package b.l.a.a;

import android.util.Base64;
import b.l.a.a.p;
import com.google.gson.Gson;
import com.microsoft.aad.adal.ADALError;
import com.microsoft.aad.adal.AuthenticationException;
import com.microsoft.aad.adal.AuthenticationSettings;
import java.io.UnsupportedEncodingException;
import java.lang.reflect.InvocationTargetException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Locale;
import java.util.Objects;
import java.util.StringTokenizer;

/* compiled from: src */
/* loaded from: classes9.dex */
public class d {
    public m a;

    /* compiled from: src */
    /* loaded from: classes9.dex */
    public class a {
        public List<String> c;
        public String a = "";

        /* renamed from: b, reason: collision with root package name */
        public String f3759b = "";
        public String d = "";

        /* renamed from: e, reason: collision with root package name */
        public String f3760e = null;

        /* renamed from: f, reason: collision with root package name */
        public String f3761f = "";

        public a(d dVar) {
        }
    }

    /* compiled from: src */
    /* loaded from: classes9.dex */
    public class b {
        public String a;

        /* renamed from: b, reason: collision with root package name */
        public String f3762b;

        public b(d dVar) {
        }
    }

    public d(m mVar) {
        this.a = mVar;
    }

    public b a(String str, String str2) throws UnsupportedEncodingException {
        if (u.a(str)) {
            throw new IllegalArgumentException("headerValue");
        }
        if (!u.f(str, "PKeyAuth")) {
            throw new AuthenticationException(ADALError.DEVICE_CERTIFICATE_REQUEST_INVALID, str);
        }
        a aVar = new a(this);
        String substring = str.substring(8);
        ArrayList<String> g2 = u.g(substring, ',');
        HashMap<String, String> hashMap = new HashMap<>();
        Iterator<String> it = g2.iterator();
        while (it.hasNext()) {
            ArrayList<String> g3 = u.g(it.next(), '=');
            if (g3.size() != 2 || u.a(g3.get(0)) || u.a(g3.get(1))) {
                throw new AuthenticationException(ADALError.DEVICE_CERTIFICATE_REQUEST_INVALID, substring);
            }
            String str3 = g3.get(0);
            String str4 = g3.get(1);
            String b2 = u.b(str3);
            String b3 = u.b(str4);
            String trim = b2.trim();
            String trim2 = b3.trim();
            hashMap.put(trim, !u.a(trim2) ? trim2.replace("\"", "") : null);
        }
        d(hashMap, false);
        String str5 = hashMap.get("Nonce");
        aVar.a = str5;
        if (u.a(str5)) {
            aVar.a = hashMap.get("Nonce".toLowerCase(Locale.US));
        }
        String str6 = hashMap.get("CertThumbprint");
        aVar.d = str6;
        if (u.a(str6)) {
            throw new AuthenticationException(ADALError.DEVICE_CERTIFICATE_REQUEST_INVALID, "CertThumbprint is not present in the header");
        }
        aVar.f3760e = hashMap.get("Version");
        aVar.f3759b = hashMap.get("Context");
        aVar.f3761f = str2;
        return c(aVar);
    }

    public b b(String str) {
        if (u.a(str)) {
            throw new IllegalArgumentException("redirectUri");
        }
        a aVar = new a(this);
        HashMap<String, String> e2 = u.e(str);
        d(e2, true);
        String str2 = e2.get("Nonce");
        aVar.a = str2;
        if (u.a(str2)) {
            aVar.a = e2.get("Nonce".toLowerCase(Locale.US));
        }
        String str3 = e2.get("CertAuthorities");
        q.g("ChallangeResponseBuilder", "Cert authorities:" + str3);
        StringTokenizer stringTokenizer = new StringTokenizer(str3, ";");
        ArrayList arrayList = new ArrayList();
        if (stringTokenizer.hasMoreTokens()) {
            while (stringTokenizer.hasMoreTokens()) {
                String nextToken = stringTokenizer.nextToken();
                if (!u.a(nextToken)) {
                    arrayList.add(nextToken);
                }
            }
        }
        aVar.c = arrayList;
        aVar.f3760e = e2.get("Version");
        aVar.f3761f = e2.get("SubmitUrl");
        aVar.f3759b = e2.get("Context");
        return c(aVar);
    }

