package com.acompli.accore.util;

import android.app.Activity;
import android.content.Context;
import android.os.SystemClock;
import android.text.TextUtils;
import bolts.Continuation;
import bolts.Task;
import com.acompli.accore.ACClient;
import com.acompli.accore.ACCore;
import com.acompli.accore.model.ACMailAccount;
import com.acompli.accore.network.MailboxLocator;
import com.acompli.accore.util.concurrent.OutlookExecutors;
import com.acompli.libcircle.log.Logger;
import com.acompli.libcircle.log.LoggerFactory;
import com.acompli.libcircle.log.Loggers;
import com.acompli.libcircle.metrics.EventLogger;
import com.acompli.thrift.client.generated.AuthType;
import com.acompli.thrift.client.generated.TokenType;
import com.adjust.sdk.Constants;
import com.microsoft.aad.adal.ADALError;
import com.microsoft.aad.adal.AuthenticationCallback;
import com.microsoft.aad.adal.AuthenticationConstants;
import com.microsoft.aad.adal.AuthenticationContext;
import com.microsoft.aad.adal.AuthenticationException;
import com.microsoft.aad.adal.AuthenticationResult;
import com.microsoft.aad.adal.AuthenticationSettings;
import com.microsoft.aad.adal.PromptBehavior;
import java.io.UnsupportedEncodingException;
import java.security.NoSuchAlgorithmException;
import java.security.spec.InvalidKeySpecException;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;

/* loaded from: classes.dex */
public class ADALUtil {
    private static final Logger a = LoggerFactory.a("ADALUtil");
    private static byte[] b;

    /* loaded from: classes.dex */
    public interface TokenRefreshedCallback {
        void a(String str, long j, String str2);

        void a(String str, Exception exc);
    }

    public static AuthenticationContext a(Activity activity, String str, AuthenticationCallback<AuthenticationResult> authenticationCallback) {
        return a("https://login.windows.net/common/oauth2/token", activity, str, authenticationCallback);
    }

    public static AuthenticationContext a(Context context) {
        return a("https://login.windows.net/common/oauth2/token", context);
    }

    public static AuthenticationContext a(String str, Activity activity, String str2, AuthenticationCallback<AuthenticationResult> authenticationCallback) {
        return a(str, "https://api.acompli.com/exchange", activity, str2, authenticationCallback);
    }

    public static AuthenticationContext a(String str, Context context) {
        AuthenticationSettings.INSTANCE.setUseBroker(true);
        a();
        return new AuthenticationContext(context, str, true);
    }

    public static AuthenticationContext a(String str, String str2, Activity activity, String str3, AuthenticationCallback<AuthenticationResult> authenticationCallback) {
        AuthenticationContext authenticationContext = null;
        try {
            authenticationContext = a(str, activity.getApplicationContext());
            a.e("Redirect URI: " + authenticationContext.getRedirectUriForBroker());
            authenticationContext.acquireToken(activity, str2, "27922004-5251-4030-b22d-91ecd9a37ea4", "msauth://com.microsoft.office.outlook/fcg80qvoM1YMKJZibjBwQcDfOno%3D", str3 != null ? str3 : "", PromptBehavior.Always, "nux=1&msafed=0", authenticationCallback);
        } catch (Exception e) {
            a.b("Exception in ADAL", e);
        }
        return authenticationContext;
    }

    public static String a(Context context, ACMailAccount aCMailAccount, TokenType tokenType) {
        Loggers.a().c();
        try {
            return a(a(aCMailAccount), context).acquireTokenSilentSync(tokenType == TokenType.DirectAccessToken ? "https://outlook.office365.com/" : "https://api.acompli.com/exchange", "27922004-5251-4030-b22d-91ecd9a37ea4", aCMailAccount.S()).getAccessToken();
        } catch (AuthenticationException | InterruptedException e) {
            return null;
        }
    }

    private static String a(ACMailAccount aCMailAccount) {
        return (aCMailAccount != null && TextUtils.equals(aCMailAccount.f(), "https://login.windows-ppe.net/common/oauth2/token")) ? "https://login.windows-ppe.net/common/oauth2/token" : "https://login.windows.net/common/oauth2/token";
    }

