package com.microsoft.aad.adal;

import android.accounts.Account;
import android.accounts.AccountAuthenticatorResponse;
import android.accounts.AccountManager;
import android.content.Context;
import android.content.Intent;
import android.content.IntentFilter;
import android.os.AsyncTask;
import android.os.Build;
import android.os.Bundle;
import android.security.KeyChain;
import android.security.KeyChainAliasCallback;
import android.security.KeyChainException;
import android.view.MotionEvent;
import android.view.View;
import android.view.inputmethod.InputMethodManager;
import android.webkit.ClientCertRequest;
import android.webkit.CookieManager;
import android.webkit.CookieSyncManager;
import android.webkit.WebSettings;
import android.webkit.WebView;
import android.widget.ProgressBar;
import androidx.localbroadcastmanager.content.LocalBroadcastManager;
import com.google.gson.Gson;
import com.microsoft.aad.adal.AuthenticationResult;
import com.microsoft.aad.adal.TelemetryUtils;
import com.microsoft.identity.common.adal.internal.JWSBuilder;
import com.microsoft.identity.common.adal.internal.net.IWebRequestHandler;
import com.microsoft.identity.common.adal.internal.net.WebRequestHandler;
import com.microsoft.identity.common.internal.authscheme.TokenAuthenticationScheme;
import com.microsoft.identity.common.internal.ui.DualScreenActivity;
import com.microsoft.intune.mam.client.content.MAMBroadcastReceiver;
import java.io.IOException;
import java.io.Serializable;
import java.io.UnsupportedEncodingException;
import java.net.URLEncoder;
import java.security.GeneralSecurityException;
import java.security.NoSuchAlgorithmException;
import java.security.Principal;
import java.security.PrivateKey;
import java.security.cert.X509Certificate;
import java.util.Locale;
import java.util.UUID;

/* loaded from: classes2.dex */
public class AuthenticationActivity extends DualScreenActivity {
    static final int BACK_PRESSED_CANCEL_DIALOG_STEPS = -2;
    private static final String TAG = "AuthenticationActivity";
    private AuthenticationRequest mAuthRequest;
    private String mCallingPackage;
    private int mCallingUID;
    private String mRedirectUrl;
    private ProgressBar mSpinner;
    private String mStartUrl;
    private com.microsoft.identity.common.adal.internal.cache.StorageHelper mStorageHelper;
    private int mWaitingRequestId;
    private WebView mWebView;
    private boolean mRegisterReceiver = false;
    private ActivityBroadcastReceiver mReceiver = null;
    private AccountAuthenticatorResponse mAccountAuthenticatorResponse = null;
    private Bundle mAuthenticatorResultBundle = null;
    private final IWebRequestHandler mWebRequestHandler = new WebRequestHandler();
    private final JWSBuilder mJWSBuilder = new JWSBuilder();
    private boolean mPkeyAuthRedirect = false;
    private UIEvent mUIEvent = null;

    /* loaded from: classes2.dex */
    private class ActivityBroadcastReceiver extends MAMBroadcastReceiver {
        private int mWaitingRequestId;

        private ActivityBroadcastReceiver() {
            this.mWaitingRequestId = -1;
        }

        @Override // com.microsoft.intune.mam.client.content.HookedBroadcastReceiver
        public void onMAMReceive(Context context, Intent intent) {
            com.microsoft.identity.common.internal.logging.Logger.verbose("AuthenticationActivity:onReceive", "ActivityBroadcastReceiver onReceive");
            if (intent.getAction() == null || !intent.getAction().equalsIgnoreCase("com.microsoft.aad.adal:BrowserCancel")) {
                return;
            }
            com.microsoft.identity.common.internal.logging.Logger.verbose("AuthenticationActivity:onReceive", "ActivityBroadcastReceiver onReceive action is for cancelling Authentication Activity");
            if (intent.getIntExtra("com.microsoft.aad.adal:RequestId", 0) == this.mWaitingRequestId) {
                com.microsoft.identity.common.internal.logging.Logger.verbose("AuthenticationActivity:onReceive", "Waiting requestId is same and cancelling this activity");
                AuthenticationActivity.this.finish();
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes2.dex */
    public class CustomWebViewClient extends BasicWebViewClient {
        CustomWebViewClient() {
            super(AuthenticationActivity.this, AuthenticationActivity.this.mRedirectUrl, AuthenticationActivity.this.mAuthRequest, AuthenticationActivity.this.mUIEvent);
        }

        @Override // com.microsoft.aad.adal.BasicWebViewClient
        public void cancelWebViewRequest(Intent intent) {
            AuthenticationActivity.this.cancelRequest(intent);
        }

        @Override // android.webkit.WebViewClient
        public void onReceivedClientCertRequest(WebView webView, final ClientCertRequest clientCertRequest) {
            com.microsoft.identity.common.internal.logging.Logger.verbose("AuthenticationActivity:onReceivedClientCertRequest", "Webview receives client TLS request.");
            Principal[] principals = clientCertRequest.getPrincipals();
            if (principals != null) {
                for (Principal principal : principals) {
                    if (principal.getName().contains("CN=MS-Organization-Access")) {
                        com.microsoft.identity.common.internal.logging.Logger.verbose("AuthenticationActivity:onReceivedClientCertRequest", "Cancelling the TLS request, not respond to TLS challenge triggered by device authentication.");
                        clientCertRequest.cancel();
                        return;
                    }
                }
            }
            KeyChain.choosePrivateKeyAlias(AuthenticationActivity.this, new KeyChainAliasCallback() { // from class: com.microsoft.aad.adal.AuthenticationActivity.CustomWebViewClient.1
                @Override // android.security.KeyChainAliasCallback
                public void alias(String str) {
                    if (str == null) {
                        com.microsoft.identity.common.internal.logging.Logger.verbose("AuthenticationActivity:onReceivedClientCertRequest", "No certificate chosen by user, cancelling the TLS request.");
                        clientCertRequest.cancel();
                        return;
                    }
                    try {
                        X509Certificate[] certificateChain = KeyChain.getCertificateChain(AuthenticationActivity.this.getApplicationContext(), str);
                        PrivateKey privateKey = KeyChain.getPrivateKey(CustomWebViewClient.this.getCallingContext(), str);
                        com.microsoft.identity.common.internal.logging.Logger.verbose("AuthenticationActivity:onReceivedClientCertRequest", "Certificate is chosen by user, proceed with TLS request.");
                        clientCertRequest.proceed(privateKey, certificateChain);
                    } catch (KeyChainException e) {
                        com.microsoft.identity.common.internal.logging.Logger.error("AuthenticationActivity:onReceivedClientCertRequest", "Keychain exception", null);
                        com.microsoft.identity.common.internal.logging.Logger.errorPII("AuthenticationActivity:onReceivedClientCertRequest", "Exception details:", e);
                        clientCertRequest.cancel();
                    } catch (InterruptedException e2) {
                        com.microsoft.identity.common.internal.logging.Logger.error("AuthenticationActivity:onReceivedClientCertRequest", "InterruptedException exception", e2);
                        clientCertRequest.cancel();
                    }
                }
            }, clientCertRequest.getKeyTypes(), clientCertRequest.getPrincipals(), clientCertRequest.getHost(), clientCertRequest.getPort(), null);
        }

