package com.microsoft.aad.adal.unity;

import android.accounts.Account;
import android.accounts.AccountAuthenticatorResponse;
import android.accounts.AccountManager;
import android.annotation.SuppressLint;
import android.annotation.TargetApi;
import android.app.Activity;
import android.content.Intent;
import android.os.AsyncTask;
import android.os.Build;
import android.os.Bundle;
import android.security.KeyChain;
import android.security.KeyChainAliasCallback;
import android.security.KeyChainException;
import android.text.TextUtils;
import android.util.Log;
import android.view.MotionEvent;
import android.view.View;
import android.webkit.ClientCertRequest;
import android.webkit.CookieManager;
import android.webkit.CookieSyncManager;
import android.webkit.WebView;
import android.widget.ProgressBar;
import com.microsoft.aad.adal.unity.AuthenticationConstants;
import com.microsoft.aad.adal.unity.AuthenticationResult;
import com.microsoft.aad.adal.unity.BrokerClient;
import com.microsoft.omadm.apppolicy.DatabaseAppPolicy;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.security.DigestException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.Principal;
import java.security.PrivateKey;
import java.security.UnrecoverableEntryException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.security.spec.InvalidKeySpecException;
import java.util.HashMap;
import java.util.Map;
import javax.crypto.BadPaddingException;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;

@SuppressLint({"SetJavaScriptEnabled", "ClickableViewAccessibility"})
/* loaded from: classes.dex */
public class AccountActivity extends Activity {
    public static final String ACCOUNT_INTERACTION_HEADER_REQUIRED = "account.interaction.header.required";
    static final int BACK_PRESSED_CANCEL_DIALOG_STEPS = -2;
    public static final String BRKRVER_QUERY_PARAM = "&brkr=1";
    public static final String BROKER_REDIRECT_URI = "urn:ietf:wg:oauth:2.0:oob";
    public static final String GLOBAL_ADRS_SERVICE_ID = "01cb2876-7ebd-4aa4-9cc9-d28bd4d359a9";
    public static final String RESOLVE_INTERRUPTION_SPINNER_EXTRA_QUERY_PARAM = "add_account=noheadsup";
    private static final String TAG = "AccountActivity";
    private BrokerRequest mAuthRequest;
    private String mCallingPackage;
    private int mCallingUID;
    private BrokerRequest mOriginalRequest;
    private String mRedirectUrl;
    private String mStartUrl;
    private int mWaitingRequestId;
    private WebView mWebView;
    private AccountAuthenticatorResponse mAccountAuthenticatorResponse = null;
    private Bundle mAuthenticatorResultBundle = null;
    private IWebRequestHandler mWebRequestHandler = new WebRequestHandler();
    private IJWSBuilder mJWSBuilder = new JWSBuilder();
    private boolean mPkeyAuthRedirect = false;
    private AuthorizationRequestStatus mAuthorizeRequestStatus = AuthorizationRequestStatus.REGULAR_REQUEST;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes.dex */
    public enum AuthorizationRequestStatus {
        REGULAR_REQUEST,
        RESOLVE_INTERRUPTION,
        RESOLVE_INTERRUPTION_SECOND_REQUEST
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes.dex */
    public class CustomWebViewClient extends BasicWebViewClient {
        public CustomWebViewClient() {
            super(AccountActivity.this, AccountActivity.this.mRedirectUrl, AccountActivity.this.mAuthRequest);
        }

        @Override // com.microsoft.aad.adal.unity.BasicWebViewClient
        public void cancelWebViewRequest() {
            AccountActivity.this.cancelRequest();
        }

