package com.microsoft.office.outlook.tokenrefresh;

import android.content.Context;
import android.os.IBinder;
import android.os.RemoteException;
import android.text.TextUtils;
import com.acompli.accore.ACAccountManager;
import com.acompli.accore.model.ACMailAccount;
import com.acompli.accore.util.BaseAnalyticsProvider;
import com.acompli.accore.util.PIILogUtility;
import com.acompli.libcircle.log.Logger;
import com.acompli.libcircle.log.LoggerFactory;
import com.acompli.libcircle.log.Loggers;
import com.acompli.thrift.client.generated.AuthType;
import com.microsoft.aad.adal.ADALAuthenticationContext;
import com.microsoft.tokenshare.AccountInfo;
import com.microsoft.tokenshare.ITokenProvider;
import com.microsoft.tokenshare.RefreshToken;
import java.util.Date;
import java.util.Iterator;
import java.util.List;
import java.util.Vector;

/* loaded from: classes.dex */
public class SsoTokenProvider implements ITokenProvider {
    private final ACAccountManager mAccountManager;
    private final BaseAnalyticsProvider mAnalyticsProvider;
    private final Context mContext;
    private static final Logger LOG = LoggerFactory.a("SsoTokenProvider");
    private static final Logger ACCOUNT_LOGGER = Loggers.a().c();

    public SsoTokenProvider(Context context, ACAccountManager aCAccountManager, BaseAnalyticsProvider baseAnalyticsProvider) {
        this.mContext = context;
        this.mAccountManager = aCAccountManager;
        this.mAnalyticsProvider = baseAnalyticsProvider;
    }

    private AccountInfo.AccountType getAccountType(ACMailAccount aCMailAccount) {
        return isOrgIdAccount(aCMailAccount) ? AccountInfo.AccountType.ORGID : isMsaAccount(aCMailAccount) ? AccountInfo.AccountType.MSA : AccountInfo.AccountType.OTHER;
    }

    private boolean isMsaAccount(ACMailAccount aCMailAccount) {
        AuthType findByValue = AuthType.findByValue(aCMailAccount.getAuthType());
        if (findByValue == null) {
            return false;
        }
        switch (findByValue) {
            case OutlookMSARest:
            case OneDriveConsumerMSA:
                return true;
            default:
                return false;
        }
    }

    private boolean isOrgIdAccount(ACMailAccount aCMailAccount) {
        AuthType findByValue = AuthType.findByValue(aCMailAccount.getAuthType());
        if (findByValue == null) {
            return false;
        }
        switch (findByValue) {
            case Office365RestDirect:
            case OneDriveForBusiness:
            case ExchangeCloudCacheOAuth:
                return true;
            default:
                return false;
        }
    }

    private boolean isPpeAccount(ACMailAccount aCMailAccount) {
        return "https://login.windows-ppe.net/common/oauth2/token".equals(aCMailAccount.getAuthorityAAD());
    }

    @Override // android.os.IInterface
    public IBinder asBinder() {
        return null;
    }

    @Override // com.microsoft.tokenshare.ITokenProvider
    public List<AccountInfo> getAccounts() throws RemoteException {
        Vector<ACMailAccount> c = this.mAccountManager.c();
        Vector vector = new Vector(2);
        Iterator<ACMailAccount> it = c.iterator();
        while (it.hasNext()) {
            ACMailAccount next = it.next();
            AccountInfo.AccountType accountType = getAccountType(next);
            AccountInfo accountInfo = new AccountInfo(next.getUserID(), next.getPrimaryEmail(), accountType, false, null, new Date(next.getTokenExpiration()));
            if (accountType == AccountInfo.AccountType.MSA || accountType == AccountInfo.AccountType.OTHER || !TextUtils.isEmpty(next.getUserID())) {
                vector.add(accountInfo);
            }
        }
        return vector;
    }

    @Override // com.microsoft.tokenshare.ITokenProvider
    public String getSharedDeviceId() throws RemoteException {
        return null;
    }

    @Override // com.microsoft.tokenshare.ITokenProvider
    public RefreshToken getToken(AccountInfo accountInfo) throws RemoteException {
        String str;
        if (accountInfo.getAccountType() == AccountInfo.AccountType.OTHER) {
            return null;
        }
        Iterator<ACMailAccount> it = this.mAccountManager.c().iterator();
        while (it.hasNext()) {
            ACMailAccount next = it.next();
            if (next.getPrimaryEmail().equalsIgnoreCase(accountInfo.getPrimaryEmail())) {
                try {
                    if (isOrgIdAccount(next)) {
                        ADALAuthenticationContext aDALAuthenticationContext = new ADALAuthenticationContext(this.mContext, isPpeAccount(next) ? "https://login.windows-ppe.net/common/oauth2/token" : "https://login.windows.net/common/oauth2/token", false);
                        aDALAuthenticationContext.setExtendedLifetimeEnabled(true);
                        str = aDALAuthenticationContext.serialize(accountInfo.getAccountId());
                        ACCOUNT_LOGGER.a("Sharing refreshToken for account emailHash= " + PIILogUtility.a(next.getPrimaryEmail()));
                    } else if (isMsaAccount(next)) {
                        str = next.getRefreshToken();
                    } else {
                        ACCOUNT_LOGGER.b("token share request for non-ORGID, non-MSA account for emailHash= " + PIILogUtility.a(next.getPrimaryEmail()));
                        str = null;
                    }
                    this.mAnalyticsProvider.a(BaseAnalyticsProvider.SSOAction.share, next);
                    if (str != null) {
                        return new RefreshToken(str, "27922004-5251-4030-b22d-91ecd9a37ea4");
                    }
                    return null;
                } catch (Exception e) {
                    ACCOUNT_LOGGER.b("Token sharing failed for emailHash=" + PIILogUtility.a(accountInfo.getPrimaryEmail()), e);
                }
            }
        }
        return null;
    }
}
