package com.microsoft.authentication.internal.tokenshare;

import android.content.Context;
import android.os.IBinder;
import android.os.RemoteException;
import androidx.annotation.NonNull;
import bn.c;
import bn.g;
import bn.i;
import bq.c;
import cn.e;
import com.google.gson.n;
import com.microsoft.authentication.internal.Logger;
import com.microsoft.authentication.internal.OneAuthAndroidUtils;
import com.microsoft.identity.common.java.util.k;
import com.microsoft.tokenshare.AccountInfo;
import com.microsoft.tokenshare.RefreshToken;
import com.microsoft.tokenshare.f;
import dn.a;
import java.util.ArrayList;
import java.util.Date;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import pp.j;
import pp.x;
import um.v;
import wl.b;
import wl.d;

/* loaded from: classes7.dex */
public class MsalTokenProvider implements f {
    public static final String MSA_REALM = "9188040d-6c67-4c5b-b112-36a304b66dad";
    private static final int TTL_CREDS_MS = 10000;
    private static final Map<String, String> sClaimRemapper = new HashMap();
    private long lastChecked;
    private CacheResult mCacheResult;
    private final int mCacheTimeout;
    private a<String> mSharedPreferencesFileManager;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes12.dex */
    public class CacheResult {
        private final List<c> accountRecords;
        private final List<i> familyRefreshTokenRecords;
        private final List<g> idTokenRecords;

        public CacheResult(List<c> list, List<i> list2, List<g> list3) {
            this.accountRecords = list;
            this.familyRefreshTokenRecords = list2;
            this.idTokenRecords = list3;
        }

        public List<c> getAccountRecords() {
            return this.accountRecords;
        }

        public List<i> getFamilyRefreshTokenRecords() {
            return this.familyRefreshTokenRecords;
        }

        public List<g> getIdTokenRecords() {
            return this.idTokenRecords;
        }
    }

    static {
        applyV1ToV2Mappings();
    }

    public MsalTokenProvider(@NonNull Context context) {
        this(context, TTL_CREDS_MS);
    }

    public MsalTokenProvider(@NonNull Context context, int i10) {
        this.lastChecked = 0L;
        try {
            this.mSharedPreferencesFileManager = ((d) b.c(context).b()).a("com.microsoft.identity.client.account_credential_cache");
        } catch (Exception e10) {
            Logger.logException(509696001, "Exception thrown while initializing token provider", e10);
            this.mSharedPreferencesFileManager = null;
        }
        this.mCacheTimeout = i10;
    }

    private static tl.b adapt(@NonNull g gVar, @NonNull i iVar) throws e {
        tl.b bVar = new tl.b();
        bVar.g(iVar.h());
        bVar.j(iVar.k());
        bVar.i(mintV1IdTokenFromRawV2IdToken(gVar.k()));
        bVar.h(iVar.r());
        bVar.f(isFromHomeTenant(gVar) ? OneAuthAndroidUtils.getTslAuthorityForEnvironment(iVar.j()) : gVar.r());
        return bVar;
    }

    private static void applyV1ToV2Mappings() {
        sClaimRemapper.put("preferred_username", "upn");
    }

    private CacheResult fetchAccountRecordsAndTokens(v vVar) {
        ArrayList arrayList = new ArrayList();
        ArrayList arrayList2 = new ArrayList();
        ArrayList arrayList3 = new ArrayList();
        try {
            arrayList = vVar.getAccounts();
            Iterator it = vVar.e().iterator();
            while (it.hasNext()) {
                bn.d dVar = (bn.d) it.next();
                if (k.c(bn.e.RefreshToken.name(), dVar.i()) && (dVar instanceof i)) {
                    i iVar = (i) dVar;
                    if (!k.d(iVar.r())) {
                        arrayList2.add(iVar);
                    }
                } else if (k.c(bn.e.IdToken.name(), dVar.i())) {
                    arrayList3.add((g) dVar);
                }
            }
        } catch (Exception e10) {
            Logger.logException(509696000, "Exception thrown when trying to read accounts or credentials for TSL", e10);
        }
        return new CacheResult(arrayList, arrayList2, arrayList3);
    }

    private static List<AccountInfo> getAccountsFromRecords(List<c> list, List<i> list2) {
        ArrayList arrayList = new ArrayList();
        ArrayList arrayList2 = new ArrayList();
        for (c cVar : list) {
            i familyRefreshTokenForAccount = getFamilyRefreshTokenForAccount(cVar.getHomeAccountId(), list2);
            if (familyRefreshTokenForAccount != null) {
                arrayList2.add(new AccountRecordInfo(cVar, new Date(Long.valueOf(familyRefreshTokenForAccount.g()).longValue() * 1000)));
            }
        }
        if (arrayList2.size() > 0) {
            arrayList.addAll(CacheRecordParsingUtils.getListOfAccountInfo(arrayList2));
        }
        return arrayList;
    }

    private static i getFamilyRefreshTokenForAccount(String str, List<i> list) {
        for (i iVar : list) {
            if (k.c(str, iVar.getHomeAccountId())) {
                return iVar;
            }
        }
        return null;
    }