        @Override // com.microsoft.aad.adal.BasicWebViewClient
        public void postRunnable(Runnable runnable) {
            AuthenticationActivity.this.mWebView.post(runnable);
        }

        @Override // com.microsoft.aad.adal.BasicWebViewClient
        public void prepareForBrokerResumeRequest() {
            AuthenticationActivity.this.prepareForBrokerResume();
        }

        @Override // com.microsoft.aad.adal.BasicWebViewClient
        public boolean processInvalidUrl(WebView webView, String str) {
            AuthenticationActivity authenticationActivity = AuthenticationActivity.this;
            if (authenticationActivity.isBrokerRequest(authenticationActivity.getIntent()) && str.startsWith("msauth")) {
                com.microsoft.identity.common.internal.logging.Logger.error("AuthenticationActivity:processInvalidUrl", "The RedirectUri is not as expected.", null);
                com.microsoft.identity.common.internal.logging.Logger.errorPII("AuthenticationActivity:processInvalidUrl", String.format("Received %s and expected %s", str, AuthenticationActivity.this.mRedirectUrl), null);
                AuthenticationActivity.this.returnError(ADALError.DEVELOPER_REDIRECTURI_INVALID, String.format("The RedirectUri is not as expected. Received %s and expected %s", str, AuthenticationActivity.this.mRedirectUrl));
                webView.stopLoading();
                return true;
            }
            if (str.toLowerCase(Locale.US).equals("about:blank")) {
                com.microsoft.identity.common.internal.logging.Logger.verbose("AuthenticationActivity:processInvalidUrl", "It is an blank page request");
                return true;
            }
            if (str.toLowerCase(Locale.US).startsWith("https://")) {
                return false;
            }
            com.microsoft.identity.common.internal.logging.Logger.error("AuthenticationActivity:processInvalidUrl", "The webview was redirected to an unsafe URL.", null);
            AuthenticationActivity.this.returnError(ADALError.WEBVIEW_REDIRECTURL_NOT_SSL_PROTECTED, "The webview was redirected to an unsafe URL.");
            webView.stopLoading();
            return true;
        }

        @Override // com.microsoft.aad.adal.BasicWebViewClient
        public void processRedirectUrl(WebView webView, String str) {
            AuthenticationActivity authenticationActivity = AuthenticationActivity.this;
            if (authenticationActivity.isBrokerRequest(authenticationActivity.getIntent())) {
                com.microsoft.identity.common.internal.logging.Logger.info("AuthenticationActivity:processRedirectUrl", "It is a broker request");
                AuthenticationActivity.this.displaySpinner(true);
                webView.stopLoading();
                AuthenticationActivity authenticationActivity2 = AuthenticationActivity.this;
                new TokenTask(authenticationActivity2.mWebRequestHandler, AuthenticationActivity.this.mAuthRequest, AuthenticationActivity.this.mCallingPackage, AuthenticationActivity.this.mCallingUID).execute(str);
                return;
            }
            com.microsoft.identity.common.internal.logging.Logger.info("AuthenticationActivity:processRedirectUrl", "It is not a broker request");
            Intent intent = new Intent();
            intent.putExtra("com.microsoft.aad.adal:BrowserFinalUrl", str);
            intent.putExtra("com.microsoft.aad.adal:BrowserRequestInfo", AuthenticationActivity.this.mAuthRequest);
            AuthenticationActivity.this.returnToCaller(2003, intent);
            webView.stopLoading();
        }

        @Override // com.microsoft.aad.adal.BasicWebViewClient
        public void sendResponse(int i, Intent intent) {
            AuthenticationActivity.this.returnToCaller(i, intent);
        }

        @Override // com.microsoft.aad.adal.BasicWebViewClient
        public void setPKeyAuthStatus(boolean z) {
            AuthenticationActivity.this.mPkeyAuthRedirect = z;
        }

        @Override // com.microsoft.aad.adal.BasicWebViewClient
        public void showSpinner(boolean z) {
            AuthenticationActivity.this.displaySpinner(z);
        }
    }

