package com.microsoft.rightsmanagement.flows;

import android.util.Patterns;
import com.microsoft.rightsmanagement.AuthenticationCompletionCallback;
import com.microsoft.rightsmanagement.AuthenticationRequestCallback;
import com.microsoft.rightsmanagement.Consent;
import com.microsoft.rightsmanagement.ConsentCallback;
import com.microsoft.rightsmanagement.ConsentCompletionCallback;
import com.microsoft.rightsmanagement.ConsentType;
import com.microsoft.rightsmanagement.ServiceURLConsent;
import com.microsoft.rightsmanagement.communication.CommunicationUtils;
import com.microsoft.rightsmanagement.communication.dns.DnsClientResult;
import com.microsoft.rightsmanagement.communication.dns.DnsLookupClient;
import com.microsoft.rightsmanagement.communication.dns.Domain;
import com.microsoft.rightsmanagement.communication.servicediscovery.ServiceDiscoveryClient;
import com.microsoft.rightsmanagement.consent.ConsentDataStore;
import com.microsoft.rightsmanagement.consent.DocumentTrackingConsentManager;
import com.microsoft.rightsmanagement.consent.IConsentManager;
import com.microsoft.rightsmanagement.consent.InternalConsent;
import com.microsoft.rightsmanagement.consent.InternalServiceURLConsent;
import com.microsoft.rightsmanagement.consent.ServiceURLConsentManager;
import com.microsoft.rightsmanagement.diagnostics.PerfScenario;
import com.microsoft.rightsmanagement.diagnostics.scenarios.BasePerfScenario;
import com.microsoft.rightsmanagement.diagnostics.scenarios.ConsumeContentClientPerfScenario;
import com.microsoft.rightsmanagement.diagnostics.scenarios.ServicePerfScenario;
import com.microsoft.rightsmanagement.exceptions.CommunicationException;
import com.microsoft.rightsmanagement.exceptions.ExceptionUtilities;
import com.microsoft.rightsmanagement.exceptions.InvalidParameterException;
import com.microsoft.rightsmanagement.exceptions.ProtectionException;
import com.microsoft.rightsmanagement.exceptions.ProtectionExceptionType;
import com.microsoft.rightsmanagement.exceptions.internal.AuthenticationException;
import com.microsoft.rightsmanagement.flows.interfaces.IRmsFlowExecuter;
import com.microsoft.rightsmanagement.flows.interfaces.RmsFlowCompletionCallback;
import com.microsoft.rightsmanagement.identity.IdentityStoreManager;
import com.microsoft.rightsmanagement.licenseparser.LicenseParser;
import com.microsoft.rightsmanagement.licenseparser.LicenseParserResult;
import com.microsoft.rightsmanagement.logger.RMSLogWrapper;
import com.microsoft.rightsmanagement.utils.AuthInfo;
import com.microsoft.rightsmanagement.utils.ConfigurableParameters;
import com.microsoft.rightsmanagement.utils.ConstantParameters;
import com.microsoft.rightsmanagement.utils.FeatureControl;
import com.microsoft.rightsmanagement.utils.RMSLatch;
import java.net.MalformedURLException;
import java.net.URL;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Locale;
import java.util.Map;

/* loaded from: classes3.dex */
public abstract class ExternalAuthFlow extends RMSFlow {
    private static final String TAG = "ExternalAuthRMSFlow";
    private static final String URL_PROTOCOL = "https://";
    protected boolean mConsentFailed;
    private String mDiscoveryUrl;
    private DnsLookupClient mDnsLookupClient;
    private boolean mIsAzureURL;
    private RMSLatch mLatch;
    protected LicenseParser mLicenseParser;
    protected LicenseParserResult mLicenseParserResult;
    private Domain mSelectedDomain;
    protected ServiceDiscoveryClient mServiceDiscoveryClient;
    private AuthenticationCallbackState mState;