        @Override // android.webkit.WebViewClient
        @TargetApi(21)
        public void onReceivedClientCertRequest(WebView webView, final ClientCertRequest clientCertRequest) {
            Logger.v("AccountActivity:onReceivedClientCertRequest", "Webview receives client TLS request.");
            Principal[] principals = clientCertRequest.getPrincipals();
            if (principals != null) {
                for (Principal principal : principals) {
                    if (principal.getName().contains("CN=MS-Organization-Access")) {
                        Logger.v("AccountActivity:onReceivedClientCertRequest", "Cancelling the TLS request, not respond to TLS challenge triggered by device authentication.");
                        clientCertRequest.cancel();
                        return;
                    }
                }
            }
            KeyChain.choosePrivateKeyAlias(AccountActivity.this, new KeyChainAliasCallback() { // from class: com.microsoft.aad.adal.unity.AccountActivity.CustomWebViewClient.1
                @Override // android.security.KeyChainAliasCallback
                public void alias(String str) {
                    if (str == null) {
                        Logger.v("AccountActivity:onReceivedClientCertRequest", "No certificate chosen by user, cancelling the TLS request.");
                        clientCertRequest.cancel();
                        return;
                    }
                    try {
                        X509Certificate[] certificateChain = KeyChain.getCertificateChain(AccountActivity.this.getApplicationContext(), str);
                        PrivateKey privateKey = KeyChain.getPrivateKey(CustomWebViewClient.this.mCallingContext, str);
                        Logger.v("AccountActivity:onReceivedClientCertRequest", "Certificate is chosen by user, proceed with TLS request.");
                        clientCertRequest.proceed(privateKey, certificateChain);
                    } catch (KeyChainException e) {
                        Log.e(AccountActivity.TAG, "KeyChain exception", e);
                        clientCertRequest.cancel();
                    } catch (InterruptedException e2) {
                        Log.e(AccountActivity.TAG, "InterruptedException exception", e2);
                        clientCertRequest.cancel();
                    }
                }
            }, clientCertRequest.getKeyTypes(), clientCertRequest.getPrincipals(), clientCertRequest.getHost(), clientCertRequest.getPort(), null);
        }

        @Override // com.microsoft.aad.adal.unity.BasicWebViewClient
        public void pageFinishedProcessing(WebView webView, String str) {
            if (hasCancelError(str)) {
                Logger.i(AccountActivity.TAG, "Sending intent to cancel authentication activity.", "Url:" + str);
                webView.stopLoading();
                cancelWebViewRequest();
            }
        }

        @Override // com.microsoft.aad.adal.unity.BasicWebViewClient
        public void postRunnable(Runnable runnable) {
            AccountActivity.this.mWebView.post(runnable);
        }

        @Override // com.microsoft.aad.adal.unity.BasicWebViewClient
        public boolean processInvalidUrl(WebView webView, String str) {
            if (!str.startsWith("msauth")) {
                return false;
            }
            AccountActivity.this.returnError(ADALError.DEVELOPER_REDIRECTURI_INVALID, String.format("The RedirectUri is not as expected. Received %s and expected %s", str, AccountActivity.this.mRedirectUrl));
            webView.stopLoading();
            return true;
        }

        @Override // com.microsoft.aad.adal.unity.BasicWebViewClient
        public void processRedirectUrl(WebView webView, String str) {
            Logger.i(AccountActivity.TAG, "It is a broker request", "");
            AccountActivity.this.displaySpinner(true);
            webView.stopLoading();
            switch (AccountActivity.this.mAuthorizeRequestStatus) {
                case RESOLVE_INTERRUPTION:
                    Logger.v(AccountActivity.TAG, "Resolving interruption for redeeming PRT.");
                    this.mRedirect = "urn:ietf:wg:oauth:2.0:oob";
                    AccountActivity.this.updateRequestForResolvingInterruption();
                    try {
                        AccountActivity.this.loadRequestWithWebview(AccountActivity.this.createAuthorizationRequestUrl(AccountActivity.this.mAuthRequest), null);
                        AccountActivity.this.mAuthorizeRequestStatus = AuthorizationRequestStatus.RESOLVE_INTERRUPTION_SECOND_REQUEST;
                        return;
                    } catch (UnsupportedEncodingException e) {
                        Logger.i(AccountActivity.TAG, "Fail to create authorization request url", e.getMessage());
                        AccountActivity.this.sendErrorForFailingToCreateAuthorizeRequestUrl();
                        return;
                    }
                case RESOLVE_INTERRUPTION_SECOND_REQUEST:
                case REGULAR_REQUEST:
                    new TokenTask(AccountActivity.this.mWebRequestHandler, AccountActivity.this.mAuthRequest, AccountActivity.this.mCallingPackage, AccountActivity.this.mCallingUID).execute(str);
                    return;
                default:
                    throw new IllegalStateException("Unknown authorize request.");
            }
        }

        @Override // com.microsoft.aad.adal.unity.BasicWebViewClient
        public void sendResponse(int i, Intent intent) {
            AccountActivity.this.returnToCaller(i, intent);
        }

        @Override // com.microsoft.aad.adal.unity.BasicWebViewClient
        public void setPKeyAuthStatus(boolean z) {
            AccountActivity.this.mPkeyAuthRedirect = z;
        }

        @Override // com.microsoft.aad.adal.unity.BasicWebViewClient
        public void showSpinner(boolean z) {
            AccountActivity.this.displaySpinner(z);
        }
    }

