package macromedia.externals.com.microsoft.aad_1_3_0.adal4j;

import java.io.UnsupportedEncodingException;
import java.net.MalformedURLException;
import java.net.Proxy;
import java.net.URI;
import java.net.URL;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.HashMap;
import java.util.concurrent.Callable;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.Future;
import javax.net.ssl.SSLSocketFactory;
import macromedia.externals.com.nimbusds.jose_8_2_1.util.Base64URL;
import macromedia.externals.com.nimbusds.jwt_8_2_1.SignedJWT;
import macromedia.externals.com.nimbusds.oauth2.sdk_5_24_1.AuthorizationCode;
import macromedia.externals.com.nimbusds.oauth2.sdk_5_24_1.AuthorizationCodeGrant;
import macromedia.externals.com.nimbusds.oauth2.sdk_5_24_1.ClientCredentialsGrant;
import macromedia.externals.com.nimbusds.oauth2.sdk_5_24_1.JWTBearerGrant;
import macromedia.externals.com.nimbusds.oauth2.sdk_5_24_1.ParseException;
import macromedia.externals.com.nimbusds.oauth2.sdk_5_24_1.RefreshTokenGrant;
import macromedia.externals.com.nimbusds.oauth2.sdk_5_24_1.ResourceOwnerPasswordCredentialsGrant;
import macromedia.externals.com.nimbusds.oauth2.sdk_5_24_1.SAML2BearerGrant;
import macromedia.externals.com.nimbusds.oauth2.sdk_5_24_1.auth.ClientAuthentication;
import macromedia.externals.com.nimbusds.oauth2.sdk_5_24_1.auth.ClientAuthenticationMethod;
import macromedia.externals.com.nimbusds.oauth2.sdk_5_24_1.auth.ClientSecretPost;
import macromedia.externals.com.nimbusds.oauth2.sdk_5_24_1.auth.PrivateKeyJWT;
import macromedia.externals.com.nimbusds.oauth2.sdk_5_24_1.auth.Secret;
import macromedia.externals.com.nimbusds.oauth2.sdk_5_24_1.id.ClientID;
import macromedia.externals.com.nimbusds.oauth2.sdk_5_24_1.token.RefreshToken;
import macromedia.externals.org.apache.commons_1_10.codec.binary.Base64;
import macromedia.externals.org.slf4j_1_7_5.Logger;
import macromedia.externals.org.slf4j_1_7_5.LoggerFactory;

/* loaded from: input_file:macromedia/sqlserver/externals/com/microsoft/aad_1_3_0/adal4j/AuthenticationContext.class */
public class AuthenticationContext {
    private final Logger log = LoggerFactory.getLogger(AuthenticationContext.class);
    private final AuthenticationAuthority authenticationAuthority;
    private String correlationId;
    private String authority;
    private final ExecutorService service;
    private final boolean validateAuthority;
    private Proxy proxy;
    private SSLSocketFactory sslSocketFactory;

    public AuthenticationContext(String str, boolean z, ExecutorService executorService) throws MalformedURLException {
        if (StringHelper.isBlank(str)) {
            throw new IllegalArgumentException("authority is null or empty");
        }
        if (executorService == null) {
            throw new IllegalArgumentException("service is null");
        }
        this.service = executorService;
        this.validateAuthority = z;
        this.authority = canonicalizeUri(str);
        this.authenticationAuthority = new AuthenticationAuthority(new URL(getAuthority()), shouldValidateAuthority());
    }

    public Proxy getProxy() {
        return this.proxy;
    }

    public void setProxy(Proxy proxy) {
        this.proxy = proxy;
    }

    public SSLSocketFactory getSslSocketFactory() {
        return this.sslSocketFactory;
    }

    public void setSslSocketFactory(SSLSocketFactory sSLSocketFactory) {
        this.sslSocketFactory = sSLSocketFactory;
    }

    private String canonicalizeUri(String str) {
        if (!str.endsWith("/")) {
            str = str + "/";
        }
        return str;
    }