    /* loaded from: classes2.dex */
    class TokenTask extends AsyncTask<String, String, TokenTaskResult> {
        private AccountManager mAccountManager;
        private int mAppCallingUID;
        private String mPackageName;
        private AuthenticationRequest mRequest;
        private IWebRequestHandler mRequestHandler;

        public TokenTask() {
        }

        public TokenTask(IWebRequestHandler iWebRequestHandler, AuthenticationRequest authenticationRequest, String str, int i) {
            this.mRequestHandler = iWebRequestHandler;
            this.mRequest = authenticationRequest;
            this.mPackageName = str;
            this.mAppCallingUID = i;
            this.mAccountManager = AccountManager.get(AuthenticationActivity.this);
        }

        private void appendAppUIDToAccount(Account account) throws GeneralSecurityException, IOException {
            String userData = this.mAccountManager.getUserData(account, "account.uid.caches");
            String str = "";
            if (userData != null) {
                try {
                    str = AuthenticationActivity.this.mStorageHelper.decrypt(userData);
                } catch (IOException | GeneralSecurityException e) {
                    com.microsoft.identity.common.internal.logging.Logger.error("AuthenticationActivity:appendAppUIDToAccount", "appUIDList failed to decrypt", null);
                    com.microsoft.identity.common.internal.logging.Logger.errorPII("AuthenticationActivity:appendAppUIDToAccount", "appIdList:" + userData, e);
                    com.microsoft.identity.common.internal.logging.Logger.info("AuthenticationActivity:appendAppUIDToAccount", "Reset the appUIDlist");
                }
            }
            com.microsoft.identity.common.internal.logging.Logger.info("AuthenticationActivity:appendAppUIDToAccount", "Add calling UID.");
            com.microsoft.identity.common.internal.logging.Logger.infoPII("AuthenticationActivity:appendAppUIDToAccount", "App UID: " + this.mAppCallingUID + "appIdList:" + str);
            if (str.contains("calling.uid.key" + this.mAppCallingUID)) {
                return;
            }
            com.microsoft.identity.common.internal.logging.Logger.info("AuthenticationActivity:appendAppUIDToAccount", "Account has new calling UID.");
            com.microsoft.identity.common.internal.logging.Logger.infoPII("AuthenticationActivity:appendAppUIDToAccount", "App UID: " + this.mAppCallingUID);
            this.mAccountManager.setUserData(account, "account.uid.caches", AuthenticationActivity.this.mStorageHelper.encrypt(str + "calling.uid.key" + this.mAppCallingUID));
        }

        private String getBrokerAppCacheKey(String str) throws NoSuchAlgorithmException, UnsupportedEncodingException {
            String createHash = com.microsoft.identity.common.adal.internal.util.StringExtensions.createHash("calling.uid.key" + this.mAppCallingUID + str);
            com.microsoft.identity.common.internal.logging.Logger.verbose(AuthenticationActivity.TAG, "Get broker app cache key.");
            com.microsoft.identity.common.internal.logging.Logger.verbosePII(AuthenticationActivity.TAG, "Key hash is:" + createHash + " calling app UID:" + this.mAppCallingUID + " Key is: " + str);
            return createHash;
        }

        private void saveCacheKey(String str, Account account, int i) {
            com.microsoft.identity.common.internal.logging.Logger.verbose("AuthenticationActivity:saveCacheKey", "Get CacheKeys for account");
            String userData = this.mAccountManager.getUserData(account, "userdata.caller.cachekeys" + i);
            if (userData == null) {
                userData = "";
            }
            if (userData.contains("|" + str)) {
                return;
            }
            com.microsoft.identity.common.internal.logging.Logger.verbose("AuthenticationActivity:saveCacheKey", "Account does not have the cache key. Saving it to account for the caller.");
            com.microsoft.identity.common.internal.logging.Logger.verbosePII("AuthenticationActivity:saveCacheKey", "callerUID: " + i + "The key to be saved is: " + str);
            StringBuilder sb = new StringBuilder();
            sb.append(userData);
            sb.append("|");
            sb.append(str);
            String sb2 = sb.toString();
            this.mAccountManager.setUserData(account, "userdata.caller.cachekeys" + i, sb2);
            com.microsoft.identity.common.internal.logging.Logger.verbose("AuthenticationActivity:saveCacheKey", "Cache key saved into key list for the caller.");
            com.microsoft.identity.common.internal.logging.Logger.verbosePII("AuthenticationActivity:saveCacheKey", "keylist:" + sb2);
        }