    /* loaded from: classes.dex */
    class TokenTask extends AsyncTask<String, String, TokenTaskResult> {
        AccountManager mAccountManager;
        int mAppCallingUID;
        String mPackageName;
        BrokerRequest mRequest;
        IWebRequestHandler mRequestHandler;

        public TokenTask() {
        }

        public TokenTask(IWebRequestHandler iWebRequestHandler, BrokerRequest brokerRequest, String str, int i) {
            this.mRequestHandler = iWebRequestHandler;
            this.mRequest = brokerRequest;
            this.mPackageName = str;
            this.mAppCallingUID = i;
            this.mAccountManager = AccountManager.get(AccountActivity.this);
        }

        private void appendAppUIDToAccount(StorageHelper storageHelper, Account account) throws InvalidKeyException, NoSuchAlgorithmException, InvalidKeySpecException, InvalidAlgorithmParameterException, IllegalBlockSizeException, BadPaddingException, NoSuchPaddingException, IOException, KeyStoreException, CertificateException, NoSuchProviderException, UnrecoverableEntryException, DigestException {
            String str;
            String userData = this.mAccountManager.getUserData(account, "account.uid.caches");
            if (userData == null) {
                str = "";
            } else {
                try {
                    str = storageHelper.decrypt(userData);
                } catch (Exception e) {
                    Logger.e(AccountActivity.TAG, "appUIDList failed to decrypt", "appIdList:" + userData, ADALError.ENCRYPTION_FAILED, e);
                    str = "";
                    Logger.i(AccountActivity.TAG, "Reset the appUIDlist", "");
                }
            }
            Logger.i(AccountActivity.TAG, "Add calling UID:" + this.mAppCallingUID, "appIdList:" + str);
            if (str.contains("calling.uid.key" + this.mAppCallingUID)) {
                return;
            }
            Logger.i(AccountActivity.TAG, "Account has new calling UID.", "Calling UID: " + this.mAppCallingUID);
            this.mAccountManager.setUserData(account, "account.uid.caches", storageHelper.encrypt(str + "calling.uid.key" + this.mAppCallingUID));
        }

        private Account getAccount(String str) {
            Account[] accountsByType = this.mAccountManager.getAccountsByType("com.microsoft.workaccount");
            if (accountsByType == null) {
                return null;
            }
            for (Account account : accountsByType) {
                if (account.name.equalsIgnoreCase(str)) {
                    return account;
                }
            }
            return null;
        }