    /* JADX WARN: Type inference failed for: r1v0, types: [macromedia.externals.com.microsoft.aad_1_3_0.adal4j.AuthenticationContext$1] */
    private Future<AuthenticationResult> acquireToken(AdalAuthorizatonGrant adalAuthorizatonGrant, ClientAuthentication clientAuthentication, final AuthenticationCallback authenticationCallback) {
        return this.service.submit(new Callable<AuthenticationResult>() { // from class: macromedia.externals.com.microsoft.aad_1_3_0.adal4j.AuthenticationContext.1
            private AdalAuthorizatonGrant authGrant;
            private ClientAuthentication clientAuth;
            private ClientDataHttpHeaders headers;

            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.util.concurrent.Callable
            public AuthenticationResult call() throws Exception {
                AuthenticationResult authenticationResult = null;
                try {
                    this.authGrant = AuthenticationContext.this.processPasswordGrant(this.authGrant);
                    authenticationResult = AuthenticationContext.this.acquireTokenCommon(this.authGrant, this.clientAuth, this.headers);
                    AuthenticationContext.this.logResult(authenticationResult, this.headers);
                    if (authenticationCallback != null) {
                        authenticationCallback.onSuccess(authenticationResult);
                    }
                } catch (Exception e) {
                    AuthenticationContext.this.log.error(LogHelper.createMessage("Request to acquire token failed.", this.headers.getHeaderCorrelationIdValue()), (Throwable) e);
                    if (authenticationCallback == null) {
                        throw e;
                    }
                    authenticationCallback.onFailure(e);
                }
                return authenticationResult;
            }

            /* JADX INFO: Access modifiers changed from: private */
            public Callable<AuthenticationResult> init(AdalAuthorizatonGrant adalAuthorizatonGrant2, ClientAuthentication clientAuthentication2, ClientDataHttpHeaders clientDataHttpHeaders) {
                this.authGrant = adalAuthorizatonGrant2;
                this.clientAuth = clientAuthentication2;
                this.headers = clientDataHttpHeaders;
                return this;
            }
        }.init(adalAuthorizatonGrant, clientAuthentication, new ClientDataHttpHeaders(getCorrelationId())));
    }

    public Future<AuthenticationResult> acquireToken(String str, String str2, String str3, String str4, AuthenticationCallback authenticationCallback) {
        if (StringHelper.isBlank(str)) {
            throw new IllegalArgumentException("resource is null or empty");
        }
        if (StringHelper.isBlank(str2)) {
            throw new IllegalArgumentException("clientId is null or empty");
        }
        if (StringHelper.isBlank(str3)) {
            throw new IllegalArgumentException("username is null or empty");
        }
        if (StringHelper.isBlank(str4)) {
            throw new IllegalArgumentException("password is null or empty");
        }
        return acquireToken(new AdalAuthorizatonGrant(new ResourceOwnerPasswordCredentialsGrant(str3, new Secret(str4)), str), new ClientAuthenticationPost(ClientAuthenticationMethod.NONE, new ClientID(str2)), authenticationCallback);
    }

    public Future<AuthenticationResult> acquireToken(String str, ClientAssertion clientAssertion, AuthenticationCallback authenticationCallback) {
        validateInput(str, clientAssertion, true);
        return acquireToken(new AdalAuthorizatonGrant(new ClientCredentialsGrant(), str), createClientAuthFromClientAssertion(clientAssertion), authenticationCallback);
    }

    private void validateInput(String str, Object obj, boolean z) {
        if (z && StringHelper.isBlank(str)) {
            throw new IllegalArgumentException("resource is null or empty");
        }
        if (obj == null) {
            throw new IllegalArgumentException("credential is null");
        }
    }

    public Future<AuthenticationResult> acquireToken(String str, UserAssertion userAssertion, ClientCredential clientCredential, AuthenticationCallback authenticationCallback) {
        validateInput(str, clientCredential, true);
        HashMap hashMap = new HashMap();
        hashMap.put("resource", str);
        hashMap.put("requested_token_use", "on_behalf_of");
        try {
            return acquireToken(new AdalAuthorizatonGrant(new JWTBearerGrant(SignedJWT.parse(userAssertion.getAssertion())), hashMap), new ClientSecretPost(new ClientID(clientCredential.getClientId()), new Secret(clientCredential.getClientSecret())), authenticationCallback);
        } catch (Exception e) {
            throw new AuthenticationException(e);
        }
    }

