package com.microsoft.identity.common.internal.ui.webview;

import android.annotation.TargetApi;
import android.app.Activity;
import android.content.ComponentName;
import android.content.Context;
import android.content.Intent;
import android.net.Uri;
import android.os.Handler;
import android.text.TextUtils;
import android.webkit.ClientCertRequest;
import android.webkit.WebResourceRequest;
import android.webkit.WebView;
import androidx.annotation.NonNull;
import androidx.annotation.RequiresApi;
import com.mcafee.sdk.wp.core.urldetection.browser.Browser;
import com.microsoft.identity.common.R;
import com.microsoft.identity.common.adal.internal.AuthenticationConstants;
import com.microsoft.identity.common.adal.internal.util.StringExtensions;
import com.microsoft.identity.common.exception.ClientException;
import com.microsoft.identity.common.exception.ErrorStrings;
import com.microsoft.identity.common.internal.broker.PackageHelper;
import com.microsoft.identity.common.internal.logging.Logger;
import com.microsoft.identity.common.internal.ui.webview.challengehandlers.ClientCertAuthChallengeHandler;
import com.microsoft.identity.common.internal.ui.webview.challengehandlers.IAuthorizationCompletionCallback;
import com.microsoft.identity.common.internal.ui.webview.challengehandlers.PKeyAuthChallengeFactory;
import com.microsoft.identity.common.internal.ui.webview.challengehandlers.PKeyAuthChallengeHandler;
import com.microsoft.identity.common.internal.util.StringUtil;
import java.net.URISyntaxException;
import java.util.HashMap;
import java.util.Locale;

/* loaded from: classes12.dex */
public class AzureActiveDirectoryWebViewClient extends OAuth2WebViewClient {
    public static final String ERROR = "error";
    public static final String ERROR_DESCRIPTION = "error_description";
    public static final String ERROR_SUBCODE = "error_subcode";

    /* renamed from: e, reason: collision with root package name */
    private static final String f82507e = "AzureActiveDirectoryWebViewClient";

    /* renamed from: d, reason: collision with root package name */
    private final String f82508d;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes12.dex */
    public class a implements Runnable {

        /* renamed from: a, reason: collision with root package name */
        final /* synthetic */ String f82509a;

        /* renamed from: b, reason: collision with root package name */
        final /* synthetic */ WebView f82510b;

        a(String str, WebView webView) {
            this.f82509a = str;
            this.f82510b = webView;
        }

        @Override // java.lang.Runnable
        public void run() {
            AzureActiveDirectoryWebViewClient.this.getActivity().startActivity(new Intent("android.intent.action.VIEW", Uri.parse(this.f82509a.replace(AuthenticationConstants.Broker.BROWSER_EXT_PREFIX, AuthenticationConstants.Broker.REDIRECT_SSL_PREFIX))));
            this.f82510b.stopLoading();
        }
    }

    public AzureActiveDirectoryWebViewClient(@NonNull Activity activity, @NonNull IAuthorizationCompletionCallback iAuthorizationCompletionCallback, @NonNull String str) {
        super(activity, iAuthorizationCompletionCallback);
        getActivity().setContentView(R.layout.common_activity_authentication);
        this.f82508d = str;
    }

    private boolean c(WebView webView, String str) {
        String lowerCase = str.toLowerCase(Locale.US);
        if (f(lowerCase)) {
            Logger.info(f82507e, "WebView detected request for pkeyauth challenge.");
            try {
                new PKeyAuthChallengeHandler(webView, b()).processChallenge(new PKeyAuthChallengeFactory().getPKeyAuthChallenge(str));
                return true;
            } catch (ClientException e6) {
                String str2 = f82507e;
                Logger.error(str2, e6.getErrorCode(), null);
                Logger.errorPII(str2, e6.getMessage(), e6);
                m(e6.getErrorCode(), e6.getMessage());
                webView.stopLoading();
                return true;
            }
        }
        if (g(lowerCase)) {
            Logger.info(f82507e, "Navigation starts with the redirect uri.");
            return processRedirectUrl(webView, str);
        }
        if (h(lowerCase)) {
            Logger.info(f82507e, "It is an external website request");
            return l(webView, str);
        }
        if (e(lowerCase)) {
            Logger.info(f82507e, "It is an install request");
            return j(webView, str);
        }
        Logger.info(f82507e, "It is an invalid redirect uri.");
        return k(webView, str);
    }

    private boolean d(Intent intent) {
        return (intent == null || StringExtensions.isNullOrBlank(intent.getStringExtra(AuthenticationConstants.Broker.BROKER_REQUEST))) ? false : true;
    }

