package com.microsoft.aad.adal;

import java.io.UnsupportedEncodingException;
import java.lang.reflect.InvocationTargetException;
import java.security.interfaces.RSAPrivateKey;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Locale;

/* loaded from: classes2.dex */
class ChallangeResponseBuilder {
    private IJWSBuilder a;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes2.dex */
    public class ChallangeRequest {
        List<String> c;
        String a = "";
        String b = "";
        String d = "";
        String e = null;
        String f = "";

        ChallangeRequest() {
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes2.dex */
    public class ChallangeResponse {
        String a;
        String b;

        ChallangeResponse() {
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes2.dex */
    public enum RequestField {
        Nonce,
        CertAuthorities,
        Version,
        SubmitUrl,
        Context,
        CertThumbprint
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public ChallangeResponseBuilder(IJWSBuilder iJWSBuilder) {
        this.a = iJWSBuilder;
    }

    /* JADX WARN: Multi-variable type inference failed */
    private ChallangeResponse a(ChallangeRequest challangeRequest) {
        ChallangeResponse b = b(challangeRequest);
        b.a = challangeRequest.f;
        Class<?> deviceCertificateProxy = AuthenticationSettings.INSTANCE.getDeviceCertificateProxy();
        if (deviceCertificateProxy != null) {
            IDeviceCertificate a = a((Class<IDeviceCertificate>) deviceCertificateProxy);
            if (a.a(challangeRequest.c) || (a.c() != null && a.c().equalsIgnoreCase(challangeRequest.d))) {
                RSAPrivateKey b2 = a.b();
                if (b2 == null) {
                    throw new AuthenticationException(ADALError.KEY_CHAIN_PRIVATE_KEY_EXCEPTION);
                }
                b.b = String.format("%s AuthToken=\"%s\",Context=\"%s\",Version=\"%s\"", "PKeyAuth", this.a.a(challangeRequest.a, challangeRequest.f, b2, a.d(), a.a()), challangeRequest.b, challangeRequest.e);
                Logger.c("ChallangeResponseBuilder", "Challange response:" + b.b);
            }
        }
        return b;
    }

    private IDeviceCertificate a(Class<IDeviceCertificate> cls) {
        try {
            return cls.getDeclaredConstructor(new Class[0]).newInstance((Object[]) null);
        } catch (IllegalAccessException e) {
            throw new AuthenticationException(ADALError.DEVICE_CERTIFICATE_API_EXCEPTION, "WPJ Api constructor is not defined", e);
        } catch (IllegalArgumentException e2) {
            throw new AuthenticationException(ADALError.DEVICE_CERTIFICATE_API_EXCEPTION, "WPJ Api constructor is not defined", e2);
        } catch (InstantiationException e3) {
            throw new AuthenticationException(ADALError.DEVICE_CERTIFICATE_API_EXCEPTION, "WPJ Api constructor is not defined", e3);
        } catch (NoSuchMethodException e4) {
            throw new AuthenticationException(ADALError.DEVICE_CERTIFICATE_API_EXCEPTION, "WPJ Api constructor is not defined", e4);
        } catch (InvocationTargetException e5) {
            throw new AuthenticationException(ADALError.DEVICE_CERTIFICATE_API_EXCEPTION, "WPJ Api constructor is not defined", e5);
        }
    }

    private void a(HashMap<String, String> hashMap, boolean z) {
        if (!hashMap.containsKey(RequestField.Nonce.name()) && !hashMap.containsKey(RequestField.Nonce.name().toLowerCase(Locale.US))) {
            throw new AuthenticationException(ADALError.DEVICE_CERTIFICATE_REQUEST_INVALID, "Nonce");
        }
        if (!hashMap.containsKey(RequestField.Version.name())) {
            throw new AuthenticationException(ADALError.DEVICE_CERTIFICATE_REQUEST_INVALID, "Version");
        }
        if (z && !hashMap.containsKey(RequestField.SubmitUrl.name())) {
            throw new AuthenticationException(ADALError.DEVICE_CERTIFICATE_REQUEST_INVALID, "SubmitUrl");
        }
        if (!hashMap.containsKey(RequestField.Context.name())) {
            throw new AuthenticationException(ADALError.DEVICE_CERTIFICATE_REQUEST_INVALID, "Context");
        }
        if (z && !hashMap.containsKey(RequestField.CertAuthorities.name())) {
            throw new AuthenticationException(ADALError.DEVICE_CERTIFICATE_REQUEST_INVALID, "CertAuthorities");
        }
    }