    public Future<AuthenticationResult> acquireToken(String str, ClientCredential clientCredential, AuthenticationCallback authenticationCallback) {
        validateInput(str, clientCredential, true);
        return acquireToken(new AdalAuthorizatonGrant(new ClientCredentialsGrant(), str), new ClientSecretPost(new ClientID(clientCredential.getClientId()), new Secret(clientCredential.getClientSecret())), authenticationCallback);
    }

    public Future<AuthenticationResult> acquireToken(String str, AsymmetricKeyCredential asymmetricKeyCredential, AuthenticationCallback authenticationCallback) throws AuthenticationException {
        return acquireToken(str, JwtHelper.buildJwt(asymmetricKeyCredential, this.authenticationAuthority.getSelfSignedJwtAudience()), authenticationCallback);
    }

    public Future<AuthenticationResult> acquireTokenByAuthorizationCode(String str, String str2, String str3, URI uri, AuthenticationCallback authenticationCallback) {
        ClientAuthentication clientAuthenticationPost = new ClientAuthenticationPost(ClientAuthenticationMethod.NONE, new ClientID(str3));
        validateAuthCodeRequestInput(str, uri, clientAuthenticationPost, str2);
        return acquireToken(new AdalAuthorizatonGrant(new AuthorizationCodeGrant(new AuthorizationCode(str), uri), str2), clientAuthenticationPost, authenticationCallback);
    }

    public Future<AuthenticationResult> acquireTokenByAuthorizationCode(String str, URI uri, ClientAssertion clientAssertion, AuthenticationCallback authenticationCallback) {
        return acquireTokenByAuthorizationCode(str, uri, clientAssertion, (String) null, authenticationCallback);
    }

    public Future<AuthenticationResult> acquireTokenByAuthorizationCode(String str, URI uri, ClientAssertion clientAssertion, String str2, AuthenticationCallback authenticationCallback) {
        validateAuthCodeRequestInput(str, uri, clientAssertion, str2);
        return acquireToken(new AdalAuthorizatonGrant(new AuthorizationCodeGrant(new AuthorizationCode(str), uri), str2), createClientAuthFromClientAssertion(clientAssertion), authenticationCallback);
    }

    public Future<AuthenticationResult> acquireTokenByAuthorizationCode(String str, URI uri, ClientCredential clientCredential, AuthenticationCallback authenticationCallback) {
        validateAuthCodeRequestInput(str, uri, clientCredential, null);
        return acquireTokenByAuthorizationCode(str, uri, clientCredential, (String) null, authenticationCallback);
    }

    public Future<AuthenticationResult> acquireTokenByAuthorizationCode(String str, URI uri, ClientCredential clientCredential, String str2, AuthenticationCallback authenticationCallback) {
        validateAuthCodeRequestInput(str, uri, clientCredential, str2);
        return acquireToken(new AdalAuthorizatonGrant(new AuthorizationCodeGrant(new AuthorizationCode(str), uri), str2), new ClientSecretPost(new ClientID(clientCredential.getClientId()), new Secret(clientCredential.getClientSecret())), authenticationCallback);
    }

    public Future<AuthenticationResult> acquireTokenByAuthorizationCode(String str, URI uri, AsymmetricKeyCredential asymmetricKeyCredential, AuthenticationCallback authenticationCallback) throws AuthenticationException {
        return acquireTokenByAuthorizationCode(str, uri, asymmetricKeyCredential, (String) null, authenticationCallback);
    }

    public Future<AuthenticationResult> acquireTokenByAuthorizationCode(String str, URI uri, AsymmetricKeyCredential asymmetricKeyCredential, String str2, AuthenticationCallback authenticationCallback) throws AuthenticationException {
        validateAuthCodeRequestInput(str, uri, asymmetricKeyCredential, str2);
        return acquireTokenByAuthorizationCode(str, uri, JwtHelper.buildJwt(asymmetricKeyCredential, this.authenticationAuthority.getSelfSignedJwtAudience()), str2, authenticationCallback);
    }

