package com.microsoft.aad.adal;

import android.content.Context;
import android.net.Uri;
import io.fabric.sdk.android.services.common.AbstractC0268a;
import java.io.IOException;
import java.net.SocketTimeoutException;
import java.net.URI;
import java.net.URISyntaxException;
import java.net.URL;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Locale;
import java.util.Map;
import java.util.Set;
import java.util.UUID;
import java.util.concurrent.locks.ReentrantLock;
import org.json.JSONException;
import tt.Sk;
import tt.Uk;
import tt.Vk;
import tt.Xk;
import tt.Zk;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: classes.dex */
public class Z {
    private static volatile ReentrantLock a;
    private static final Set<String> b = Collections.synchronizedSet(new HashSet());
    private static final Map<String, Set<URI>> c = Collections.synchronizedMap(new HashMap());
    private UUID d;
    private Context e;
    private final Uk f;

    public Z(Context context) {
        c();
        this.e = context;
        this.f = new Vk();
    }

    private URL a(String str, String str2) {
        Uri.Builder builder = new Uri.Builder();
        builder.scheme("https").authority(str);
        builder.appendEncodedPath("common/discovery/instance").appendQueryParameter("api-version", "1.1").appendQueryParameter("authorization_endpoint", str2);
        return new URL(builder.build().toString());
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static URL a(URL url, String str) {
        return new URL(new Uri.Builder().scheme(url.getProtocol()).authority(str).appendPath(url.getPath().replaceFirst("/", "")).build().toString());
    }

    private Map<String, String> a(Sk sk) {
        return Xk.a(sk);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static Set<String> a() {
        return b;
    }

    private static ReentrantLock b() {
        if (a == null) {
            synchronized (Z.class) {
                if (a == null) {
                    a = new ReentrantLock();
                }
            }
        }
        return a;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void b(URL url) {
        if (url == null || Zk.e(url.getHost()) || !url.getProtocol().equals("https") || !Zk.e(url.getQuery()) || !Zk.e(url.getRef()) || Zk.e(url.getPath())) {
            throw new AuthenticationException(ADALError.DEVELOPER_AUTHORITY_IS_NOT_VALID_INSTANCE);
        }
    }

    private String c(URL url) {
        return new Uri.Builder().scheme("https").authority(url.getHost()).appendPath("/common/oauth2/authorize").build().toString();
    }

    private void c() {
        if (b.isEmpty()) {
            b.add("login.windows.net");
            b.add("login.microsoftonline.com");
            b.add("login.chinacloudapi.cn");
            b.add("login.microsoftonline.de");
            b.add("login-us.microsoftonline.com");
            b.add("login.microsoftonline.us");
        }
    }

    private void c(URL url, String str) {
        if (A.a(url)) {
            return;
        }
        C0213ha.a(this.e);
        try {
            Map<String, String> d = d(a(str, c(url)));
            com.microsoft.identity.common.internal.providers.microsoft.azureactivedirectory.b.a(url.getHost().toLowerCase(Locale.US), d);
            A.a(url, d);
            if (!A.a(url)) {
                ArrayList arrayList = new ArrayList();
                arrayList.add(url.getHost());
                A.a(url.getHost(), new qa(url.getHost(), url.getHost(), arrayList));
            }
            if (!A.c(url)) {
                throw new AuthenticationException(ADALError.DEVELOPER_AUTHORITY_IS_NOT_VALID_INSTANCE);
            }
        } catch (SocketTimeoutException e) {
            Logger.a("Discovery:performInstanceDiscovery", "Error when validating authority. ", "", ADALError.DEVICE_CONNECTION_IS_NOT_AVAILABLE, e);
            throw new AuthenticationException(ADALError.DEVICE_CONNECTION_IS_NOT_AVAILABLE, e.getMessage(), e);
        } catch (IOException e2) {
            Logger.a("Discovery:performInstanceDiscovery", "Error when validating authority. ", "", ADALError.IO_EXCEPTION, e2);
            throw new AuthenticationException(ADALError.IO_EXCEPTION, e2.getMessage(), e2);
        } catch (JSONException e3) {
            Logger.a("Discovery:performInstanceDiscovery", "Error when validating authority. ", "", ADALError.DEVELOPER_AUTHORITY_IS_NOT_VALID_INSTANCE, e3);
            throw new AuthenticationException(ADALError.DEVELOPER_AUTHORITY_IS_NOT_VALID_INSTANCE, e3.getMessage(), e3);
        }
    }

    private Map<String, String> d(URL url) {
        Logger.c("Discovery", "Sending discovery request to query url. ", "queryUrl: " + url, null);
        HashMap hashMap = new HashMap();
        hashMap.put(AbstractC0268a.HEADER_ACCEPT, AbstractC0268a.ACCEPT_JSON_VALUE);
        UUID uuid = this.d;
        if (uuid != null) {
            hashMap.put("client-request-id", uuid.toString());
            hashMap.put("return-client-request-id", "true");
        }
        try {
            ClientMetrics.INSTANCE.a(url, this.d, hashMap);
            Sk a2 = this.f.a(url, hashMap);
            ClientMetrics.INSTANCE.a((String) null);
            Map<String, String> a3 = a(a2);
            if (!a3.containsKey("error_codes")) {
                return a3;
            }
            String str = a3.get("error_codes");
            ClientMetrics.INSTANCE.a(str);
            throw new AuthenticationException(ADALError.DEVELOPER_AUTHORITY_IS_NOT_VALID_INSTANCE, "Fail to valid authority with errors: " + str);
        } finally {
            ClientMetrics.INSTANCE.a("instance", this.d);
        }
    }

    private static void d(URL url, String str) {
        try {
            URI uri = url.toURI();
            if (c.get(str) == null || !c.get(str).contains(uri)) {
                new Ja().a(new Ia(url, new DRSMetadataRequestor().a(str)));
                throw null;
            }
        } catch (URISyntaxException unused) {
            throw new AuthenticationException(ADALError.DEVELOPER_AUTHORITY_IS_NOT_VALID_URL, "Authority URL/URI must be RFC 2396 compliant to use AD FS validation");
        }
    }

    public void a(URL url) {
        b(url);
        if (A.a(url)) {
            return;
        }
        String lowerCase = url.getHost().toLowerCase(Locale.US);
        if (!b.contains(url.getHost().toLowerCase(Locale.US))) {
            lowerCase = "login.microsoftonline.com";
        }
        try {
            a = b();
            a.lock();
            c(url, lowerCase);
        } finally {
            a.unlock();
        }
    }

    public void a(UUID uuid) {
        this.d = uuid;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void b(URL url, String str) {
        if (Zk.e(str)) {
            throw new IllegalArgumentException("Cannot validate AD FS Authority with domain [null]");
        }
        d(url, str);
    }
}