    /* renamed from: com.microsoft.rightsmanagement.flows.ExternalAuthFlow$3, reason: invalid class name */
    /* loaded from: classes3.dex */
    static /* synthetic */ class AnonymousClass3 {
        static final /* synthetic */ int[] $SwitchMap$com$microsoft$rightsmanagement$exceptions$ProtectionExceptionType;

        static {
            int[] iArr = new int[ProtectionExceptionType.values().length];
            $SwitchMap$com$microsoft$rightsmanagement$exceptions$ProtectionExceptionType = iArr;
            try {
                iArr[ProtectionExceptionType.InvalidParameterException.ordinal()] = 1;
            } catch (NoSuchFieldError unused) {
            }
            try {
                $SwitchMap$com$microsoft$rightsmanagement$exceptions$ProtectionExceptionType[ProtectionExceptionType.UserCancellationException.ordinal()] = 2;
            } catch (NoSuchFieldError unused2) {
            }
        }
    }

    /* loaded from: classes3.dex */
    private enum AuthenticationCallbackState {
        NotCalled,
        Success,
        Failure,
        Cancel
    }

    public ExternalAuthFlow(IRmsFlowExecuter iRmsFlowExecuter, AsyncControl asyncControl, RmsFlowCompletionCallback rmsFlowCompletionCallback, DnsLookupClient dnsLookupClient, ServiceDiscoveryClient serviceDiscoveryClient, RMSLatch rMSLatch) {
        this(iRmsFlowExecuter, asyncControl, rmsFlowCompletionCallback, null, dnsLookupClient, serviceDiscoveryClient, rMSLatch);
    }

    public ExternalAuthFlow(IRmsFlowExecuter iRmsFlowExecuter, AsyncControl asyncControl, RmsFlowCompletionCallback rmsFlowCompletionCallback, LicenseParser licenseParser, DnsLookupClient dnsLookupClient, ServiceDiscoveryClient serviceDiscoveryClient, RMSLatch rMSLatch) {
        super(iRmsFlowExecuter, asyncControl, rmsFlowCompletionCallback);
        this.mConsentFailed = false;
        this.mLicenseParser = licenseParser;
        this.mDnsLookupClient = dnsLookupClient;
        this.mServiceDiscoveryClient = serviceDiscoveryClient;
        this.mLatch = rMSLatch;
        this.mState = AuthenticationCallbackState.NotCalled;
        this.mIsAzureURL = false;
    }

    private Map<String, String> generateMapFromAuthInfo(String str, AuthInfo authInfo) throws ProtectionException {
        HashMap hashMap = new HashMap();
        hashMap.put(ConstantParameters.AUTHENTICATION.AUTHORITY_PARAM_KEY, authInfo.getAuthServerUrl());
        hashMap.put(ConstantParameters.AUTHENTICATION.RESOURCE_PARAM_KEY, authInfo.getResource());
        hashMap.put(ConstantParameters.AUTHENTICATION.SCOPE_PARAM_KEY, authInfo.getScope());
        hashMap.put(ConstantParameters.AUTHENTICATION.USER_ID_PARAM_KEY, str);
        return hashMap;
    }

