package com.acompli.accore.util;

import android.app.Activity;
import android.content.Context;
import android.support.annotation.NonNull;
import android.support.annotation.Nullable;
import android.text.TextUtils;
import com.acompli.accore.ACClient;
import com.acompli.accore.ACCore;
import com.acompli.accore.model.ACMailAccount;
import com.acompli.libcircle.metrics.EventLogger;
import com.acompli.libcircle.util.Log;
import com.acompli.libcircle.util.Logger;
import com.acompli.libcircle.util.Loggers;
import com.acompli.thrift.client.generated.TokenType;
import com.microsoft.aad.adal.AuthenticationCallback;
import com.microsoft.aad.adal.AuthenticationConstants;
import com.microsoft.aad.adal.AuthenticationContext;
import com.microsoft.aad.adal.AuthenticationResult;
import com.microsoft.aad.adal.PromptBehavior;

/* loaded from: classes.dex */
public class ADALUtil {
    public static final String AUTHORITY_PE = "https://login.windows.net/common/oauth2/token";
    public static final String AUTHORITY_PPE = "https://login.windows-ppe.net/common/oauth2/token";
    public static final String CLIENTID = "27922004-5251-4030-b22d-91ecd9a37ea4";
    public static final String REDIRECT = "msauth://com.microsoft.office.outlook/fcg80qvoM1YMKJZibjBwQcDfOno%3D";
    public static final String RESOURCE_BACKEND = "https://api.acompli.com/exchange";
    public static final String RESOURCE_EXCHANGE = "https://outlook.office365.com/";
    public static final String RESOURCE_EXCHANGE_PPE = "https://sdfpilot.outlook.com";

    /* loaded from: classes.dex */
    public interface TokenRefreshedCallback {
        void tokenRefreshFailedForResource(String str, Exception exc);

        void tokenRefreshedForResource(String str, long j, String str2);
    }

    public static AuthenticationContext attemptADALLogin(@NonNull Activity activity, @Nullable String str, AuthenticationCallback<AuthenticationResult> authenticationCallback) {
        return attemptADALLogin(AUTHORITY_PE, activity, str, authenticationCallback);
    }

    public static AuthenticationContext attemptADALLogin(@NonNull String str, @NonNull Activity activity, @Nullable String str2, AuthenticationCallback<AuthenticationResult> authenticationCallback) {
        AuthenticationContext authenticationContext;
        try {
            authenticationContext = new AuthenticationContext(activity.getApplicationContext(), str, true);
            try {
                Log.v("ADALUtil", "Redirect URI: " + authenticationContext.getRedirectUriForBroker());
                authenticationContext.acquireToken(activity, RESOURCE_BACKEND, CLIENTID, REDIRECT, str2 != null ? str2 : "", PromptBehavior.Always, "nux=1&msafed=0", authenticationCallback);
            } catch (Exception e) {
                e = e;
                Log.e("ADALUtil", "Exception in ADAL", e);
                return authenticationContext;
            }
        } catch (Exception e2) {
            e = e2;
            authenticationContext = null;
        }
        return authenticationContext;
    }

    public static AuthenticationContext getADALContext(Context context) {
        return getADALContext(AUTHORITY_PE, context);
    }

    public static AuthenticationContext getADALContext(String str, Context context) {
        try {
            return new AuthenticationContext(context, str, true);
        } catch (Exception e) {
            Log.e("ADALUtil", "Failed to create ADAL Context.", e);
            return null;
        }
    }

    public static void refreshTokenForResource(Context context, ACMailAccount aCMailAccount, final String str, EventLogger eventLogger, final TokenRefreshedCallback tokenRefreshedCallback) {
        if (TextUtils.isEmpty(aCMailAccount.getRefreshToken())) {
            eventLogger.build("should_never_happen").set("type", "refreshTokenForResource_null_refresh").finish();
            return;
        }
        try {
            new AuthenticationContext(context, aCMailAccount.getServerURI() != null ? aCMailAccount.getServerURI() : AUTHORITY_PE, true).acquireTokenByRefreshToken(aCMailAccount.getRefreshToken(), CLIENTID, str, new AuthenticationCallback<AuthenticationResult>() { // from class: com.acompli.accore.util.ADALUtil.2
                @Override // com.microsoft.aad.adal.AuthenticationCallback
                public void onError(Exception exc) {
                    TokenRefreshedCallback.this.tokenRefreshFailedForResource(str, exc);
                }