        private void setAccount(TokenTaskResult tokenTaskResult) throws InvalidKeyException, InvalidKeySpecException, InvalidAlgorithmParameterException, IllegalBlockSizeException, BadPaddingException, IOException {
            try {
                AuthenticationResult authenticationResult = tokenTaskResult.taskResult;
                UserInfo userInfo = authenticationResult.getUserInfo();
                String displayableId = userInfo.getDisplayableId();
                Account account = getAccount(displayableId);
                if (account == null) {
                    Logger.i(AccountActivity.TAG, "", "Add new account explicitly for " + displayableId);
                    account = new Account(displayableId, "com.microsoft.workaccount");
                    this.mAccountManager.addAccountExplicitly(account, null, null);
                } else {
                    Logger.i(AccountActivity.TAG, "", "Account already exists for " + displayableId);
                }
                Account account2 = account;
                if (userInfo != null && !StringExtensions.IsNullOrBlank(userInfo.getUserId())) {
                    if (StringExtensions.IsNullOrBlank(this.mAccountManager.getUserData(account2, "account.userinfo.userid")) || userInfo.getUserId().equals(this.mAccountManager.getUserData(account2, "account.userinfo.userid"))) {
                        Logger.i(AccountActivity.TAG, "Saving userinfo to account", "");
                        this.mAccountManager.setUserData(account2, "account.userinfo.userid", userInfo.getUserId());
                        this.mAccountManager.setUserData(account2, AuthenticationConstants.Broker.ACCOUNT_USERINFO_USERID_LIST, userInfo.getUserId() + "$");
                        this.mAccountManager.setUserData(account2, "account.userinfo.given.name", userInfo.getGivenName());
                        this.mAccountManager.setUserData(account2, "account.userinfo.family.name", userInfo.getFamilyName());
                        this.mAccountManager.setUserData(account2, "account.userinfo.identity.provider", userInfo.getIdentityProvider());
                        this.mAccountManager.setUserData(account2, "account.userinfo.userid.displayable", userInfo.getDisplayableId());
                    } else {
                        this.mAccountManager.setUserData(account2, AuthenticationConstants.Broker.ACCOUNT_USERINFO_USERID_LIST, this.mAccountManager.getUserData(account2, AuthenticationConstants.Broker.ACCOUNT_USERINFO_USERID_LIST) + userInfo.getUserId() + "$");
                    }
                    tokenTaskResult.accountName = displayableId;
                    Logger.i(AccountActivity.TAG, "", "Setting account. Account name: " + displayableId + " package:" + AccountActivity.this.mCallingPackage + " calling app UID:" + this.mAppCallingUID);
                    Logger.i(AccountActivity.TAG, "", "app context:" + AccountActivity.this.getApplicationContext().getPackageName() + " context:" + AccountActivity.this.getPackageName() + " calling packagename:" + AccountActivity.this.getCallingPackage());
                    StorageHelper storageHelper = new StorageHelper(AccountActivity.this.getApplicationContext());
                    if (AuthenticationSettings.INSTANCE.getSecretKeys() != null || AuthenticationSettings.INSTANCE.getSecretKeys().isEmpty()) {
                        Logger.i("AccountActivity:setAccount", "User provided key is null or empty", "");
                    }
                    Logger.i(AccountActivity.TAG, "", "Set calling uid:" + this.mAppCallingUID);
                    appendAppUIDToAccount(storageHelper, account2);
                }
                Logger.i(AccountActivity.TAG, "Set userinfo from account", "");
                authenticationResult.setUserInfo(new UserInfo(displayableId, displayableId, "", "", displayableId));
                this.mRequest.setLoginHint(displayableId);
                tokenTaskResult.accountName = displayableId;
                Logger.i(AccountActivity.TAG, "", "Setting account. Account name: " + displayableId + " package:" + AccountActivity.this.mCallingPackage + " calling app UID:" + this.mAppCallingUID);
                Logger.i(AccountActivity.TAG, "", "app context:" + AccountActivity.this.getApplicationContext().getPackageName() + " context:" + AccountActivity.this.getPackageName() + " calling packagename:" + AccountActivity.this.getCallingPackage());
                StorageHelper storageHelper2 = new StorageHelper(AccountActivity.this.getApplicationContext());
                if (AuthenticationSettings.INSTANCE.getSecretKeys() != null) {
                }
                Logger.i("AccountActivity:setAccount", "User provided key is null or empty", "");
                Logger.i(AccountActivity.TAG, "", "Set calling uid:" + this.mAppCallingUID);
                appendAppUIDToAccount(storageHelper2, account2);
            } catch (DigestException e) {
                Logger.e(AccountActivity.TAG, "Digest is not valid", "", ADALError.DEVICE_CACHE_IS_NOT_WORKING, e);
                tokenTaskResult.taskException = e;
            } catch (KeyStoreException e2) {
                Logger.e(AccountActivity.TAG, "Key store type is not supported", "", ADALError.DEVICE_CACHE_IS_NOT_WORKING, e2);
                tokenTaskResult.taskException = e2;
            } catch (NoSuchAlgorithmException e3) {
                Logger.e(AccountActivity.TAG, "Algorithm does not exist in the device", "", ADALError.DEVICE_CACHE_IS_NOT_WORKING, e3);
                tokenTaskResult.taskException = e3;
            } catch (NoSuchProviderException e4) {
                Logger.e(AccountActivity.TAG, "Requested security provider does not exists in the device", "", ADALError.DEVICE_CACHE_IS_NOT_WORKING, e4);
                tokenTaskResult.taskException = e4;
            } catch (UnrecoverableEntryException e5) {
                Logger.e(AccountActivity.TAG, "Key entry is not recoverable", "", ADALError.DEVICE_CACHE_IS_NOT_WORKING, e5);
                tokenTaskResult.taskException = e5;
            } catch (CertificateException e6) {
                Logger.e(AccountActivity.TAG, "Certificate exception", "", ADALError.DEVICE_CACHE_IS_NOT_WORKING, e6);
                tokenTaskResult.taskException = e6;
            } catch (NoSuchPaddingException e7) {
                Logger.e(AccountActivity.TAG, "Padding type does not exist in the device", "", ADALError.DEVICE_CACHE_IS_NOT_WORKING, e7);
                tokenTaskResult.taskException = e7;
            }
        }