        private void setAccount(TokenTaskResult tokenTaskResult) throws GeneralSecurityException, IOException {
            String brokerAccountName = this.mRequest.getBrokerAccountName();
            Account[] accountsByType = this.mAccountManager.getAccountsByType("com.microsoft.workaccount");
            if (accountsByType.length != 1) {
                tokenTaskResult.mTaskResult = null;
                tokenTaskResult.mTaskException = new AuthenticationException(ADALError.BROKER_SINGLE_USER_EXPECTED);
                return;
            }
            Account account = accountsByType[0];
            UserInfo userInfo = tokenTaskResult.mTaskResult.getUserInfo();
            if (userInfo == null || com.microsoft.identity.common.adal.internal.util.StringExtensions.isNullOrBlank(userInfo.getUserId())) {
                com.microsoft.identity.common.internal.logging.Logger.info("AuthenticationActivity:setAccount", "Set userinfo from account");
                tokenTaskResult.mTaskResult.setUserInfo(new UserInfo(brokerAccountName, brokerAccountName, "", "", brokerAccountName));
                this.mRequest.setLoginHint(brokerAccountName);
            } else {
                com.microsoft.identity.common.internal.logging.Logger.info("AuthenticationActivity:setAccount", "Saving userinfo to account");
                this.mAccountManager.setUserData(account, "account.userinfo.userid", userInfo.getUserId());
                this.mAccountManager.setUserData(account, "account.userinfo.given.name", userInfo.getGivenName());
                this.mAccountManager.setUserData(account, "account.userinfo.family.name", userInfo.getFamilyName());
                this.mAccountManager.setUserData(account, "account.userinfo.identity.provider", userInfo.getIdentityProvider());
                this.mAccountManager.setUserData(account, "account.userinfo.userid.displayable", userInfo.getDisplayableId());
            }
            tokenTaskResult.mAccountName = brokerAccountName;
            com.microsoft.identity.common.internal.logging.Logger.info("AuthenticationActivity:setAccount", "Setting account in account manager.");
            com.microsoft.identity.common.internal.logging.Logger.infoPII("AuthenticationActivity:setAccount", "Package: " + this.mPackageName + " calling app UID:" + this.mAppCallingUID + " Account name: " + brokerAccountName);
            Gson gson = new Gson();
            com.microsoft.identity.common.internal.logging.Logger.infoPII("AuthenticationActivity:setAccount", "app context:" + AuthenticationActivity.this.getApplicationContext().getPackageName() + " context:" + AuthenticationActivity.this.getPackageName() + " calling packagename:" + AuthenticationActivity.this.getCallingPackage());
            if (AuthenticationSettings.INSTANCE.getSecretKeyData() == null) {
                com.microsoft.identity.common.internal.logging.Logger.info("AuthenticationActivity:setAccount", "Calling app doesn't provide the secret key.");
            }
            String encrypt = AuthenticationActivity.this.mStorageHelper.encrypt(gson.toJson(TokenCacheItem.createRegularTokenCacheItem(this.mRequest.getAuthority(), this.mRequest.getResource(), this.mRequest.getClientId(), tokenTaskResult.mTaskResult)));
            String createCacheKeyForRTEntry = CacheKey.createCacheKeyForRTEntry(AuthenticationActivity.this.mAuthRequest.getAuthority(), AuthenticationActivity.this.mAuthRequest.getResource(), AuthenticationActivity.this.mAuthRequest.getClientId(), null);
            saveCacheKey(createCacheKeyForRTEntry, account, this.mAppCallingUID);
            this.mAccountManager.setUserData(account, getBrokerAppCacheKey(createCacheKeyForRTEntry), encrypt);
            if (tokenTaskResult.mTaskResult.getIsMultiResourceRefreshToken()) {
                String encrypt2 = AuthenticationActivity.this.mStorageHelper.encrypt(gson.toJson(TokenCacheItem.createMRRTTokenCacheItem(this.mRequest.getAuthority(), this.mRequest.getClientId(), tokenTaskResult.mTaskResult)));
                String createCacheKeyForMRRT = CacheKey.createCacheKeyForMRRT(AuthenticationActivity.this.mAuthRequest.getAuthority(), AuthenticationActivity.this.mAuthRequest.getClientId(), null);
                saveCacheKey(createCacheKeyForMRRT, account, this.mAppCallingUID);
                this.mAccountManager.setUserData(account, getBrokerAppCacheKey(createCacheKeyForMRRT), encrypt2);
            }
            com.microsoft.identity.common.internal.logging.Logger.info("AuthenticationActivity:setAccount", "Set calling uid:" + this.mAppCallingUID);
            appendAppUIDToAccount(account);
        }

        /* JADX INFO: Access modifiers changed from: protected */
        @Override // android.os.AsyncTask
        public TokenTaskResult doInBackground(String... strArr) {
            Oauth2 oauth2 = new Oauth2(this.mRequest, this.mRequestHandler, AuthenticationActivity.this.mJWSBuilder);
            TokenTaskResult tokenTaskResult = new TokenTaskResult();
            try {
                tokenTaskResult.mTaskResult = oauth2.getToken(strArr[0]);
                com.microsoft.identity.common.internal.logging.Logger.verbosePII(AuthenticationActivity.TAG, "Process result returned from TokenTask. " + this.mRequest.getLogInfo());
            } catch (AuthenticationException | IOException e) {
                com.microsoft.identity.common.internal.logging.Logger.error(AuthenticationActivity.TAG, "Error in processing code to get a token.", e);
                com.microsoft.identity.common.internal.logging.Logger.errorPII(AuthenticationActivity.TAG, this.mRequest.getLogInfo(), null);
                tokenTaskResult.mTaskException = e;
            }
            if (tokenTaskResult.mTaskResult != null && tokenTaskResult.mTaskResult.getAccessToken() != null) {
                com.microsoft.identity.common.internal.logging.Logger.verbosePII(AuthenticationActivity.TAG, "Token task successfully returns access token. " + this.mRequest.getLogInfo());
                try {
                    setAccount(tokenTaskResult);
                } catch (IOException | GeneralSecurityException e2) {
                    com.microsoft.identity.common.internal.logging.Logger.error(AuthenticationActivity.TAG, "Error in setting the account.", null);
                    com.microsoft.identity.common.internal.logging.Logger.errorPII(AuthenticationActivity.TAG, this.mRequest.getLogInfo(), e2);
                    tokenTaskResult.mTaskException = e2;
                }
            }
            return tokenTaskResult;
        }

        /* JADX INFO: Access modifiers changed from: protected */
        @Override // android.os.AsyncTask
        public void onPostExecute(TokenTaskResult tokenTaskResult) {
            com.microsoft.identity.common.internal.logging.Logger.verbose(AuthenticationActivity.TAG, "Token task returns the result");
            AuthenticationActivity.this.displaySpinner(false);
            Intent intent = new Intent();
            if (tokenTaskResult.mTaskResult == null) {
                com.microsoft.identity.common.internal.logging.Logger.verbose(AuthenticationActivity.TAG, "Token task has exception");
                AuthenticationActivity.this.returnError(ADALError.AUTHORIZATION_CODE_NOT_EXCHANGED_FOR_TOKEN, tokenTaskResult.mTaskException.getMessage());
                return;
            }
            if (!tokenTaskResult.mTaskResult.getStatus().equals(AuthenticationResult.AuthenticationStatus.Succeeded)) {
                AuthenticationActivity.this.returnError(ADALError.AUTHORIZATION_CODE_NOT_EXCHANGED_FOR_TOKEN, tokenTaskResult.mTaskResult.getErrorDescription());
                return;
            }
            intent.putExtra("com.microsoft.aad.adal:RequestId", AuthenticationActivity.this.mWaitingRequestId);
            intent.putExtra("account.access.token", tokenTaskResult.mTaskResult.getAccessToken());
            intent.putExtra("account.name", tokenTaskResult.mAccountName);
            if (tokenTaskResult.mTaskResult.getExpiresOn() != null) {
                intent.putExtra("account.expiredate", tokenTaskResult.mTaskResult.getExpiresOn().getTime());
            }
            if (tokenTaskResult.mTaskResult.getTenantId() != null) {
                intent.putExtra("account.userinfo.tenantid", tokenTaskResult.mTaskResult.getTenantId());
            }
            UserInfo userInfo = tokenTaskResult.mTaskResult.getUserInfo();
            if (userInfo != null) {
                intent.putExtra("account.userinfo.userid", userInfo.getUserId());
                intent.putExtra("account.userinfo.given.name", userInfo.getGivenName());
                intent.putExtra("account.userinfo.family.name", userInfo.getFamilyName());
                intent.putExtra("account.userinfo.identity.provider", userInfo.getIdentityProvider());
                intent.putExtra("account.userinfo.userid.displayable", userInfo.getDisplayableId());
            }
            if (tokenTaskResult.mTaskResult.getCliTelemInfo() != null) {
                TelemetryUtils.CliTelemInfo cliTelemInfo = tokenTaskResult.mTaskResult.getCliTelemInfo();
                intent.putExtra("cliteleminfo.spe_ring", cliTelemInfo.getSpeRing());
                intent.putExtra("cliteleminfo.rt_age", cliTelemInfo.getRefreshTokenAge());
                intent.putExtra("cliteleminfo.server_error", cliTelemInfo.getServerErrorCode());
                intent.putExtra("cliteleminfo.server_suberror", cliTelemInfo.getServerSubErrorCode());
            }
            AuthenticationActivity.this.returnResult(2004, intent);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes2.dex */
    public class TokenTaskResult {
        private String mAccountName;
        private Exception mTaskException;
        private AuthenticationResult mTaskResult;