    public Future<AuthenticationResult> acquireTokenByRefreshToken(String str, String str2, ClientAssertion clientAssertion, AuthenticationCallback authenticationCallback) {
        return acquireTokenByRefreshToken(str, str2, clientAssertion, null, authenticationCallback);
    }

    public Future<AuthenticationResult> acquireTokenByRefreshToken(String str, String str2, ClientAssertion clientAssertion, String str3, AuthenticationCallback authenticationCallback) {
        validateRefreshTokenRequestInput(str, str2, clientAssertion);
        return acquireToken(new AdalAuthorizatonGrant(new RefreshTokenGrant(new RefreshToken(str)), str3), createClientAuthFromClientAssertion(clientAssertion), authenticationCallback);
    }

    public Future<AuthenticationResult> acquireTokenByRefreshToken(String str, ClientCredential clientCredential, AuthenticationCallback authenticationCallback) {
        return acquireTokenByRefreshToken(str, clientCredential, (String) null, authenticationCallback);
    }

    public Future<AuthenticationResult> acquireTokenByRefreshToken(String str, ClientCredential clientCredential, String str2, AuthenticationCallback authenticationCallback) {
        return acquireToken(new AdalAuthorizatonGrant(new RefreshTokenGrant(new RefreshToken(str)), str2), new ClientSecretPost(new ClientID(clientCredential.getClientId()), new Secret(clientCredential.getClientSecret())), authenticationCallback);
    }

    public Future<AuthenticationResult> acquireTokenByRefreshToken(String str, AsymmetricKeyCredential asymmetricKeyCredential, AuthenticationCallback authenticationCallback) throws AuthenticationException {
        return acquireTokenByRefreshToken(str, asymmetricKeyCredential, (String) null, authenticationCallback);
    }

    public Future<AuthenticationResult> acquireTokenByRefreshToken(String str, AsymmetricKeyCredential asymmetricKeyCredential, String str2, AuthenticationCallback authenticationCallback) throws AuthenticationException {
        return acquireTokenByRefreshToken(str, asymmetricKeyCredential.getClientId(), JwtHelper.buildJwt(asymmetricKeyCredential, this.authenticationAuthority.getSelfSignedJwtAudience()), (String) null, authenticationCallback);
    }

    public Future<AuthenticationResult> acquireTokenByRefreshToken(String str, String str2, AuthenticationCallback authenticationCallback) {
        return acquireTokenByRefreshToken(str, str2, (String) null, authenticationCallback);
    }

    public Future<AuthenticationResult> acquireTokenByRefreshToken(String str, String str2, String str3, AuthenticationCallback authenticationCallback) {
        return acquireToken(new AdalAuthorizatonGrant(new RefreshTokenGrant(new RefreshToken(str)), str3), new ClientAuthenticationPost(ClientAuthenticationMethod.NONE, new ClientID(str2)), authenticationCallback);
    }