        /* JADX INFO: Access modifiers changed from: protected */
        @Override // android.os.AsyncTask
        public TokenTaskResult doInBackground(String... strArr) {
            TokenTaskResult tokenTaskResult = new TokenTaskResult();
            String str = strArr[0];
            try {
                tokenTaskResult.taskResult = new BrokerClient(AccountActivity.this.getApplicationContext(), this.mRequest, this.mPackageName, this.mRequestHandler, AccountActivity.this.mJWSBuilder).getTokenForCode(str);
                Logger.i(AccountActivity.TAG, "TokenTask processed the result.", this.mRequest.getLogInfo());
            } catch (Exception e) {
                Logger.e(AccountActivity.TAG, "Error in processing code to get a token. ", this.mRequest.getLogInfo() + "\nRequest url:" + str + "\n" + ExceptionExtensions.getExceptionMessage(e), ADALError.AUTHORIZATION_CODE_NOT_EXCHANGED_FOR_TOKEN, e);
                tokenTaskResult.taskException = e;
            }
            if (tokenTaskResult != null && tokenTaskResult.taskResult != null && tokenTaskResult.taskResult.getAccessToken() != null) {
                Logger.i(AccountActivity.TAG, "", "Setting account:" + this.mRequest.getLogInfo());
                try {
                    setAccount(tokenTaskResult);
                } catch (Exception e2) {
                    Logger.e(AccountActivity.TAG, "", "Error in setting the account" + this.mRequest.getLogInfo(), ADALError.BROKER_ACCOUNT_SAVE_FAILED, e2);
                    tokenTaskResult.taskException = e2;
                }
            }
            return tokenTaskResult;
        }

        /* JADX INFO: Access modifiers changed from: protected */
        @Override // android.os.AsyncTask
        public void onPostExecute(TokenTaskResult tokenTaskResult) {
            Logger.i(AccountActivity.TAG, "Token task returns the result", "");
            new Intent();
            if (tokenTaskResult.taskException != null && (tokenTaskResult.taskException instanceof AuthenticationException)) {
                AuthenticationException authenticationException = (AuthenticationException) tokenTaskResult.taskException;
                if (authenticationException.getCode().equals(ADALError.BROKER_ACCOUNT_SAVE_FAILED)) {
                    Logger.e(AccountActivity.TAG, "", authenticationException.getMessage(), ADALError.BROKER_ACCOUNT_SAVE_FAILED);
                    AccountActivity.this.returnError(ADALError.BROKER_ACCOUNT_SAVE_FAILED, authenticationException.getMessage());
                    return;
                }
                return;
            }
            if (tokenTaskResult.taskResult == null) {
                Logger.e(AccountActivity.TAG, "", tokenTaskResult.taskException.getMessage(), ADALError.AUTHORIZATION_CODE_NOT_EXCHANGED_FOR_TOKEN);
                AccountActivity.this.returnError(ADALError.AUTHORIZATION_CODE_NOT_EXCHANGED_FOR_TOKEN, tokenTaskResult.taskException.getMessage());
                return;
            }
            AuthenticationResult authenticationResult = tokenTaskResult.taskResult;
            if (authenticationResult.getStatus() != AuthenticationResult.AuthenticationStatus.Succeeded) {
                Logger.e(AccountActivity.TAG, "", authenticationResult.getErrorLogInfo(), ADALError.AUTHORIZATION_CODE_NOT_EXCHANGED_FOR_TOKEN);
                AccountActivity.this.returnError(ADALError.AUTHORIZATION_CODE_NOT_EXCHANGED_FOR_TOKEN, authenticationResult.getErrorLogInfo());
                return;
            }
            Intent createTokenResultIntent = AuthenticationIntent.createTokenResultIntent(authenticationResult, AccountActivity.this.mWaitingRequestId, tokenTaskResult.accountName);
            if (AccountActivity.this.mAuthorizeRequestStatus == AuthorizationRequestStatus.RESOLVE_INTERRUPTION_SECOND_REQUEST) {
                createTokenResultIntent.putExtra("com.microsoft.aad.adal:BrowserRequestInfo", AccountActivity.this.mOriginalRequest);
            }
            Logger.v(AccountActivity.TAG, "Return token broker response");
            AccountActivity.this.returnResult(2004, createTokenResultIntent);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void cancelRequest() {
        Logger.v(TAG, "Sending intent to cancel authentication activity");
        returnToCaller(2001, new Intent());
    }

