package com.microsoft.onlineid.internal.sts;

import android.content.Context;
import com.microsoft.onlineid.UserCookie;
import com.microsoft.onlineid.exception.InternalException;
import com.microsoft.onlineid.exception.UserAuthenticationNeededException;
import com.microsoft.onlineid.internal.exception.AccountNotFoundException;
import com.microsoft.onlineid.internal.storage.TypedStorage;
import com.microsoft.onlineid.sts.AuthenticatorUserAccount;
import com.microsoft.onlineid.sts.ClockSkewManager;
import com.microsoft.onlineid.sts.DeviceIdentity;
import com.microsoft.onlineid.sts.ServerConfig;
import com.microsoft.onlineid.sts.request.AbstractSoapRequest;
import java.io.UnsupportedEncodingException;
import java.net.URLEncoder;
import java.util.ArrayList;
import java.util.Date;
import java.util.HashMap;
import java.util.List;

/* loaded from: classes.dex */
public class CookieManager {
    static final String CAWCookieName = "CAW";
    static final String CAWCookiePurposeKey = "purpose";
    static final String CAWCookiePurposeValue = "sso";
    static final String DIDCCookieName = "DIDC";
    private static final String DefaultPath = "/";
    private final ClockSkewManager _clockSkewManager;
    private final TypedStorage _typedStorage;

    public CookieManager(Context context) {
        this._typedStorage = new TypedStorage(context);
        this._clockSkewManager = new ClockSkewManager(context);
    }

    private UserCookie generateCawCookie(String str) throws AccountNotFoundException, UserAuthenticationNeededException, UnsupportedEncodingException {
        AuthenticatorUserAccount readAccount = this._typedStorage.readAccount(str);
        if (readAccount == null) {
            throw new AccountNotFoundException("The account was deleted");
        }
        if (readAccount.getDAToken() == null || readAccount.getDAToken().getSessionKey() == null) {
            throw new AccountNotFoundException("The account was deleted");
        }
        Date expiry = readAccount.getDAToken().getExpiry();
        if (expiry != null && isDATokenExpired(expiry)) {
            throw new UserAuthenticationNeededException("User DA is expired. Call getTicket to refresh.");
        }
        HashMap hashMap = new HashMap();
        hashMap.put(CAWCookiePurposeKey, CAWCookiePurposeValue);
        return new UserCookie(CAWCookieName, URLEncoder.encode(readAccount.getDAToken().getOneTimeSignedCredential(this._clockSkewManager.getCurrentServerTime(), AbstractSoapRequest.MsaAppGuid, hashMap), "UTF-8"), ServerConfig.Domain, DefaultPath);
    }

    private UserCookie generateDidcCookie() throws UserAuthenticationNeededException, UnsupportedEncodingException {
        DeviceIdentity readDeviceIdentity = this._typedStorage.readDeviceIdentity();
        if (readDeviceIdentity == null) {
            throw new UserAuthenticationNeededException("Missing device ID. Call getTicket to provision.");
        }
        if (readDeviceIdentity.getDAToken() == null || readDeviceIdentity.getDAToken().getSessionKey() == null) {
            throw new UserAuthenticationNeededException("Invalid device DA. Call getTicket to refresh.");
        }
        Date expiry = readDeviceIdentity.getDAToken().getExpiry();
        if (expiry == null || !isDATokenExpired(expiry)) {
            return new UserCookie(DIDCCookieName, URLEncoder.encode(readDeviceIdentity.getDAToken().getOneTimeSignedCredential(this._clockSkewManager.getCurrentServerTime(), AbstractSoapRequest.MsaAppGuid, null), "UTF-8"), ServerConfig.Domain, DefaultPath);
        }
        throw new UserAuthenticationNeededException("Expired device DA. Call getTicket to refresh.");
    }

    private boolean isDATokenExpired(Date date) {
        return this._clockSkewManager.getCurrentServerTime().compareTo(date) >= 0;
    }

    public List<UserCookie> generateCookies(String str) throws AccountNotFoundException, UserAuthenticationNeededException, InternalException {
        try {
            ArrayList arrayList = new ArrayList(2);
            arrayList.add(generateCawCookie(str));
            arrayList.add(generateDidcCookie());
            return arrayList;
        } catch (UnsupportedEncodingException e) {
            throw new InternalException(e);
        }
    }
}