    private boolean a() {
        return AuthenticationSettings.INSTANCE.getDeviceCertificateProxy() != null;
    }

    private ChallangeRequest b(String str) throws UnsupportedEncodingException {
        if (StringExtensions.a(str)) {
            throw new IllegalArgumentException("headerValue");
        }
        if (!StringExtensions.b(str, "PKeyAuth")) {
            throw new AuthenticationException(ADALError.DEVICE_CERTIFICATE_REQUEST_INVALID, str);
        }
        ChallangeRequest challangeRequest = new ChallangeRequest();
        String substring = str.substring("PKeyAuth".length());
        ArrayList<String> a = StringExtensions.a(substring, ',');
        HashMap<String, String> hashMap = new HashMap<>();
        Iterator<String> it2 = a.iterator();
        while (it2.hasNext()) {
            ArrayList<String> a2 = StringExtensions.a(it2.next(), '=');
            if (a2.size() != 2 || StringExtensions.a(a2.get(0)) || StringExtensions.a(a2.get(1))) {
                throw new AuthenticationException(ADALError.DEVICE_CERTIFICATE_REQUEST_INVALID, substring);
            }
            String str2 = a2.get(0);
            String str3 = a2.get(1);
            hashMap.put(StringExtensions.d(str2).trim(), StringExtensions.g(StringExtensions.d(str3).trim()));
        }
        a(hashMap, false);
        challangeRequest.a = hashMap.get(RequestField.Nonce.name());
        if (StringExtensions.a(challangeRequest.a)) {
            challangeRequest.a = hashMap.get(RequestField.Nonce.name().toLowerCase(Locale.US));
        }
        if (!a()) {
            Logger.c("ChallangeResponseBuilder:getChallangeRequestFromHeader", "Device is not workplace joined. ");
        } else if (!StringExtensions.a(hashMap.get(RequestField.CertThumbprint.name()))) {
            Logger.c("ChallangeResponseBuilder:getChallangeRequestFromHeader", "CertThumbprint exists in the device auth challenge.");
            challangeRequest.d = hashMap.get(RequestField.CertThumbprint.name());
        } else {
            if (!hashMap.containsKey(RequestField.CertAuthorities.name())) {
                throw new AuthenticationException(ADALError.DEVICE_CERTIFICATE_REQUEST_INVALID, "Both certThumbprint and certauthorities are not present");
            }
            Logger.c("ChallangeResponseBuilder:getChallangeRequestFromHeader", "CertAuthorities exists in the device auth challenge.");
            challangeRequest.c = StringExtensions.a(hashMap.get(RequestField.CertAuthorities.name()), ";");
        }
        challangeRequest.e = hashMap.get(RequestField.Version.name());
        challangeRequest.b = hashMap.get(RequestField.Context.name());
        return challangeRequest;
    }

    private ChallangeResponse b(ChallangeRequest challangeRequest) {
        ChallangeResponse challangeResponse = new ChallangeResponse();
        challangeResponse.a = challangeRequest.f;
        challangeResponse.b = String.format("%s Context=\"%s\",Version=\"%s\"", "PKeyAuth", challangeRequest.b, challangeRequest.e);
        return challangeResponse;
    }

    private ChallangeRequest c(String str) {
        if (StringExtensions.a(str)) {
            throw new IllegalArgumentException("redirectUri");
        }
        ChallangeRequest challangeRequest = new ChallangeRequest();
        HashMap<String, String> f = StringExtensions.f(str);
        a(f, true);
        challangeRequest.a = f.get(RequestField.Nonce.name());
        if (StringExtensions.a(challangeRequest.a)) {
            challangeRequest.a = f.get(RequestField.Nonce.name().toLowerCase(Locale.US));
        }
        String str2 = f.get(RequestField.CertAuthorities.name());
        Logger.c("ChallangeResponseBuilder", "Cert authorities:" + str2);
        challangeRequest.c = StringExtensions.a(str2, ";");
        challangeRequest.e = f.get(RequestField.Version.name());
        challangeRequest.f = f.get(RequestField.SubmitUrl.name());
        challangeRequest.b = f.get(RequestField.Context.name());
        return challangeRequest;
    }

    public ChallangeResponse a(String str) {
        return a(c(str));
    }

    public ChallangeResponse a(String str, String str2) throws UnsupportedEncodingException {
        ChallangeRequest b = b(str);
        b.f = str2;
        return a(b);
    }
}