    private AuthInfo getAuthInfo(byte[] bArr, String str) throws ProtectionException {
        if (cancelFlowIfRequested()) {
            return null;
        }
        if (!ConfigurableParameters.isSdEnabled()) {
            RMSLogWrapper.rmsTrace(TAG, "DNS based SD is disabled. Returning default CloudServiceDiscoveryDetails");
            this.mIsAzureURL = true;
            return ConfigurableParameters.getCloudAuthInfo();
        }
        ArrayList<Domain> arrayList = new ArrayList();
        if (bArr != null && this.mLicenseParser != null) {
            RMSLogWrapper.rmsInfo(TAG, String.format("getAuthInfo: generating domains from PL", new Object[0]));
            this.mLicenseParserResult = this.mLicenseParser.extract(bArr);
            if (this.mPerfScenario instanceof ConsumeContentClientPerfScenario) {
                ((ConsumeContentClientPerfScenario) this.mPerfScenario).setContentId(this.mLicenseParserResult.getContentId());
                ((ConsumeContentClientPerfScenario) this.mPerfScenario).setLicenseFormat(this.mLicenseParserResult.getLicenseFormat());
                ((ConsumeContentClientPerfScenario) this.mPerfScenario).setIssuerId(this.mLicenseParserResult.getIssuerId());
            }
            arrayList.addAll(this.mLicenseParserResult.getDomains());
        }
        if (str != null) {
            RMSLogWrapper.rmsInfo(TAG, String.format("getAuthInfo: generating domains from email = %s", str));
            arrayList.add(Domain.createDomainFromEmail(str));
        }
        if (arrayList.size() == 0) {
            throw new ProtectionException(TAG, "Developer error");
        }
        AuthInfo authInfo = null;
        int i = 0;
        while (true) {
            if (i >= arrayList.size()) {
                break;
            }
            Domain domain = (Domain) arrayList.get(i);
            AuthInfo authInfo2 = IdentityStoreManager.getInstance(this).getAuthInfo(domain);
            if (authInfo2 != null) {
                this.mSelectedDomain = domain;
                String discoveryUrl = IdentityStoreManager.getInstance(this).getDiscoveryUrl(domain);
                this.mDiscoveryUrl = discoveryUrl;
                try {
                    String lowerCase = discoveryUrl.toLowerCase(Locale.US);
                    if (!lowerCase.startsWith(URL_PROTOCOL) && !lowerCase.startsWith("http://")) {
                        this.mIsAzureURL = CommunicationUtils.isDomainCloudBased(this.mDiscoveryUrl);
                        authInfo = authInfo2;
                    }
                    this.mIsAzureURL = CommunicationUtils.isUrlCloudBased(new URL(this.mDiscoveryUrl));
                    authInfo = authInfo2;
                } catch (MalformedURLException e) {
                    throw new ProtectionException(TAG, "The In memory Discovery URL is invalid", e);
                }
            } else {
                i++;
                authInfo = authInfo2;
            }
        }
        if (authInfo != null) {
            return authInfo;
        }
        RMSLogWrapper.rmsTrace(TAG, "No authentication information was found in the cache");
        if (!CommunicationUtils.isDeviceConnectedToDataNetwork(getContext())) {
            throw new CommunicationException(ConfigurableParameters.getContextParameters().getApplicationName());
        }
        DnsClientResult dnsClientResult = null;
        for (Domain domain2 : arrayList) {
            if (!cancelFlowIfRequested()) {
                DnsClientResult dnsClientResult2 = IdentityStoreManager.getInstance(this).getDnsClientResult(domain2, this.mPerfScenarioContainer);
                if (dnsClientResult2 != null) {
                    RMSLogWrapper.rmsInfo(TAG, String.format("getAuthInfo: Found cached DNS client result:%s and dnsLookupClientResults are :%s", domain2.toString(), dnsClientResult2.toString()));
                    this.mSelectedDomain = domain2;
                } else {
                    this.mDnsLookupClient.setPerfScenariosContainer(this.mPerfScenarioContainer);
                    dnsClientResult2 = this.mDnsLookupClient.lookupDiscoveryService(domain2, getContext());
                    if (dnsClientResult2 != null) {
                        RMSLogWrapper.rmsInfo(TAG, String.format("getAuthInfo: DNS lookup successful with domain:%s and dnsLookupClientResults are :%s", domain2.toString(), dnsClientResult2.toString()));
                        IdentityStoreManager.getInstance(this).putDnsClientResult(dnsClientResult2, this.mPerfScenarioContainer);
                        this.mSelectedDomain = domain2;
                    } else {
                        dnsClientResult = dnsClientResult2;
                    }
                }
                dnsClientResult = dnsClientResult2;
                break;
            }
            return null;
        }
        if (ConfigurableParameters.isAllowedHttpConnection() || dnsClientResult == null) {
            RMSLogWrapper.rmsTrace(TAG, "Failed DNS lookup, reverting to cloud discovery url");
            this.mSelectedDomain = (Domain) arrayList.get(0);
            this.mIsAzureURL = true;
            dnsClientResult = new DnsClientResult(this.mSelectedDomain);
        } else {
            RMSLogWrapper.rmsTrace(TAG, "Found dns srv record");
            try {
                String lowerCase2 = dnsClientResult.getDiscoveryUrl().toLowerCase(Locale.US);
                if (!lowerCase2.startsWith(URL_PROTOCOL) && !lowerCase2.startsWith("http://")) {
                    this.mIsAzureURL = CommunicationUtils.isDomainCloudBased(dnsClientResult.getDiscoveryUrl());
                }
                this.mIsAzureURL = CommunicationUtils.isUrlCloudBased(new URL(dnsClientResult.getDiscoveryUrl()));
            } catch (MalformedURLException e2) {
                throw new ProtectionException(TAG, "The In memory Discovery URL is invalid", e2);
            }
        }
        if (cancelFlowIfRequested()) {
            return null;
        }
        Domain domain3 = this.mSelectedDomain;
        if (domain3 == null) {
            RMSLogWrapper.rmsError(TAG, "selectedDomain is still null");
            throw new ProtectionException(TAG, "selectedDomain is still null");
        }
        RMSLogWrapper.rmsInfo(TAG, String.format("getAuthInfo: selected domain:%s and selected dnsLookupClientResults are :%s", domain3.toString(), dnsClientResult.toString()));
        String discoveryUrl2 = dnsClientResult.getDiscoveryUrl();
        this.mDiscoveryUrl = discoveryUrl2;
        RMSLogWrapper.rmsInfo(TAG, String.format("getAuthInfo: discoveryUrl:%s", discoveryUrl2));
        ServicePerfScenario servicePerfScenario = (ServicePerfScenario) BasePerfScenario.CreatePerfScenario(PerfScenario.GetServiceDiscoveryAuthInfoServiceOp);
        servicePerfScenario.start();
        AuthInfo authenticationInfo = (this.mLicenseParserResult == null || !FeatureControl.isEvoSTSEnabled()) ? this.mServiceDiscoveryClient.getAuthenticationInfo(this.mDiscoveryUrl, this.mSelectedDomain, servicePerfScenario) : this.mServiceDiscoveryClient.getAuthenticationInfo(this.mDiscoveryUrl, this.mLicenseParserResult.getServerPublicKey(), this.mSelectedDomain, servicePerfScenario);
        servicePerfScenario.setUrl(this.mDiscoveryUrl);
        servicePerfScenario.setStatus(String.valueOf(ConstantParameters.AUTHENTICATION.HTTP_NO_AUTH_RESPONSE));
        servicePerfScenario.stop();
        if (this.mPerfScenarioContainer != null) {
            this.mPerfScenarioContainer.add(servicePerfScenario);
            this.mPerfScenarioContainer.setIsHttpCall(true);
        }
        if (authenticationInfo != null) {
            RMSLogWrapper.rmsInfo(TAG, String.format("getAuthInfo: authInfo:%s", authenticationInfo.toString()));
        } else {
            RMSLogWrapper.rmsInfo(TAG, String.format("getAuthInfo: authInfo is null", new Object[0]));
        }
        IdentityStoreManager.getInstance(this).putAuthInfo(dnsClientResult, authenticationInfo);
        return authenticationInfo;
    }

