package com.microsoft.aad.adal;

import java.lang.reflect.InvocationTargetException;
import java.security.interfaces.RSAPrivateKey;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Locale;
import java.util.Map;

/* loaded from: classes2.dex */
class ChallengeResponseBuilder {

    /* renamed from: a, reason: collision with root package name */
    private final f0 f11889a;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes2.dex */
    public enum RequestField {
        Nonce,
        CertAuthorities,
        Version,
        SubmitUrl,
        Context,
        CertThumbprint
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes2.dex */
    public class a {

        /* renamed from: c, reason: collision with root package name */
        private List<String> f11893c;

        /* renamed from: a, reason: collision with root package name */
        private String f11891a = "";

        /* renamed from: b, reason: collision with root package name */
        private String f11892b = "";

        /* renamed from: d, reason: collision with root package name */
        private String f11894d = "";

        /* renamed from: e, reason: collision with root package name */
        private String f11895e = null;

        /* renamed from: f, reason: collision with root package name */
        private String f11896f = "";

        a() {
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes2.dex */
    public class b {

        /* renamed from: a, reason: collision with root package name */
        private String f11898a;

        /* renamed from: b, reason: collision with root package name */
        private String f11899b;

        b() {
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        public String d() {
            return this.f11899b;
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        public String e() {
            return this.f11898a;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public ChallengeResponseBuilder(f0 f0Var) {
        this.f11889a = f0Var;
    }

    private a a(String str) {
        if (f9.d.h(str)) {
            throw new AuthenticationServerProtocolException("redirectUri");
        }
        a aVar = new a();
        HashMap<String, String> f10 = f9.d.f(str);
        i(f10, true);
        RequestField requestField = RequestField.Nonce;
        aVar.f11891a = f10.get(requestField.name());
        if (f9.d.h(aVar.f11891a)) {
            aVar.f11891a = f10.get(requestField.name().toLowerCase(Locale.US));
        }
        String str2 = f10.get(RequestField.CertAuthorities.name());
        Logger.m("ChallengeResponseBuilder:getChallengeRequest", "Get cert authorities. ", "Authorities: " + str2, null);
        aVar.f11893c = f9.d.d(str2, ";");
        aVar.f11895e = f10.get(RequestField.Version.name());
        aVar.f11896f = f10.get(RequestField.SubmitUrl.name());
        aVar.f11892b = f10.get(RequestField.Context.name());
        return aVar;
    }

    private a b(String str) {
        if (f9.d.h(str)) {
            throw new AuthenticationServerProtocolException("headerValue");
        }
        if (!f9.d.g(str, "PKeyAuth")) {
            throw new AuthenticationException(ADALError.DEVICE_CERTIFICATE_REQUEST_INVALID, str);
        }
        a aVar = new a();
        String substring = str.substring(8);
        ArrayList<String> j10 = f9.d.j(substring, ',');
        HashMap hashMap = new HashMap();
        Iterator<String> it = j10.iterator();
        while (it.hasNext()) {
            ArrayList<String> j11 = f9.d.j(it.next(), '=');
            if (j11.size() == 2 && !f9.d.h(j11.get(0)) && !f9.d.h(j11.get(1))) {
                String str2 = j11.get(0);
                String str3 = j11.get(1);
                hashMap.put(f9.d.k(str2).trim(), f9.d.i(f9.d.k(str3).trim()));
            } else {
                if (j11.size() != 1 || f9.d.h(j11.get(0))) {
                    throw new AuthenticationException(ADALError.DEVICE_CERTIFICATE_REQUEST_INVALID, substring);
                }
                hashMap.put(f9.d.k(j11.get(0)).trim(), f9.d.k(""));
            }
        }
        i(hashMap, false);
        RequestField requestField = RequestField.Nonce;
        aVar.f11891a = hashMap.get(requestField.name());
        if (f9.d.h(aVar.f11891a)) {
            aVar.f11891a = hashMap.get(requestField.name().toLowerCase(Locale.US));
        }
        if (h()) {
            RequestField requestField2 = RequestField.CertThumbprint;
            if (f9.d.h(hashMap.get(requestField2.name()))) {
                RequestField requestField3 = RequestField.CertAuthorities;
                if (!hashMap.containsKey(requestField3.name())) {
                    throw new AuthenticationException(ADALError.DEVICE_CERTIFICATE_REQUEST_INVALID, "Both certThumbprint and certauthorities are not present");
                }
                Logger.l("ChallengeResponseBuilder:getChallengeRequestFromHeader", "CertAuthorities exists in the device auth challenge.");
                aVar.f11893c = f9.d.d(hashMap.get(requestField3.name()), ";");
            } else {
                Logger.l("ChallengeResponseBuilder:getChallengeRequestFromHeader", "CertThumbprint exists in the device auth challenge.");
                aVar.f11894d = hashMap.get(requestField2.name());
            }
        } else {
            Logger.l("ChallengeResponseBuilder:getChallengeRequestFromHeader", "Device is not workplace joined. ");
        }
        aVar.f11895e = hashMap.get(RequestField.Version.name());
        aVar.f11892b = hashMap.get(RequestField.Context.name());
        return aVar;
    }