    public static synchronized void a() {
        Throwable th;
        synchronized (ADALUtil.class) {
            if (b == null) {
                try {
                    b = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1").generateSecret(new PBEKeySpec("shpadoinkle".toCharArray(), "salty".getBytes(Constants.ENCODING), 100, 256)).getEncoded();
                    if (b == null) {
                        Loggers.a().c().b("Null bytes returned for setting ADAL secret");
                    }
                    AuthenticationSettings.INSTANCE.setSecretKey(b);
                } catch (UnsupportedEncodingException e) {
                    th = e;
                    Loggers.a().c().b("Failed to set ADAL secret", th);
                } catch (NoSuchAlgorithmException e2) {
                    th = e2;
                    Loggers.a().c().b("Failed to set ADAL secret", th);
                } catch (InvalidKeySpecException e3) {
                    th = e3;
                    Loggers.a().c().b("Failed to set ADAL secret", th);
                }
            }
        }
    }

    public static void a(Activity activity, Context context, ACMailAccount aCMailAccount, EventLogger eventLogger) {
        a(activity, context, aCMailAccount, eventLogger, "https://api.acompli.com/exchange");
    }

    public static void a(Activity activity, Context context, final ACMailAccount aCMailAccount, final EventLogger eventLogger, final String str) {
        a.a("Refreshing token");
        final LifecycleTracker a2 = LifecycleTracker.a(activity);
        final Logger c = Loggers.a().c();
        try {
            if (!TextUtils.isEmpty(aCMailAccount.S())) {
                final AuthenticationContext a3 = a(a(aCMailAccount), context);
                a3.acquireTokenSilentAsync(str, "27922004-5251-4030-b22d-91ecd9a37ea4", aCMailAccount.S(), new AuthenticationCallback<AuthenticationResult>() { // from class: com.acompli.accore.util.ADALUtil.4
                    boolean a = true;

                    @Override // com.microsoft.aad.adal.AuthenticationCallback
                    /* renamed from: a, reason: merged with bridge method [inline-methods] */
                    public void onSuccess(AuthenticationResult authenticationResult) {
                        if (authenticationResult != null && authenticationResult.getAccessToken() != null && !authenticationResult.getAccessToken().isEmpty()) {
                            Logger.this.e("Received updated ADAL token.");
                            ADALUtil.a(aCMailAccount, authenticationResult);
                            return;
                        }
                        ADALUtil.a.a("Token is empty, potentially an invalid_grant");
                        if (authenticationResult == null || authenticationResult.getErrorCode() == null || !authenticationResult.getErrorCode().equals("invalid_grant")) {
                            return;
                        }
                        Logger.this.c("Received invalid_grant from ADAL");
                        if (this.a && a2.c()) {
                            this.a = false;
                            a3.acquireToken(a2.a(), str, "27922004-5251-4030-b22d-91ecd9a37ea4", "msauth://com.microsoft.office.outlook/fcg80qvoM1YMKJZibjBwQcDfOno%3D", aCMailAccount.B(), PromptBehavior.Always, "nux=1&msafed=0", this);
                            ADALUtil.b(eventLogger, "invalid_grant");
                        } else if (a2.a() == null) {
                            eventLogger.a("adal_refresh_error").a(AuthenticationConstants.OAuth2.ERROR, "interactive_login_no_activity").a();
                            Logger.this.c("\tCan't retry interactive login - no activity");
                        } else {
                            if (this.a) {
                                return;
                            }
                            eventLogger.a("adal_refresh_error").a(AuthenticationConstants.OAuth2.ERROR, "wont_retry_with_activity").a();
                            Logger.this.c("\tWon't retry interactive login - retryWithActivity==false");
                        }
                    }

