package com.microsoft.aad.adal;

import android.content.Context;
import b.b.a.a.a;
import java.io.IOException;
import java.net.MalformedURLException;

/* loaded from: classes2.dex */
public class AcquireTokenSilentHandler {
    private static final String TAG = "AcquireTokenSilentHandler";
    private boolean mAttemptedWithMRRT = false;
    private final AuthenticationRequest mAuthRequest;
    private final Context mContext;
    private TokenCacheItem mMrrtTokenCacheItem;
    private final TokenCacheAccessor mTokenCacheAccessor;
    private IWebRequestHandler mWebRequestHandler;

    public AcquireTokenSilentHandler(Context context, AuthenticationRequest authenticationRequest, TokenCacheAccessor tokenCacheAccessor) {
        this.mWebRequestHandler = null;
        if (context == null) {
            throw new IllegalArgumentException("context");
        }
        if (authenticationRequest == null) {
            throw new IllegalArgumentException("authRequest");
        }
        this.mContext = context;
        this.mAuthRequest = authenticationRequest;
        this.mTokenCacheAccessor = tokenCacheAccessor;
        this.mWebRequestHandler = new WebRequestHandler();
    }

    private AuthenticationResult acquireTokenWithCachedItem(TokenCacheItem tokenCacheItem) throws AuthenticationException {
        if (StringExtensions.f(tokenCacheItem.getRefreshToken())) {
            Logger.v(TAG, "Token cache item contains empty refresh token, cannot continue refresh token request", this.mAuthRequest.getLogInfo(), null);
            return null;
        }
        AuthenticationResult a2 = a(tokenCacheItem.getRefreshToken());
        if (a2 != null && !a2.isExtendedLifeTimeToken()) {
            this.mTokenCacheAccessor.j(this.mAuthRequest.getResource(), this.mAuthRequest.getClientId(), a2, tokenCacheItem);
        }
        return a2;
    }

    private boolean isMRRTEntryExisted() throws AuthenticationException {
        try {
            TokenCacheItem d2 = this.mTokenCacheAccessor.d(this.mAuthRequest.getClientId(), this.mAuthRequest.getUserFromRequest());
            return (d2 == null || StringExtensions.f(d2.getRefreshToken())) ? false : true;
        } catch (MalformedURLException e2) {
            throw new AuthenticationException(ADALError.DEVELOPER_AUTHORITY_IS_NOT_VALID_URL, e2.getMessage(), e2);
        }
    }

    private boolean isTokenRequestFailed(AuthenticationResult authenticationResult) {
        return (authenticationResult == null || StringExtensions.f(authenticationResult.getErrorCode())) ? false : true;
    }

    private AuthenticationResult tryFRT(String str, AuthenticationResult authenticationResult) throws AuthenticationException {
        AuthenticationResult useMRRT;
        try {
            TokenCacheItem c2 = this.mTokenCacheAccessor.c(str, this.mAuthRequest.getUserFromRequest());
            if (c2 != null) {
                Logger.v(TAG, "Send request to use FRT for new AT.");
                AuthenticationResult acquireTokenWithCachedItem = acquireTokenWithCachedItem(c2);
                return (!isTokenRequestFailed(acquireTokenWithCachedItem) || this.mAttemptedWithMRRT || (useMRRT = useMRRT()) == null) ? acquireTokenWithCachedItem : useMRRT;
            }
            if (this.mAttemptedWithMRRT) {
                return authenticationResult;
            }
            Logger.v(TAG, "FRT cache item does not exist, fall back to try MRRT.");
            return useMRRT();
        } catch (MalformedURLException e2) {
            throw new AuthenticationException(ADALError.DEVELOPER_AUTHORITY_IS_NOT_VALID_URL, e2.getMessage(), e2);
        }
    }

    private AuthenticationResult tryMRRT() throws AuthenticationException {
        try {
            TokenCacheItem d2 = this.mTokenCacheAccessor.d(this.mAuthRequest.getClientId(), this.mAuthRequest.getUserFromRequest());
            this.mMrrtTokenCacheItem = d2;
            if (d2 == null) {
                Logger.v(TAG, "MRRT token does not exist, try with FRT");
                return tryFRT("1", null);
            }
            if (d2.isFamilyToken()) {
                Logger.v(TAG, "MRRT item exists but it's also a FRT, try with FRT.");
                return tryFRT(this.mMrrtTokenCacheItem.getFamilyClientId(), null);
            }
            AuthenticationResult useMRRT = useMRRT();
            if (isTokenRequestFailed(useMRRT)) {
                useMRRT = tryFRT(StringExtensions.f(this.mMrrtTokenCacheItem.getFamilyClientId()) ? "1" : this.mMrrtTokenCacheItem.getFamilyClientId(), useMRRT);
            }
            if (StringExtensions.f(this.mAuthRequest.getUserFromRequest()) && this.mTokenCacheAccessor.g(this.mAuthRequest.getClientId())) {
                throw new AuthenticationException(ADALError.AUTH_FAILED_USER_MISMATCH, "No User provided and multiple MRRTs exist for the given client id");
            }
            return useMRRT;
        } catch (MalformedURLException e2) {
            throw new AuthenticationException(ADALError.DEVELOPER_AUTHORITY_IS_NOT_VALID_URL, e2.getMessage(), e2);
        }
    }

