package com.microsoft.identity.broker4j.broker.prt;

import com.microsoft.identity.broker4j.broker.AccountType;
import com.microsoft.identity.broker4j.broker.BrokerUtil;
import com.microsoft.identity.broker4j.broker.IBrokerAccountDataManager;
import com.microsoft.identity.broker4j.broker.MicrosoftStsNonceUtil;
import com.microsoft.identity.broker4j.broker.platform.components.IAccountDataStorage;
import com.microsoft.identity.broker4j.broker.platform.components.IBrokerPlatformComponents;
import com.microsoft.identity.broker4j.opentelemetry.AttributeName;
import com.microsoft.identity.broker4j.workplacejoin.WorkplaceJoinTelemetryUtil;
import com.microsoft.identity.broker4j.workplacejoin.data.IWorkplaceJoinController;
import com.microsoft.identity.broker4j.workplacejoin.data.WorkplaceJoinData;
import com.microsoft.identity.broker4j.workplacejoin.data.metadata.WpjTelemetryMetadataStore;
import com.microsoft.identity.broker4j.workplacejoin.exception.WorkplaceJoinException;
import com.microsoft.identity.common.java.AuthenticationConstants;
import com.microsoft.identity.common.java.authorities.Authority;
import com.microsoft.identity.common.java.authscheme.BearerAuthenticationSchemeInternal;
import com.microsoft.identity.common.java.broker.IBrokerAccount;
import com.microsoft.identity.common.java.cache.MicrosoftStsAccountCredentialAdapter;
import com.microsoft.identity.common.java.commands.AcquirePrtSsoTokenResult;
import com.microsoft.identity.common.java.commands.parameters.AcquirePrtSsoTokenCommandParameters;
import com.microsoft.identity.common.java.commands.parameters.BrokerInteractiveTokenCommandParameters;
import com.microsoft.identity.common.java.commands.parameters.BrokerSilentTokenCommandParameters;
import com.microsoft.identity.common.java.commands.parameters.IBrokerTokenCommandParameters;
import com.microsoft.identity.common.java.commands.parameters.TokenCommandParameters;
import com.microsoft.identity.common.java.controllers.ExceptionAdapter;
import com.microsoft.identity.common.java.dto.AccountRecord;
import com.microsoft.identity.common.java.dto.IdTokenRecord;
import com.microsoft.identity.common.java.exception.BaseException;
import com.microsoft.identity.common.java.exception.ClientException;
import com.microsoft.identity.common.java.exception.ErrorStrings;
import com.microsoft.identity.common.java.exception.IntuneAppProtectionPolicyRequiredException;
import com.microsoft.identity.common.java.exception.ServiceException;
import com.microsoft.identity.common.java.logging.Logger;
import com.microsoft.identity.common.java.opentelemetry.OTelUtility;
import com.microsoft.identity.common.java.opentelemetry.SpanExtension;
import com.microsoft.identity.common.java.opentelemetry.SpanName;
import com.microsoft.identity.common.java.providers.microsoft.azureactivedirectory.ClientInfo;
import com.microsoft.identity.common.java.providers.microsoft.microsoftsts.MicrosoftStsAuthorizationRequest;
import com.microsoft.identity.common.java.providers.microsoft.microsoftsts.MicrosoftStsAuthorizationResponse;
import com.microsoft.identity.common.java.providers.microsoft.microsoftsts.MicrosoftStsAuthorizationResult;
import com.microsoft.identity.common.java.providers.microsoft.microsoftsts.MicrosoftStsTokenResponse;
import com.microsoft.identity.common.java.providers.oauth2.TokenResult;
import com.microsoft.identity.common.java.request.BrokerRequestType;
import com.microsoft.identity.common.java.request.SdkType;
import com.microsoft.identity.common.java.util.ResultUtil;
import com.microsoft.identity.common.java.util.StringUtil;
import com.microsoft.identity.common.java.util.ported.PropertyBag;
import edu.umd.cs.findbugs.annotations.Nullable;
import io.opentelemetry.api.trace.Span;
import io.opentelemetry.api.trace.StatusCode;
import io.opentelemetry.context.Scope;
import java.net.URISyntaxException;
import java.util.Collections;
import java.util.Date;
import java.util.HashMap;
import java.util.List;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.locks.ReentrantReadWriteLock;
import java.util.function.Function;
import kotlin.LazyJavaPackageFragment;
import kotlin.getVerifyRequests;
import lombok.NonNull;

/* loaded from: classes4.dex */
public class PrtController implements IPrtController {
    private static final String TAG = "PrtController";
    private static final ConcurrentHashMap<String, ReentrantReadWriteLock> sPrtUpgradeLocksMap = new ConcurrentHashMap<>();
    private final IBrokerAccountDataManager mAccountDataManager;
    private final IAccountDataStorage mAccountDataStorage;
    private final IBrokerPlatformComponents mBrokerPlatformComponents;
    final MicrosoftStsAccountCredentialAdapter mCredentialAdapter;
    private IPrtAuthorizationStrategy mPrtAuthorizationStrategy;
    private final PrtLoader mPrtLoader;
    private final PrtProtocolVersion mPrtProtocolVersion;
    private final IPrtStrategyFactory mPrtStrategyFactory;
    private final IPrtStrategyFactory mRegisterDevicePrtStrategyFactory;
    private final IWorkplaceJoinController mWpjController;