    /* JADX INFO: Access modifiers changed from: private */
    public String createAuthorizationRequestUrl(BrokerRequest brokerRequest) throws UnsupportedEncodingException {
        BrokerClient brokerClient = new BrokerClient(getApplicationContext(), brokerRequest, this.mCallingPackage);
        brokerClient.setAdalClientVersion(brokerRequest.getVersion());
        return brokerClient.getAddSSOUserRequest() + BRKRVER_QUERY_PARAM;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void displaySpinner(final boolean z) {
        if (isFinishing() || isChangingConfigurations()) {
            return;
        }
        Logger.v(TAG, "displaySpinner:" + z);
        runOnUiThread(new Runnable() { // from class: com.microsoft.aad.adal.unity.AccountActivity.2
            @Override // java.lang.Runnable
            public void run() {
                ProgressBar progressBar = (ProgressBar) AccountActivity.this.findViewById(AccountActivity.this.getResources().getIdentifier("activity_account_progressBar", "id", AccountActivity.this.getPackageName()));
                if (progressBar != null) {
                    progressBar.setVisibility(z ? 0 : 4);
                }
            }
        });
    }

    private BrokerRequest getAuthenticationRequestFromIntent(Intent intent) {
        BrokerRequest create = BrokerRequest.create(intent);
        Logger.v(TAG, "Calling client version:" + create.getVersion());
        return create;
    }

    private String getRefreshTokenCredentialForWebview() {
        AccountManager accountManager = AccountManager.get(getApplicationContext());
        Account[] accountsByType = accountManager.getAccountsByType("com.microsoft.workaccount");
        if (accountsByType == null) {
            return "";
        }
        for (Account account : accountsByType) {
            if (account.name.equalsIgnoreCase(this.mAuthRequest.getBrokerAccountName())) {
                return accountManager.getUserData(account, ACCOUNT_INTERACTION_HEADER_REQUIRED);
            }
        }
        return "";
    }

    private boolean isCallerBrokerInstaller() {
        PackageHelper packageHelper = new PackageHelper(this);
        String callingPackage = getCallingPackage();
        if (!StringExtensions.IsNullOrBlank(callingPackage) && (callingPackage.equals("com.azure.authenticator") || callingPackage.equals(AuthenticationSettings.INSTANCE.getBrokerPackageName()))) {
            Logger.v("AccountActivity:isCallerBrokerInstaller", "Caller package name is the same as the broker app: " + callingPackage + ". Start verifying signature.");
            String currentSignatureForPackage = packageHelper.getCurrentSignatureForPackage(callingPackage);
            if (currentSignatureForPackage.equals("ho040S3ffZkmxqtQrSwpTVOn9r0=") || currentSignatureForPackage.equals(AuthenticationSettings.INSTANCE.getBrokerSignature())) {
                Logger.v("AccountActivity:isCallerBrokerInstaller", "Signature matches the broker app signature. Caller is broker app iteslf.");
                return true;
            }
        }
        Logger.v("AccountActivity:isCallerBrokerInstaller", "Caller is not broker app itself.");
        return false;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void loadRequestWithWebview(final String str, final Map<String, String> map) {
        displaySpinner(true);
        this.mWebView.post(new Runnable() { // from class: com.microsoft.aad.adal.unity.AccountActivity.3
            @Override // java.lang.Runnable
            public void run() {
                AccountActivity.this.mWebView.loadUrl("about:blank");
                AccountActivity.this.mWebView.loadUrl(str, map);
            }
        });
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void returnError(ADALError aDALError, String str) {
        Logger.i(TAG, "Argument error:" + str, "");
        Intent intent = new Intent();
        intent.putExtra("com.microsoft.aad.adal:BrowserErrorCode", aDALError.name());
        intent.putExtra("com.microsoft.aad.adal:BrowserErrorMessage", str);
        if (this.mAuthRequest != null) {
            intent.putExtra("com.microsoft.aad.adal:RequestId", this.mWaitingRequestId);
            intent.putExtra("com.microsoft.aad.adal:BrowserRequestInfo", this.mAuthRequest);
        }
        setResult(2002, intent);
        finish();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void returnResult(int i, Intent intent) {
        setAccountAuthenticatorResult(intent.getExtras());
        setResult(i, intent);
        finish();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void returnToCaller(int i, Intent intent) {
        Logger.v(TAG, "Return To Caller:" + i);
        displaySpinner(false);
        if (intent == null) {
            intent = new Intent();
        }
        if (this.mAuthRequest != null) {
            Logger.v(TAG, "Return To Caller REQUEST_ID:" + this.mAuthRequest.getRequestId());
            intent.putExtra("com.microsoft.aad.adal:RequestId", this.mAuthRequest.getRequestId());
        } else {
            Logger.w(TAG, "Request object is null", "", ADALError.ACTIVITY_REQUEST_INTENT_DATA_IS_NULL);
        }
        setResult(i, intent);
        finish();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void sendErrorForFailingToCreateAuthorizeRequestUrl() {
        Intent intent = new Intent();
        intent.putExtra("com.microsoft.aad.adal:BrowserRequestInfo", this.mAuthRequest);
        returnToCaller(2002, intent);
    }