    private AuthenticationResult tryRT() throws AuthenticationException {
        try {
            TokenCacheItem e2 = this.mTokenCacheAccessor.e(this.mAuthRequest.getResource(), this.mAuthRequest.getClientId(), this.mAuthRequest.getUserFromRequest());
            if (e2 == null) {
                Logger.v(TAG, "Regular token cache entry does not exist, try with MRRT.");
                return tryMRRT();
            }
            if (e2.getIsMultiResourceRefreshToken() || isMRRTEntryExisted()) {
                Logger.v(TAG, e2.getIsMultiResourceRefreshToken() ? "Found RT and it's also a MRRT, retry with MRRT" : "RT is found and there is a MRRT entry existed, try with MRRT");
                return tryMRRT();
            }
            if (StringExtensions.f(this.mAuthRequest.getUserFromRequest()) && this.mTokenCacheAccessor.h(this.mAuthRequest.getClientId(), this.mAuthRequest.getResource())) {
                throw new AuthenticationException(ADALError.AUTH_FAILED_USER_MISMATCH, "Multiple refresh tokens exists for the given client id and resource");
            }
            Logger.v(TAG, "Send request to use regular RT for new AT.");
            return acquireTokenWithCachedItem(e2);
        } catch (MalformedURLException e3) {
            throw new AuthenticationException(ADALError.DEVELOPER_AUTHORITY_IS_NOT_VALID_URL, e3.getMessage(), e3);
        }
    }

    private AuthenticationResult useMRRT() throws AuthenticationException {
        String str = TAG;
        Logger.v(str, "Send request to use MRRT for new AT.");
        this.mAttemptedWithMRRT = true;
        TokenCacheItem tokenCacheItem = this.mMrrtTokenCacheItem;
        if (tokenCacheItem != null) {
            return acquireTokenWithCachedItem(tokenCacheItem);
        }
        Logger.v(str, "MRRT does not exist, cannot proceed with MRRT for new AT.");
        return null;
    }

    public AuthenticationResult a(String str) throws AuthenticationException {
        String str2 = TAG;
        Logger.v(str2, "Try to get new access token with the found refresh token.", this.mAuthRequest.getLogInfo(), null);
        HttpWebRequest.a(this.mContext);
        try {
            AuthenticationResult refreshToken = new Oauth2(this.mAuthRequest, this.mWebRequestHandler, new JWSBuilder()).refreshToken(str);
            if (refreshToken != null && StringExtensions.f(refreshToken.getRefreshToken())) {
                Logger.i(str2, "Refresh token is not returned or empty", "");
                refreshToken.setRefreshToken(str);
            }
            return refreshToken;
        } catch (ServerRespondingWithRetryableException e2) {
            String str3 = TAG;
            StringBuilder J0 = a.J0("The server is not responding after the retry with error code: ");
            J0.append(e2.getCode());
            Logger.i(str3, J0.toString(), "");
            TokenCacheItem f = this.mTokenCacheAccessor.f(this.mAuthRequest);
            if (f != null) {
                AuthenticationResult createExtendedLifeTimeResult = AuthenticationResult.createExtendedLifeTimeResult(f);
                Logger.i(str3, "The result with stale access token is returned.", "");
                return createExtendedLifeTimeResult;
            }
            StringBuilder J02 = a.J0("Error in refresh token for request:");
            J02.append(this.mAuthRequest.getLogInfo());
            String sb = J02.toString();
            String a2 = ExceptionExtensions.a(e2);
            ADALError aDALError = ADALError.AUTH_FAILED_NO_TOKEN;
            ADALError aDALError2 = ADALError.SERVER_ERROR;
            Logger.e(str3, sb, a2, aDALError, new AuthenticationException(aDALError2, e2.getMessage()));
            throw new AuthenticationException(aDALError, ExceptionExtensions.a(e2), new AuthenticationException(aDALError2, e2.getMessage()));
        } catch (AuthenticationException e3) {
            e = e3;
            String str4 = TAG;
            StringBuilder J03 = a.J0("Error in refresh token for request:");
            J03.append(this.mAuthRequest.getLogInfo());
            String sb2 = J03.toString();
            String a3 = ExceptionExtensions.a(e);
            ADALError aDALError3 = ADALError.AUTH_FAILED_NO_TOKEN;
            ADALError aDALError4 = ADALError.SERVER_ERROR;
            Logger.e(str4, sb2, a3, aDALError3, new AuthenticationException(aDALError4, e.getMessage()));
            throw new AuthenticationException(aDALError3, ExceptionExtensions.a(e), new AuthenticationException(aDALError4, e.getMessage()));
        } catch (IOException e4) {
            e = e4;
            String str42 = TAG;
            StringBuilder J032 = a.J0("Error in refresh token for request:");
            J032.append(this.mAuthRequest.getLogInfo());
            String sb22 = J032.toString();
            String a32 = ExceptionExtensions.a(e);
            ADALError aDALError32 = ADALError.AUTH_FAILED_NO_TOKEN;
            ADALError aDALError42 = ADALError.SERVER_ERROR;
            Logger.e(str42, sb22, a32, aDALError32, new AuthenticationException(aDALError42, e.getMessage()));
            throw new AuthenticationException(aDALError32, ExceptionExtensions.a(e), new AuthenticationException(aDALError42, e.getMessage()));
        }
    }

    public AuthenticationResult b() throws AuthenticationException {
        TokenCacheAccessor tokenCacheAccessor = this.mTokenCacheAccessor;
        if (tokenCacheAccessor == null) {
            return null;
        }
        TokenCacheItem a2 = tokenCacheAccessor.a(this.mAuthRequest.getResource(), this.mAuthRequest.getClientId(), this.mAuthRequest.getUserFromRequest());
        if (a2 == null) {
            Logger.v(TAG, "No valid access token exists, try with refresh token.");
            return tryRT();
        }
        Logger.v(TAG, "Return AT from cache.");
        return AuthenticationResult.createResult(a2);
    }
}
