package com.microsoft.identity.client;

import android.accounts.AccountManager;
import android.content.Context;
import android.os.Binder;
import android.os.Bundle;
import com.microsoft.aad.adal.BrokerAccountService$$ExternalSyntheticLambda1;
import com.microsoft.aad.adal.BrokerAccountService$$ExternalSyntheticLambda3;
import com.microsoft.identity.broker.operation.msal.SignOutFromSharedDeviceMsalBrokerOperation;
import com.microsoft.identity.broker4j.broker.BrokerAccountDataManager;
import com.microsoft.identity.broker4j.broker.BrokerUtil;
import com.microsoft.identity.broker4j.broker.platform.components.IAccountDataStorage;
import com.microsoft.identity.broker4j.broker.platform.components.IBrokerPlatformComponents;
import com.microsoft.identity.broker4j.broker.prt.PrtControllerFactory;
import com.microsoft.identity.broker4j.broker.transfertoken.TransferTokenManager;
import com.microsoft.identity.broker4j.workplacejoin.data.RegSource;
import com.microsoft.identity.broker4j.workplacejoin.data.WorkplaceJoinData;
import com.microsoft.identity.broker4j.workplacejoin.tasks.WorkplaceLeaveTask;
import com.microsoft.identity.client.request.MicrosoftAuthServiceRequestDispatcherHelper;
import com.microsoft.identity.common.adal.internal.AuthenticationConstants;
import com.microsoft.identity.common.adal.internal.util.JsonExtensions;
import com.microsoft.identity.common.internal.broker.BrokerData;
import com.microsoft.identity.common.internal.broker.BrokerResult;
import com.microsoft.identity.common.internal.broker.IBrokerValidator;
import com.microsoft.identity.common.internal.broker.ipc.IIpcStrategy;
import com.microsoft.identity.common.internal.ui.webview.WebViewUtil;
import com.microsoft.identity.common.java.AuthenticationConstants;
import com.microsoft.identity.common.java.broker.IBrokerAccount;
import com.microsoft.identity.common.java.exception.ClientException;
import com.microsoft.identity.common.java.exception.ErrorStrings;
import com.microsoft.identity.common.java.interfaces.IPlatformComponents;
import com.microsoft.identity.common.java.opentelemetry.OTelUtility;
import com.microsoft.identity.common.java.opentelemetry.SpanExtension;
import com.microsoft.identity.common.java.opentelemetry.SpanName;
import com.microsoft.identity.common.java.util.BrokerProtocolVersionUtil;
import com.microsoft.identity.common.java.util.StringUtil;
import io.opentelemetry.api.trace.Span;
import io.opentelemetry.api.trace.StatusCode;
import io.opentelemetry.context.Scope;
import java.util.UUID;
import kotlin.LoggerLogLevel;
import kotlin.lambdagenerateSignedHttpRequest8;

/* loaded from: classes2.dex */
public class BrokerUtils {
    private static final String TAG = "BrokerUtils";