                    @Override // com.microsoft.aad.adal.AuthenticationCallback
                    public void onError(Exception exc) {
                        ADALError code;
                        Logger.this.b("Failed to refresh ADAL token", exc);
                        if ((exc instanceof AuthenticationException) && (code = ((AuthenticationException) exc).getCode()) != ADALError.AUTH_REFRESH_FAILED_PROMPT_NOT_ALLOWED) {
                            Logger.this.b("Not promoting to interactive login: " + code.getDescription());
                        } else if (this.a && a2.c()) {
                            this.a = false;
                            a3.acquireToken(a2.a(), str, "27922004-5251-4030-b22d-91ecd9a37ea4", "msauth://com.microsoft.office.outlook/fcg80qvoM1YMKJZibjBwQcDfOno%3D", aCMailAccount.B(), PromptBehavior.Auto, "nux=1&msafed=0", this);
                            ADALUtil.b(eventLogger, exc.getClass().getSimpleName());
                        }
                    }
                });
            } else {
                if (!a2.c()) {
                    eventLogger.a("adal_refresh_error").a(AuthenticationConstants.OAuth2.ERROR, "no refresh token and no activity").a();
                    return;
                }
                String f = aCMailAccount.f() != null ? aCMailAccount.f() : "https://login.windows.net/common/oauth2/token";
                c.c("Null refresh token, forcing an interactive login");
                AuthenticationContext a4 = a(f, a2.a().getApplicationContext());
                b(eventLogger, "empty_userID");
                a4.acquireToken(a2.a(), str, "27922004-5251-4030-b22d-91ecd9a37ea4", "msauth://com.microsoft.office.outlook/fcg80qvoM1YMKJZibjBwQcDfOno%3D", aCMailAccount.B(), PromptBehavior.Auto, "nux=1&msafed=0", new AuthenticationCallback<AuthenticationResult>() { // from class: com.acompli.accore.util.ADALUtil.5
                    @Override // com.microsoft.aad.adal.AuthenticationCallback
                    /* renamed from: a, reason: merged with bridge method [inline-methods] */
                    public void onSuccess(AuthenticationResult authenticationResult) {
                        if (authenticationResult != null && authenticationResult.getAccessToken() != null && !authenticationResult.getAccessToken().isEmpty()) {
                            Logger.this.e("Received updated ADAL token.");
                            ADALUtil.a(aCMailAccount, authenticationResult);
                            return;
                        }
                        ADALUtil.a.a("Token is empty");
                        if (authenticationResult == null || authenticationResult.getErrorCode() == null || !authenticationResult.getErrorCode().equals("invalid_grant")) {
                            return;
                        }
                        Logger.this.c("Received invalid_grant from ADAL on an interactive login?");
                    }

                    @Override // com.microsoft.aad.adal.AuthenticationCallback
                    public void onError(Exception exc) {
                        ADALUtil.a.b("Failed to refresh token", exc);
                    }
                });
            }
        } catch (Exception e) {
            a.b("ADAL Exception", e);
        }
    }

    public static void a(Activity activity, Context context, ACMailAccount aCMailAccount, final String str, EventLogger eventLogger, final TokenRefreshedCallback tokenRefreshedCallback) {
        try {
            AuthenticationContext a2 = a(a(aCMailAccount), context);
            AuthenticationCallback<AuthenticationResult> authenticationCallback = new AuthenticationCallback<AuthenticationResult>() { // from class: com.acompli.accore.util.ADALUtil.3
                @Override // com.microsoft.aad.adal.AuthenticationCallback
                /* renamed from: a, reason: merged with bridge method [inline-methods] */
                public void onSuccess(AuthenticationResult authenticationResult) {
                    TokenRefreshedCallback.this.a(authenticationResult.getAccessToken(), authenticationResult.getExpiresOn() != null ? authenticationResult.getExpiresOn().getTime() : 0L, str);
                }

                @Override // com.microsoft.aad.adal.AuthenticationCallback
                public void onError(Exception exc) {
                    TokenRefreshedCallback.this.a(str, exc);
                }
            };
            if (activity == null) {
                a2.acquireTokenSilentAsync(str, "27922004-5251-4030-b22d-91ecd9a37ea4", aCMailAccount.S(), authenticationCallback);
            } else {
                a2.acquireToken(activity, str, "27922004-5251-4030-b22d-91ecd9a37ea4", "msauth://com.microsoft.office.outlook/fcg80qvoM1YMKJZibjBwQcDfOno%3D", aCMailAccount.B(), PromptBehavior.Auto, "nux=1&msafed=0", authenticationCallback);
            }
        } catch (Exception e) {
            tokenRefreshedCallback.a(str, e);
        }
    }