    private List<IConsentManager> getConsentProcessors(boolean z, ConsentDataStore consentDataStore, String str) throws ProtectionException {
        String str2;
        URL[] urlArr = new URL[1];
        try {
            str2 = getServiceDomain();
        } catch (MalformedURLException e) {
            e = e;
            str2 = null;
        }
        try {
            urlArr[0] = new URL(URL_PROTOCOL + str2);
            ArrayList arrayList = new ArrayList();
            arrayList.add(new ServiceURLConsentManager(new InternalServiceURLConsent(urlArr), str, this.mIsAzureURL, z, consentDataStore));
            arrayList.add(new DocumentTrackingConsentManager(new InternalConsent(ConsentType.DOCUMENT_TRACKING_CONSENT), str2, str, z, consentDataStore));
            return arrayList;
        } catch (MalformedURLException e2) {
            e = e2;
            RMSLogWrapper.rmsError(TAG, String.format("getServiceDomain : malformed urls received from service domain. Service domain was %s ", str2));
            throw new ProtectionException(TAG, "Malformed urls received from selected domain", e);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public List<IConsentManager> getConsentProcessorsFromConsents(Collection<Consent> collection, boolean z, ConsentDataStore consentDataStore, String str) throws ProtectionException {
        ArrayList arrayList = new ArrayList();
        String serviceDomain = getServiceDomain();
        for (Consent consent : collection) {
            if (consent.getConsentType() == ConsentType.SERVICE_URL_CONSENT) {
                arrayList.add(new ServiceURLConsentManager((ServiceURLConsent) consent, str, this.mIsAzureURL, z, consentDataStore));
            } else if (consent.getConsentType() == ConsentType.DOCUMENT_TRACKING_CONSENT) {
                arrayList.add(new DocumentTrackingConsentManager(consent, serviceDomain, str, z, consentDataStore));
            }
        }
        return arrayList;
    }

