package com.microsoft.aad.adal4j;

import com.nimbusds.jwt.SignedJWT;
import com.nimbusds.oauth2.sdk.AuthorizationCode;
import com.nimbusds.oauth2.sdk.AuthorizationCodeGrant;
import com.nimbusds.oauth2.sdk.ClientCredentialsGrant;
import com.nimbusds.oauth2.sdk.JWTBearerGrant;
import com.nimbusds.oauth2.sdk.ParseException;
import com.nimbusds.oauth2.sdk.RefreshTokenGrant;
import com.nimbusds.oauth2.sdk.ResourceOwnerPasswordCredentialsGrant;
import com.nimbusds.oauth2.sdk.auth.ClientAuthentication;
import com.nimbusds.oauth2.sdk.auth.ClientAuthenticationMethod;
import com.nimbusds.oauth2.sdk.auth.ClientSecretPost;
import com.nimbusds.oauth2.sdk.auth.PrivateKeyJWT;
import com.nimbusds.oauth2.sdk.auth.Secret;
import com.nimbusds.oauth2.sdk.id.ClientID;
import com.nimbusds.oauth2.sdk.token.RefreshToken;
import java.net.MalformedURLException;
import java.net.Proxy;
import java.net.URI;
import java.net.URL;
import java.util.Collections;
import java.util.HashMap;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.Future;
import javax.net.ssl.SSLSocketFactory;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/lib/adal4j-1.6.4.jar:com/microsoft/aad/adal4j/AuthenticationContext.class */
public class AuthenticationContext {
    final AuthenticationAuthority authenticationAuthority;
    String correlationId;
    private String authority;
    private final ExecutorService service;
    private final boolean validateAuthority;
    Proxy proxy;
    SSLSocketFactory sslSocketFactory;
    final Logger log = LoggerFactory.getLogger((Class<?>) AuthenticationContext.class);
    private boolean logPii = false;

    public boolean isLogPii() {
        return this.logPii;
    }

    public void setLogPii(boolean z) {
        this.logPii = z;
    }

    public AuthenticationContext(String str, boolean z, ExecutorService executorService) throws MalformedURLException {
        if (StringHelper.isBlank(str)) {
            throw new IllegalArgumentException("authority is null or empty");
        }
        if (executorService == null) {
            throw new IllegalArgumentException("service is null");
        }
        this.service = executorService;
        this.validateAuthority = z;
        this.authority = canonicalizeUri(str);
        this.authenticationAuthority = new AuthenticationAuthority(new URL(getAuthority()), shouldValidateAuthority());
    }

    public Proxy getProxy() {
        return this.proxy;
    }

    public void setProxy(Proxy proxy) {
        this.proxy = proxy;
    }

    public SSLSocketFactory getSslSocketFactory() {
        return this.sslSocketFactory;
    }

    public void setSslSocketFactory(SSLSocketFactory sSLSocketFactory) {
        this.sslSocketFactory = sSLSocketFactory;
    }

    private String canonicalizeUri(String str) {
        if (!str.endsWith("/")) {
            str = str + "/";
        }
        return str;
    }

    public Future<AuthenticationResult> acquireToken(String str, String str2, String str3, String str4, AuthenticationCallback authenticationCallback) {
        if (StringHelper.isBlank(str)) {
            throw new IllegalArgumentException("resource is null or empty");
        }
        if (StringHelper.isBlank(str2)) {
            throw new IllegalArgumentException("clientId is null or empty");
        }
        if (StringHelper.isBlank(str3)) {
            throw new IllegalArgumentException("username is null or empty");
        }
        ClientAuthenticationPost clientAuthenticationPost = new ClientAuthenticationPost(ClientAuthenticationMethod.NONE, new ClientID(str2));
        return str4 != null ? acquireToken(new AdalOAuthAuthorizationGrant(new ResourceOwnerPasswordCredentialsGrant(str3, new Secret(str4)), str), clientAuthenticationPost, (AuthenticationCallback<AuthenticationResult>) authenticationCallback) : acquireToken(new AdalIntegratedAuthorizationGrant(str3, str), clientAuthenticationPost, (AuthenticationCallback<AuthenticationResult>) authenticationCallback);
    }

    public Future<AuthenticationResult> acquireToken(String str, ClientAssertion clientAssertion, AuthenticationCallback authenticationCallback) {
        validateInput(str, clientAssertion, true);
        return acquireToken(new AdalOAuthAuthorizationGrant(new ClientCredentialsGrant(), str), createClientAuthFromClientAssertion(clientAssertion), (AuthenticationCallback<AuthenticationResult>) authenticationCallback);
    }