    public PrtController(@NonNull IBrokerPlatformComponents iBrokerPlatformComponents, @NonNull IPrtStrategyFactory iPrtStrategyFactory, @NonNull IPrtStrategyFactory iPrtStrategyFactory2, @NonNull PrtLoader prtLoader, @NonNull IAccountDataStorage iAccountDataStorage, @NonNull IBrokerAccountDataManager iBrokerAccountDataManager, @NonNull IWorkplaceJoinController iWorkplaceJoinController, @NonNull MicrosoftStsAccountCredentialAdapter microsoftStsAccountCredentialAdapter, @NonNull PrtProtocolVersion prtProtocolVersion) {
        if (iBrokerPlatformComponents == null) {
            throw new NullPointerException("brokerPlatformComponents is marked non-null but is null");
        }
        if (iPrtStrategyFactory == null) {
            throw new NullPointerException("prtStrategyFactory is marked non-null but is null");
        }
        if (iPrtStrategyFactory2 == null) {
            throw new NullPointerException("registerDevicePrtStrategyFactory is marked non-null but is null");
        }
        if (prtLoader == null) {
            throw new NullPointerException("prtLoader is marked non-null but is null");
        }
        if (iAccountDataStorage == null) {
            throw new NullPointerException("accountDataStorage is marked non-null but is null");
        }
        if (iBrokerAccountDataManager == null) {
            throw new NullPointerException("accountDataManager is marked non-null but is null");
        }
        if (iWorkplaceJoinController == null) {
            throw new NullPointerException("wpjController is marked non-null but is null");
        }
        if (microsoftStsAccountCredentialAdapter == null) {
            throw new NullPointerException("credentialAdapter is marked non-null but is null");
        }
        if (prtProtocolVersion == null) {
            throw new NullPointerException("prtProtocolVersion is marked non-null but is null");
        }
        this.mBrokerPlatformComponents = iBrokerPlatformComponents;
        this.mPrtStrategyFactory = iPrtStrategyFactory;
        this.mRegisterDevicePrtStrategyFactory = iPrtStrategyFactory2;
        this.mPrtLoader = prtLoader;
        this.mAccountDataStorage = iAccountDataStorage;
        this.mAccountDataManager = iBrokerAccountDataManager;
        this.mWpjController = iWorkplaceJoinController;
        this.mCredentialAdapter = microsoftStsAccountCredentialAdapter;
        this.mPrtProtocolVersion = prtProtocolVersion;
    }

    private TokenResult acquireAtUsingPrt(@NonNull BrokerSilentTokenCommandParameters brokerSilentTokenCommandParameters, @NonNull PRT prt, @Nullable WorkplaceJoinData workplaceJoinData) throws BaseException {
        if (brokerSilentTokenCommandParameters == null) {
            throw new NullPointerException("parameters is marked non-null but is null");
        }
        if (prt == null) {
            throw new NullPointerException("currentPrt is marked non-null but is null");
        }
        String str = TAG + ":acquireAtUsingPrt";
        Logger.info(str, "Acquiring AT using PRT");
        ReentrantReadWriteLock lock = getLock(brokerSilentTokenCommandParameters.getBrokerAccount());
        lock.readLock().lock();
        if (workplaceJoinData != null) {
            try {
                Logger.info(str, "Capturing WPJ Ests Telemetry");
                IBrokerPlatformComponents iBrokerPlatformComponents = this.mBrokerPlatformComponents;
                WorkplaceJoinTelemetryUtil.captureWpjEstsTelemetryForTokenRequest(iBrokerPlatformComponents, workplaceJoinData, new WpjTelemetryMetadataStore(iBrokerPlatformComponents), brokerSilentTokenCommandParameters);
            } finally {
                lock.readLock().unlock();
            }
        }
        boolean z = brokerSilentTokenCommandParameters.getRequestType() == BrokerRequestType.BROKER_RT_REQUEST;
        IAcquirePrtStrategy<BrokerSilentTokenCommandParameters> createAcquireATUsingPrtStrategy = this.mPrtStrategyFactory.createAcquireATUsingPrtStrategy(this.mBrokerPlatformComponents, prt, z);
        SpanExtension.current().setAttribute(AttributeName.account_type.name(), this.mAccountDataManager.getAccountType(brokerSilentTokenCommandParameters.getBrokerAccount()).name());
        BrokerUtil.populateCurrentSpanFromTokenParameters(brokerSilentTokenCommandParameters, this.mBrokerPlatformComponents);
        TokenResult acquireToken = createAcquireATUsingPrtStrategy.acquireToken(createAcquireATUsingPrtStrategy.createTokenRequest(brokerSilentTokenCommandParameters));
        ResultUtil.logResult(str, acquireToken);
        validateAcquireTokenResult(acquireToken, brokerSilentTokenCommandParameters, prt);
        MicrosoftStsTokenResponse microsoftStsTokenResponse = (MicrosoftStsTokenResponse) acquireToken.getSuccessResponse();
        if (z) {
            this.mPrtLoader.savePrt(persistBrokerAccount(brokerSilentTokenCommandParameters, microsoftStsTokenResponse), createAcquireATUsingPrtStrategy.extractPrtFromTokenResponse(microsoftStsTokenResponse));
            microsoftStsTokenResponse.setRefreshToken(null);
            microsoftStsTokenResponse.setRefreshTokenExpiresIn(null);
            microsoftStsTokenResponse.setRefreshTokenAge(null);
            microsoftStsTokenResponse.setSessionKeyJwe(null);
        }
        return acquireToken;
    }