    private final void setAccountAuthenticatorResult(Bundle bundle) {
        this.mAuthenticatorResultBundle = bundle;
    }

    private void setupWebView(String str, AuthenticationRequest authenticationRequest) {
        this.mWebView.getSettings().setJavaScriptEnabled(true);
        this.mWebView.requestFocus(130);
        this.mWebView.setOnTouchListener(new View.OnTouchListener() { // from class: com.microsoft.aad.adal.unity.AccountActivity.1
            @Override // android.view.View.OnTouchListener
            public boolean onTouch(View view, MotionEvent motionEvent) {
                int action = motionEvent.getAction();
                if ((action != 0 && action != 1) || view.hasFocus()) {
                    return false;
                }
                view.requestFocus();
                return false;
            }
        });
        this.mWebView.getSettings().setLoadWithOverviewMode(true);
        this.mWebView.getSettings().setDomStorageEnabled(true);
        this.mWebView.getSettings().setUseWideViewPort(true);
        this.mWebView.getSettings().setBuiltInZoomControls(true);
        this.mWebView.setWebViewClient(new CustomWebViewClient());
        this.mWebView.setVisibility(4);
        this.mWebView.setBackgroundColor(0);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void updateRequestForResolvingInterruption() {
        this.mAuthRequest.setClientId("29d9ed98-a469-4536-ade2-f981bc1d605e");
        this.mAuthRequest.setResource(GLOBAL_ADRS_SERVICE_ID);
        this.mAuthRequest.setRedirectUri("urn:ietf:wg:oauth:2.0:oob");
        this.mAuthRequest.setExtraQueryParamsAuthentication(RESOLVE_INTERRUPTION_SPINNER_EXTRA_QUERY_PARAM);
    }

    @Override // android.app.Activity
    public void finish() {
        if (this.mAccountAuthenticatorResponse != null) {
            Logger.v(TAG, "It is a broker request");
            if (this.mAuthenticatorResultBundle != null) {
                this.mAccountAuthenticatorResponse.onResult(this.mAuthenticatorResultBundle);
            } else {
                this.mAccountAuthenticatorResponse.onError(4, "canceled");
            }
            this.mAccountAuthenticatorResponse = null;
        }
        super.finish();
    }

    @Override // android.app.Activity
    public void onBackPressed() {
        Logger.v(TAG, "Back button is pressed");
        if (this.mPkeyAuthRedirect || !this.mWebView.canGoBackOrForward(-2)) {
            cancelRequest();
        } else {
            this.mWebView.goBack();
        }
    }

