package com.microsoft.intune.authentication.authcomponent.implementation;

import android.app.Activity;
import android.os.Parcelable;
import com.microsoft.identity.client.IAccount;
import com.microsoft.identity.client.IMultipleAccountPublicClientApplication;
import com.microsoft.identity.client.Prompt;
import com.microsoft.identity.client.claims.ClaimsRequest;
import com.microsoft.identity.client.claims.RequestedClaimAdditionalInformation;
import com.microsoft.identity.client.internal.IntuneAcquireTokenParameters;
import com.microsoft.intune.authentication.authcomponent.abstraction.AcquireAadTokenInteractiveSpec;
import com.microsoft.intune.authentication.authcomponent.abstraction.InteractiveAuthArguments;
import com.microsoft.intune.authentication.authcomponent.domain.IsBrokerCustomTabsEnabledUseCase;
import com.microsoft.intune.authentication.domain.telemetry.AuthWorkflowStep;
import com.microsoft.intune.authentication.domain.telemetry.IAuthTelemetry;
import com.microsoft.intune.common.presentationcomponent.implementation.IBaseView;
import com.microsoft.intune.core.common.SensitiveString;
import com.microsoft.intune.core.utils.LoggingExtensionsKt;
import com.microsoft.intune.coreui.dependencyinjection.qualifiers.ViewName;
import com.microsoft.intune.coreui.dependencyinjection.qualifiers.ViewType;
import com.microsoft.intune.netsvc.authentication.domain.AadScopeSet;
import com.microsoft.intune.netsvc.authentication.domain.TokenSpec;
import com.microsoft.intune.usercerts.domain.derivedcreds.HasDerivedCredentialPolicyUseCase;
import io.reactivex.rxjava3.android.schedulers.AndroidSchedulers;
import io.reactivex.rxjava3.core.Single;
import io.reactivex.rxjava3.functions.Consumer;
import io.reactivex.rxjava3.functions.Function3;
import io.reactivex.rxjava3.schedulers.Schedulers;
import java.util.List;
import java.util.Map;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.inject.Inject;
import kotlin.Metadata;
import kotlin.NoWhenBranchMatchedException;
import kotlin.Triple;
import kotlin.Unit;
import kotlin.collections.CollectionsKt__CollectionsJVMKt;
import kotlin.collections.CollectionsKt___CollectionsKt;
import kotlin.jvm.internal.Intrinsics;
import kotlin.jvm.internal.Reflection;
import kotlin.reflect.KClass;
import kotlin.text.StringsKt__StringsJVMKt;
import org.jetbrains.annotations.NotNull;