    public Future<AuthenticationResult> acquireToken(String str, UserAssertion userAssertion, ClientCredential clientCredential, AuthenticationCallback authenticationCallback) {
        validateOnBehalfOfRequestInput(str, userAssertion, clientCredential, true);
        return acquireTokenOnBehalfOf(str, userAssertion, new ClientSecretPost(new ClientID(clientCredential.getClientId()), new Secret(clientCredential.getClientSecret())), authenticationCallback);
    }

    public Future<AuthenticationResult> acquireToken(String str, UserAssertion userAssertion, AsymmetricKeyCredential asymmetricKeyCredential, AuthenticationCallback authenticationCallback) {
        validateOnBehalfOfRequestInput(str, userAssertion, asymmetricKeyCredential, true);
        return acquireTokenOnBehalfOf(str, userAssertion, createClientAuthFromClientAssertion(JwtHelper.buildJwt(asymmetricKeyCredential, this.authenticationAuthority.getSelfSignedJwtAudience())), authenticationCallback);
    }

    private Future<AuthenticationResult> acquireTokenOnBehalfOf(String str, UserAssertion userAssertion, ClientAuthentication clientAuthentication, AuthenticationCallback authenticationCallback) {
        HashMap hashMap = new HashMap();
        hashMap.put("resource", Collections.singletonList(str));
        hashMap.put("requested_token_use", Collections.singletonList("on_behalf_of"));
        try {
            return acquireToken(new AdalOAuthAuthorizationGrant(new JWTBearerGrant(SignedJWT.parse(userAssertion.getAssertion())), hashMap), clientAuthentication, (AuthenticationCallback<AuthenticationResult>) authenticationCallback);
        } catch (Exception e) {
            throw new AuthenticationException(e);
        }
    }

    public Future<AuthenticationResult> acquireToken(String str, ClientCredential clientCredential, AuthenticationCallback authenticationCallback) {
        validateInput(str, clientCredential, true);
        return acquireToken(new AdalOAuthAuthorizationGrant(new ClientCredentialsGrant(), str), new ClientSecretPost(new ClientID(clientCredential.getClientId()), new Secret(clientCredential.getClientSecret())), (AuthenticationCallback<AuthenticationResult>) authenticationCallback);
    }

    public Future<AuthenticationResult> acquireToken(String str, AsymmetricKeyCredential asymmetricKeyCredential, AuthenticationCallback authenticationCallback) throws AuthenticationException {
        return acquireToken(str, JwtHelper.buildJwt(asymmetricKeyCredential, this.authenticationAuthority.getSelfSignedJwtAudience()), authenticationCallback);
    }

    public Future<AuthenticationResult> acquireTokenByAuthorizationCode(String str, String str2, String str3, URI uri, AuthenticationCallback authenticationCallback) {
        ClientAuthentication clientAuthenticationPost = new ClientAuthenticationPost(ClientAuthenticationMethod.NONE, new ClientID(str3));
        validateAuthCodeRequestInput(str, uri, clientAuthenticationPost, str2);
        return acquireToken(new AdalOAuthAuthorizationGrant(new AuthorizationCodeGrant(new AuthorizationCode(str), uri), str2), clientAuthenticationPost, (AuthenticationCallback<AuthenticationResult>) authenticationCallback);
    }

    public Future<AuthenticationResult> acquireTokenByAuthorizationCode(String str, URI uri, ClientAssertion clientAssertion, AuthenticationCallback authenticationCallback) {
        return acquireTokenByAuthorizationCode(str, uri, clientAssertion, (String) null, authenticationCallback);
    }

    public Future<AuthenticationResult> acquireTokenByAuthorizationCode(String str, URI uri, ClientAssertion clientAssertion, String str2, AuthenticationCallback authenticationCallback) {
        validateAuthCodeRequestInput(str, uri, clientAssertion, str2);
        return acquireToken(new AdalOAuthAuthorizationGrant(new AuthorizationCodeGrant(new AuthorizationCode(str), uri), str2), createClientAuthFromClientAssertion(clientAssertion), (AuthenticationCallback<AuthenticationResult>) authenticationCallback);
    }

    public Future<AuthenticationResult> acquireTokenByAuthorizationCode(String str, URI uri, ClientCredential clientCredential, AuthenticationCallback authenticationCallback) {
        validateAuthCodeRequestInput(str, uri, clientCredential, null);
        return acquireTokenByAuthorizationCode(str, uri, clientCredential, (String) null, authenticationCallback);
    }

    public Future<AuthenticationResult> acquireTokenByAuthorizationCode(String str, URI uri, ClientCredential clientCredential, String str2, AuthenticationCallback authenticationCallback) {
        validateAuthCodeRequestInput(str, uri, clientCredential, str2);
        return acquireToken(new AdalOAuthAuthorizationGrant(new AuthorizationCodeGrant(new AuthorizationCode(str), uri), str2), new ClientSecretPost(new ClientID(clientCredential.getClientId()), new Secret(clientCredential.getClientSecret())), (AuthenticationCallback<AuthenticationResult>) authenticationCallback);
    }

