package com.microsoft.intune.mam.policy;

import android.content.Context;
import android.os.ConditionVariable;
import com.microsoft.aad.adal.AuthenticationContext;
import com.microsoft.aad.adal.AuthenticationResult;
import com.microsoft.aad.adal.ITokenCacheStore;
import com.microsoft.aad.adal.TokenCacheItem;
import com.microsoft.aad.adal.UserInfo;
import com.microsoft.aad.adal.af;
import com.microsoft.aad.adal.au;
import com.microsoft.aad.adal.h;
import com.microsoft.intune.mam.client.app.startup.ADALConnectionDetails;
import com.microsoft.intune.mam.log.MAMLogScrubber;
import com.microsoft.intune.mam.log.MAMLogger;
import com.microsoft.intune.mam.log.MAMLoggerProvider;
import java.util.Iterator;
import java.util.UUID;
import java.util.logging.Level;

/* loaded from: classes.dex */
public final class MAMServiceAuthentication {
    private static final MAMLogger LOGGER = MAMLoggerProvider.getLogger(MAMServiceAuthentication.class);
    public static final String MAMSERVICE_RESOURCE_ID = "https://msmamservice.api.application";
    private static final long TOKEN_ACQUIRE_TIMEOUT_MS = 30000;

    /* loaded from: classes.dex */
    final class AuthCallback implements h<AuthenticationResult> {
        private final ConditionVariable mDone;
        private Exception mError = null;
        private AuthenticationResult mResult = null;

        public AuthCallback(ConditionVariable conditionVariable) {
            this.mDone = conditionVariable;
        }

        private void updateResult(AuthenticationResult authenticationResult, Exception exc) {
            this.mResult = authenticationResult;
            this.mError = exc;
            this.mDone.open();
        }

        @Override // com.microsoft.aad.adal.h
        public void onError(Exception exc) {
            updateResult(null, exc);
        }

        @Override // com.microsoft.aad.adal.h
        public void onSuccess(AuthenticationResult authenticationResult) {
            if (authenticationResult.i() == af.Succeeded) {
                updateResult(authenticationResult, null);
            } else {
                MAMServiceAuthentication.LOGGER.warning("ADAL authentication Failed; " + authenticationResult.m());
                updateResult(null, null);
            }
        }
    }

    private MAMServiceAuthentication() {
    }

    public static AuthenticationResult acquireToken(Context context, ADALConnectionDetails aDALConnectionDetails, String str, MAMLogScrubber mAMLogScrubber) {
        UUID randomUUID = UUID.randomUUID();
        LOGGER.info("Requesting auth token for MAM Service;  Correlation ID = " + randomUUID.toString());
        try {
            AuthenticationContext authenticationContext = new AuthenticationContext(context, aDALConnectionDetails.getAuthority(), false);
            authenticationContext.a(randomUUID);
            String findADALUserId = findADALUserId(authenticationContext, str, mAMLogScrubber);
            return validateResult(findADALUserId != null ? authenticationContext.a(MAMSERVICE_RESOURCE_ID, aDALConnectionDetails.getClientId(), findADALUserId) : null, str);
        } catch (Exception e) {
            LOGGER.log(Level.SEVERE, "Failed to acquire MAMService token;  Correlation ID = " + randomUUID.toString(), e);
            return null;
        }
    }

    public static AuthenticationResult authenticateWithRefreshToken(Context context, ADALConnectionDetails aDALConnectionDetails, String str) {
        UUID randomUUID = UUID.randomUUID();
        LOGGER.info("Requesting auth token from refresh token for MAM Service;  Correlation ID = " + randomUUID.toString());
        try {
            AuthenticationContext authenticationContext = new AuthenticationContext(context, aDALConnectionDetails.getAuthority(), false);
            authenticationContext.a(randomUUID);
            ConditionVariable conditionVariable = new ConditionVariable();
            AuthCallback authCallback = new AuthCallback(conditionVariable);
            authenticationContext.b(str, aDALConnectionDetails.getClientId(), MAMSERVICE_RESOURCE_ID, authCallback);
            if (conditionVariable.block(TOKEN_ACQUIRE_TIMEOUT_MS)) {
                if (authCallback.mError != null) {
                    throw authCallback.mError;
                }
                return validateResult(authCallback.mResult, null);
            }
            LOGGER.warning("Failed to retrieve token for MAM Service: timeout;  Correlation ID = " + randomUUID.toString());
            authenticationContext.a(authCallback.hashCode());
            return null;
        } catch (Exception e) {
            LOGGER.log(Level.SEVERE, "Failed to retrieve token for MAM Service. Correlation ID = " + randomUUID.toString(), e);
            return null;
        }
    }

    private static String findADALUserId(AuthenticationContext authenticationContext, String str, MAMLogScrubber mAMLogScrubber) {
        UserInfo[] b = authenticationContext.b();
        if (b != null) {
            for (UserInfo userInfo : b) {
                if (userInfo.getDisplayableId().equalsIgnoreCase(str)) {
                    String userId = userInfo.getUserId();
                    LOGGER.info("found user " + mAMLogScrubber.scrubUPN(str) + " from the broker with id " + userId);
                    return userId;
                }
            }
        }
        ITokenCacheStore a = authenticationContext.a();
        if (!(a instanceof au)) {
            LOGGER.severe("Found unexpected type for ADAL ITokenCacheStore; can't get user id from cache for user " + mAMLogScrubber.scrubUPN(str));
            return null;
        }
        Iterator<TokenCacheItem> a2 = ((au) a).a();
        while (a2.hasNext()) {
            UserInfo userInfo2 = a2.next().getUserInfo();
            if (userInfo2 != null && userInfo2.getDisplayableId().equalsIgnoreCase(str)) {
                String userId2 = userInfo2.getUserId();
                LOGGER.info("found user " + mAMLogScrubber.scrubUPN(str) + " from the ADAL cache with id " + userId2);
                return userId2;
            }
        }
        LOGGER.warning("No entry in ADAL cache for user " + mAMLogScrubber.scrubUPN(str));
        return null;
    }

    private static AuthenticationResult validateResult(AuthenticationResult authenticationResult, String str) {
        if (authenticationResult == null) {
            LOGGER.warning("Failed to acquire MAMService token.");
            return null;
        }
        if (authenticationResult.i() != af.Succeeded) {
            LOGGER.warning("ADAL authentication Failed: " + authenticationResult.m());
            return null;
        }
        if (str == null || authenticationResult.g().getDisplayableId().equalsIgnoreCase(str)) {
            LOGGER.info("MAMService token acquired successfully.");
            return authenticationResult;
        }
        LOGGER.warning("Failed to acquire MAMService token: wrong user id.");
        return null;
    }
}