@Metadata(d1 = {"\u0000D\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0000\n\u0002\u0010\u0002\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0002\b\u0016\u0018\u0000 \u00152\u00020\u0001:\u0001\u0015B5\b\u0007\u0012\f\b\u0001\u0010\u0002\u001a\u0006\u0012\u0002\b\u00030\u0003\u0012\u0006\u0010\u0004\u001a\u00020\u0005\u0012\u0006\u0010\u0006\u001a\u00020\u0007\u0012\u0006\u0010\b\u001a\u00020\t\u0012\u0006\u0010\n\u001a\u00020\u000b¢\u0006\u0002\u0010\fJ\u0010\u0010\u000f\u001a\u00020\u00102\u0006\u0010\u000f\u001a\u00020\u0011H\u0016J\u0010\u0010\u0012\u001a\u00020\u00102\u0006\u0010\u0013\u001a\u00020\u0014H\u0004R\u000e\u0010\u0006\u001a\u00020\u0007X\u0082\u0004¢\u0006\u0002\n\u0000R\u000e\u0010\b\u001a\u00020\tX\u0082\u0004¢\u0006\u0002\n\u0000R\u000e\u0010\n\u001a\u00020\u000bX\u0082\u0004¢\u0006\u0002\n\u0000R\u000e\u0010\r\u001a\u00020\u000eX\u0082\u0004¢\u0006\u0002\n\u0000R\u000e\u0010\u0004\u001a\u00020\u0005X\u0082\u0004¢\u0006\u0002\n\u0000R\u0012\u0010\u0002\u001a\u0006\u0012\u0002\b\u00030\u0003X\u0082\u0004¢\u0006\u0002\n\u0000¨\u0006\u0016"}, d2 = {"Lcom/microsoft/intune/authentication/authcomponent/implementation/InteractiveMsalAuthWrapper;", "Lcom/microsoft/intune/authentication/authcomponent/implementation/IInteractiveMsalAuthWrapper;", "view", "Lcom/microsoft/intune/common/presentationcomponent/implementation/IBaseView;", "msalFactory", "Lcom/microsoft/intune/authentication/authcomponent/implementation/MsalFactory;", "authTelemetry", "Lcom/microsoft/intune/authentication/domain/telemetry/IAuthTelemetry;", "hasDerivedCredentialPolicyUseCase", "Lcom/microsoft/intune/usercerts/domain/derivedcreds/HasDerivedCredentialPolicyUseCase;", "isBrokerCustomTabsEnabledUseCase", "Lcom/microsoft/intune/authentication/authcomponent/domain/IsBrokerCustomTabsEnabledUseCase;", "(Lcom/microsoft/intune/common/presentationcomponent/implementation/IBaseView;Lcom/microsoft/intune/authentication/authcomponent/implementation/MsalFactory;Lcom/microsoft/intune/authentication/domain/telemetry/IAuthTelemetry;Lcom/microsoft/intune/usercerts/domain/derivedcreds/HasDerivedCredentialPolicyUseCase;Lcom/microsoft/intune/authentication/authcomponent/domain/IsBrokerCustomTabsEnabledUseCase;)V", "logger", "Ljava/util/logging/Logger;", "acquireToken", "", "Lcom/microsoft/intune/authentication/authcomponent/abstraction/AcquireAadTokenInteractiveSpec;", "startInteractiveAuthTelemetry", "scopeSet", "Lcom/microsoft/intune/netsvc/authentication/domain/AadScopeSet;", "Companion", "auth_userOfficialRelease"}, k = 1, mv = {1, 6, 0}, xi = 48)
/* loaded from: classes.dex */
public class InteractiveMsalAuthWrapper implements IInteractiveMsalAuthWrapper {

    @NotNull
    private static final String DEVICE_ID_CLAIM_KEY = "deviceid";

    @NotNull
    private static final String IS_REMOTE_LOGIN_ALLOWED_QUERY_STRING_KEY = "is_remote_login_allowed";

    @NotNull
    private final IAuthTelemetry authTelemetry;

    @NotNull
    private final HasDerivedCredentialPolicyUseCase hasDerivedCredentialPolicyUseCase;

    @NotNull
    private final IsBrokerCustomTabsEnabledUseCase isBrokerCustomTabsEnabledUseCase;

    @NotNull
    private final Logger logger;

    @NotNull
    private final MsalFactory msalFactory;

    @NotNull
    private final IBaseView<?> view;

    @NotNull
    private static final InteractiveMsalAuthWrapper$Companion$IS_REMOTE_LOGIN_ALLOWED_QUERY_STRING_PARAMETER$1 IS_REMOTE_LOGIN_ALLOWED_QUERY_STRING_PARAMETER = new InteractiveMsalAuthWrapper$Companion$IS_REMOTE_LOGIN_ALLOWED_QUERY_STRING_PARAMETER$1();