    public Future<AuthenticationResult> acquireTokenByAuthorizationCode(String str, URI uri, AsymmetricKeyCredential asymmetricKeyCredential, AuthenticationCallback authenticationCallback) throws AuthenticationException {
        return acquireTokenByAuthorizationCode(str, uri, asymmetricKeyCredential, (String) null, authenticationCallback);
    }

    public Future<AuthenticationResult> acquireTokenByAuthorizationCode(String str, URI uri, AsymmetricKeyCredential asymmetricKeyCredential, String str2, AuthenticationCallback authenticationCallback) throws AuthenticationException {
        validateAuthCodeRequestInput(str, uri, asymmetricKeyCredential, str2);
        return acquireTokenByAuthorizationCode(str, uri, JwtHelper.buildJwt(asymmetricKeyCredential, this.authenticationAuthority.getSelfSignedJwtAudience()), str2, authenticationCallback);
    }

    public Future<DeviceCode> acquireDeviceCode(String str, String str2, AuthenticationCallback<DeviceCode> authenticationCallback) {
        validateDeviceCodeRequestInput(str, str2);
        return this.service.submit(new AcquireDeviceCodeCallable(this, str, str2, authenticationCallback));
    }

    public Future<AuthenticationResult> acquireTokenByDeviceCode(DeviceCode deviceCode, AuthenticationCallback authenticationCallback) throws AuthenticationException {
        ClientAuthentication clientAuthenticationPost = new ClientAuthenticationPost(ClientAuthenticationMethod.NONE, new ClientID(deviceCode.getClientId()));
        validateDeviceCodeRequestInput(deviceCode, clientAuthenticationPost, deviceCode.getResource());
        return acquireToken(new AdalDeviceCodeAuthorizationGrant(deviceCode, deviceCode.getResource()), clientAuthenticationPost, (AuthenticationCallback<AuthenticationResult>) authenticationCallback);
    }

    public Future<AuthenticationResult> acquireTokenByRefreshToken(String str, String str2, ClientAssertion clientAssertion, AuthenticationCallback authenticationCallback) {
        return acquireTokenByRefreshToken(str, str2, clientAssertion, null, authenticationCallback);
    }

    public Future<AuthenticationResult> acquireTokenByRefreshToken(String str, String str2, ClientAssertion clientAssertion, String str3, AuthenticationCallback authenticationCallback) {
        validateRefreshTokenRequestInput(str, str2, clientAssertion);
        return acquireToken(new AdalOAuthAuthorizationGrant(new RefreshTokenGrant(new RefreshToken(str)), str3), createClientAuthFromClientAssertion(clientAssertion), (AuthenticationCallback<AuthenticationResult>) authenticationCallback);
    }

    public Future<AuthenticationResult> acquireTokenByRefreshToken(String str, ClientCredential clientCredential, AuthenticationCallback authenticationCallback) {
        return acquireTokenByRefreshToken(str, clientCredential, (String) null, authenticationCallback);
    }

    public Future<AuthenticationResult> acquireTokenByRefreshToken(String str, ClientCredential clientCredential, String str2, AuthenticationCallback authenticationCallback) {
        return acquireToken(new AdalOAuthAuthorizationGrant(new RefreshTokenGrant(new RefreshToken(str)), str2), new ClientSecretPost(new ClientID(clientCredential.getClientId()), new Secret(clientCredential.getClientSecret())), (AuthenticationCallback<AuthenticationResult>) authenticationCallback);
    }

    public Future<AuthenticationResult> acquireTokenByRefreshToken(String str, AsymmetricKeyCredential asymmetricKeyCredential, AuthenticationCallback authenticationCallback) throws AuthenticationException {
        return acquireTokenByRefreshToken(str, asymmetricKeyCredential, (String) null, authenticationCallback);
    }

    public Future<AuthenticationResult> acquireTokenByRefreshToken(String str, AsymmetricKeyCredential asymmetricKeyCredential, String str2, AuthenticationCallback authenticationCallback) throws AuthenticationException {
        return acquireTokenByRefreshToken(str, asymmetricKeyCredential.getClientId(), JwtHelper.buildJwt(asymmetricKeyCredential, this.authenticationAuthority.getSelfSignedJwtAudience()), str2, authenticationCallback);
    }

    public Future<AuthenticationResult> acquireTokenByRefreshToken(String str, String str2, AuthenticationCallback authenticationCallback) {
        return acquireTokenByRefreshToken(str, str2, (String) null, authenticationCallback);
    }