    /* JADX WARN: Multi-variable type inference failed */
    private b e(a aVar) {
        b f10 = f(aVar);
        f10.f11898a = aVar.f11896f;
        Class<?> deviceCertificateProxy = AuthenticationSettings.INSTANCE.getDeviceCertificateProxy();
        if (deviceCertificateProxy != null) {
            d0 g10 = g(deviceCertificateProxy);
            if (g10.a(aVar.f11893c) || (g10.d() != null && g10.d().equalsIgnoreCase(aVar.f11894d))) {
                RSAPrivateKey c10 = g10.c();
                if (c10 == null) {
                    throw new AuthenticationException(ADALError.KEY_CHAIN_PRIVATE_KEY_EXCEPTION);
                }
                f10.f11899b = String.format("%s AuthToken=\"%s\",Context=\"%s\",Version=\"%s\"", "PKeyAuth", this.f11889a.a(aVar.f11891a, aVar.f11896f, c10, g10.b(), g10.e()), aVar.f11892b, aVar.f11895e);
                Logger.m("ChallengeResponseBuilder", "Receive challenge response. ", "Challenge response:" + f10.f11899b, null);
            }
        }
        return f10;
    }

    private b f(a aVar) {
        b bVar = new b();
        bVar.f11898a = aVar.f11896f;
        bVar.f11899b = String.format("%s Context=\"%s\",Version=\"%s\"", "PKeyAuth", aVar.f11892b, aVar.f11895e);
        return bVar;
    }

    private d0 g(Class<d0> cls) {
        try {
            return cls.getDeclaredConstructor(new Class[0]).newInstance(null);
        } catch (IllegalAccessException | IllegalArgumentException | InstantiationException | NoSuchMethodException | InvocationTargetException e10) {
            throw new AuthenticationException(ADALError.DEVICE_CERTIFICATE_API_EXCEPTION, "WPJ Api constructor is not defined", e10);
        }
    }

    private boolean h() {
        return AuthenticationSettings.INSTANCE.getDeviceCertificateProxy() != null;
    }

    private void i(Map<String, String> map, boolean z10) {
        RequestField requestField = RequestField.Nonce;
        if (!map.containsKey(requestField.name()) && !map.containsKey(requestField.name().toLowerCase(Locale.US))) {
            throw new AuthenticationException(ADALError.DEVICE_CERTIFICATE_REQUEST_INVALID, "Nonce");
        }
        if (!map.containsKey(RequestField.Version.name())) {
            throw new AuthenticationException(ADALError.DEVICE_CERTIFICATE_REQUEST_INVALID, "Version");
        }
        if (z10 && !map.containsKey(RequestField.SubmitUrl.name())) {
            throw new AuthenticationException(ADALError.DEVICE_CERTIFICATE_REQUEST_INVALID, "SubmitUrl");
        }
        if (!map.containsKey(RequestField.Context.name())) {
            throw new AuthenticationException(ADALError.DEVICE_CERTIFICATE_REQUEST_INVALID, "Context");
        }
        if (z10 && !map.containsKey(RequestField.CertAuthorities.name())) {
            throw new AuthenticationException(ADALError.DEVICE_CERTIFICATE_REQUEST_INVALID, "CertAuthorities");
        }
    }

    public b c(String str, String str2) {
        a b10 = b(str);
        b10.f11896f = str2;
        return e(b10);
    }

    public b d(String str) {
        return e(a(str));
    }
}