    /* JADX WARN: Multi-variable type inference failed */
    private PRT acquireRegisteredDevicePrtIfRequired(@NonNull IBrokerAccount iBrokerAccount, @NonNull BrokerSilentTokenCommandParameters brokerSilentTokenCommandParameters, @Nullable WorkplaceJoinData workplaceJoinData) throws BaseException {
        if (iBrokerAccount == null) {
            throw new NullPointerException("account is marked non-null but is null");
        }
        if (brokerSilentTokenCommandParameters == null) {
            throw new NullPointerException("parameters is marked non-null but is null");
        }
        String str = TAG + ":acquireRegisteredDevicePrtIfRequired";
        ReentrantReadWriteLock lock = getLock(iBrokerAccount);
        lock.writeLock().lock();
        try {
            PRT loadPrt = loadPrt(iBrokerAccount, brokerSilentTokenCommandParameters.getAuthority(), str);
            if (loadPrt.isPrtV2()) {
                Logger.info(str, "PRTv2. Not upgrading");
            } else if (workplaceJoinData == null) {
                Logger.info(str, "There's no device registration data. Not upgrading.");
            } else {
                try {
                    if (loadPrt.isRegisteredDevicePrt() && workplaceJoinData.getDeviceId().equals(loadPrt.getDeviceId())) {
                        Logger.info(str, "PRT is already registered-device PRT");
                        SpanExtension.current().setAttribute(AttributeName.is_registered_device_prt.name(), true);
                        str = str;
                    } else {
                        SpanExtension.current().setAttribute(AttributeName.is_registered_device_prt.name(), false);
                        Logger.info(str, "Acquiring new registered-device PRT");
                        Span createSpan = OTelUtility.createSpan(SpanName.PrtUpgrade.name());
                        try {
                            try {
                                Scope makeCurrentSpan = SpanExtension.makeCurrentSpan(createSpan);
                                try {
                                    loadPrt = executePrtTokenStrategy(this.mRegisterDevicePrtStrategyFactory.createUpgradeToRegisteredDevicePrtStrategy(this.mBrokerPlatformComponents, loadPrt, workplaceJoinData), brokerSilentTokenCommandParameters).getPrt();
                                    createSpan.setStatus(StatusCode.OK);
                                    if (makeCurrentSpan != null) {
                                        makeCurrentSpan.close();
                                    }
                                } catch (Throwable th) {
                                    if (makeCurrentSpan != null) {
                                        try {
                                            makeCurrentSpan.close();
                                        } catch (Throwable th2) {
                                            th.addSuppressed(th2);
                                        }
                                    }
                                    throw th;
                                }
                            } finally {
                                createSpan.end();
                            }
                        } catch (Exception e) {
                            createSpan.recordException(e);
                            createSpan.setStatus(StatusCode.ERROR);
                            throw e;
                        }
                    }
                } catch (WorkplaceJoinException e2) {
                    Logger.warn(str, "Not upgrading. Failed acquire device id from WPJ data. " + e2.getMessage());
                }
            }
            return loadPrt;
        } finally {
            lock.writeLock().unlock();
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    private BrokerSilentTokenCommandParameters createBrokerSilentParametersForRegisteredDevicePrtRequest(@NonNull IBrokerAccount iBrokerAccount, @NonNull Authority authority, @NonNull String str) {
        if (iBrokerAccount == null) {
            throw new NullPointerException("account is marked non-null but is null");
        }
        if (authority == null) {
            throw new NullPointerException("authority is marked non-null but is null");
        }
        if (str != null) {
            return ((BrokerSilentTokenCommandParameters.BrokerSilentTokenCommandParametersBuilder) ((BrokerSilentTokenCommandParameters.BrokerSilentTokenCommandParametersBuilder) ((BrokerSilentTokenCommandParameters.BrokerSilentTokenCommandParametersBuilder) ((BrokerSilentTokenCommandParameters.BrokerSilentTokenCommandParametersBuilder) ((BrokerSilentTokenCommandParameters.BrokerSilentTokenCommandParametersBuilder) ((BrokerSilentTokenCommandParameters.BrokerSilentTokenCommandParametersBuilder) ((BrokerSilentTokenCommandParameters.BrokerSilentTokenCommandParametersBuilder) ((BrokerSilentTokenCommandParameters.BrokerSilentTokenCommandParametersBuilder) BrokerSilentTokenCommandParameters.builder().platformComponents(this.mBrokerPlatformComponents)).brokerAccount(iBrokerAccount).authority(authority)).requestType(BrokerRequestType.BROKER_RT_REQUEST).authenticationScheme(new BearerAuthenticationSchemeInternal())).sdkType(SdkType.MSAL)).correlationId(str)).clientId("29d9ed98-a469-4536-ade2-f981bc1d605e")).redirectUri("msauth://Microsoft.AAD.BrokerPlugin")).loginHint(iBrokerAccount.getCipherOutputStream())).build();
        }
        throw new NullPointerException("correlationId is marked non-null but is null");
    }