                @Override // com.microsoft.aad.adal.AuthenticationCallback
                public void onSuccess(AuthenticationResult authenticationResult) {
                    TokenRefreshedCallback.this.tokenRefreshedForResource(authenticationResult.getAccessToken(), authenticationResult.getExpiresOn() != null ? authenticationResult.getExpiresOn().getTime() : 0L, str);
                }
            });
        } catch (Exception e) {
            tokenRefreshedCallback.tokenRefreshFailedForResource(str, e);
        }
    }

    public static void refreshTokenOfType(final ACCore aCCore, final ACMailAccount aCMailAccount, final TokenType tokenType, EventLogger eventLogger) {
        final Logger accountLogger = Loggers.getInstance().getAccountLogger();
        refreshTokenForResource(aCCore.getContext(), aCMailAccount, tokenType == TokenType.DirectAccessToken ? RESOURCE_EXCHANGE : RESOURCE_BACKEND, eventLogger, new TokenRefreshedCallback() { // from class: com.acompli.accore.util.ADALUtil.1
            @Override // com.acompli.accore.util.ADALUtil.TokenRefreshedCallback
            public void tokenRefreshFailedForResource(String str, Exception exc) {
                Logger.this.e("Failed token refresh of " + str + " for account " + aCMailAccount.getAccountID(), exc);
            }

            @Override // com.acompli.accore.util.ADALUtil.TokenRefreshedCallback
            public void tokenRefreshedForResource(String str, long j, String str2) {
                if (TextUtils.isEmpty(str)) {
                    Logger.this.w("Received empty token on refresh of " + str2 + " for account " + aCMailAccount.getAccountID());
                    return;
                }
                Logger.this.v("Successfully refreshed direct access token for account " + aCMailAccount.getAccountID());
                ACClient.updateAccessToken(aCCore, aCMailAccount.getAccountID(), str, tokenType);
                if (tokenType == TokenType.DirectAccessToken) {
                    aCMailAccount.setDirectToken(str);
                    if (j != 0) {
                        aCMailAccount.setDirectTokenExpiration(j);
                    }
                } else {
                    aCMailAccount.setAccessToken(str);
                    if (j != 0) {
                        aCMailAccount.setTokenExpiration(j);
                    }
                }
                aCCore.getAccountManager().saveAccounts();
            }
        });
    }

    public static void refreshTokenUpdateAccount(@Nullable Activity activity, @NonNull Context context, @NonNull ACMailAccount aCMailAccount, EventLogger eventLogger) {
        refreshTokenUpdateAccount(activity, context, aCMailAccount, eventLogger, RESOURCE_BACKEND);
    }

    public static void refreshTokenUpdateAccount(@Nullable final Activity activity, @NonNull Context context, @NonNull final ACMailAccount aCMailAccount, final EventLogger eventLogger, final String str) {
        Log.d("ADALUtil", "Refreshing token");
        final Logger accountLogger = Loggers.getInstance().getAccountLogger();
        try {
            if (!TextUtils.isEmpty(aCMailAccount.getRefreshToken())) {
                final AuthenticationContext authenticationContext = new AuthenticationContext(context, aCMailAccount.getServerURI() != null ? aCMailAccount.getServerURI() : AUTHORITY_PE, true);
                authenticationContext.acquireTokenByRefreshToken(aCMailAccount.getRefreshToken(), CLIENTID, str, new AuthenticationCallback<AuthenticationResult>() { // from class: com.acompli.accore.util.ADALUtil.3
                    boolean retryWithActivity = true;

                    @Override // com.microsoft.aad.adal.AuthenticationCallback
                    public void onError(Exception exc) {
                        Logger.this.e("Failed to refresh ADAL token", exc);
                    }