    public static Bundle createHelloResultBundle(Bundle bundle, String str) throws ClientException {
        String str2 = TAG + ":createHelloResultBundle";
        String string = bundle.getString(AuthenticationConstants.Broker.CLIENT_ADVERTISED_MAXIMUM_BP_VERSION_KEY);
        String string2 = bundle.getString(AuthenticationConstants.Broker.CLIENT_CONFIGURED_MINIMUM_BP_VERSION_KEY);
        if (StringUtil.isNullOrEmpty(string)) {
            com.microsoft.identity.common.logging.Logger.error(str2, "The request bundle does not contain the app's Broker protocol version", null);
            throw new ClientException("invalid_request", "The request bundle does not contain the app's Broker protocol version");
        }
        com.microsoft.identity.common.logging.Logger.info(str2, "Highest protocol version that the calling app supports: " + string + "\nMinimum protocol version that the calling app requires: " + string2 + "\nHighest protocol version that the Broker supports: " + str);
        if (!BrokerProtocolVersionUtil.isFirstVersionNewerOrEqual(string, string2)) {
            com.microsoft.identity.common.logging.Logger.error(str2, "Highest client protocol version should be >= minimum protocol version", null);
            throw new ClientException("invalid_request", "Highest client protocol version should be >= minimum protocol version");
        }
        boolean isFirstVersionOlderOrEqual = BrokerProtocolVersionUtil.isFirstVersionOlderOrEqual(string, str);
        boolean isNullOrEmpty = StringUtil.isNullOrEmpty(string2);
        boolean z = !StringUtil.isNullOrEmpty(string2) && BrokerProtocolVersionUtil.isFirstVersionOlderOrEqual(string2, str);
        if (isFirstVersionOlderOrEqual) {
            com.microsoft.identity.common.logging.Logger.info(str2, "Connection OK.\nReturns the highest protocol version supported by the client: " + string);
            Bundle bundle2 = new Bundle();
            bundle2.putString(AuthenticationConstants.Broker.NEGOTIATED_BP_VERSION_KEY, string);
            return bundle2;
        }
        if (isNullOrEmpty || z) {
            com.microsoft.identity.common.logging.Logger.info(str2, "Connection OK\nReturns the highest protocol version supported by the broker: " + str);
            Bundle bundle3 = new Bundle();
            bundle3.putString(AuthenticationConstants.Broker.NEGOTIATED_BP_VERSION_KEY, str);
            return bundle3;
        }
        com.microsoft.identity.common.logging.Logger.warn(str2, "Connection DISALLOWED\nBroker only supports protocol version up to: " + str + " but client requires: " + string2);
        Bundle bundle4 = new Bundle();
        bundle4.putString("error", ErrorStrings.UNSUPPORTED_BROKER_VERSION_ERROR_CODE);
        bundle4.putString("error_description", ErrorStrings.UNSUPPORTED_BROKER_VERSION_ERROR_MESSAGE);
        return bundle4;
    }

    public static android.accounts.Account[] getAllWorkAccounts(Context context) {
        return AccountManager.get(context).getAccountsByType(AuthenticationConstants.Broker.BROKER_ACCOUNT_TYPE);
    }

    public static String getCallingPackageName(Context context, int i) {
        String str = TAG + ":getCallingPackageName";
        try {
            String[] packagesForUid = context.getPackageManager().getPackagesForUid(i);
            return packagesForUid != null ? packagesForUid[0] : "";
        } catch (Exception e) {
            com.microsoft.identity.common.logging.Logger.info(str, "Cannot get calling package name for uid " + i + ": " + e.getMessage());
            return "";
        }
    }

    private static LoggerLogLevel<Context, Boolean> getIsAccountManagerBroker() {
        return new BrokerAccountService$$ExternalSyntheticLambda3();
    }

    private static LoggerLogLevel<IBrokerPlatformComponents, Boolean> getIsBrokerDiscoveryEnabled() {
        return new BrokerAccountService$$ExternalSyntheticLambda1();
    }

    public static String getMaxBrokerMsalProtocolVersion(IBrokerPlatformComponents iBrokerPlatformComponents) {
        return "16.0";
    }

    public static RegSource getRegSourceFromPackageName(String str) {
        String str2 = TAG + ":getRegistrationSource";
        if (BrokerData.getProdMicrosoftAuthenticator().getPackageName().equalsIgnoreCase(str)) {
            return RegSource.authenticator_settings;
        }
        if (BrokerData.getProdCompanyPortal().getPackageName().equalsIgnoreCase(str)) {
            return RegSource.cp_signin;
        }
        com.microsoft.identity.common.logging.Logger.warn(str2, "Unable to identify RegSource for package [" + str + "]. Using RegSource unknown");
        return RegSource.unknown;
    }

    public static boolean isValidCallerPackage(Context context, String str, Integer num) {
        String[] packagesForUid = context.getPackageManager().getPackagesForUid(num.intValue());
        if (packagesForUid != null) {
            for (String str2 : packagesForUid) {
                if (str.equalsIgnoreCase(str2)) {
                    return true;
                }
            }
        }
        return false;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static /* synthetic */ Bundle lambda$removeSignedInAccountForSharedDevice$0(MicrosoftAuthServiceOperation microsoftAuthServiceOperation, Bundle bundle, String str, Bundle bundle2, Integer num) {
        return microsoftAuthServiceOperation.signOutFromSharedDevice(bundle, num.intValue());
    }