    private <T extends TokenCommandParameters> PrtResult executePrtTokenStrategy(@NonNull IAcquirePrtStrategy<T> iAcquirePrtStrategy, @NonNull T t) throws BaseException {
        AccountType accountType;
        IBrokerAccount brokerAccount;
        if (iAcquirePrtStrategy == null) {
            throw new NullPointerException("acquirePrtStrategy is marked non-null but is null");
        }
        if (t == null) {
            throw new NullPointerException("parameters is marked non-null but is null");
        }
        String str = TAG + ":executePrtStrategy";
        SpanExtension.current().setAttribute(AttributeName.prt_protocol_version.name(), this.mPrtProtocolVersion.getValue());
        BrokerUtil.populateCurrentSpanFromTokenParameters(t, this.mBrokerPlatformComponents);
        if (!(t instanceof IBrokerTokenCommandParameters) || (brokerAccount = ((IBrokerTokenCommandParameters) t).getBrokerAccount()) == null) {
            accountType = null;
        } else {
            accountType = this.mAccountDataManager.getAccountType(brokerAccount);
            SpanExtension.current().setAttribute(AttributeName.account_type.name(), accountType.name());
        }
        TokenResult acquireToken = iAcquirePrtStrategy.acquireToken(iAcquirePrtStrategy.createTokenRequest(t));
        validatePrtResult(acquireToken, iAcquirePrtStrategy, t);
        MicrosoftStsTokenResponse microsoftStsTokenResponse = (MicrosoftStsTokenResponse) acquireToken.getSuccessResponse();
        IBrokerAccount persistBrokerAccount = persistBrokerAccount(t, microsoftStsTokenResponse);
        if (accountType == null || accountType == AccountType.UNKNOWN) {
            SpanExtension.current().setAttribute(AttributeName.account_type.name(), (microsoftStsTokenResponse.isMsaAccount() ? AccountType.MSA : AccountType.AAD).name());
        }
        PRT extractPrtFromTokenResponse = iAcquirePrtStrategy.extractPrtFromTokenResponse(microsoftStsTokenResponse);
        this.mPrtLoader.savePrt(persistBrokerAccount, extractPrtFromTokenResponse);
        Logger.info(str, "Prt acquisition succeeded for strategy: " + iAcquirePrtStrategy.getClass().getSimpleName());
        return new PrtResult(extractPrtFromTokenResponse, persistBrokerAccount);
    }

    /* JADX WARN: Multi-variable type inference failed */
    private BrokerInteractiveTokenCommandParameters getInteractiveParametersWithRefreshTokenCredential(@NonNull BrokerInteractiveTokenCommandParameters brokerInteractiveTokenCommandParameters, @NonNull String str) {
        if (brokerInteractiveTokenCommandParameters == null) {
            throw new NullPointerException("inputParameters is marked non-null but is null");
        }
        if (str == null) {
            throw new NullPointerException("refreshTokenCredential is marked non-null but is null");
        }
        HashMap<String, String> hashMap = new HashMap<>();
        if (brokerInteractiveTokenCommandParameters.getRequestHeaders() != null) {
            hashMap.putAll(brokerInteractiveTokenCommandParameters.getRequestHeaders());
        }
        hashMap.put("x-ms-RefreshTokenCredential", str);
        return ((BrokerInteractiveTokenCommandParameters.BrokerInteractiveTokenCommandParametersBuilder) brokerInteractiveTokenCommandParameters.toBuilder().requestHeaders(hashMap)).build();
    }

    private static ReentrantReadWriteLock getLock(@NonNull IBrokerAccount iBrokerAccount) {
        if (iBrokerAccount != null) {
            return sPrtUpgradeLocksMap.computeIfAbsent(iBrokerAccount.getCipherOutputStream(), new Function() { // from class: com.microsoft.identity.broker4j.broker.prt.PrtController$$ExternalSyntheticLambda0
                @Override // java.util.function.Function
                public final Object apply(Object obj) {
                    ReentrantReadWriteLock lambda$getLock$0;
                    lambda$getLock$0 = PrtController.lambda$getLock$0((String) obj);
                    return lambda$getLock$0;
                }
            });
        }
        throw new NullPointerException("account is marked non-null but is null");
    }

    private String getSsoNonceFromSsoUrl(@NonNull String str) throws ClientException {
        if (str == null) {
            throw new NullPointerException("ssoUrl is marked non-null but is null");
        }
        try {
            List<LazyJavaPackageFragment> queryParams = new getVerifyRequests(str).getQueryParams();
            if (queryParams == null) {
                return null;
            }
            for (LazyJavaPackageFragment lazyJavaPackageFragment : queryParams) {
                if (PrtConstants.SSO_NONCE_QUERY_PARAM_KEY.equalsIgnoreCase(lazyJavaPackageFragment.getName())) {
                    return lazyJavaPackageFragment.getValue();
                }
            }
            return null;
        } catch (URISyntaxException e) {
            throw new ClientException("malformed_url", "The SSO token url is malformed", e);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static /* synthetic */ ReentrantReadWriteLock lambda$getLock$0(String str) {
        return new ReentrantReadWriteLock();
    }

    private PRT loadPrt(@NonNull IBrokerAccount iBrokerAccount, @NonNull Authority authority, @NonNull String str) throws ClientException {
        if (iBrokerAccount == null) {
            throw new NullPointerException("brokerAccount is marked non-null but is null");
        }
        if (authority == null) {
            throw new NullPointerException("authority is marked non-null but is null");
        }
        if (str == null) {
            throw new NullPointerException("callingMethod is marked non-null but is null");
        }
        String str2 = str + ":loadPrt";
        PRT loadPrt = this.mPrtLoader.loadPrt(iBrokerAccount, authority);
        if (loadPrt != null) {
            return loadPrt;
        }
        Logger.info(str2, "No PRT was found for the account and authority.");
        ClientException clientException = new ClientException("no_tokens_found", "No PRT was found for the account");
        clientException.setUsername(iBrokerAccount.getCipherOutputStream());
        throw clientException;
    }