    public static void a(Activity activity, final ACCore aCCore, final ACMailAccount aCMailAccount, final TokenType tokenType, final EventLogger eventLogger) {
        final LifecycleTracker a2 = activity != null ? LifecycleTracker.a(activity) : null;
        final Logger c = Loggers.a().c();
        String str = tokenType == TokenType.DirectAccessToken ? "https://outlook.office365.com/" : "https://api.acompli.com/exchange";
        final long elapsedRealtime = SystemClock.elapsedRealtime();
        String lowerCase = aCMailAccount.B().toLowerCase();
        final boolean z = lowerCase.endsWith("@microsoft.com") || lowerCase.endsWith(".microsoft.com");
        final TokenRefreshedCallback tokenRefreshedCallback = new TokenRefreshedCallback() { // from class: com.acompli.accore.util.ADALUtil.1
            @Override // com.acompli.accore.util.ADALUtil.TokenRefreshedCallback
            public void a(String str2, long j, String str3) {
                boolean z2;
                if (TextUtils.isEmpty(str2)) {
                    Logger.this.d("Received empty token on refresh of " + str3 + " for account " + aCMailAccount.b());
                    return;
                }
                long elapsedRealtime2 = SystemClock.elapsedRealtime() - elapsedRealtime;
                Logger.this.e("Successfully refreshed direct access token for account " + aCMailAccount.b());
                ACClient.a(aCCore, aCMailAccount.b(), str2, tokenType);
                if (tokenType == TokenType.DirectAccessToken) {
                    z2 = !TextUtils.equals(str2, aCMailAccount.U());
                    aCMailAccount.n(str2);
                    if (j != 0) {
                        aCMailAccount.e(j);
                    }
                } else {
                    z2 = !TextUtils.equals(str2, aCMailAccount.R());
                    aCMailAccount.l(str2);
                    if (j != 0) {
                        aCMailAccount.d(j);
                    }
                }
                if (z2) {
                    eventLogger.a("token_refresh_timing").a(AuthenticationConstants.AAD.RESOURCE, str3).a("account_type", "AAD").a("latency", elapsedRealtime2).a("latency_bracket", StringUtil.b(elapsedRealtime2)).a("is_microsoft", z).a();
                }
                aCCore.m().a(aCMailAccount);
                if (tokenType == TokenType.DirectAccessToken && aCMailAccount.j() == AuthType.Office365RestDirect.value) {
                    new MailboxLocator(aCCore, aCMailAccount.B(), str2, AuthType.Office365RestDirect, false).a(eventLogger).a((Continuation<MailboxLocator.MailboxLocatorResult, TContinuationResult>) new Continuation<MailboxLocator.MailboxLocatorResult, Void>() { // from class: com.acompli.accore.util.ADALUtil.1.1
                        @Override // bolts.Continuation
                        /* renamed from: b, reason: merged with bridge method [inline-methods] */
                        public Void a(Task<MailboxLocator.MailboxLocatorResult> task) throws Exception {
                            MailboxLocator.MailboxLocatorResult e;
                            if (task.b() && ((e = task.e()) != null || e.b)) {
                                aCMailAccount.i(e.c);
                                aCMailAccount.j(e.d);
                                aCCore.m().a(aCMailAccount);
                            }
                            return null;
                        }
                    }, OutlookExecutors.d);
                }
            }

            @Override // com.acompli.accore.util.ADALUtil.TokenRefreshedCallback
            public void a(String str2, Exception exc) {
                Logger.this.b("Failed token refresh of " + str2 + " for account " + aCMailAccount.b(), exc);
            }
        };
        a(null, aCCore.d(), aCMailAccount, str, eventLogger, new TokenRefreshedCallback() { // from class: com.acompli.accore.util.ADALUtil.2
            @Override // com.acompli.accore.util.ADALUtil.TokenRefreshedCallback
            public void a(String str2, long j, String str3) {
                TokenRefreshedCallback.this.a(str2, j, str3);
            }

            @Override // com.acompli.accore.util.ADALUtil.TokenRefreshedCallback
            public void a(String str2, Exception exc) {
                if (a2 == null || !a2.c()) {
                    TokenRefreshedCallback.this.a(str2, exc);
                } else {
                    c.d("Failed to silently refresh token for resource " + str2 + " falling back to interactive?");
                    ADALUtil.a(a2.a(), aCCore.d(), aCMailAccount, str2, eventLogger, TokenRefreshedCallback.this);
                }
            }
        });
    }

    public static void a(ACMailAccount aCMailAccount, AuthenticationResult authenticationResult) {
        Loggers.a().c();
        ACCore a2 = ACCore.a();
        ACClient.a(aCMailAccount.b(), authenticationResult.getAccessToken());
        if (authenticationResult.getUserInfo() != null) {
            String userId = authenticationResult.getUserInfo().getUserId();
            String displayableId = authenticationResult.getUserInfo().getDisplayableId();
            if (!TextUtils.isEmpty(userId)) {
                aCMailAccount.m(userId);
            }
            if (!TextUtils.isEmpty(displayableId) && !TextUtils.equals(displayableId, aCMailAccount.B())) {
                aCMailAccount.f(displayableId);
            }
        }
        aCMailAccount.k(authenticationResult.getRefreshToken());
        if (!TextUtils.isEmpty(authenticationResult.getAccessToken())) {
            aCMailAccount.l(authenticationResult.getAccessToken());
        }
        if (authenticationResult.getExpiresOn() != null) {
            aCMailAccount.d(authenticationResult.getExpiresOn().getTime());
        }
        a2.m().a(aCMailAccount);
        a2.z().c(aCMailAccount);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static void b(EventLogger eventLogger, String str) {
        eventLogger.a("adal_interactive_login_required").a("cause", str).a();
    }
}