    private String getServiceDomain() throws ProtectionException {
        try {
            String host = this.mDiscoveryUrl != null ? Patterns.DOMAIN_NAME.matcher(this.mDiscoveryUrl).matches() ? this.mDiscoveryUrl : new URL(this.mDiscoveryUrl).getHost() : ConfigurableParameters.getCloudDomain();
            RMSLogWrapper.rmsTrace(TAG, String.format("getServiceDomain : retrieved domain %s ", host));
            return host;
        } catch (MalformedURLException e) {
            RMSLogWrapper.rmsError(TAG, String.format("getServiceDomain : discovery url was in invalid format", new Object[0]));
            throw new ProtectionException(TAG, "Malformed urls received from selected domain", e);
        }
    }

    private void handleConsentCallback(ConsentCallback consentCallback, final String str) throws ProtectionException {
        this.mConsentFailed = false;
        final ConsentDataStore consentDataStore = ConsentDataStore.getInstance();
        final RMSLatch rMSLatch = new RMSLatch();
        try {
            try {
                consentDataStore.init(this);
                final boolean z = consentCallback == null;
                List<IConsentManager> consentProcessors = getConsentProcessors(z, consentDataStore, str);
                final ArrayList arrayList = new ArrayList();
                for (IConsentManager iConsentManager : consentProcessors) {
                    if (iConsentManager.shouldGetConsent()) {
                        arrayList.add(iConsentManager.getConsent());
                    }
                }
                if (arrayList.size() > 0) {
                    BasePerfScenario CreatePerfScenario = BasePerfScenario.CreatePerfScenario(PerfScenario.RequestConsentOp);
                    CreatePerfScenario.start();
                    consentCallback.consents(arrayList, new ConsentCompletionCallback() { // from class: com.microsoft.rightsmanagement.flows.ExternalAuthFlow.2
                        @Override // com.microsoft.rightsmanagement.ConsentCompletionCallback
                        public void submitConsentsWithConsentResults(Collection<Consent> collection) throws ProtectionException {
                            try {
                                try {
                                    if (collection == null) {
                                        throw new InvalidParameterException(ExternalAuthFlow.TAG, "consents collection is null");
                                    }
                                    List consentProcessorsFromConsents = ExternalAuthFlow.this.getConsentProcessorsFromConsents(arrayList, z, consentDataStore, str);
                                    Iterator it = consentProcessorsFromConsents.iterator();
                                    while (it.hasNext()) {
                                        ((IConsentManager) it.next()).handleConsentResult();
                                    }
                                    Iterator it2 = consentProcessorsFromConsents.iterator();
                                    while (it2.hasNext()) {
                                        ((IConsentManager) it2.next()).persistConsentResult();
                                    }
                                } catch (ProtectionException e) {
                                    ExternalAuthFlow.this.mConsentFailed = true;
                                    int i = AnonymousClass3.$SwitchMap$com$microsoft$rightsmanagement$exceptions$ProtectionExceptionType[e.getType().ordinal()];
                                    if (i == 1 || i == 2) {
                                        throw e;
                                    }
                                    RMSLogWrapper.rmsError(ExternalAuthFlow.TAG, "Unexpected exception during consent handling " + e.toString());
                                    throw ExceptionUtilities.filterException(e);
                                }
                            } finally {
                                rMSLatch.countDown();
                            }
                        }
                    });
                    rMSLatch.await();
                    CreatePerfScenario.stop();
                    this.mPerfScenarioContainer.add(CreatePerfScenario);
                    this.mPerfScenarioContainer.addExternalOpsDuration(CreatePerfScenario.getLatency());
                }
            } catch (InterruptedException e) {
                throw new ProtectionException(TAG, "Received an interrupt exception while latching", e);
            }
        } finally {
            consentDataStore.shutDown();
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String getAccessToken(byte[] bArr, String str, AuthenticationRequestCallback authenticationRequestCallback, ConsentCallback consentCallback) throws ProtectionException {
        if (bArr == null && str == null) {
            throw new ProtectionException(TAG, "Invalid parameters to GetAuthInfoFlow");
        }
        this.mUserId = str;
        this.mVerifiedUserId = str;
        AuthInfo authInfo = getAuthInfo(bArr, str);
        if (authInfo == null) {
            RMSLogWrapper.rmsTrace(TAG, "Flow was cancelled");
            return null;
        }
        handleConsentCallback(consentCallback, str);
        if (this.mConsentFailed) {
            RMSLogWrapper.rmsInfo(TAG, "mConsentFailed = " + this.mConsentFailed);
            return null;
        }
        Map<String, String> generateMapFromAuthInfo = generateMapFromAuthInfo(str, authInfo);
        BasePerfScenario CreatePerfScenario = BasePerfScenario.CreatePerfScenario(PerfScenario.RequestTokenOp);
        CreatePerfScenario.start();
        authenticationRequestCallback.getToken(generateMapFromAuthInfo, new AuthenticationCompletionCallback() { // from class: com.microsoft.rightsmanagement.flows.ExternalAuthFlow.1
            @Override // com.microsoft.rightsmanagement.AuthenticationCompletionCallback
            public void onCancel() {
                ExternalAuthFlow.this.mState = AuthenticationCallbackState.Cancel;
                ExternalAuthFlow.this.mLatch.countDown();
            }