    private boolean e(@NonNull String str) {
        return str.startsWith(AuthenticationConstants.Broker.BROWSER_EXT_INSTALL_PREFIX);
    }

    private boolean f(@NonNull String str) {
        return str.startsWith(AuthenticationConstants.Broker.PKEYAUTH_REDIRECT.toLowerCase());
    }

    private boolean g(@NonNull String str) {
        return str.startsWith(this.f82508d.toLowerCase(Locale.US));
    }

    private boolean h(@NonNull String str) {
        return str.startsWith(AuthenticationConstants.Broker.BROWSER_EXT_PREFIX);
    }

    private void i(String str) {
        StringBuilder sb = new StringBuilder();
        String str2 = f82507e;
        sb.append(str2);
        sb.append("#openLinkInBrowser");
        Logger.info(sb.toString(), "Try to open url link in browser");
        Intent intent = new Intent("android.intent.action.VIEW", Uri.parse(str.replace(AuthenticationConstants.Broker.BROWSER_EXT_PREFIX, AuthenticationConstants.Broker.REDIRECT_SSL_PREFIX)));
        if (intent.resolveActivity(getActivity().getPackageManager()) != null) {
            getActivity().startActivity(intent);
            return;
        }
        Logger.warn(str2 + "#openLinkInBrowser", "Unable to find an app to resolve the activity.");
    }

    private boolean j(@NonNull WebView webView, @NonNull String str) {
        Intent intent = new Intent();
        HashMap<String, String> urlParameters = StringExtensions.getUrlParameters(str);
        String str2 = urlParameters.get(AuthenticationConstants.Broker.INSTALL_URL_KEY);
        String str3 = urlParameters.get("username");
        if (!TextUtils.isEmpty(str2)) {
            Logger.info(f82507e, "Return to caller with BROKER_REQUEST_RESUME, and waiting for result.");
            b().onChallengeResponseReceived(AuthenticationConstants.UIResponse.BROKER_REQUEST_RESUME, intent);
            new Handler().postDelayed(new a(str2, webView), 1000L);
            return true;
        }
        Logger.info(f82507e, "Install link is null or empty, Return to caller with BROWSER_CODE_DEVICE_REGISTER");
        intent.putExtra("username", str3);
        b().onChallengeResponseReceived(AuthenticationConstants.UIResponse.BROWSER_CODE_DEVICE_REGISTER, intent);
        webView.stopLoading();
        return true;
    }

    private boolean k(@NonNull WebView webView, @NonNull String str) {
        String str2;
        if (d(getActivity().getIntent()) && str.startsWith(AuthenticationConstants.Broker.REDIRECT_PREFIX)) {
            String str3 = f82507e;
            Logger.error(str3, "The RedirectUri is not as expected.", null);
            Logger.errorPII(str3, String.format("Received %s and expected %s", str, this.f82508d), null);
            m(ErrorStrings.DEVELOPER_REDIRECTURI_INVALID, String.format("The RedirectUri is not as expected. Received %s and expected %s", str, this.f82508d));
            webView.stopLoading();
            return true;
        }
        Locale locale = Locale.US;
        if (str.toLowerCase(locale).equals(Browser.BLANK_TAB_URI)) {
            Logger.verbose(f82507e, "It is an blank page request");
            return true;
        }
        if (str.toLowerCase(locale).startsWith(AuthenticationConstants.Broker.REDIRECT_SSL_PREFIX)) {
            return false;
        }
        try {
            str2 = StringExtensions.removeQueryParameterFromUrl(str);
        } catch (URISyntaxException unused) {
            str2 = "redacted";
        }
        Logger.error(f82507e, "The webView was redirected to an unsafe URL: " + str2, null);
        m(ErrorStrings.WEBVIEW_REDIRECTURL_NOT_SSL_PROTECTED, "The webView was redirected to an unsafe URL.");
        webView.stopLoading();
        return true;
    }