                    @Override // com.microsoft.aad.adal.AuthenticationCallback
                    public void onSuccess(AuthenticationResult authenticationResult) {
                        if (authenticationResult != null && authenticationResult.getAccessToken() != null && !authenticationResult.getAccessToken().isEmpty()) {
                            Logger.this.v("Received updated ADAL token.");
                            ADALUtil.updateAccountWithAuthResult(aCMailAccount, authenticationResult);
                            return;
                        }
                        Log.d("ADALUtil", "Token is empty, potentially an invalid_grant");
                        if (authenticationResult == null || authenticationResult.getErrorCode() == null || !authenticationResult.getErrorCode().equals("invalid_grant")) {
                            return;
                        }
                        Logger.this.i("Received invalid_grant from ADAL");
                        if (this.retryWithActivity && activity != null) {
                            this.retryWithActivity = false;
                            authenticationContext.acquireToken(activity, str, ADALUtil.CLIENTID, ADALUtil.REDIRECT, aCMailAccount.getO365UPN(), PromptBehavior.Always, "nux=1&msafed=0", this);
                        } else if (activity == null) {
                            eventLogger.build("adal_refresh_error").set(AuthenticationConstants.OAuth2.ERROR, "interactive_login_no_activity").finish();
                            Logger.this.i("\tCan't retry interactive login - no activity");
                        } else {
                            if (this.retryWithActivity) {
                                return;
                            }
                            eventLogger.build("adal_refresh_error").set(AuthenticationConstants.OAuth2.ERROR, "wont_retry_with_activity").finish();
                            Logger.this.i("\tWon't retry interactive login - retryWithActivity==false");
                        }
                    }
                });
            } else {
                if (activity == null) {
                    eventLogger.build("adal_refresh_error").set(AuthenticationConstants.OAuth2.ERROR, "no refresh token and no activity").finish();
                    return;
                }
                String serverURI = aCMailAccount.getServerURI() != null ? aCMailAccount.getServerURI() : AUTHORITY_PE;
                accountLogger.i("Null refresh token, forcing an interactive login");
                new AuthenticationContext(activity.getApplicationContext(), serverURI, true).acquireToken(activity, str, CLIENTID, REDIRECT, aCMailAccount.getO365UPN(), PromptBehavior.Auto, "nux=1&msafed=0", new AuthenticationCallback<AuthenticationResult>() { // from class: com.acompli.accore.util.ADALUtil.4
                    @Override // com.microsoft.aad.adal.AuthenticationCallback
                    public void onError(Exception exc) {
                        Log.e("ADALUtil", "Failed to refresh token", exc);
                    }

                    @Override // com.microsoft.aad.adal.AuthenticationCallback
                    public void onSuccess(AuthenticationResult authenticationResult) {
                        if (authenticationResult != null && authenticationResult.getAccessToken() != null && !authenticationResult.getAccessToken().isEmpty()) {
                            Logger.this.v("Received updated ADAL token.");
                            ADALUtil.updateAccountWithAuthResult(aCMailAccount, authenticationResult);
                            return;
                        }
                        Log.d("ADALUtil", "Token is empty");
                        if (authenticationResult == null || authenticationResult.getErrorCode() == null || !authenticationResult.getErrorCode().equals("invalid_grant")) {
                            return;
                        }
                        Logger.this.i("Received invalid_grant from ADAL on an interactive login?");
                    }
                });
            }
        } catch (Exception e) {
            Log.e("ADALUtil", "ADAL Exception", e);
        }
    }

    public static void updateAccountWithAuthResult(ACMailAccount aCMailAccount, AuthenticationResult authenticationResult) {
        Logger accountLogger = Loggers.getInstance().getAccountLogger();
        ACCore aCCore = ACCore.getInstance();
        ACClient.updateAzureAccessToken(aCMailAccount.getAccountID(), authenticationResult.getAccessToken());
        if (authenticationResult.getUserInfo() != null) {
            String userId = authenticationResult.getUserInfo().getUserId();
            String displayableId = authenticationResult.getUserInfo().getDisplayableId();
            if (!TextUtils.isEmpty(userId)) {
                aCMailAccount.setUserID(userId);
            }
            if (!TextUtils.isEmpty(displayableId) && !TextUtils.equals(displayableId, aCMailAccount.getO365UPN())) {
                aCMailAccount.setUsername(displayableId);
            }
        }
        if (TextUtils.isEmpty(authenticationResult.getRefreshToken())) {
            accountLogger.i("Updated ADAL token has an empty refresh token");
        } else {
            aCMailAccount.setRefreshToken(authenticationResult.getRefreshToken());
        }
        if (!TextUtils.isEmpty(authenticationResult.getAccessToken())) {
            aCMailAccount.setAccessToken(authenticationResult.getAccessToken());
        }
        if (authenticationResult.getExpiresOn() != null) {
            aCMailAccount.setTokenExpiration(authenticationResult.getExpiresOn().getTime());
        }
        aCCore.getAccountManager().saveAccounts();
        aCCore.getMAMEnrollmentUtil().onADDTokenRefreshed(aCMailAccount);
    }
}