            @Override // com.microsoft.rightsmanagement.AuthenticationCompletionCallback
            public void onFailure() {
                ExternalAuthFlow.this.mState = AuthenticationCallbackState.Failure;
                ExternalAuthFlow.this.mLatch.countDown();
            }

            @Override // com.microsoft.rightsmanagement.AuthenticationCompletionCallback
            public void onSuccess(String str2) {
                ExternalAuthFlow.this.mAccessToken = str2;
                ExternalAuthFlow.this.mState = AuthenticationCallbackState.Success;
                ExternalAuthFlow.this.mLatch.countDown();
            }
        });
        if (this.mState == AuthenticationCallbackState.NotCalled) {
            try {
                this.mLatch.await();
                CreatePerfScenario.stop();
                this.mPerfScenarioContainer.add(CreatePerfScenario);
                this.mPerfScenarioContainer.addExternalOpsDuration(CreatePerfScenario.getLatency());
            } catch (InterruptedException e) {
                throw new ProtectionException(TAG, "Received an interrupt exception while latching", e);
            }
        }
        if (this.mState == AuthenticationCallbackState.Failure) {
            throw new AuthenticationException("TAG", "Failed getting authentication token from user");
        }
        if (this.mState != AuthenticationCallbackState.Cancel) {
            return this.mAccessToken;
        }
        this.mAsyncControl.cancel();
        cancelFlowIfRequested();
        return null;
    }

    public String getContentId() {
        LicenseParserResult licenseParserResult = this.mLicenseParserResult;
        if (licenseParserResult != null) {
            return licenseParserResult.getContentId();
        }
        return null;
    }

    public String getDiscoveryUrl() {
        return this.mDiscoveryUrl;
    }

    public Domain getSelectedDomain() {
        return this.mSelectedDomain;
    }
}
