package com.microsoft.office.outlook.tokenrefresh;

import android.content.Context;
import android.os.IBinder;
import android.os.RemoteException;
import android.text.TextUtils;
import c70.ik;
import com.acompli.accore.model.ACMailAccount;
import com.acompli.accore.util.d;
import com.acompli.accore.util.x0;
import com.microsoft.aad.adal.ADALAuthenticationContext;
import com.microsoft.office.outlook.auth.AuthenticationType;
import com.microsoft.office.outlook.logger.Logger;
import com.microsoft.office.outlook.logger.Loggers;
import com.microsoft.office.outlook.olmcore.managers.accounts.OMAccountManager;
import com.microsoft.office.outlook.olmcore.managers.telemetry.AnalyticsSender;
import com.microsoft.office.outlook.olmcore.model.interfaces.accounts.OMAccount;
import com.microsoft.tokenshare.AccountInfo;
import com.microsoft.tokenshare.RefreshToken;
import com.microsoft.tokenshare.f;
import java.util.Date;
import java.util.Iterator;
import java.util.List;
import java.util.Vector;

/* loaded from: classes7.dex */
public class SsoTokenProvider implements f {
    private static final Logger LOG = Loggers.getInstance().getAccountLogger().withTag("SsoTokenProvider");
    private final OMAccountManager mAccountManager;
    private final AnalyticsSender mAnalyticsSender;
    private final Context mContext;
    private final f mOneAuthTokenProvider;

    public SsoTokenProvider(Context context, OMAccountManager oMAccountManager, AnalyticsSender analyticsSender, f fVar) {
        this.mContext = context;
        this.mAccountManager = oMAccountManager;
        this.mAnalyticsSender = analyticsSender;
        this.mOneAuthTokenProvider = fVar;
    }

    private AccountInfo.AccountType getAccountType(OMAccount oMAccount) {
        return isOrgIdAccount(oMAccount) ? AccountInfo.AccountType.ORGID : isMsaAccount(oMAccount) ? AccountInfo.AccountType.MSA : AccountInfo.AccountType.OTHER;
    }

    private boolean isMsaAccount(OMAccount oMAccount) {
        return oMAccount.getAuthenticationType() == AuthenticationType.OutlookMSA;
    }

    private boolean isOrgIdAccount(OMAccount oMAccount) {
        AuthenticationType authenticationType = oMAccount.getAuthenticationType();
        return authenticationType == AuthenticationType.Office365 || authenticationType == AuthenticationType.Exchange_MOPCC || authenticationType == AuthenticationType.OneDriveForBusiness;
    }

    private boolean isSameAccount(OMAccount oMAccount, AccountInfo accountInfo) {
        if (getAccountType(oMAccount) != accountInfo.getAccountType()) {
            return false;
        }
        return oMAccount.getPrimaryEmail().equalsIgnoreCase(accountInfo.getPrimaryEmail());
    }

    @Override // android.os.IInterface
    public IBinder asBinder() {
        return null;
    }

    @Override // com.microsoft.tokenshare.f
    public List<AccountInfo> getAccounts() throws RemoteException {
        List<OMAccount> allAccounts = this.mAccountManager.getAllAccounts();
        Vector vector = new Vector(2);
        LOG.d("All accounts size " + allAccounts.size());
        Iterator<OMAccount> it = allAccounts.iterator();
        boolean z11 = false;
        while (it.hasNext()) {
            ACMailAccount aCMailAccount = (ACMailAccount) it.next();
            AccountInfo.AccountType accountType = getAccountType(aCMailAccount);
            if (aCMailAccount.isOneAuthAccount()) {
                z11 = true;
            } else {
                AccountInfo accountInfo = new AccountInfo(aCMailAccount.getUserID(), aCMailAccount.getPrimaryEmail(), accountType, false, null, new Date(aCMailAccount.getTokenExpiration()));
                if (accountType == AccountInfo.AccountType.MSA || accountType == AccountInfo.AccountType.OTHER || !TextUtils.isEmpty(aCMailAccount.getUserID())) {
                    vector.add(accountInfo);
                }
            }
        }
        f fVar = this.mOneAuthTokenProvider;
        List<AccountInfo> accounts = (fVar == null || !z11) ? null : fVar.getAccounts();
        if (accounts != null) {
            vector.addAll(accounts);
            LOG.d("Shared accounts size from OneAuth " + accounts.size());
        }
        LOG.d("Shared accounts size from SSO " + vector.size());
        return vector;
    }

    @Override // com.microsoft.tokenshare.f
    public String getSharedDeviceId() {
        return null;
    }

    @Override // com.microsoft.tokenshare.f
    public RefreshToken getToken(AccountInfo accountInfo) throws RemoteException {
        f fVar;
        String str;
        f fVar2;
        if (accountInfo.getAccountType() == AccountInfo.AccountType.OTHER) {
            return null;
        }
        List<OMAccount> allAccounts = this.mAccountManager.getAllAccounts();
        String k11 = x0.k(accountInfo.getPrimaryEmail());
        Iterator<OMAccount> it = allAccounts.iterator();
        boolean z11 = false;
        while (it.hasNext()) {
            ACMailAccount aCMailAccount = (ACMailAccount) it.next();
            if (isSameAccount(aCMailAccount, accountInfo)) {
                try {
                    if (aCMailAccount.isOneAuthAccount() && (fVar2 = this.mOneAuthTokenProvider) != null) {
                        RefreshToken token = fVar2.getToken(accountInfo);
                        if (token == null) {
                            LOG.e("Null token from OneAuth for emailHash: " + k11);
                        }
                        LOG.d("Sharing refreshToken from OneAuth for emailHash: " + k11);
                        return token;
                    }
                    if (isOrgIdAccount(aCMailAccount)) {
                        ADALAuthenticationContext aDALAuthenticationContext = new ADALAuthenticationContext(this.mContext, d.x(aCMailAccount), false);
                        aDALAuthenticationContext.setExtendedLifetimeEnabled(true);
                        str = aDALAuthenticationContext.serialize(accountInfo.getAccountId());
                        LOG.d("Sharing refreshToken from app for emailHash: " + k11);
                    } else if (isMsaAccount(aCMailAccount)) {
                        str = aCMailAccount.getRefreshToken();
                        LOG.d("Sharing refreshToken from app for emailHash: " + k11);
                    } else {
                        LOG.e("Token share request for non-ORGID, non-MSA account for emailHash: " + k11);
                        str = null;
                    }
                    this.mAnalyticsSender.sendSSOAction(ik.share, aCMailAccount.getAccountId());
                    Logger logger = LOG;
                    StringBuilder sb2 = new StringBuilder();
                    sb2.append("Refresh token non null? ");
                    sb2.append(str != null);
                    logger.d(sb2.toString());
                    if (str != null) {
                        return new RefreshToken(str, "27922004-5251-4030-b22d-91ecd9a37ea4");
                    }
                    return null;
                } catch (Exception e11) {
                    LOG.e("Token sharing failed for emailHash: " + k11, e11);
                    z11 = true;
                }
            }
        }
        if (z11 || (fVar = this.mOneAuthTokenProvider) == null) {
            return null;
        }
        RefreshToken token2 = fVar.getToken(accountInfo);
        Logger logger2 = LOG;
        StringBuilder sb3 = new StringBuilder();
        sb3.append("Account not found in app, Token fetched from OneAuth for emailHash: ");
        sb3.append(k11);
        sb3.append(" Refresh token non null? ");
        sb3.append(token2 != null);
        logger2.d(sb3.toString());
        return token2;
    }
}