    private void validateRefreshTokenRequestInput(String str, String str2, Object obj) {
        if (StringHelper.isBlank(str)) {
            throw new IllegalArgumentException("refreshToken is null or empty");
        }
        if (StringHelper.isBlank(str2)) {
            throw new IllegalArgumentException("clientId is null or empty");
        }
        validateInput(null, obj, false);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public AuthenticationResult acquireTokenCommon(AdalAuthorizatonGrant adalAuthorizatonGrant, ClientAuthentication clientAuthentication, ClientDataHttpHeaders clientDataHttpHeaders) throws Exception {
        this.log.debug(LogHelper.createMessage(String.format("Using Client Http Headers: %s", clientDataHttpHeaders), clientDataHttpHeaders.getHeaderCorrelationIdValue()));
        this.authenticationAuthority.doInstanceDiscovery(clientDataHttpHeaders.getReadonlyHeaderMap(), this.proxy, this.sslSocketFactory);
        return new AdalTokenRequest(new URL(this.authenticationAuthority.getTokenUri()), clientAuthentication, adalAuthorizatonGrant, clientDataHttpHeaders.getReadonlyHeaderMap(), this.proxy, this.sslSocketFactory).executeOAuthRequestAndProcessResponse();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public AdalAuthorizatonGrant processPasswordGrant(AdalAuthorizatonGrant adalAuthorizatonGrant) throws Exception {
        if (!(adalAuthorizatonGrant.getAuthorizationGrant() instanceof ResourceOwnerPasswordCredentialsGrant)) {
            return adalAuthorizatonGrant;
        }
        ResourceOwnerPasswordCredentialsGrant resourceOwnerPasswordCredentialsGrant = (ResourceOwnerPasswordCredentialsGrant) adalAuthorizatonGrant.getAuthorizationGrant();
        UserDiscoveryResponse execute = UserDiscoveryRequest.execute(this.authenticationAuthority.getUserRealmEndpoint(resourceOwnerPasswordCredentialsGrant.getUsername()), this.proxy, this.sslSocketFactory);
        if (execute.isAccountFederated()) {
            WSTrustResponse execute2 = WSTrustRequest.execute(execute.getFederationMetadataUrl(), resourceOwnerPasswordCredentialsGrant.getUsername(), resourceOwnerPasswordCredentialsGrant.getPassword().getValue(), execute.getCloudAudienceUrn(), this.proxy, this.sslSocketFactory);
            adalAuthorizatonGrant = new AdalAuthorizatonGrant(execute2.isTokenSaml2() ? new SAML2BearerGrant(new Base64URL(Base64.encodeBase64String(execute2.getToken().getBytes("UTF-8")))) : new SAML11BearerGrant(new Base64URL(Base64.encodeBase64String(execute2.getToken().getBytes()))), adalAuthorizatonGrant.getCustomParameters());
        }
        return adalAuthorizatonGrant;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void logResult(AuthenticationResult authenticationResult, ClientDataHttpHeaders clientDataHttpHeaders) throws NoSuchAlgorithmException, UnsupportedEncodingException {
        if (StringHelper.isBlank(authenticationResult.getAccessToken())) {
            return;
        }
        String computeSha256Hash = computeSha256Hash(authenticationResult.getAccessToken());
        this.log.debug(LogHelper.createMessage(!StringHelper.isBlank(authenticationResult.getRefreshToken()) ? String.format("Access Token with hash '%s' and Refresh Token with hash '%s' returned", computeSha256Hash, computeSha256Hash(authenticationResult.getRefreshToken())) : String.format("Access Token with hash '%s' returned", computeSha256Hash), clientDataHttpHeaders.getHeaderCorrelationIdValue()));
    }

    private String computeSha256Hash(String str) throws NoSuchAlgorithmException, UnsupportedEncodingException {
        MessageDigest messageDigest = MessageDigest.getInstance("SHA-256");
        messageDigest.update(str.getBytes("UTF-8"));
        return Base64.encodeBase64URLSafeString(messageDigest.digest());
    }

    private ClientAuthentication createClientAuthFromClientAssertion(ClientAssertion clientAssertion) {
        try {
            HashMap hashMap = new HashMap();
            hashMap.put("client_assertion_type", clientAssertion.getAssertionType());
            hashMap.put("client_assertion", clientAssertion.getAssertion());
            return PrivateKeyJWT.parse(hashMap);
        } catch (ParseException e) {
            throw new AuthenticationException(e);
        }
    }

    public String getCorrelationId() {
        return this.correlationId;
    }

    public void setCorrelationId(String str) {
        this.correlationId = str;
    }

    public boolean shouldValidateAuthority() {
        return this.validateAuthority;
    }

    public String getAuthority() {
        return this.authority;
    }

    private void validateAuthCodeRequestInput(String str, URI uri, Object obj, String str2) {
        if (StringHelper.isBlank(str)) {
            throw new IllegalArgumentException("authorization code is null or empty");
        }
        if (uri == null) {
            throw new IllegalArgumentException("redirect uri is null");
        }
        validateInput(str2, obj, false);
    }
}