        TokenTaskResult() {
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void cancelRequest(Intent intent) {
        int i;
        com.microsoft.identity.common.internal.logging.Logger.verbose(TAG, "Sending intent to cancel authentication activity");
        if (intent == null) {
            intent = new Intent();
            i = 2001;
            UIEvent uIEvent = this.mUIEvent;
            if (uIEvent != null) {
                uIEvent.setUserCancel();
            }
        } else {
            i = 2002;
        }
        returnToCaller(i, intent);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void displaySpinner(final boolean z) {
        if (this.mSpinner != null) {
            StringBuilder sb = new StringBuilder();
            sb.append("DisplaySpinner:");
            sb.append(z);
            sb.append(" showing:");
            sb.append(this.mSpinner.getVisibility() == 0);
            com.microsoft.identity.common.internal.logging.Logger.verbose("AuthenticationActivity:displaySpinner", sb.toString());
            runOnUiThread(new Runnable() { // from class: com.microsoft.aad.adal.AuthenticationActivity.3
                @Override // java.lang.Runnable
                public void run() {
                    AuthenticationActivity.this.mSpinner.setVisibility(z ? 0 : 4);
                }
            });
        }
    }

    private AuthenticationRequest getAuthenticationRequestFromIntent(Intent intent) {
        UUID uuid = null;
        if (!isBrokerRequest(intent)) {
            Serializable serializableExtra = intent.getSerializableExtra("com.microsoft.aad.adal:BrowserRequestMessage");
            if (serializableExtra instanceof AuthenticationRequest) {
                return (AuthenticationRequest) serializableExtra;
            }
            return null;
        }
        com.microsoft.identity.common.internal.logging.Logger.verbose("AuthenticationActivity:getAuthenticationRequestFromIntent", "It is a broker request. Get request info from bundle extras.");
        String stringExtra = intent.getStringExtra("account.authority");
        String stringExtra2 = intent.getStringExtra("account.resource");
        String stringExtra3 = intent.getStringExtra("account.redirect");
        String stringExtra4 = intent.getStringExtra("account.login.hint");
        String stringExtra5 = intent.getStringExtra("account.name");
        String stringExtra6 = intent.getStringExtra("account.clientid.key");
        String stringExtra7 = intent.getStringExtra("account.correlationid");
        String stringExtra8 = intent.getStringExtra("account.prompt");
        PromptBehavior promptBehavior = PromptBehavior.Auto;
        if (!com.microsoft.identity.common.adal.internal.util.StringExtensions.isNullOrBlank(stringExtra8)) {
            promptBehavior = PromptBehavior.valueOf(stringExtra8);
        }
        PromptBehavior promptBehavior2 = promptBehavior;
        this.mWaitingRequestId = intent.getIntExtra("com.microsoft.aad.adal:RequestId", 0);
        if (!com.microsoft.identity.common.adal.internal.util.StringExtensions.isNullOrBlank(stringExtra7)) {
            try {
                uuid = UUID.fromString(stringExtra7);
            } catch (IllegalArgumentException e) {
                com.microsoft.identity.common.internal.logging.Logger.error("AuthenticationActivity:getAuthenticationRequestFromIntent", "CorrelationId is malformed: " + stringExtra7, e);
            }
        }
        AuthenticationRequest authenticationRequest = new AuthenticationRequest(stringExtra, stringExtra2, stringExtra6, stringExtra3, stringExtra4, uuid, false);
        authenticationRequest.setBrokerAccountName(stringExtra5);
        authenticationRequest.setPrompt(promptBehavior2);
        authenticationRequest.setRequestId(this.mWaitingRequestId);
        return authenticationRequest;
    }

    private String getBrokerStartUrl(String str, String str2, String str3) {
        if (!com.microsoft.identity.common.adal.internal.util.StringExtensions.isNullOrBlank(str2) && !com.microsoft.identity.common.adal.internal.util.StringExtensions.isNullOrBlank(str3)) {
            try {
                return str + "&package_name=" + URLEncoder.encode(str2, "UTF-8") + "&signature=" + URLEncoder.encode(str3, "UTF-8");
            } catch (UnsupportedEncodingException e) {
                com.microsoft.identity.common.internal.logging.Logger.error(TAG, "Unsupported encoding", e);
                com.microsoft.identity.common.internal.logging.Logger.error(TAG, "Exception details", e);
            }
        }
        return str;
    }