    private boolean l(@NonNull WebView webView, @NonNull String str) {
        PackageHelper packageHelper = new PackageHelper(getActivity().getPackageManager());
        Context applicationContext = getActivity().getApplicationContext();
        if (str.startsWith(AuthenticationConstants.Broker.BROWSER_DEVICE_CA_URL) && packageHelper.isPackageInstalledAndEnabled(applicationContext, "com.microsoft.windowsintune.companyportal") && packageHelper.isPackageInstalledAndEnabled(applicationContext, AuthenticationConstants.Broker.IPPHONE_APP_PACKAGE_NAME) && AuthenticationConstants.Broker.IPPHONE_APP_SIGNATURE.equals(packageHelper.getCurrentSignatureForPackage(AuthenticationConstants.Broker.IPPHONE_APP_PACKAGE_NAME))) {
            StringBuilder sb = new StringBuilder();
            String str2 = f82507e;
            sb.append(str2);
            sb.append("#processWebsiteRequest");
            Logger.info(sb.toString(), "It is a device CA request on IPPhone. Company Portal is installed.");
            try {
                Logger.verbose(str2 + "#processWebsiteRequest", "Sending intent to launch the CompanyPortal.");
                Intent intent = new Intent();
                intent.setComponent(new ComponentName("com.microsoft.windowsintune.companyportal", AuthenticationConstants.Broker.COMPANY_PORTAL_APP_LAUNCH_ACTIVITY_NAME));
                intent.addFlags(268468224);
                getActivity().startActivity(intent);
            } catch (SecurityException unused) {
                Logger.warn(f82507e + "#processWebsiteRequest", "Failed to launch Company Portal, falling back to browser.");
                i(str);
            }
        } else {
            i(str);
        }
        webView.stopLoading();
        b().onChallengeResponseReceived(AuthenticationConstants.UIResponse.BROWSER_CODE_CANCEL, new Intent());
        return true;
    }

    private void m(String str, String str2) {
        Intent intent = new Intent();
        intent.putExtra(AuthenticationConstants.Browser.RESPONSE_ERROR_CODE, str);
        intent.putExtra(AuthenticationConstants.Browser.RESPONSE_ERROR_MESSAGE, str2);
        b().onChallengeResponseReceived(AuthenticationConstants.UIResponse.BROWSER_CODE_ERROR, intent);
    }

    @Override // android.webkit.WebViewClient
    @TargetApi(21)
    public void onReceivedClientCertRequest(WebView webView, ClientCertRequest clientCertRequest) {
        new ClientCertAuthChallengeHandler(getActivity()).processChallenge(clientCertRequest);
    }

    protected boolean processRedirectUrl(@NonNull WebView webView, @NonNull String str) {
        HashMap<String, String> urlParameters = StringExtensions.getUrlParameters(str);
        if (StringExtensions.isNullOrBlank(urlParameters.get("error"))) {
            Logger.info(f82507e, "It is pointing to redirect. Final url can be processed to get the code or error.");
            Intent intent = new Intent();
            intent.putExtra("com.microsoft.identity.client.final.url", str);
            b().onChallengeResponseReceived(AuthenticationConstants.UIResponse.BROWSER_CODE_COMPLETE, intent);
            webView.stopLoading();
            return true;
        }
        Logger.info(f82507e, "Sending intent to cancel authentication activity");
        Intent intent2 = new Intent();
        intent2.putExtra(AuthenticationConstants.Browser.RESPONSE_ERROR_CODE, urlParameters.get("error"));
        intent2.putExtra(AuthenticationConstants.Browser.RESPONSE_ERROR_SUBCODE, urlParameters.get(ERROR_SUBCODE));
        if (StringUtil.isEmpty(urlParameters.get("error_description"))) {
            intent2.putExtra(AuthenticationConstants.Browser.RESPONSE_ERROR_MESSAGE, urlParameters.get(ERROR_SUBCODE));
        } else {
            intent2.putExtra(AuthenticationConstants.Browser.RESPONSE_ERROR_MESSAGE, urlParameters.get("error_description"));
        }
        if (StringUtil.isEmpty(urlParameters.get(ERROR_SUBCODE)) || !urlParameters.get(ERROR_SUBCODE).equalsIgnoreCase(AuthenticationConstants.Browser.SUB_ERROR_UI_CANCEL)) {
            b().onChallengeResponseReceived(AuthenticationConstants.UIResponse.BROWSER_CODE_ERROR, intent2);
        } else {
            b().onChallengeResponseReceived(AuthenticationConstants.UIResponse.BROWSER_CODE_CANCEL, intent2);
        }
        webView.stopLoading();
        return true;
    }

    @Override // android.webkit.WebViewClient
    @RequiresApi(24)
    @TargetApi(24)
    public boolean shouldOverrideUrlLoading(WebView webView, WebResourceRequest webResourceRequest) {
        return c(webView, webResourceRequest.getUrl().toString());
    }

    @Override // android.webkit.WebViewClient
    public boolean shouldOverrideUrlLoading(WebView webView, String str) {
        if (StringUtil.isEmpty(str)) {
            throw new IllegalArgumentException("Redirect to empty url in web view.");
        }
        return c(webView, str);
    }
}