    private IBrokerAccount persistBrokerAccount(@NonNull TokenCommandParameters tokenCommandParameters, @NonNull MicrosoftStsTokenResponse microsoftStsTokenResponse) throws ServiceException {
        if (tokenCommandParameters == null) {
            throw new NullPointerException("parameters is marked non-null but is null");
        }
        if (microsoftStsTokenResponse == null) {
            throw new NullPointerException("tokenResponse is marked non-null but is null");
        }
        String str = TAG + ":persistBrokerAccount";
        AccountRecord createAccountRecord = this.mCredentialAdapter.createAccountRecord(tokenCommandParameters, tokenCommandParameters.getSdkType(), microsoftStsTokenResponse);
        IdTokenRecord createIdTokenRecord = this.mCredentialAdapter.createIdTokenRecord(tokenCommandParameters, createAccountRecord, microsoftStsTokenResponse);
        IBrokerAccount account = this.mAccountDataStorage.getAccount(createAccountRecord.getUsername(), AuthenticationConstants.Broker.BROKER_ACCOUNT_TYPE);
        if (account == null) {
            account = this.mAccountDataStorage.createAccount(createAccountRecord.getUsername(), AuthenticationConstants.Broker.BROKER_ACCOUNT_TYPE);
            Logger.info(str, "Broker account created");
        }
        this.mAccountDataManager.persistDataForAccount(account, createAccountRecord, createIdTokenRecord, new ClientInfo(microsoftStsTokenResponse.getClientInfo()).getUtid());
        return account;
    }

    private PRT refreshPrt(@NonNull PRT prt, @NonNull BrokerSilentTokenCommandParameters brokerSilentTokenCommandParameters) throws BaseException {
        if (prt == null) {
            throw new NullPointerException("prt is marked non-null but is null");
        }
        if (brokerSilentTokenCommandParameters == null) {
            throw new NullPointerException("parameters is marked non-null but is null");
        }
        Logger.info(TAG + ":refreshPrt", "refreshing PRT");
        Span createSpan = OTelUtility.createSpan(SpanName.RefreshPrt.name());
        ReentrantReadWriteLock lock = getLock(brokerSilentTokenCommandParameters.getBrokerAccount());
        lock.readLock().lock();
        try {
            try {
                Scope makeCurrentSpan = SpanExtension.makeCurrentSpan(createSpan);
                try {
                    createSpan.setAttribute(AttributeName.prtv2_used_in_request.name(), prt.isPrtV2());
                    PRT prt2 = executePrtTokenStrategy(this.mPrtStrategyFactory.createRefreshPrtStrategy(this.mBrokerPlatformComponents, prt), brokerSilentTokenCommandParameters).getPrt();
                    createSpan.setStatus(StatusCode.OK);
                    if (makeCurrentSpan != null) {
                        makeCurrentSpan.close();
                    }
                    return prt2;
                } catch (Throwable th) {
                    if (makeCurrentSpan != null) {
                        try {
                            makeCurrentSpan.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    }
                    throw th;
                }
            } catch (Exception e) {
                createSpan.recordException(e);
                createSpan.setStatus(StatusCode.ERROR);
                throw e;
            }
        } finally {
            lock.readLock().unlock();
            createSpan.end();
        }
    }

    private boolean shouldRefreshPrt(@NonNull PRT prt, @Nullable BrokerRequestType brokerRequestType) {
        if (prt != null) {
            return !BrokerRequestType.BROKER_RT_REQUEST.equals(brokerRequestType) && new Date().getTime() >= prt.getAcquisitionTimeMillis() + TimeUnit.HOURS.toMillis(4L);
        }
        throw new NullPointerException("prt is marked non-null but is null");
    }

    private void validateAcquireTokenResult(@NonNull TokenResult tokenResult, @NonNull BrokerSilentTokenCommandParameters brokerSilentTokenCommandParameters, @NonNull PRT prt) throws BaseException {
        if (tokenResult == null) {
            throw new NullPointerException("tokenResult is marked non-null but is null");
        }
        if (brokerSilentTokenCommandParameters == null) {
            throw new NullPointerException("requestParameters is marked non-null but is null");
        }
        if (prt == null) {
            throw new NullPointerException("currentPrt is marked non-null but is null");
        }
        String str = TAG + ":validateAcquireTokenResult";
        if (tokenResult.getSuccess()) {
            return;
        }
        Logger.info(str, "Token acquisition failed.");
        ServiceException exceptionFromTokenResult = ExceptionAdapter.exceptionFromTokenResult(tokenResult, brokerSilentTokenCommandParameters);
        exceptionFromTokenResult.setUsername(brokerSilentTokenCommandParameters.getBrokerAccount().getCipherOutputStream());
        if (!(exceptionFromTokenResult instanceof IntuneAppProtectionPolicyRequiredException)) {
            throw exceptionFromTokenResult;
        }
        ((IntuneAppProtectionPolicyRequiredException) exceptionFromTokenResult).setAuthorityUrl(PrtUtils.getAuthorityForAcquiringToken(brokerSilentTokenCommandParameters.getAuthority().getAuthorityURL().toString(), prt.getHomeAuthority()));
        BrokerUtil.addClientToDefaultBrokerApplicationRegistry(this.mBrokerPlatformComponents, brokerSilentTokenCommandParameters.getClientId(), brokerSilentTokenCommandParameters.getCallerUid(), BrokerUtil.getEnvironmentFromAuthority(prt.getHomeAuthority()));
        throw exceptionFromTokenResult;
    }