    public static boolean removeAccountFromBroker(IBrokerAccount iBrokerAccount, IPlatformComponents iPlatformComponents, Context context, String str) {
        IAccountDataStorage brokerAccountDataStorage;
        IBrokerAccount account;
        Span createSpan = OTelUtility.createSpan(SpanName.RemoveBrokerAccount.name());
        try {
            Scope makeCurrentSpan = SpanExtension.makeCurrentSpan(createSpan);
            try {
                IBrokerPlatformComponents iBrokerPlatformComponents = (IBrokerPlatformComponents) iPlatformComponents;
                boolean removeSignedInAccountForSharedDevice = (BrokerAccountDataManager.CUSTOM_ACCOUNT_HOSTING_UNREGISTERED_DEVICE_STK_NAME.equals(iBrokerAccount.getINotificationSideChannelDefault()) || !iBrokerPlatformComponents.getWpjController().isDeviceRegisteredAsShared()) ? false : removeSignedInAccountForSharedDevice(iBrokerPlatformComponents, createSpan, context, str);
                unregisterDeviceIfWpjAccount(iBrokerPlatformComponents, iBrokerAccount, str);
                try {
                    WebViewUtil.removeCookiesFromWebView(context);
                    BrokerUtil.removeAccountFromTokenCache(iBrokerPlatformComponents, iBrokerAccount);
                    brokerAccountDataStorage = iBrokerPlatformComponents.getBrokerAccountDataStorage();
                    account = brokerAccountDataStorage.getAccount(iBrokerAccount.getINotificationSideChannelDefault(), iBrokerAccount.getINotificationSideChannel());
                } catch (ClientException e) {
                    createSpan.recordException(e);
                    createSpan.setStatus(StatusCode.ERROR);
                    com.microsoft.identity.common.logging.Logger.error(str, "Error while removing account.", e);
                }
                if (account != null) {
                    if (BrokerUtil.isEligibleForTransferTokenFlows(iBrokerPlatformComponents, new BrokerAccountDataManager(brokerAccountDataStorage).isMsaAccount(iBrokerAccount))) {
                        com.microsoft.identity.common.logging.Logger.verbose(str, "Delete transfer token for the account");
                        new TransferTokenManager(iBrokerPlatformComponents, PrtControllerFactory.createPrtController(iBrokerPlatformComponents)).deleteTransferToken(iBrokerAccount);
                    }
                    boolean deleteAccount = iBrokerPlatformComponents.getBrokerAccountDataStorage().deleteAccount(account);
                    createSpan.setStatus(deleteAccount ? StatusCode.OK : StatusCode.ERROR);
                    if (makeCurrentSpan != null) {
                        makeCurrentSpan.close();
                    }
                    return deleteAccount;
                }
                if (removeSignedInAccountForSharedDevice) {
                    createSpan.setStatus(StatusCode.OK);
                    if (makeCurrentSpan != null) {
                        makeCurrentSpan.close();
                    }
                    createSpan.end();
                    return true;
                }
                com.microsoft.identity.common.logging.Logger.warn(str, "Account not found to delete.");
                createSpan.setStatus(StatusCode.ERROR, "Account not found to delete.");
                if (makeCurrentSpan != null) {
                    makeCurrentSpan.close();
                }
                return false;
            } catch (Throwable th) {
                if (makeCurrentSpan != null) {
                    try {
                        makeCurrentSpan.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                }
                throw th;
            }
        } catch (Exception e2) {
            createSpan.recordException(e2);
            createSpan.setStatus(StatusCode.ERROR);
            com.microsoft.identity.common.logging.Logger.error(str, "Error while removing account.", e2);
            return false;
        } finally {
            createSpan.end();
        }
    }