    private void hideKeyBoard() {
        if (this.mWebView != null) {
            ((InputMethodManager) getSystemService("input_method")).hideSoftInputFromWindow(this.mWebView.getApplicationWindowToken(), 0);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public boolean isBrokerRequest(Intent intent) {
        return (intent == null || com.microsoft.identity.common.adal.internal.util.StringExtensions.isNullOrBlank(intent.getStringExtra("com.microsoft.aadbroker.adal.broker.request"))) ? false : true;
    }

    private boolean isCallerBrokerInstaller() {
        PackageHelper packageHelper = new PackageHelper(this);
        String callingPackage = getCallingPackage();
        if (com.microsoft.identity.common.adal.internal.util.StringExtensions.isNullOrBlank(callingPackage)) {
            return false;
        }
        if (callingPackage.equals(AuthenticationSettings.INSTANCE.getBrokerPackageName())) {
            com.microsoft.identity.common.internal.logging.Logger.verbose("AuthenticationActivity:isCallerBrokerInstaller", "Same package as broker.");
            return true;
        }
        String currentSignatureForPackage = packageHelper.getCurrentSignatureForPackage(callingPackage);
        com.microsoft.identity.common.internal.logging.Logger.verbose("AuthenticationActivity:isCallerBrokerInstaller", "Checking broker signature.");
        com.microsoft.identity.common.internal.logging.Logger.verbosePII("AuthenticationActivity:isCallerBrokerInstaller", "Check signature for " + callingPackage + " signature:" + currentSignatureForPackage + " brokerSignature:" + AuthenticationSettings.INSTANCE.getBrokerSignature());
        return currentSignatureForPackage.equals(AuthenticationSettings.INSTANCE.getBrokerSignature()) || currentSignatureForPackage.equals("ho040S3ffZkmxqtQrSwpTVOn9r0=");
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void prepareForBrokerResume() {
        com.microsoft.identity.common.internal.logging.Logger.verbose("AuthenticationActivity:prepareForBrokerResume", "Return to caller with BROKER_REQUEST_RESUME, and waiting for result.");
        returnToCaller(2006, new Intent());
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void returnError(ADALError aDALError, String str) {
        com.microsoft.identity.common.internal.logging.Logger.warn(TAG, "Argument error:" + str);
        Intent intent = new Intent();
        intent.putExtra("com.microsoft.aad.adal:BrowserErrorCode", aDALError.name());
        intent.putExtra("com.microsoft.aad.adal:BrowserErrorMessage", str);
        if (this.mAuthRequest != null) {
            intent.putExtra("com.microsoft.aad.adal:RequestId", this.mWaitingRequestId);
            intent.putExtra("com.microsoft.aad.adal:BrowserRequestInfo", this.mAuthRequest);
        }
        setResult(2002, intent);
        finish();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void returnResult(int i, Intent intent) {
        setAccountAuthenticatorResult(intent.getExtras());
        setResult(i, intent);
        finish();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void returnToCaller(int i, Intent intent) {
        com.microsoft.identity.common.internal.logging.Logger.verbose("AuthenticationActivity:returnToCaller", "Return To Caller:" + i);
        displaySpinner(false);
        if (intent == null) {
            intent = new Intent();
        }
        if (this.mAuthRequest == null) {
            com.microsoft.identity.common.internal.logging.Logger.warn("AuthenticationActivity:returnToCaller", "Request object is null");
        } else {
            com.microsoft.identity.common.internal.logging.Logger.verbose("AuthenticationActivity:returnToCaller", "Set request id related to response. REQUEST_ID for caller returned to:" + this.mAuthRequest.getRequestId());
            intent.putExtra("com.microsoft.aad.adal:RequestId", this.mAuthRequest.getRequestId());
        }
        setResult(i, intent);
        finish();
    }

    private void setAccountAuthenticatorResult(Bundle bundle) {
        this.mAuthenticatorResultBundle = bundle;
    }

    private void setupWebView() {
        WebSettings settings = this.mWebView.getSettings();
        settings.setJavaScriptEnabled(true);
        settings.setAllowFileAccess(false);
        settings.setAllowContentAccess(false);
        this.mWebView.requestFocus(130);
        this.mWebView.setOnTouchListener(new View.OnTouchListener() { // from class: com.microsoft.aad.adal.AuthenticationActivity.2
            @Override // android.view.View.OnTouchListener
            public boolean onTouch(View view, MotionEvent motionEvent) {
                int action = motionEvent.getAction();
                if ((action != 0 && action != 1) || view.hasFocus()) {
                    return false;
                }
                view.requestFocus();
                return false;
            }
        });
        settings.setLoadWithOverviewMode(true);
        settings.setDomStorageEnabled(true);
        settings.setUseWideViewPort(true);
        settings.setBuiltInZoomControls(true);
        this.mWebView.setWebViewClient(new CustomWebViewClient());
        this.mWebView.setVisibility(4);
    }

    @Override // android.app.Activity
    public void finish() {
        if (isBrokerRequest(getIntent()) && this.mAccountAuthenticatorResponse != null) {
            com.microsoft.identity.common.internal.logging.Logger.verbose(TAG, "It is a broker request");
            Bundle bundle = this.mAuthenticatorResultBundle;
            if (bundle == null) {
                this.mAccountAuthenticatorResponse.onError(4, "canceled");
            } else {
                this.mAccountAuthenticatorResponse.onResult(bundle);
            }
            this.mAccountAuthenticatorResponse = null;
        }
        super.finish();
    }

    @Override // androidx.activity.ComponentActivity, android.app.Activity
    public void onBackPressed() {
        com.microsoft.identity.common.internal.logging.Logger.verbose(TAG, "Back button is pressed");
        if (this.mPkeyAuthRedirect || !this.mWebView.canGoBackOrForward(-2)) {
            cancelRequest(null);
        } else {
            this.mWebView.goBack();
        }
    }