    private <T extends TokenCommandParameters> void validatePrtResult(@NonNull TokenResult tokenResult, @NonNull IAcquirePrtStrategy<T> iAcquirePrtStrategy, T t) throws BaseException {
        if (tokenResult == null) {
            throw new NullPointerException("prtTokenResult is marked non-null but is null");
        }
        if (iAcquirePrtStrategy == null) {
            throw new NullPointerException("acquirePrtStrategy is marked non-null but is null");
        }
        String str = TAG + ":validatePrtResult";
        if (!tokenResult.getSuccess()) {
            Logger.info(str, "Prt acquisition failed for strategy: " + iAcquirePrtStrategy.getClass().getSimpleName());
            throw ExceptionAdapter.exceptionFromTokenResult(tokenResult, t);
        }
        WorkplaceJoinData workplaceJoinEntryForWPJAPI = this.mWpjController.getWorkplaceJoinEntryForWPJAPI();
        if (workplaceJoinEntryForWPJAPI != null && workplaceJoinEntryForWPJAPI.isSharedDevice() && !workplaceJoinEntryForWPJAPI.getTenantId().equalsIgnoreCase(BrokerUtil.getHomeTenantIdFromTokenResult(tokenResult))) {
            throw new ClientException(ClientException.BRT_TENANT_MISMATCH, ErrorStrings.BRT_TENANT_MISMATCH_ERROR_MESSAGE);
        }
    }

    @Override // com.microsoft.identity.broker4j.broker.prt.IPrtController
    public TokenResult acquireAtUsingPrt(@NonNull BrokerSilentTokenCommandParameters brokerSilentTokenCommandParameters) throws BaseException {
        if (brokerSilentTokenCommandParameters == null) {
            throw new NullPointerException("parameters is marked non-null but is null");
        }
        Span createSpan = OTelUtility.createSpan(SpanName.AcquireAtUsingPrt.name());
        try {
            try {
                Scope makeCurrentSpan = SpanExtension.makeCurrentSpan(createSpan);
                try {
                    SpanExtension.current().setAttribute(AttributeName.prt_protocol_version.name(), this.mPrtProtocolVersion.getValue());
                    IBrokerAccount brokerAccount = brokerSilentTokenCommandParameters.getBrokerAccount();
                    WorkplaceJoinData wpjData = this.mWpjController.getWpjData(this.mAccountDataManager, brokerAccount, brokerSilentTokenCommandParameters.getCorrelationId());
                    PRT acquireRegisteredDevicePrtIfRequired = acquireRegisteredDevicePrtIfRequired(brokerAccount, brokerSilentTokenCommandParameters, wpjData);
                    ReentrantReadWriteLock lock = getLock(brokerAccount);
                    lock.readLock().lock();
                    try {
                        if (acquireRegisteredDevicePrtIfRequired.isPrtV2() || shouldRefreshPrt(acquireRegisteredDevicePrtIfRequired, brokerSilentTokenCommandParameters.getRequestType())) {
                            acquireRegisteredDevicePrtIfRequired = refreshPrt(acquireRegisteredDevicePrtIfRequired, brokerSilentTokenCommandParameters);
                        }
                        TokenResult acquireAtUsingPrt = acquireAtUsingPrt(brokerSilentTokenCommandParameters, acquireRegisteredDevicePrtIfRequired, wpjData);
                        lock.readLock().unlock();
                        if (acquireAtUsingPrt.getSuccess()) {
                            createSpan.setStatus(StatusCode.OK);
                        } else {
                            createSpan.setStatus(StatusCode.ERROR, acquireAtUsingPrt.getErrorResponse().getErrorDescription());
                        }
                        if (makeCurrentSpan != null) {
                            makeCurrentSpan.close();
                        }
                        return acquireAtUsingPrt;
                    } catch (Throwable th) {
                        lock.readLock().unlock();
                        throw th;
                    }
                } catch (Throwable th2) {
                    if (makeCurrentSpan != null) {
                        try {
                            makeCurrentSpan.close();
                        } catch (Throwable th3) {
                            th2.addSuppressed(th3);
                        }
                    }
                    throw th2;
                }
            } catch (Exception e) {
                createSpan.recordException(e);
                createSpan.setStatus(StatusCode.ERROR);
                throw e;
            }
        } finally {
            createSpan.end();
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    @Override // com.microsoft.identity.broker4j.broker.prt.IPrtController
    public PrtResult acquirePrt(@NonNull BrokerInteractiveTokenCommandParameters brokerInteractiveTokenCommandParameters) throws BaseException {
        if (brokerInteractiveTokenCommandParameters == null) {
            throw new NullPointerException("requestParameters is marked non-null but is null");
        }
        String str = TAG + ":acquirePrt";
        Span createSpan = OTelUtility.createSpan(SpanName.AcquirePrtInteractively.name());
        try {
            try {
                Scope makeCurrentSpan = SpanExtension.makeCurrentSpan(createSpan);
                try {
                    IBrokerAccount brokerAccount = brokerInteractiveTokenCommandParameters.getBrokerAccount();
                    if (brokerAccount != null) {
                        try {
                            brokerInteractiveTokenCommandParameters = getInteractiveParametersWithRefreshTokenCredential(brokerInteractiveTokenCommandParameters, getRefreshTokenCredential(brokerInteractiveTokenCommandParameters, brokerAccount));
                        } catch (ClientException e) {
                            Logger.warn(str, "Unable to get refresh token credential. " + e.getMessage());
                        }
                    }
                    IPrtAuthorizationStrategy createPrtAuthorizationStrategy = this.mPrtStrategyFactory.createPrtAuthorizationStrategy(this.mBrokerPlatformComponents);
                    this.mPrtAuthorizationStrategy = createPrtAuthorizationStrategy;
                    MicrosoftStsAuthorizationRequest createAuthorizationRequest = createPrtAuthorizationStrategy.createAuthorizationRequest(brokerInteractiveTokenCommandParameters);
                    MicrosoftStsAuthorizationResult requestAuthorization = this.mPrtAuthorizationStrategy.requestAuthorization(createAuthorizationRequest);
                    if (!requestAuthorization.getSuccess()) {
                        throw ExceptionAdapter.exceptionFromAuthorizationResult(requestAuthorization, brokerInteractiveTokenCommandParameters);
                    }
                    PrtResult executePrtTokenStrategy = executePrtTokenStrategy(this.mPrtStrategyFactory.createInteractivePrtAcquisitionStrategy(this.mBrokerPlatformComponents, createAuthorizationRequest, (MicrosoftStsAuthorizationResponse) requestAuthorization.getAuthorizationResponse()), brokerInteractiveTokenCommandParameters);
                    createSpan.setStatus(StatusCode.OK);
                    if (makeCurrentSpan != null) {
                        makeCurrentSpan.close();
                    }
                    return executePrtTokenStrategy;
                } catch (Throwable th) {
                    if (makeCurrentSpan != null) {
                        try {
                            makeCurrentSpan.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    }
                    throw th;
                }
            } catch (Exception e2) {
                createSpan.recordException(e2);
                createSpan.setStatus(StatusCode.ERROR);
                throw e2;
            }
        } finally {
            createSpan.end();
        }
    }

