package com.microsoft.aad.adal;

import android.content.Context;
import android.net.Uri;
import com.google.gson.JsonSyntaxException;
import com.what3words.javawrapper.What3WordsV3;
import java.io.IOException;
import java.net.SocketTimeoutException;
import java.net.URI;
import java.net.URISyntaxException;
import java.net.URL;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Locale;
import java.util.Map;
import java.util.Set;
import java.util.UUID;
import java.util.concurrent.locks.ReentrantLock;
import org.apache.http.HttpHeaders;
import org.json.JSONException;
import z3.C0940a;

/* JADX INFO: Access modifiers changed from: package-private */
/* renamed from: com.microsoft.aad.adal.z, reason: case insensitive filesystem */
/* loaded from: classes2.dex */
public class C0528z {

    /* renamed from: d, reason: collision with root package name */
    private static volatile ReentrantLock f10706d;

    /* renamed from: e, reason: collision with root package name */
    private static final Set<String> f10707e = Collections.synchronizedSet(new HashSet());

    /* renamed from: f, reason: collision with root package name */
    private static final Map<String, Set<URI>> f10708f = Collections.synchronizedMap(new HashMap());

    /* renamed from: a, reason: collision with root package name */
    private UUID f10709a;

    /* renamed from: b, reason: collision with root package name */
    private Context f10710b;

    /* renamed from: c, reason: collision with root package name */
    private final y3.d f10711c;

    public C0528z(Context context) {
        Set<String> set = f10707e;
        if (set.isEmpty()) {
            set.add("login.windows.net");
            set.add("login.microsoftonline.com");
            set.add("login.chinacloudapi.cn");
            set.add("login.microsoftonline.de");
            set.add("login-us.microsoftonline.com");
            set.add("login.microsoftonline.us");
        }
        this.f10710b = context;
        this.f10711c = new y3.e();
    }

    private URL a(String str, String str2) {
        Uri.Builder builder = new Uri.Builder();
        builder.scheme("https").authority(str);
        builder.appendEncodedPath("common/discovery/instance").appendQueryParameter("api-version", "1.1").appendQueryParameter("authorization_endpoint", str2);
        return new URL(builder.build().toString());
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static URL b(URL url, String str) {
        return new URL(new Uri.Builder().scheme(url.getProtocol()).authority(str).appendPath(url.getPath().replaceFirst("/", "")).build().toString());
    }

    private String c(URL url) {
        return new Uri.Builder().scheme("https").authority(url.getHost()).appendPath("/common/oauth2/authorize").build().toString();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static Set<String> d() {
        return f10707e;
    }

    private void e(URL url, String str) {
        if (C0519p.a(url)) {
            return;
        }
        H.a(this.f10710b);
        try {
            Map<String, String> f5 = f(a(str, c(url)));
            com.microsoft.identity.common.internal.providers.microsoft.azureactivedirectory.b.n(url.getHost().toLowerCase(Locale.US), f5);
            C0519p.d(url, f5);
            if (!C0519p.a(url)) {
                ArrayList arrayList = new ArrayList();
                arrayList.add(url.getHost());
                C0519p.e(url.getHost(), new P(url.getHost(), url.getHost(), arrayList));
            }
            if (!C0519p.c(url)) {
                throw new AuthenticationException(ADALError.DEVELOPER_AUTHORITY_IS_NOT_VALID_INSTANCE);
            }
        } catch (SocketTimeoutException e5) {
            ADALError aDALError = ADALError.DEVICE_CONNECTION_IS_NOT_AVAILABLE;
            Logger.d("Discovery:performInstanceDiscovery", "Error when validating authority. ", "", aDALError, e5);
            throw new AuthenticationException(aDALError, e5.getMessage(), e5);
        } catch (IOException e6) {
            ADALError aDALError2 = ADALError.IO_EXCEPTION;
            Logger.d("Discovery:performInstanceDiscovery", "Error when validating authority. ", "", aDALError2, e6);
            throw new AuthenticationException(aDALError2, e6.getMessage(), e6);
        } catch (JSONException e7) {
            ADALError aDALError3 = ADALError.DEVELOPER_AUTHORITY_IS_NOT_VALID_INSTANCE;
            Logger.d("Discovery:performInstanceDiscovery", "Error when validating authority. ", "", aDALError3, e7);
            throw new AuthenticationException(aDALError3, e7.getMessage(), e7);
        }
    }