    @Inject
    public InteractiveMsalAuthWrapper(@ViewName(ViewType.Fragment) @NotNull IBaseView<?> iBaseView, @NotNull MsalFactory msalFactory, @NotNull IAuthTelemetry iAuthTelemetry, @NotNull HasDerivedCredentialPolicyUseCase hasDerivedCredentialPolicyUseCase, @NotNull IsBrokerCustomTabsEnabledUseCase isBrokerCustomTabsEnabledUseCase) {
        Intrinsics.checkNotNullParameter(iBaseView, "");
        Intrinsics.checkNotNullParameter(msalFactory, "");
        Intrinsics.checkNotNullParameter(iAuthTelemetry, "");
        Intrinsics.checkNotNullParameter(hasDerivedCredentialPolicyUseCase, "");
        Intrinsics.checkNotNullParameter(isBrokerCustomTabsEnabledUseCase, "");
        this.view = iBaseView;
        this.msalFactory = msalFactory;
        this.authTelemetry = iAuthTelemetry;
        this.hasDerivedCredentialPolicyUseCase = hasDerivedCredentialPolicyUseCase;
        this.isBrokerCustomTabsEnabledUseCase = isBrokerCustomTabsEnabledUseCase;
        this.logger = LoggingExtensionsKt.logger((KClass<?>) Reflection.getOrCreateKotlinClass(InteractiveMsalAuthWrapper.class));
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* renamed from: acquireToken$lambda-0, reason: not valid java name */
    public static final Triple m449acquireToken$lambda0(IMultipleAccountPublicClientApplication iMultipleAccountPublicClientApplication, Boolean bool, Boolean bool2) {
        return new Triple(iMultipleAccountPublicClientApplication, bool, bool2);
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* renamed from: acquireToken$lambda-4, reason: not valid java name */
    public static final void m450acquireToken$lambda4(InteractiveMsalAuthWrapper interactiveMsalAuthWrapper, AcquireAadTokenInteractiveSpec acquireAadTokenInteractiveSpec, Triple triple) {
        List<String> list;
        boolean isBlank;
        boolean isBlank2;
        List<Map.Entry<String, String>> listOf;
        Intrinsics.checkNotNullParameter(interactiveMsalAuthWrapper, "");
        Intrinsics.checkNotNullParameter(acquireAadTokenInteractiveSpec, "");
        IMultipleAccountPublicClientApplication iMultipleAccountPublicClientApplication = (IMultipleAccountPublicClientApplication) triple.component1();
        boolean booleanValue = ((Boolean) triple.component2()).booleanValue();
        boolean booleanValue2 = ((Boolean) triple.component3()).booleanValue();
        Activity activity = interactiveMsalAuthWrapper.view.getActivity();
        if (activity == null) {
            interactiveMsalAuthWrapper.logger.log(Level.SEVERE, "Null activity when trying to acquireToken interactively.");
            return;
        }
        InteractiveAuthArguments interactiveAuthArguments = acquireAadTokenInteractiveSpec.getInteractiveAuthArguments();
        TokenSpec.AadTokenSpec tokenSpec = interactiveAuthArguments.getTokenSpec();
        IAccount account = interactiveAuthArguments.getAccount();
        SensitiveString loginHint = interactiveAuthArguments.getLoginHint();
        interactiveMsalAuthWrapper.startInteractiveAuthTelemetry(tokenSpec.getScopeSet());
        interactiveMsalAuthWrapper.logger.info("Executing acquireToken interactively for " + tokenSpec);
        interactiveMsalAuthWrapper.logger.config("Account is " + account + ". Login hint is " + loginHint + '.');
        Logger logger = interactiveMsalAuthWrapper.logger;
        StringBuilder sb = new StringBuilder();
        sb.append("Using custom tabs for interactive auth: ");
        sb.append(booleanValue2);
        sb.append('.');
        logger.info(sb.toString());
        IntuneAcquireTokenParameters.Builder builder = new IntuneAcquireTokenParameters.Builder();
        builder.brokerBrowserSupportEnabled(booleanValue2);
        builder.startAuthorizationFromActivity(activity);
        list = CollectionsKt___CollectionsKt.toList(tokenSpec.getScopes());
        builder.withScopes(list);
        builder.withPrompt(Prompt.SELECT_ACCOUNT);
        builder.withCallback(acquireAadTokenInteractiveSpec.getCallback());
        if (booleanValue) {
            interactiveMsalAuthWrapper.logger.info("Derived creds policy is present. Adding the is_remote_login_allowed key to the authorization query.");
            listOf = CollectionsKt__CollectionsJVMKt.listOf(IS_REMOTE_LOGIN_ALLOWED_QUERY_STRING_PARAMETER);
            builder.withAuthorizationQueryStringParameters(listOf);
        }
        if (acquireAadTokenInteractiveSpec.getInteractiveAuthArguments().getIncludeDeviceIdClaim()) {
            interactiveMsalAuthWrapper.logger.info("Adding deviceID claims request to token parameters.");
            ClaimsRequest claimsRequest = new ClaimsRequest();
            RequestedClaimAdditionalInformation requestedClaimAdditionalInformation = new RequestedClaimAdditionalInformation();
            requestedClaimAdditionalInformation.setEssential(Boolean.TRUE);
            Unit unit = Unit.INSTANCE;
            claimsRequest.requestClaimInAccessToken(DEVICE_ID_CLAIM_KEY, requestedClaimAdditionalInformation);
            builder.withClaims(claimsRequest);
        } else {
            interactiveMsalAuthWrapper.logger.info("Not adding deviceId claims to interactive auth request.");
        }
        if (account != null) {
            interactiveMsalAuthWrapper.logger.info("Adding account to token parameters.");
            builder.forAccount(account);
        } else {
            isBlank = StringsKt__StringsJVMKt.isBlank(loginHint.getValue());
            if (!(!isBlank) || booleanValue) {
                Logger logger2 = interactiveMsalAuthWrapper.logger;
                StringBuilder sb2 = new StringBuilder();
                sb2.append("Not adding login hint to token parameters. Is login hint blank: ");
                isBlank2 = StringsKt__StringsJVMKt.isBlank(loginHint.getValue());
                sb2.append(isBlank2);
                sb2.append(". Has derived credentials policy: ");
                sb2.append(booleanValue);
                sb2.append('.');
                logger2.info(sb2.toString());
            } else {
                interactiveMsalAuthWrapper.logger.info("Adding login hint to token parameters.");
                builder.withLoginHint(loginHint.getValue());
            }
        }
        iMultipleAccountPublicClientApplication.acquireToken(builder.build());
    }