    @Override // com.microsoft.identity.broker4j.broker.prt.IPrtController
    public PrtResult acquireRegisteredDevicePrt(@NonNull IBrokerAccount iBrokerAccount, @NonNull Authority authority, @NonNull WorkplaceJoinData workplaceJoinData, @NonNull String str) throws BaseException {
        if (iBrokerAccount == null) {
            throw new NullPointerException("account is marked non-null but is null");
        }
        if (authority == null) {
            throw new NullPointerException("authority is marked non-null but is null");
        }
        if (workplaceJoinData == null) {
            throw new NullPointerException("wpjData is marked non-null but is null");
        }
        if (str == null) {
            throw new NullPointerException("correlationId is marked non-null but is null");
        }
        Span createSpan = OTelUtility.createSpan(SpanName.PrtUpgrade.name());
        ReentrantReadWriteLock lock = getLock(iBrokerAccount);
        lock.writeLock().lock();
        try {
            try {
                Scope makeCurrentSpan = SpanExtension.makeCurrentSpan(createSpan);
                try {
                    BrokerUtil.populateCurrentSpanFromWpjData(workplaceJoinData);
                    PrtResult executePrtTokenStrategy = executePrtTokenStrategy(this.mRegisterDevicePrtStrategyFactory.createUpgradeToRegisteredDevicePrtStrategy(this.mBrokerPlatformComponents, loadPrt(iBrokerAccount, authority, ":acquireRegisteredDevicePrt"), workplaceJoinData), createBrokerSilentParametersForRegisteredDevicePrtRequest(iBrokerAccount, authority, str));
                    createSpan.setStatus(StatusCode.OK);
                    if (makeCurrentSpan != null) {
                        makeCurrentSpan.close();
                    }
                    return executePrtTokenStrategy;
                } catch (Throwable th) {
                    if (makeCurrentSpan != null) {
                        try {
                            makeCurrentSpan.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    }
                    throw th;
                }
            } catch (Exception e) {
                createSpan.recordException(e);
                createSpan.setStatus(StatusCode.ERROR);
                throw e;
            }
        } finally {
            lock.writeLock().unlock();
            createSpan.end();
        }
    }

    @Override // com.microsoft.identity.broker4j.broker.prt.IPrtController
    public PrtResult acquireRegisteredDevicePrtFromBrt(@NonNull IBrokerAccount iBrokerAccount, @NonNull String str, @NonNull Authority authority, @NonNull WorkplaceJoinData workplaceJoinData, @NonNull String str2) throws BaseException {
        if (iBrokerAccount == null) {
            throw new NullPointerException("account is marked non-null but is null");
        }
        if (str == null) {
            throw new NullPointerException("brokerRt is marked non-null but is null");
        }
        if (authority == null) {
            throw new NullPointerException("authority is marked non-null but is null");
        }
        if (workplaceJoinData == null) {
            throw new NullPointerException("wpjData is marked non-null but is null");
        }
        if (str2 == null) {
            throw new NullPointerException("correlationId is marked non-null but is null");
        }
        Span createSpan = OTelUtility.createSpan(SpanName.AcquirePrtUsingBrt.name());
        ReentrantReadWriteLock lock = getLock(iBrokerAccount);
        lock.writeLock().lock();
        try {
            try {
                Scope makeCurrentSpan = SpanExtension.makeCurrentSpan(createSpan);
                try {
                    BrokerUtil.populateCurrentSpanFromWpjData(workplaceJoinData);
                    PrtResult executePrtTokenStrategy = executePrtTokenStrategy(this.mRegisterDevicePrtStrategyFactory.createBrtToPrtStrategy(this.mBrokerPlatformComponents, str, authority, workplaceJoinData), createBrokerSilentParametersForRegisteredDevicePrtRequest(iBrokerAccount, authority, str2));
                    createSpan.setStatus(StatusCode.OK);
                    if (makeCurrentSpan != null) {
                        makeCurrentSpan.close();
                    }
                    return executePrtTokenStrategy;
                } catch (Throwable th) {
                    if (makeCurrentSpan != null) {
                        try {
                            makeCurrentSpan.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    }
                    throw th;
                }
            } catch (Exception e) {
                createSpan.recordException(e);
                createSpan.setStatus(StatusCode.ERROR);
                throw e;
            }
        } finally {
            lock.writeLock().unlock();
            createSpan.end();
        }
    }

