInterruptFlowRefreshTokenCredential(commandParameters, accountManagerStorageHelper, joinedAccountRequestHandler);
            } catch (ClientException e) {
                Logger.error(TAG, "Exception when trying to resolve interrupt refresh credential", e);
                str = null;
            }
            if (StringHelper.IsNullOrBlank(str)) {
                z = true;
                acquireBRT = acquireBRT(commandParameters, workplaceJoinData);
            } else {
                HashMap<String, String> hashMap = new HashMap<>();
                hashMap.put(AuthenticationConstants.Broker.PRT_RESPONSE_HEADER, str);
                BrokerInteractiveTokenCommandParameters build = ((BrokerInteractiveTokenCommandParameters.BrokerInteractiveTokenCommandParametersBuilder) ((BrokerInteractiveTokenCommandParameters.BrokerInteractiveTokenCommandParametersBuilder) ((BrokerInteractiveTokenCommandParameters.BrokerInteractiveTokenCommandParametersBuilder) commandParameters.toBuilder().requestHeaders(hashMap)).prompt(OpenIdConnectPromptParameter.UNSET)).enrollmentId(getEnrollmentId(accountManagerStorageHelper, commandParameters)).requestType(BrokerRequestType.REGULAR).extraQueryStringParameters(getBrokerExtraQueryParameters(commandParameters))).build();
                AcquireTokenResult acquireTokenInternal = acquireTokenInternal(build);
                if (!acquireTokenInternal.getSucceeded().booleanValue()) {
                    Logger.warn(TAG + ":acquireToken", "Failed to resolve an interrupt.");
                    return acquireTokenInternal;
                }
                Logger.info(TAG + ":acquireToken", "Interrupt resolved. Update BRT with the resolved claim.");
                acquireBRT = updateBrt(build, workplaceJoinData, hashMap);
                acquireTokenResult = acquireTokenInternal;
            }
            if (!acquireBRT.getSucceeded().booleanValue()) {
                Logger.warn(TAG + ":acquireToken", "Failed to acquire an updated BRT.");
                return acquireBRT;
            }
            String usernameForBRTResult = getUsernameForBRTResult(acquireBRT.getTokenResult());
            Account account = accountManagerStorageHelper.getAccount(usernameForBRTResult, "com.microsoft.workaccount");
            Authority authorityFromAuthorityUrl = Authority.getAuthorityFromAuthorityUrl(((MicrosoftTokenResponse) acquireBRT.getTokenResult().getTokenResponse()).getAuthority());
            String accountHomeAccountId = accountManagerStorageHelper.getAccountHomeAccountId(account);
            String uIdFromHomeAccountId = BrokerOperationParametersUtils.getUIdFromHomeAccountId(accountHomeAccountId);
            try {
                joinedAccountRequestHandler.acquirePrt(account, acquireBRT.getLocalAuthenticationResult().getRefreshToken(), authorityFromAuthorityUrl, commandParameters.getCorrelationId());
                if (!z) {
                    return acquireTokenResult;
                }
                try {
                    return acquireTokenWithPRT(getPrtToAtParamsAfterInterrupt(commandParameters, usernameForBRTResult, account, authorityFromAuthorityUrl, accountHomeAccountId, uIdFromHomeAccountId), joinedAccountRequestHandler);
                } catch (BaseException e2) {
                    e2.setUsername(usernameForBRTResult);
                    throw e2;
                }
            } catch (BaseException e3) {
                e3.setUsername(usernameForBRTResult);
                throw e3;
            }
        } catch (TimeoutException e4) {
            throw new ServiceException(ErrorStrings.SOCKET_TIMEOUT, e4.getMessage(), e4);
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    @Override // com.microsoft.identity.common.internal.controllers.BaseController
    public AcquireTokenResult acquireTokenSilent(SilentTokenCommandParameters silentTokenCommandParameters) throws ClientException, ServiceException, ArgumentException {
        AccountRecord accountRecord;
        Logger.info(TAG + ":acquireTokenSilent", "Acquiring token silently for Broker Joined account...");
        if (!(silentTokenCommandParameters instanceof BrokerSilentTokenCommandParameters)) {
            throw new ArgumentException(ArgumentException.ACQUIRE_TOKEN_SILENT_OPERATION_NAME, "AcquireTokenSilentOperationParameters", "AcquireTokenSilentOperationParameters not an instance of BrokerAcquireTokenSilentOperationParameters");
        }
        TokenCommandParameters tokenCommandParameters = (BrokerSilentTokenCommandParameters) silentTokenCommandParameters;
        logParameters(TAG + ":acquireTokenSilent", tokenCommandParameters);
        tokenCommandParameters.validate();
        BrokerSilentTokenCommandParameters build = ((BrokerSilentTokenCommandParameters.BrokerSilentTokenCommandParametersBuilder) tokenCommandParameters.toBuilder().scopes(addDefaultScopes(tokenCommandParameters))).build();
        BrokerOAuth2TokenCache brokerOAuth2TokenCache = (BrokerOAuth2TokenCache) build.getOAuth2TokenCache();
        if (!build.isForceRefresh() && build.getAccount() != null) {
            try {
                accountRecord = getCachedAccountRecord(build);
            } catch (ClientException e) {
                com.microsoft.identity.common.logging.Logger.warn(TAG + ":acquireTokenSilent", "Catching this exception to make sure we hit the refresh using PRT route. Exception: " + e.getMessage());
                accountRecord = null;
            }
            if (accountRecord != null) {
                List<ICacheRecord> loadWithAggregatedAccountData = brokerOAuth2TokenCache.loadWithAggregatedAccountData(build.getClientId(), TextUtils.join(" ", build.getScopes()), accountRecord, build.getAuthenticationScheme());
                ICacheRecord iCacheRecord = loadWithAggregatedAccountData.get(0);
                if (!accessTokenIsNull(iCacheRecord) && !iCacheRecord.getAccessToken().isExpired() && !idTokenIsNull(iCacheRecord, build.getSdkType()) && isRequestAuthorityRealmSameAsATRealm(silentTokenCommandParameters.getAuthority(), iCacheRecord.getAccessToken()) && validateCachedResult(build.getAuthenticationScheme(), iCacheRecord)) {
                    AcquireTokenResult acquireTokenResult = new AcquireTokenResult();
                    acquireTokenResult.setLocalAuthenticationResult(new LocalAuthenticationResult(finalizeCacheRecordForResult(iCacheRecord, build.getAuthenticationScheme()), loadWithAggregatedAccountData, build.getSdkType(), true));
                    return acquireTokenResult;
                }
            }
        }
        AccountManagerStorageHelper accountManagerStorageHelper = new AccountManagerStorageHelper(build.getAndroidApplicationContext());
        WorkplaceJoinData workplaceJoinData = new WorkplaceJoinDataStore(accountManagerStorageHelper).getWorkplaceJoinData();
        if (workplaceJoinData != null) {
            return acquireTokenWithPRT(build, new JoinedAccountRequestHandler(build.getAndroidApplicationContext(), accountManagerStorageHelper, workplaceJoinData));
        }
        throw new IllegalStateException("WorkplaceJoinData should not be null in joined flow.");
    }