    @Override // android.app.Activity
    @SuppressLint({"SetJavaScriptEnabled"})
    protected void onCreate(Bundle bundle) {
        super.onCreate(bundle);
        setContentView(getResources().getIdentifier("activity_account", "layout", getPackageName()));
        CookieSyncManager.createInstance(getApplicationContext());
        CookieSyncManager.getInstance().sync();
        CookieManager.getInstance().setAcceptCookie(true);
        CookieSyncManager.getInstance().sync();
        this.mAuthRequest = getAuthenticationRequestFromIntent(getIntent());
        if (this.mAuthRequest == null) {
            Logger.d("AccountActivity:onCreate", "Request item is null,returns error back to caller");
            returnToCaller(2002, AuthenticationIntent.createErrorIntent("Invalid request", "Intent does not have request details"));
            return;
        }
        if (this.mAuthRequest.getAuthority() == null || this.mAuthRequest.getAuthority().isEmpty()) {
            returnError(ADALError.ARGUMENT_EXCEPTION, "account.authority");
            return;
        }
        if (this.mAuthRequest.getResource() == null || this.mAuthRequest.getResource().isEmpty()) {
            returnError(ADALError.ARGUMENT_EXCEPTION, "account.resource");
            return;
        }
        if (this.mAuthRequest.getClientId() == null || this.mAuthRequest.getClientId().isEmpty()) {
            returnError(ADALError.ARGUMENT_EXCEPTION, "account.clientid.key");
            return;
        }
        String stringExtra = getIntent().getStringExtra(AuthenticationConstants.Broker.ACCOUNT_ADD_NEW);
        if (PromptBehavior.FORCE_PROMPT == this.mAuthRequest.getPrompt() || !StringExtensions.IsNullOrBlank(stringExtra)) {
            this.mAuthRequest.setPrompt(PromptBehavior.Always);
        } else {
            this.mAuthRequest.setPrompt(PromptBehavior.Auto);
        }
        this.mRedirectUrl = this.mAuthRequest.getRedirectUri();
        Logger.i("AccountActivity:onCreate", "", "Redirect uri is: " + this.mRedirectUrl);
        this.mWebView = (WebView) findViewById(getResources().getIdentifier("activity_account_webView", "id", getPackageName()));
        this.mStartUrl = "about:blank";
        this.mCallingPackage = getIntent().getStringExtra("caller.info.package");
        if (this.mCallingPackage == null) {
            Logger.v("AccountActivity:onCreate", "Calling package is null, startActivityForResult is not used to call this activity");
            returnToCaller(2002, AuthenticationIntent.createErrorIntent("Invalid request", "startActivityForResult is not used to call this activity"));
            return;
        }
        try {
            this.mStartUrl = createAuthorizationRequestUrl(this.mAuthRequest);
            String userAgentString = this.mWebView.getSettings().getUserAgentString();
            this.mWebView.getSettings().setUserAgentString(userAgentString + " PKeyAuth/1.0");
            Logger.v(TAG, "UserAgent:" + this.mWebView.getSettings().getUserAgentString());
            this.mAccountAuthenticatorResponse = (AccountAuthenticatorResponse) getIntent().getParcelableExtra("accountAuthenticatorResponse");
            if (this.mAccountAuthenticatorResponse != null) {
                this.mAccountAuthenticatorResponse.onRequestContinued();
            }
            PackageHelper packageHelper = new PackageHelper(this);
            this.mCallingUID = packageHelper.getUIDForPackage(this.mCallingPackage);
            String currentSignatureForPackage = packageHelper.getCurrentSignatureForPackage(this.mCallingPackage);
            Logger.i("AccountActivity:onCreate", "", "Calling package is: " + this.mCallingPackage + " Signature hash for calling package is: " + currentSignatureForPackage + " Current package context is: " + getPackageName());
            if (this.mAuthRequest.getRequestType() != BrokerClient.AccountRequestType.AddAccountSSOBroker && !isCallerBrokerInstaller()) {
                Logger.v(TAG, "Request type is not AddAccountSSOBroker, and caller is not broker. Redirect uri needs to be verified using special redirectUri");
                this.mRedirectUrl = PackageHelper.getBrokerRedirectUrl(this.mCallingPackage, currentSignatureForPackage);
                Logger.i("AccountActivity:onCreate", "", "Broker redirect url is: " + this.mRedirectUrl);
            }
            Logger.v(TAG, "Device info:" + Build.VERSION.RELEASE + DatabaseAppPolicy.SPACE_ARRAY_SEPARATOR + Build.MANUFACTURER + Build.MODEL);
            setupWebView(this.mRedirectUrl, this.mAuthRequest);
            HashMap hashMap = new HashMap();
            String stringExtra2 = getIntent().getStringExtra(AuthenticationConstants.Broker.ACCOUNT_RESOLVE_INTERRUPT);
            if (!TextUtils.isEmpty(stringExtra2)) {
                hashMap.put(AuthenticationConstants.Broker.PRT_RESPONSE_HEADER, stringExtra2);
                this.mAuthorizeRequestStatus = AuthorizationRequestStatus.RESOLVE_INTERRUPTION;
                this.mOriginalRequest = BrokerRequest.create(this.mAuthRequest, BrokerClient.AccountRequestType.AddAccount);
            }
            Logger.i("AccountActivity:onCreate", "Webview start loading.", "Target url: " + this.mStartUrl);
            if (bundle == null) {
                loadRequestWithWebview(this.mStartUrl, hashMap);
            } else {
                Logger.v(TAG, "Reuse webview");
            }
        } catch (UnsupportedEncodingException e) {
            Log.d(TAG, e.getMessage());
            sendErrorForFailingToCreateAuthorizeRequestUrl();
        }
    }

    @Override // android.app.Activity
    protected void onPause() {
        Logger.v(TAG, "AccountActivity onPause unregister receiver");
        super.onPause();
    }

    @Override // android.app.Activity
    protected void onRestart() {
        Logger.v(TAG, "AccountActivity onRestart");
        super.onRestart();
    }

    @Override // android.app.Activity
    protected void onRestoreInstanceState(Bundle bundle) {
        super.onRestoreInstanceState(bundle);
        this.mWebView.restoreState(bundle);
    }

    @Override // android.app.Activity
    protected void onResume() {
        super.onResume();
        Logger.v(TAG, "onResume");
    }

    @Override // android.app.Activity
    protected void onSaveInstanceState(Bundle bundle) {
        super.onSaveInstanceState(bundle);
        this.mWebView.saveState(bundle);
    }
}