    @Override // com.microsoft.identity.broker4j.broker.prt.IPrtController
    public void completeAuthorization(int i, int i2, @NonNull PropertyBag propertyBag) {
        if (propertyBag == null) {
            throw new NullPointerException("data is marked non-null but is null");
        }
        String str = TAG + ":completeAuthorization";
        IPrtAuthorizationStrategy iPrtAuthorizationStrategy = this.mPrtAuthorizationStrategy;
        if (iPrtAuthorizationStrategy != null) {
            iPrtAuthorizationStrategy.completeAuthorization(i, i, propertyBag);
        } else {
            Logger.warn(str, "No Authorization is in progress.");
        }
    }

    @Override // com.microsoft.identity.broker4j.broker.prt.IPrtController
    public String getRefreshTokenCredential(@NonNull BrokerInteractiveTokenCommandParameters brokerInteractiveTokenCommandParameters, @NonNull IBrokerAccount iBrokerAccount) throws ClientException {
        if (brokerInteractiveTokenCommandParameters == null) {
            throw new NullPointerException("requestParameters is marked non-null but is null");
        }
        if (iBrokerAccount == null) {
            throw new NullPointerException("account is marked non-null but is null");
        }
        String str = TAG + ":getRefreshTokenCredential";
        Logger.info(str, "Getting Refresh token Credential");
        ReentrantReadWriteLock lock = getLock(iBrokerAccount);
        lock.readLock().lock();
        try {
            PRT loadPrt = loadPrt(iBrokerAccount, brokerInteractiveTokenCommandParameters.getAuthority(), str);
            return loadPrt.getSsoCookieFormat(this.mBrokerPlatformComponents.getBrokerKeyFactory().getSessionKeyJwtRequestSigner(loadPrt.getSessionKey()), MicrosoftStsNonceUtil.getNonce(PrtUtils.getAuthorityForAcquiringToken(brokerInteractiveTokenCommandParameters.getAuthority().getAuthorityURL().toString(), loadPrt.getHomeAuthority()), brokerInteractiveTokenCommandParameters.getCorrelationId()));
        } finally {
            lock.readLock().unlock();
        }
    }

    @Override // com.microsoft.identity.broker4j.broker.prt.IPrtController
    public AcquirePrtSsoTokenResult getSsoCookieToken(@NonNull AcquirePrtSsoTokenCommandParameters acquirePrtSsoTokenCommandParameters, @NonNull IBrokerAccount iBrokerAccount) throws BaseException {
        if (acquirePrtSsoTokenCommandParameters == null) {
            throw new NullPointerException("ssoTokenCommandParameters is marked non-null but is null");
        }
        if (iBrokerAccount == null) {
            throw new NullPointerException("account is marked non-null but is null");
        }
        Logger.info(TAG + ":getSsoCookieToken", "Getting sso cookie token");
        if (StringUtil.isNullOrEmpty(acquirePrtSsoTokenCommandParameters.getSsoUrl())) {
            throw new ClientException(ClientException.MISSING_PARAMETER, "Sso Url is empty");
        }
        PRT acquireRegisteredDevicePrtIfRequired = acquireRegisteredDevicePrtIfRequired(iBrokerAccount, createBrokerSilentParametersForRegisteredDevicePrtRequest(iBrokerAccount, Authority.getAuthorityFromAuthorityUrl(acquirePrtSsoTokenCommandParameters.getRequestAuthority()), acquirePrtSsoTokenCommandParameters.getCorrelationId()), this.mWpjController.getWpjData(this.mAccountDataManager, iBrokerAccount, acquirePrtSsoTokenCommandParameters.getCorrelationId()));
        ReentrantReadWriteLock lock = getLock(iBrokerAccount);
        lock.readLock().lock();
        try {
            return AcquirePrtSsoTokenResult.builder().cookieName("x-ms-RefreshTokenCredential").cookieContent(acquireRegisteredDevicePrtIfRequired.getSsoCookieFormat(this.mBrokerPlatformComponents.getBrokerKeyFactory().getSessionKeyJwtRequestSigner(acquireRegisteredDevicePrtIfRequired.getSessionKey()), getSsoNonceFromSsoUrl(acquirePrtSsoTokenCommandParameters.getSsoUrl()))).accountAuthority(acquireRegisteredDevicePrtIfRequired.getHomeAuthority()).telemetry(Collections.emptyMap()).build();
        } finally {
            lock.readLock().unlock();
        }
    }
}