    @Override // com.microsoft.intune.authentication.authcomponent.implementation.IInteractiveMsalAuthWrapper
    public void acquireToken(@NotNull final AcquireAadTokenInteractiveSpec acquireToken) {
        Intrinsics.checkNotNullParameter(acquireToken, "");
        Single.zip(this.msalFactory.getPublicClientApplication(), this.hasDerivedCredentialPolicyUseCase.hasDerivedCredentialPolicy(), this.isBrokerCustomTabsEnabledUseCase.isEnabled(), new Function3() { // from class: com.microsoft.intune.authentication.authcomponent.implementation.InteractiveMsalAuthWrapper$$ExternalSyntheticLambda0
            @Override // io.reactivex.rxjava3.functions.Function3
            public final Object apply(Object obj, Object obj2, Object obj3) {
                Triple m449acquireToken$lambda0;
                m449acquireToken$lambda0 = InteractiveMsalAuthWrapper.m449acquireToken$lambda0((IMultipleAccountPublicClientApplication) obj, (Boolean) obj2, (Boolean) obj3);
                return m449acquireToken$lambda0;
            }
        }).subscribeOn(Schedulers.io()).observeOn(AndroidSchedulers.mainThread()).subscribe(new Consumer() { // from class: com.microsoft.intune.authentication.authcomponent.implementation.InteractiveMsalAuthWrapper$$ExternalSyntheticLambda1
            @Override // io.reactivex.rxjava3.functions.Consumer
            public final void accept(Object obj) {
                InteractiveMsalAuthWrapper.m450acquireToken$lambda4(InteractiveMsalAuthWrapper.this, acquireToken, (Triple) obj);
            }
        });
    }

    protected final void startInteractiveAuthTelemetry(@NotNull AadScopeSet scopeSet) {
        Parcelable parcelable;
        Intrinsics.checkNotNullParameter(scopeSet, "");
        if (scopeSet instanceof AadScopeSet.AadGraph) {
            parcelable = AuthWorkflowStep.AcquireAadGraphTokenInteractive.INSTANCE;
        } else if (scopeSet instanceof AadScopeSet.MsGraph) {
            parcelable = AuthWorkflowStep.AcquireMsGraphTokenInteractive.INSTANCE;
        } else if (scopeSet instanceof AadScopeSet.Intune) {
            parcelable = AuthWorkflowStep.AcquireIntuneAadTokenInteractive.INSTANCE;
        } else if (scopeSet instanceof AadScopeSet.WorkplaceJoin) {
            parcelable = AuthWorkflowStep.AcquireWpjAadTokenInteractive.INSTANCE;
        } else if (scopeSet instanceof AadScopeSet.IntuneEnrollment) {
            parcelable = AuthWorkflowStep.AcquireIntuneAadEnrollmentTokenInteractive.INSTANCE;
        } else {
            if (!(scopeSet instanceof AadScopeSet.OfficeCloudPolicyService)) {
                throw new NoWhenBranchMatchedException();
            }
            parcelable = AuthWorkflowStep.AcquireOfficeCloudPolicyServiceTokenSilent.INSTANCE;
        }
        this.authTelemetry.getAuthWorkflow().transition(parcelable);
    }
}