    private static String getHomeAccountIdForLocalAccountId(@NonNull String str, List<c> list) {
        for (c cVar : list) {
            if (cVar.a().equals(str)) {
                return cVar.getHomeAccountId();
            }
        }
        return null;
    }

    private static g getIdTokenForHomeAccountId(String str, List<g> list) {
        for (g gVar : list) {
            if (k.c(str, gVar.getHomeAccountId())) {
                return gVar;
            }
        }
        return null;
    }

    private static boolean isFromHomeTenant(@NonNull g gVar) {
        String str;
        String homeAccountId = gVar.getHomeAccountId();
        try {
            str = (String) kn.b.a(gVar.k()).get("oid");
        } catch (e unused) {
            Logger.logWarning(543765719, "Failed to parse IdToken");
        }
        if (str != null) {
            return homeAccountId.contains(str);
        }
        Logger.logWarning(543765718, "OID claims was missing from token");
        return false;
    }

    @NonNull
    private static String mintV1IdTokenFromRawV2IdToken(@NonNull String str) throws e {
        HashMap a10 = kn.b.a(str);
        c.a aVar = new c.a();
        for (Map.Entry entry : a10.entrySet()) {
            String str2 = (String) entry.getKey();
            Object value = entry.getValue();
            if ("ver".equals(str2)) {
                value = "1";
            }
            aVar.d(value, remap(str2));
        }
        return new bq.e(new x(j.f40491b, null, null, null, null), aVar.c()).d();
    }

    @NonNull
    private static String remap(@NonNull String str) {
        String str2 = sClaimRemapper.get(str);
        return str2 == null ? str : str2;
    }

    private CacheResult updateCacheIfNeeded() {
        synchronized (this) {
            long currentTimeMillis = System.currentTimeMillis();
            if (currentTimeMillis - this.lastChecked < this.mCacheTimeout || this.mSharedPreferencesFileManager == null) {
                return this.mCacheResult;
            }
            try {
                this.mCacheResult = fetchAccountRecordsAndTokens(new v(new um.e(), this.mSharedPreferencesFileManager));
            } catch (Exception e10) {
                Logger.logException(509641422, "Exception thrown when trying to create update cache", e10);
            }
            this.lastChecked = currentTimeMillis;
            return this.mCacheResult;
        }
    }

    @Override // android.os.IInterface
    public IBinder asBinder() {
        return null;
    }

    @Override // com.microsoft.tokenshare.f
    public List<AccountInfo> getAccounts() {
        CacheResult updateCacheIfNeeded = updateCacheIfNeeded();
        return getAccountsFromRecords(updateCacheIfNeeded.getAccountRecords(), updateCacheIfNeeded.getFamilyRefreshTokenRecords());
    }

    @Override // com.microsoft.tokenshare.f
    public String getSharedDeviceId() {
        return null;
    }

    @Override // com.microsoft.tokenshare.f
    public RefreshToken getToken(AccountInfo accountInfo) throws RemoteException {
        g idTokenForHomeAccountId;
        CacheResult updateCacheIfNeeded = updateCacheIfNeeded();
        String accountId = accountInfo.getAccountId();
        AccountInfo.AccountType accountType = accountInfo.getAccountType();
        AccountInfo.AccountType accountType2 = AccountInfo.AccountType.MSA;
        if (accountType == accountType2) {
            accountId = CacheRecordParsingUtils.convertCidToGuidString(accountId);
        }
        String homeAccountIdForLocalAccountId = getHomeAccountIdForLocalAccountId(accountId, updateCacheIfNeeded.getAccountRecords());
        if (homeAccountIdForLocalAccountId == null) {
            Logger.logInfo(554562334, "Could not find account in cache");
            return null;
        }
        i familyRefreshTokenForAccount = getFamilyRefreshTokenForAccount(homeAccountIdForLocalAccountId, updateCacheIfNeeded.getFamilyRefreshTokenRecords());
        if (familyRefreshTokenForAccount == null) {
            Logger.logInfo(539849605, "Found account in cache, but refreshTokenRecord null");
            return null;
        }
        if (accountInfo.getAccountType() == accountType2) {
            return new RefreshToken(familyRefreshTokenForAccount.k(), familyRefreshTokenForAccount.h());
        }
        if (accountInfo.getAccountType() != AccountInfo.AccountType.ORGID || (idTokenForHomeAccountId = getIdTokenForHomeAccountId(homeAccountIdForLocalAccountId, updateCacheIfNeeded.getIdTokenRecords())) == null) {
            return null;
        }
        try {
            return new RefreshToken(vl.a.c(adapt(idTokenForHomeAccountId, familyRefreshTokenForAccount)), "SSO_STATE_SERIALIZER_BLOB");
        } catch (e e10) {
            Logger.logException(529391764, "ServiceException while serializing token", e10);
            return null;
        } catch (n e11) {
            Logger.logException(529391765, "JsonParseException while serializing token", e11);
            return null;
        } catch (NullPointerException e12) {
            Logger.logException(529391766, "NullPointerException while serializing token", e12);
            return null;
        } catch (Exception e13) {
            Logger.logException(529391767, "Generic Exception while serializing token", e13);
            return null;
        }
    }
}