    private static boolean removeSignedInAccountForSharedDevice(IBrokerPlatformComponents iBrokerPlatformComponents, Span span, Context context, String str) {
        MicrosoftAuthServiceRequestDispatcherHelper microsoftAuthServiceRequestDispatcherHelper = new MicrosoftAuthServiceRequestDispatcherHelper(context, iBrokerPlatformComponents, getIsAccountManagerBroker(), getIsBrokerDiscoveryEnabled());
        final Bundle bundle = new Bundle();
        final MicrosoftAuthServiceOperation microsoftAuthServiceOperation = new MicrosoftAuthServiceOperation(context, IIpcStrategy.Type.ACCOUNT_MANAGER_ADD_ACCOUNT, iBrokerPlatformComponents);
        if (microsoftAuthServiceRequestDispatcherHelper.execute(SignOutFromSharedDeviceMsalBrokerOperation.NAME, bundle, Binder.getCallingUid(), new lambdagenerateSignedHttpRequest8() { // from class: com.microsoft.identity.client.BrokerUtils$$ExternalSyntheticLambda0
            @Override // kotlin.lambdagenerateSignedHttpRequest8
            public final Object invoke(Object obj, Object obj2, Object obj3) {
                Bundle lambda$removeSignedInAccountForSharedDevice$0;
                lambda$removeSignedInAccountForSharedDevice$0 = BrokerUtils.lambda$removeSignedInAccountForSharedDevice$0(MicrosoftAuthServiceOperation.this, bundle, (String) obj, (Bundle) obj2, (Integer) obj3);
                return lambda$removeSignedInAccountForSharedDevice$0;
            }
        }) == null) {
            span.setStatus(StatusCode.ERROR, "Failed to remove account in SDM, resultBundle is null");
            return false;
        }
        String string = bundle.getString(AuthenticationConstants.Broker.BROKER_RESULT_V2);
        if (StringUtil.isNullOrEmpty(string)) {
            span.setStatus(StatusCode.ERROR, "Failed to remove account in SDM, resultString is null");
            return false;
        }
        BrokerResult brokerResultFromJsonString = JsonExtensions.getBrokerResultFromJsonString(string);
        if (brokerResultFromJsonString != null && brokerResultFromJsonString.isSuccess()) {
            span.setStatus(StatusCode.OK);
            return true;
        }
        com.microsoft.identity.common.logging.Logger.warn(str, "Failed to remove account.");
        span.setStatus(StatusCode.ERROR, "Failed to remove account in SDM");
        return false;
    }

    public static void throwIfNotInvokedByBroker(String str, IAppUidToPackageNameConverter iAppUidToPackageNameConverter, IBrokerValidator iBrokerValidator, int i) throws ClientException {
        String packageName = iAppUidToPackageNameConverter.getPackageName(i);
        if (StringUtil.isNullOrEmpty(packageName)) {
            com.microsoft.identity.common.logging.Logger.error(str, "Cannot verify the caller package name.", null);
            throw new ClientException("unauthorized_client", ErrorStrings.BROKER_APP_VERIFICATION_FAILED);
        }
        if (iBrokerValidator.isValidBrokerPackage(packageName)) {
            return;
        }
        com.microsoft.identity.common.logging.Logger.error(str, "This operation can only be invoked by broker apps, but was invoked by " + packageName + ".", null);
        throw new ClientException("unauthorized_client", ErrorStrings.BROKER_APP_VERIFICATION_FAILED);
    }

    private static void unregisterDeviceIfWpjAccount(IBrokerPlatformComponents iBrokerPlatformComponents, IBrokerAccount iBrokerAccount, String str) throws ClientException {
        WorkplaceJoinData workplaceJoinDataForAccountName = iBrokerPlatformComponents.getWpjController().getWorkplaceJoinDataForAccountName(iBrokerAccount.getINotificationSideChannelDefault());
        if (workplaceJoinDataForAccountName == null) {
            com.microsoft.identity.common.logging.Logger.info(str, "Account is not workplace joined.");
            return;
        }
        com.microsoft.identity.common.logging.Logger.info(str, "WPJ Device unregistered from DRS : " + WorkplaceLeaveTask.execute(iBrokerPlatformComponents, UUID.randomUUID(), workplaceJoinDataForAccountName));
    }

    public static void validateRequiredBrokerProtocolVersion(IBrokerPlatformComponents iBrokerPlatformComponents, Bundle bundle) throws ClientException {
        String str = TAG + ":validateRequiredBrokerProtocolVersion";
        if (bundle == null) {
            com.microsoft.identity.common.logging.Logger.info(str, "Request bundle is not provided.");
            return;
        }
        String maxBrokerMsalProtocolVersion = getMaxBrokerMsalProtocolVersion(iBrokerPlatformComponents);
        String string = bundle.getString(AuthenticationConstants.Broker.CLIENT_CONFIGURED_MINIMUM_BP_VERSION_KEY);
        com.microsoft.identity.common.logging.Logger.info(str, "Minimum protocol version that the calling app requires: " + string + "\nHighest protocol version that the Broker supports: " + maxBrokerMsalProtocolVersion);
        if (!StringUtil.isNullOrEmpty(string) && !BrokerProtocolVersionUtil.isFirstVersionOlderOrEqual(string, maxBrokerMsalProtocolVersion)) {
            throw new ClientException(ErrorStrings.UNSUPPORTED_BROKER_VERSION_ERROR_CODE, "Minimum required broker protocol version should be <= maximum broker protocol version");
        }
    }
}