    private Future<AuthenticationResult> acquireToken(AdalAuthorizationGrant adalAuthorizationGrant, ClientAuthentication clientAuthentication, AuthenticationCallback<AuthenticationResult> authenticationCallback) {
        return this.service.submit(new AcquireTokenCallable(this, adalAuthorizationGrant, clientAuthentication, authenticationCallback));
    }

    public Future<AuthenticationResult> acquireTokenByRefreshToken(String str, String str2, String str3, AuthenticationCallback authenticationCallback) {
        return acquireToken(new AdalOAuthAuthorizationGrant(new RefreshTokenGrant(new RefreshToken(str)), str3), new ClientAuthenticationPost(ClientAuthenticationMethod.NONE, new ClientID(str2)), (AuthenticationCallback<AuthenticationResult>) authenticationCallback);
    }

    private void validateRefreshTokenRequestInput(String str, String str2, Object obj) {
        if (StringHelper.isBlank(str)) {
            throw new IllegalArgumentException("refreshToken is null or empty");
        }
        if (StringHelper.isBlank(str2)) {
            throw new IllegalArgumentException("clientId is null or empty");
        }
        validateInput(null, obj, false);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public AuthenticationResult acquireTokenCommon(AdalAuthorizationGrant adalAuthorizationGrant, ClientAuthentication clientAuthentication, ClientDataHttpHeaders clientDataHttpHeaders) throws Exception {
        if (this.logPii) {
            this.log.debug(LogHelper.createMessage(String.format("Using Client Http Headers: %s", clientDataHttpHeaders), clientDataHttpHeaders.getHeaderCorrelationIdValue()));
        }
        this.authenticationAuthority.doInstanceDiscovery(clientDataHttpHeaders.getReadonlyHeaderMap(), this.proxy, this.sslSocketFactory);
        return new AdalTokenRequest(new URL(this.authenticationAuthority.getTokenUri()), clientAuthentication, adalAuthorizationGrant, clientDataHttpHeaders.getReadonlyHeaderMap(), this.proxy, this.sslSocketFactory).executeOAuthRequestAndProcessResponse();
    }

    private ClientAuthentication createClientAuthFromClientAssertion(ClientAssertion clientAssertion) {
        try {
            HashMap hashMap = new HashMap();
            hashMap.put("client_assertion_type", Collections.singletonList(clientAssertion.getAssertionType()));
            hashMap.put("client_assertion", Collections.singletonList(clientAssertion.getAssertion()));
            return PrivateKeyJWT.parse(hashMap);
        } catch (ParseException e) {
            throw new AuthenticationException(e);
        }
    }

    public String getCorrelationId() {
        return this.correlationId;
    }

    public void setCorrelationId(String str) {
        this.correlationId = str;
    }

    public boolean shouldValidateAuthority() {
        return this.validateAuthority;
    }

    public String getAuthority() {
        return this.authority;
    }

    private void validateInput(String str, Object obj, boolean z) {
        if (z && StringHelper.isBlank(str)) {
            throw new IllegalArgumentException("resource is null or empty");
        }
        if (obj == null) {
            throw new IllegalArgumentException("credential is null");
        }
    }

    private void validateAuthCodeRequestInput(String str, URI uri, Object obj, String str2) {
        if (StringHelper.isBlank(str)) {
            throw new IllegalArgumentException("authorization code is null or empty");
        }
        if (uri == null) {
            throw new IllegalArgumentException("redirect uri is null");
        }
        validateInput(str2, obj, false);
    }

    private void validateDeviceCodeRequestInput(String str, String str2) {
        if (StringHelper.isBlank(str)) {
            throw new IllegalArgumentException("clientId is null or empty");
        }
        if (StringHelper.isBlank(str2)) {
            throw new IllegalArgumentException("resource is null or empty");
        }
        if (AuthorityType.ADFS.equals(this.authenticationAuthority.getAuthorityType())) {
            throw new IllegalArgumentException("Invalid authority type. Device Flow is not supported by ADFS authority");
        }
    }

    private void validateDeviceCodeRequestInput(DeviceCode deviceCode, Object obj, String str) {
        if (StringHelper.isBlank(deviceCode.getDeviceCode())) {
            throw new IllegalArgumentException("device code is null or empty");
        }
        if (StringHelper.isBlank(deviceCode.getCorrelationId())) {
            throw new IllegalArgumentException("correlation id in device code is null or empty");
        }
        validateInput(str, obj, true);
    }

    private void validateOnBehalfOfRequestInput(String str, UserAssertion userAssertion, Object obj, boolean z) {
        if (userAssertion == null) {
            throw new IllegalArgumentException("userAssertion is null");
        }
        validateInput(str, obj, z);
    }
}