    @Override // androidx.fragment.app.FragmentActivity, androidx.activity.ComponentActivity, androidx.core.app.ComponentActivity, com.microsoft.intune.mam.client.app.MAMActivity, com.microsoft.intune.mam.client.app.HookedActivity
    public void onMAMCreate(Bundle bundle) {
        super.onMAMCreate(bundle);
        setContentView(R.layout.activity_authentication);
        this.mWebView = (WebView) findViewById(R.id.authentication_activity_webView);
        this.mSpinner = (ProgressBar) findViewById(R.id.authentication_activity_progressBar);
        CookieSyncManager.createInstance(getApplicationContext());
        CookieSyncManager.getInstance().sync();
        CookieManager.getInstance().setAcceptCookie(true);
        com.microsoft.identity.common.internal.logging.Logger.verbose("AuthenticationActivity:onCreate", "AuthenticationActivity was created.");
        AuthenticationRequest authenticationRequestFromIntent = getAuthenticationRequestFromIntent(getIntent());
        this.mAuthRequest = authenticationRequestFromIntent;
        if (authenticationRequestFromIntent == null) {
            com.microsoft.identity.common.internal.logging.Logger.warn("AuthenticationActivity:onCreate", "Intent for Authentication Activity doesn't have the request details, returning to caller");
            Intent intent = new Intent();
            intent.putExtra("com.microsoft.aad.adal:BrowserErrorCode", "Invalid request");
            intent.putExtra("com.microsoft.aad.adal:BrowserErrorMessage", "Intent does not have request details");
            returnToCaller(2002, intent);
            return;
        }
        if (authenticationRequestFromIntent.getAuthority() == null || this.mAuthRequest.getAuthority().isEmpty()) {
            returnError(ADALError.ARGUMENT_EXCEPTION, "account.authority");
            return;
        }
        if (this.mAuthRequest.getResource() == null || this.mAuthRequest.getResource().isEmpty()) {
            returnError(ADALError.ARGUMENT_EXCEPTION, "account.resource");
            return;
        }
        if (this.mAuthRequest.getClientId() == null || this.mAuthRequest.getClientId().isEmpty()) {
            returnError(ADALError.ARGUMENT_EXCEPTION, "account.clientid.key");
            return;
        }
        if (this.mAuthRequest.getRedirectUri() == null || this.mAuthRequest.getRedirectUri().isEmpty()) {
            returnError(ADALError.ARGUMENT_EXCEPTION, "account.redirect");
            return;
        }
        this.mRedirectUrl = this.mAuthRequest.getRedirectUri();
        Telemetry.getInstance().startEvent(this.mAuthRequest.getTelemetryRequestId(), "Microsoft.ADAL.ui_event");
        UIEvent uIEvent = new UIEvent("Microsoft.ADAL.ui_event");
        this.mUIEvent = uIEvent;
        uIEvent.setRequestId(this.mAuthRequest.getTelemetryRequestId());
        this.mUIEvent.setCorrelationId(this.mAuthRequest.getCorrelationId().toString());
        if (!AuthenticationSettings.INSTANCE.getDisableWebViewHardwareAcceleration()) {
            this.mWebView.setLayerType(1, null);
            com.microsoft.identity.common.internal.logging.Logger.warn("AuthenticationActivity:onCreate", "Hardware acceleration is disabled in WebView");
        }
        this.mStartUrl = "about:blank";
        try {
            this.mStartUrl = new Oauth2(this.mAuthRequest).getCodeRequestUrl();
            com.microsoft.identity.common.internal.logging.Logger.verbose("AuthenticationActivity:onCreate", "Init broadcastReceiver with request. RequestId:" + this.mAuthRequest.getRequestId());
            com.microsoft.identity.common.internal.logging.Logger.verbosePII("AuthenticationActivity:onCreate", this.mAuthRequest.getLogInfo());
            ActivityBroadcastReceiver activityBroadcastReceiver = new ActivityBroadcastReceiver();
            this.mReceiver = activityBroadcastReceiver;
            activityBroadcastReceiver.mWaitingRequestId = this.mAuthRequest.getRequestId();
            LocalBroadcastManager.getInstance(this).registerReceiver(this.mReceiver, new IntentFilter("com.microsoft.aad.adal:BrowserCancel"));
            String userAgentString = this.mWebView.getSettings().getUserAgentString();
            this.mWebView.getSettings().setUserAgentString(userAgentString + " PKeyAuth/1.0");
            com.microsoft.identity.common.internal.logging.Logger.verbosePII("AuthenticationActivity:onCreate", "UserAgent:" + this.mWebView.getSettings().getUserAgentString());
            if (isBrokerRequest(getIntent())) {
                String callingPackage = getCallingPackage();
                this.mCallingPackage = callingPackage;
                if (callingPackage == null) {
                    com.microsoft.identity.common.internal.logging.Logger.verbose("AuthenticationActivity:onCreate", "Calling package is null, startActivityForResult is not used to call this activity");
                    Intent intent2 = new Intent();
                    intent2.putExtra("com.microsoft.aad.adal:BrowserErrorCode", "Invalid request");
                    intent2.putExtra("com.microsoft.aad.adal:BrowserErrorMessage", "startActivityForResult is not used to call this activity");
                    returnToCaller(2002, intent2);
                    return;
                }
                com.microsoft.identity.common.internal.logging.Logger.info("AuthenticationActivity:onCreate", "It is a broker request for package:" + this.mCallingPackage);
                AccountAuthenticatorResponse accountAuthenticatorResponse = (AccountAuthenticatorResponse) getIntent().getParcelableExtra("accountAuthenticatorResponse");
                this.mAccountAuthenticatorResponse = accountAuthenticatorResponse;
                if (accountAuthenticatorResponse != null) {
                    accountAuthenticatorResponse.onRequestContinued();
                }
                PackageHelper packageHelper = new PackageHelper(this);
                String callingPackage2 = getCallingPackage();
                this.mCallingPackage = callingPackage2;
                this.mCallingUID = packageHelper.getUIDForPackage(callingPackage2);
                String currentSignatureForPackage = packageHelper.getCurrentSignatureForPackage(this.mCallingPackage);
                this.mStartUrl = getBrokerStartUrl(this.mStartUrl, this.mCallingPackage, currentSignatureForPackage);
                if (!isCallerBrokerInstaller()) {
                    com.microsoft.identity.common.internal.logging.Logger.verbose("AuthenticationActivity:onCreate", "Caller needs to be verified using special redirectUri");
                    this.mRedirectUrl = PackageHelper.getBrokerRedirectUrl(this.mCallingPackage, currentSignatureForPackage);
                }
                com.microsoft.identity.common.internal.logging.Logger.verbosePII("AuthenticationActivity:onCreate", "Broker redirectUrl: " + this.mRedirectUrl + " The calling package is: " + this.mCallingPackage + " Signature hash for calling package is: " + currentSignatureForPackage + " Current context package: " + getPackageName() + " Start url: " + this.mStartUrl);
            } else {
                com.microsoft.identity.common.internal.logging.Logger.verbose("AuthenticationActivity:onCreate", "Non-broker request for package " + getCallingPackage());
                com.microsoft.identity.common.internal.logging.Logger.verbosePII("AuthenticationActivity:onCreate", "Start url: " + this.mStartUrl);
            }
            this.mRegisterReceiver = false;
            final String str = this.mStartUrl;
            com.microsoft.identity.common.internal.logging.Logger.infoPII("AuthenticationActivity:onCreate", "Device info:" + Build.VERSION.RELEASE + TokenAuthenticationScheme.SCHEME_DELIMITER + Build.MANUFACTURER + Build.MODEL);
            this.mStorageHelper = new com.microsoft.identity.common.adal.internal.cache.StorageHelper(getApplicationContext());
            setupWebView();
            if (this.mAuthRequest.getCorrelationId() == null) {
                com.microsoft.identity.common.internal.logging.Logger.verbose("AuthenticationActivity:onCreate", "Null correlation id in the request.");
            } else {
                com.microsoft.identity.common.internal.logging.Logger.verbose("AuthenticationActivity:onCreate", "Correlation id for request sent is:" + this.mAuthRequest.getCorrelationId().toString());
            }
            if (bundle == null) {
                this.mWebView.post(new Runnable() { // from class: com.microsoft.aad.adal.AuthenticationActivity.1
                    @Override // java.lang.Runnable
                    public void run() {
                        com.microsoft.identity.common.internal.logging.Logger.verbose("AuthenticationActivity:onCreate", "Launching webview for acquiring auth code.");
                        AuthenticationActivity.this.mWebView.loadUrl("about:blank");
                        AuthenticationActivity.this.mWebView.loadUrl(str);
                    }
                });
            } else {
                com.microsoft.identity.common.internal.logging.Logger.verbose("AuthenticationActivity:onCreate", "Reuse webview");
            }
        } catch (UnsupportedEncodingException e) {
            com.microsoft.identity.common.internal.logging.Logger.error("AuthenticationActivity:onCreate", "Encoding format is not supported. ", e);
            Intent intent3 = new Intent();
            intent3.putExtra("com.microsoft.aad.adal:BrowserRequestInfo", this.mAuthRequest);
            returnToCaller(2002, intent3);
        }
    }

