package com.microsoft.aad.adal;

import android.content.Context;
import android.net.Uri;
import java.io.IOException;
import java.net.SocketTimeoutException;
import java.net.URI;
import java.net.URISyntaxException;
import java.net.URL;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Locale;
import java.util.Map;
import java.util.Set;
import java.util.UUID;
import java.util.concurrent.locks.ReentrantLock;
import net.lingala.zip4j.util.InternalZipConstants;
import org.json.JSONException;

/* loaded from: classes2.dex */
class j0 {

    /* renamed from: d, reason: collision with root package name */
    private static volatile ReentrantLock f978d;

    /* renamed from: e, reason: collision with root package name */
    private static final Set<String> f979e = Collections.synchronizedSet(new HashSet());

    /* renamed from: f, reason: collision with root package name */
    private static final Map<String, Set<URI>> f980f = Collections.synchronizedMap(new HashMap());
    private UUID a;
    private Context b;
    private final d.d.a.a.e.a.h.e c;

    public j0(Context context) {
        f();
        this.b = context;
        this.c = new d.d.a.a.e.a.h.f();
    }

    private URL a(String str, String str2) {
        Uri.Builder builder = new Uri.Builder();
        builder.scheme("https").authority(str);
        builder.appendEncodedPath("common/discovery/instance").appendQueryParameter("api-version", "1.1").appendQueryParameter("authorization_endpoint", str2);
        return new URL(builder.build().toString());
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static URL b(URL url, String str) {
        return new URL(new Uri.Builder().scheme(url.getProtocol()).authority(str).appendPath(url.getPath().replaceFirst(InternalZipConstants.ZIP_FILE_SEPARATOR, "")).build().toString());
    }

    private String c(URL url) {
        return new Uri.Builder().scheme("https").authority(url.getHost()).appendPath("/common/oauth2/authorize").build().toString();
    }

    private static ReentrantLock d() {
        if (f978d == null) {
            synchronized (j0.class) {
                if (f978d == null) {
                    f978d = new ReentrantLock();
                }
            }
        }
        return f978d;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static Set<String> e() {
        return f979e;
    }

    private void f() {
        if (f979e.isEmpty()) {
            f979e.add("login.windows.net");
            f979e.add("login.microsoftonline.com");
            f979e.add("login.chinacloudapi.cn");
            f979e.add("login.microsoftonline.de");
            f979e.add("login-us.microsoftonline.com");
            f979e.add("login.microsoftonline.us");
        }
    }

    private Map<String, String> g(d.d.a.a.e.a.h.d dVar) {
        return d.d.a.a.e.a.i.b.getJsonResponse(dVar);
    }

    private void h(URL url, String str) {
        if (s.a(url)) {
            return;
        }
        n0.a(this.b);
        try {
            Map<String, String> i = i(a(str, c(url)));
            d.d.a.a.g.h.b.e.a.initializeCloudMetadata(url.getHost().toLowerCase(Locale.US), i);
            s.d(url, i);
            if (!s.a(url)) {
                ArrayList arrayList = new ArrayList();
                arrayList.add(url.getHost());
                s.g(url.getHost(), new x0(url.getHost(), url.getHost(), arrayList));
            }
            if (!s.c(url)) {
                throw new m(a.DEVELOPER_AUTHORITY_IS_NOT_VALID_INSTANCE);
            }
        } catch (SocketTimeoutException e2) {
            a1.e("Discovery:performInstanceDiscovery", "Error when validating authority. ", "", a.DEVICE_CONNECTION_IS_NOT_AVAILABLE, e2);
            throw new m(a.DEVICE_CONNECTION_IS_NOT_AVAILABLE, e2.getMessage(), e2);
        } catch (IOException e3) {
            a1.e("Discovery:performInstanceDiscovery", "Error when validating authority. ", "", a.IO_EXCEPTION, e3);
            throw new m(a.IO_EXCEPTION, e3.getMessage(), e3);
        } catch (JSONException e4) {
            a1.e("Discovery:performInstanceDiscovery", "Error when validating authority. ", "", a.DEVELOPER_AUTHORITY_IS_NOT_VALID_INSTANCE, e4);
            throw new m(a.DEVELOPER_AUTHORITY_IS_NOT_VALID_INSTANCE, e4.getMessage(), e4);
        }
    }

    private Map<String, String> i(URL url) {
        a1.v("Discovery", "Sending discovery request to query url. ", "queryUrl: " + url, null);
        HashMap hashMap = new HashMap();
        hashMap.put("Accept", "application/json");
        UUID uuid = this.a;
        if (uuid != null) {
            hashMap.put("client-request-id", uuid.toString());
            hashMap.put("return-client-request-id", "true");
        }
        try {
            b0.INSTANCE.beginClientMetricsRecord(url, this.a, hashMap);
            d.d.a.a.e.a.h.d sendGet = this.c.sendGet(url, hashMap);
            b0.INSTANCE.setLastError(null);
            Map<String, String> g2 = g(sendGet);
            if (!g2.containsKey("error_codes")) {
                return g2;
            }
            String str = g2.get("error_codes");
            b0.INSTANCE.setLastError(str);
            throw new m(a.DEVELOPER_AUTHORITY_IS_NOT_VALID_INSTANCE, "Fail to valid authority with errors: " + str);
        } finally {
            b0.INSTANCE.endClientMetricsRecord("instance", this.a);
        }
    }

    private static void j(URL url, String str) {
        try {
            URI uri = url.toURI();
            if (f980f.get(str) == null || !f980f.get(str).contains(uri)) {
                if (!b.a(uri, new u1().e(new t1(url, new e0().g(str))))) {
                    throw new m(a.DEVELOPER_AUTHORITY_IS_NOT_VALID_INSTANCE);
                }
                if (f980f.get(str) == null) {
                    f980f.put(str, new HashSet());
                }
                f980f.get(str).add(uri);
            }
        } catch (URISyntaxException unused) {
            throw new m(a.DEVELOPER_AUTHORITY_IS_NOT_VALID_URL, "Authority URL/URI must be RFC 2396 compliant to use AD FS validation");
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void l(URL url) {
        if (url == null || d.d.a.a.e.a.i.d.isNullOrBlank(url.getHost()) || !url.getProtocol().equals("https") || !d.d.a.a.e.a.i.d.isNullOrBlank(url.getQuery()) || !d.d.a.a.e.a.i.d.isNullOrBlank(url.getRef()) || d.d.a.a.e.a.i.d.isNullOrBlank(url.getPath())) {
            throw new m(a.DEVELOPER_AUTHORITY_IS_NOT_VALID_INSTANCE);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void k(URL url, String str) {
        if (d.d.a.a.e.a.i.d.isNullOrBlank(str)) {
            throw new IllegalArgumentException("Cannot validate AD FS Authority with domain [null]");
        }
        j(url, str);
    }

    public void setCorrelationId(UUID uuid) {
        this.a = uuid;
    }

    public void validateAuthority(URL url) {
        l(url);
        if (s.a(url)) {
            return;
        }
        String lowerCase = url.getHost().toLowerCase(Locale.US);
        if (!f979e.contains(url.getHost().toLowerCase(Locale.US))) {
            lowerCase = "login.microsoftonline.com";
        }
        try {
            f978d = d();
            f978d.lock();
            h(url, lowerCase);
        } finally {
            f978d.unlock();
        }
    }
}