    @Override // com.microsoft.identity.common.internal.controllers.BaseController
    protected boolean canEqual(Object obj) {
        return obj instanceof BrokerJoinedAccountController;
    }

    @Override // com.microsoft.identity.client.AbstractBrokerController, com.microsoft.identity.common.internal.controllers.BaseController
    public void completeAcquireToken(int i, int i2, Intent intent) {
        super.completeAcquireToken(i, i2, intent);
    }

    @Override // com.microsoft.identity.common.internal.controllers.BaseController
    public boolean equals(Object obj) {
        if (obj == this) {
            return true;
        }
        return (obj instanceof BrokerJoinedAccountController) && ((BrokerJoinedAccountController) obj).canEqual(this) && super.equals(obj);
    }

    @Override // com.microsoft.identity.common.internal.controllers.BaseController
    public int hashCode() {
        return super.hashCode();
    }

    /* JADX WARN: Multi-variable type inference failed */
    public /* synthetic */ BrokerInteractiveTokenCommandParameters.BrokerInteractiveTokenCommandParametersBuilder lambda$getJoinedAccountRequestDecorators$0$BrokerJoinedAccountController(BrokerInteractiveTokenCommandParameters brokerInteractiveTokenCommandParameters, AccountManagerStorageHelper accountManagerStorageHelper, BrokerInteractiveTokenCommandParameters.BrokerInteractiveTokenCommandParametersBuilder brokerInteractiveTokenCommandParametersBuilder) {
        return (BrokerInteractiveTokenCommandParameters.BrokerInteractiveTokenCommandParametersBuilder) brokerInteractiveTokenCommandParametersBuilder.loginHint(getUpnOverride(brokerInteractiveTokenCommandParameters, accountManagerStorageHelper));
    }

    /* JADX WARN: Multi-variable type inference failed */
    public /* synthetic */ BrokerInteractiveTokenCommandParameters.BrokerInteractiveTokenCommandParametersBuilder lambda$getJoinedAccountRequestDecorators$1$BrokerJoinedAccountController(BrokerInteractiveTokenCommandParameters brokerInteractiveTokenCommandParameters, BrokerInteractiveTokenCommandParameters.BrokerInteractiveTokenCommandParametersBuilder brokerInteractiveTokenCommandParametersBuilder) {
        return (BrokerInteractiveTokenCommandParameters.BrokerInteractiveTokenCommandParametersBuilder) brokerInteractiveTokenCommandParametersBuilder.scopes(addDefaultScopes(brokerInteractiveTokenCommandParameters));
    }

    @Override // com.microsoft.identity.client.AbstractBrokerController
    protected void validateParameters(TokenCommandParameters tokenCommandParameters) throws ClientException, ArgumentException {
        tokenCommandParameters.validate();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.microsoft.identity.client.AbstractBrokerController
    public void verifyTokenResult(TokenResult tokenResult, Context context) throws ServiceException, ClientException {
        super.verifyTokenResult(tokenResult, context);
        String usernameForBRTResult = getUsernameForBRTResult(tokenResult);
        String homeTenantIdForBRTResult = getHomeTenantIdForBRTResult(tokenResult);
        AccountManagerStorageHelper accountManagerStorageHelper = new AccountManagerStorageHelper(context);
        WorkplaceJoinData workplaceJoinData = new WorkplaceJoinDataStore(accountManagerStorageHelper).getWorkplaceJoinData();
        if (workplaceJoinData != null) {
            throwIfUnexpectedAccountIsReturned(usernameForBRTResult, homeTenantIdForBRTResult, accountManagerStorageHelper, workplaceJoinData);
            throwIfThereIsAlreadyASignedInAccountInSharedDeviceMode(usernameForBRTResult, accountManagerStorageHelper, workplaceJoinData, context);
        } else {
            Logger.error(TAG + ":verifyTokenResult", "Failed to retrieve WorkplaceJoin Data in joined flow.", null);
            throw new ClientException("unknown_error", ErrorStrings.DEVICE_REGISTRATION_MISSING_FROM_CLIENT);
        }
    }
}