    public final b c(a aVar) {
        b bVar = new b(this);
        bVar.a = aVar.f3761f;
        bVar.f3762b = String.format("%s Context=\"%s\",Version=\"%s\"", "PKeyAuth", aVar.f3759b, aVar.f3760e);
        bVar.a = aVar.f3761f;
        Class<?> d = AuthenticationSettings.INSTANCE.d();
        if (d != null) {
            try {
                l lVar = (l) d.getDeclaredConstructor(new Class[0]).newInstance(null);
                if (lVar.a(aVar.c) || (lVar.d() != null && lVar.d().equalsIgnoreCase(aVar.d))) {
                    RSAPrivateKey c = lVar.c();
                    if (c == null) {
                        throw new AuthenticationException(ADALError.KEY_CHAIN_PRIVATE_KEY_EXCEPTION);
                    }
                    m mVar = this.a;
                    String str = aVar.a;
                    String str2 = aVar.f3761f;
                    RSAPublicKey b2 = lVar.b();
                    X509Certificate e2 = lVar.e();
                    p pVar = (p) mVar;
                    Objects.requireNonNull(pVar);
                    if (u.a(str)) {
                        throw new IllegalArgumentException("nonce");
                    }
                    if (u.a(str2)) {
                        throw new IllegalArgumentException("audience");
                    }
                    if (b2 == null) {
                        throw new IllegalArgumentException("pubKey");
                    }
                    Gson gson = new Gson();
                    p.a aVar2 = new p.a(pVar);
                    aVar2.c = str;
                    aVar2.a = str2;
                    aVar2.f3783b = System.currentTimeMillis() / 1000;
                    p.b bVar2 = new p.b(pVar);
                    bVar2.a = "RS256";
                    bVar2.f3784b = "JWT";
                    try {
                        bVar2.c = r9;
                        String[] strArr = {new String(Base64.encode(e2.getEncoded(), 2), "UTF_8")};
                        String json = gson.toJson(bVar2);
                        String json2 = gson.toJson(aVar2);
                        q.g("JWSBuilder", "Client certificate challange response JWS Header:" + json);
                        String str3 = u.d(json.getBytes("UTF_8")) + "." + u.d(json2.getBytes("UTF_8"));
                        bVar.f3762b = String.format("%s AuthToken=\"%s\",Context=\"%s\",Version=\"%s\"", "PKeyAuth", b.c.b.a.a.n0(str3, ".", p.a(c, str3.getBytes("UTF_8"))), aVar.f3759b, aVar.f3760e);
                        StringBuilder x0 = b.c.b.a.a.x0("Challange response:");
                        x0.append(bVar.f3762b);
                        q.g("ChallangeResponseBuilder", x0.toString());
                    } catch (UnsupportedEncodingException unused) {
                        throw new AuthenticationException(ADALError.ENCODING_IS_NOT_SUPPORTED);
                    } catch (CertificateEncodingException unused2) {
                        throw new AuthenticationException(ADALError.CERTIFICATE_ENCODING_ERROR);
                    }
                }
            } catch (IllegalAccessException e3) {
                throw new AuthenticationException(ADALError.DEVICE_CERTIFICATE_API_EXCEPTION, "WPJ Api constructor is not defined", e3);
            } catch (IllegalArgumentException e4) {
                throw new AuthenticationException(ADALError.DEVICE_CERTIFICATE_API_EXCEPTION, "WPJ Api constructor is not defined", e4);
            } catch (InstantiationException e5) {
                throw new AuthenticationException(ADALError.DEVICE_CERTIFICATE_API_EXCEPTION, "WPJ Api constructor is not defined", e5);
            } catch (NoSuchMethodException e6) {
                throw new AuthenticationException(ADALError.DEVICE_CERTIFICATE_API_EXCEPTION, "WPJ Api constructor is not defined", e6);
            } catch (InvocationTargetException e7) {
                throw new AuthenticationException(ADALError.DEVICE_CERTIFICATE_API_EXCEPTION, "WPJ Api constructor is not defined", e7);
            }
        }
        return bVar;
    }

    public final void d(HashMap<String, String> hashMap, boolean z) {
        if (!hashMap.containsKey("Nonce") && !hashMap.containsKey("Nonce".toLowerCase(Locale.US))) {
            throw new AuthenticationException(ADALError.DEVICE_CERTIFICATE_REQUEST_INVALID, "Nonce");
        }
        if (!hashMap.containsKey("Version")) {
            throw new AuthenticationException(ADALError.DEVICE_CERTIFICATE_REQUEST_INVALID, "Version");
        }
        if (z && !hashMap.containsKey("SubmitUrl")) {
            throw new AuthenticationException(ADALError.DEVICE_CERTIFICATE_REQUEST_INVALID, "SubmitUrl");
        }
        if (!hashMap.containsKey("Context")) {
            throw new AuthenticationException(ADALError.DEVICE_CERTIFICATE_REQUEST_INVALID, "Context");
        }
        if (z && !hashMap.containsKey("CertAuthorities")) {
            throw new AuthenticationException(ADALError.DEVICE_CERTIFICATE_REQUEST_INVALID, "CertAuthorities");
        }
    }
}