    @Override // androidx.fragment.app.FragmentActivity, com.microsoft.intune.mam.client.app.MAMActivity, com.microsoft.intune.mam.client.app.HookedActivity
    public void onMAMDestroy() {
        super.onMAMDestroy();
        if (this.mUIEvent != null) {
            Telemetry.getInstance().stopEvent(this.mAuthRequest.getTelemetryRequestId(), this.mUIEvent, "Microsoft.ADAL.ui_event");
        }
    }

    @Override // androidx.fragment.app.FragmentActivity, com.microsoft.intune.mam.client.app.MAMActivity, com.microsoft.intune.mam.client.app.HookedActivity
    public void onMAMPause() {
        com.microsoft.identity.common.internal.logging.Logger.verbose("AuthenticationActivity:onPause", "AuthenticationActivity onPause unregister receiver");
        super.onMAMPause();
        if (this.mReceiver != null) {
            LocalBroadcastManager.getInstance(this).unregisterReceiver(this.mReceiver);
        }
        this.mRegisterReceiver = true;
        displaySpinner(false);
        hideKeyBoard();
    }

    @Override // androidx.fragment.app.FragmentActivity, com.microsoft.intune.mam.client.app.MAMActivity, com.microsoft.intune.mam.client.app.HookedActivity
    public void onMAMResume() {
        super.onMAMResume();
        if (this.mRegisterReceiver) {
            com.microsoft.identity.common.internal.logging.Logger.verbose("AuthenticationActivity:onResume", "Webview onResume will register receiver.");
            com.microsoft.identity.common.internal.logging.Logger.verbosePII("AuthenticationActivity:onResume", "StartUrl: " + this.mStartUrl);
            if (this.mReceiver != null) {
                com.microsoft.identity.common.internal.logging.Logger.verbose("AuthenticationActivity:onResume", "Webview onResume register broadcast receiver for request. RequestId: " + this.mReceiver.mWaitingRequestId);
                LocalBroadcastManager.getInstance(this).registerReceiver(this.mReceiver, new IntentFilter("com.microsoft.aad.adal:BrowserCancel"));
            }
        }
        this.mRegisterReceiver = false;
    }

    @Override // androidx.fragment.app.FragmentActivity, androidx.activity.ComponentActivity, androidx.core.app.ComponentActivity, com.microsoft.intune.mam.client.app.MAMActivity, com.microsoft.intune.mam.client.app.HookedActivity
    public void onMAMSaveInstanceState(Bundle bundle) {
        super.onMAMSaveInstanceState(bundle);
        this.mWebView.saveState(bundle);
    }

    @Override // android.app.Activity
    protected void onRestart() {
        com.microsoft.identity.common.internal.logging.Logger.verbose(TAG, "AuthenticationActivity onRestart");
        super.onRestart();
        this.mRegisterReceiver = true;
    }

    @Override // android.app.Activity
    protected void onRestoreInstanceState(Bundle bundle) {
        super.onRestoreInstanceState(bundle);
        this.mWebView.restoreState(bundle);
    }
}