    private Map<String, String> f(URL url) {
        Logger.k("Discovery", "Sending discovery request to query url. ", "queryUrl: " + url, null);
        HashMap hashMap = new HashMap();
        hashMap.put(HttpHeaders.ACCEPT, What3WordsV3.CONTENT_TYPE_JSON);
        UUID uuid = this.f10709a;
        if (uuid != null) {
            hashMap.put("client-request-id", uuid.toString());
            hashMap.put("return-client-request-id", "true");
        }
        try {
            ClientMetrics clientMetrics = ClientMetrics.INSTANCE;
            clientMetrics.beginClientMetricsRecord(url, this.f10709a, hashMap);
            y3.c a5 = ((y3.e) this.f10711c).a(url, hashMap);
            clientMetrics.setLastError(null);
            HashMap<String, String> a6 = C0940a.a(a5);
            if (!a6.containsKey("error_codes")) {
                clientMetrics.endClientMetricsRecord("instance", this.f10709a);
                return a6;
            }
            String str = a6.get("error_codes");
            clientMetrics.setLastError(str);
            throw new AuthenticationException(ADALError.DEVELOPER_AUTHORITY_IS_NOT_VALID_INSTANCE, "Fail to valid authority with errors: " + str);
        } catch (Throwable th) {
            ClientMetrics.INSTANCE.endClientMetricsRecord("instance", this.f10709a);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void j(URL url) {
        if (url == null || z3.b.h(url.getHost()) || !url.getProtocol().equals("https") || !z3.b.h(url.getQuery()) || !z3.b.h(url.getRef()) || z3.b.h(url.getPath())) {
            throw new AuthenticationException(ADALError.DEVELOPER_AUTHORITY_IS_NOT_VALID_INSTANCE);
        }
    }

    public void g(UUID uuid) {
        this.f10709a = uuid;
    }

    public void h(URL url) {
        j(url);
        if (C0519p.a(url)) {
            return;
        }
        String host = url.getHost();
        Locale locale = Locale.US;
        String lowerCase = host.toLowerCase(locale);
        if (!f10707e.contains(url.getHost().toLowerCase(locale))) {
            lowerCase = "login.microsoftonline.com";
        }
        try {
            if (f10706d == null) {
                synchronized (C0528z.class) {
                    if (f10706d == null) {
                        f10706d = new ReentrantLock();
                    }
                }
            }
            f10706d = f10706d;
            f10706d.lock();
            e(url, lowerCase);
        } finally {
            f10706d.unlock();
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void i(URL url, String str) {
        if (z3.b.h(str)) {
            throw new IllegalArgumentException("Cannot validate AD FS Authority with domain [null]");
        }
        try {
            URI uri = url.toURI();
            Map<String, Set<URI>> map = f10708f;
            if (map.get(str) == null || !map.get(str).contains(uri)) {
                C0526x f5 = new DRSMetadataRequestor().f(str);
                b0 b0Var = new b0();
                a0 a0Var = new a0(url, f5);
                URL a5 = a0Var.a();
                C0526x b5 = a0Var.b();
                StringBuilder a6 = android.support.v4.media.b.a("Auth endpoint: ");
                a6.append(a5.toString());
                Logger.g("b0", "Validating authority for auth endpoint. ", a6.toString());
                try {
                    URL c5 = b0.c(a5, b5);
                    y3.c a7 = ((y3.e) b0Var.a()).a(c5, new HashMap());
                    if (200 != a7.c()) {
                        throw new AuthenticationException(ADALError.DEVELOPER_AUTHORITY_IS_NOT_VALID_INSTANCE);
                    }
                    Logger.j("b0", "Parsing WebFinger response.");
                    try {
                        if (!C0504a.a(uri, (Z) b0Var.b().b(a7.a(), Z.class))) {
                            throw new AuthenticationException(ADALError.DEVELOPER_AUTHORITY_IS_NOT_VALID_INSTANCE);
                        }
                        if (map.get(str) == null) {
                            map.put(str, new HashSet());
                        }
                        map.get(str).add(uri);
                    } catch (JsonSyntaxException unused) {
                        throw new AuthenticationException(ADALError.JSON_PARSE_ERROR);
                    }
                } catch (IOException e5) {
                    throw new AuthenticationException(ADALError.IO_EXCEPTION, "Unexpected error", e5);
                }
            }
        } catch (URISyntaxException unused2) {
            throw new AuthenticationException(ADALError.DEVELOPER_AUTHORITY_IS_NOT_VALID_URL, "Authority URL/URI must be RFC 2396 compliant to use AD FS validation");
        }
    }
}
