package com.microsoft.skype.teams.data.proxy;

import bolts.Task;
import com.microsoft.skype.teams.logger.ILogger;
import com.microsoft.skype.teams.services.authorization.AuthenticateUserResult;
import com.microsoft.skype.teams.services.authorization.IAuthorizationService;
import com.microsoft.skype.teams.services.authorization.helpers.AuthenticationSource;
import com.microsoft.skype.teams.services.diagnostics.StatusCode;
import com.microsoft.skype.teams.utilities.Headers;
import com.microsoft.skype.teams.utilities.java.StringUtils;
import com.microsoft.teams.androidutils.tasks.CancellationToken;
import com.microsoft.teams.networkutils.INetworkInterceptorExtension;
import java.io.IOException;
import java.io.InterruptedIOException;
import java.util.concurrent.TimeUnit;
import okhttp3.Request;

/* loaded from: classes3.dex */
public class TflRequestInterceptor implements INetworkInterceptorExtension {
    private static final String BEARER_AUTH_HEADER_PREFIX = "Bearer ";
    private static final String MSA_MERGED_PROFILE_PICTURE_URL = "mergedprofilepicture";
    private static final String MSA_SUBSTRATE_READ_WRITE_SCOPE = "https://outlook.office.com/M365.Access";
    private static final String MT_CALENDAR_EVENTS_URL = "/calendar";
    private static final String OUTLOOK_CALENDAR_EVENTS_URL = "/events";
    private static final String PERSONAL_FILES_URL = "/me/files";
    private static final String PROFILE_PICTURE_URL = "profilepicture";
    private static final String RECENT_FILES_URL = "/me/recent";
    private static final String TAG = "TflRequestInterceptor";
    private static final String UPDATE_MSA_NAME_URL = "/users/me";
    private static final long WAIT_FOR_AUTH_TIMEOUT_SECONDS = 60;
    private final IAuthorizationService mAuthorizationService;
    private final ILogger mLogger;

    public TflRequestInterceptor(IAuthorizationService iAuthorizationService, ILogger iLogger) {
        this.mAuthorizationService = iAuthorizationService;
        this.mLogger = iLogger;
        this.mLogger.log(3, TAG, String.format("%s has been initialized.", TAG), new Object[0]);
    }

    private void addAuthorizationHeader(Request.Builder builder, String str, String str2, boolean z) throws IOException {
        this.mLogger.log(3, TAG, String.format("Getting a resource token for (%s) scope.", str2), new Object[0]);
        String tokenForResourceSync = this.mAuthorizationService.getTokenForResourceSync(str2, CancellationToken.NONE, false);
        if (StringUtils.isEmptyOrWhiteSpace(tokenForResourceSync)) {
            this.mLogger.log(3, TAG, "Re-authenticating user to ensure all tokens are valid.", new Object[0]);
            Task<AuthenticateUserResult> executeAuthRequest = this.mAuthorizationService.executeAuthRequest(true, AuthenticationSource.InitialConsumerSignin, null);
            try {
                this.mLogger.log(3, TAG, "Waiting for auth completion", new Object[0]);
                executeAuthRequest.waitForCompletion(WAIT_FOR_AUTH_TIMEOUT_SECONDS, TimeUnit.SECONDS);
            } catch (InterruptedException e) {
                this.mLogger.log(7, TAG, e, "Failed to authenticate user", new Object[0]);
            }
            if (!executeAuthRequest.isCompleted() || executeAuthRequest.getResult() == null || !executeAuthRequest.getResult().isSuccess()) {
                this.mLogger.log(7, TAG, "Auth failed", new Object[0]);
                throw new InterruptedIOException(StatusCode.MSAL_ERROR);
            }
            this.mLogger.log(3, TAG, "Auth complete", new Object[0]);
            tokenForResourceSync = this.mAuthorizationService.getTokenForResourceSync(str2, CancellationToken.NONE, false);
            if (StringUtils.isEmptyOrWhiteSpace(tokenForResourceSync)) {
                this.mLogger.log(6, TAG, String.format("Couldn't get a resource token for (%s) scope.", str2), new Object[0]);
                throw new InterruptedIOException(StatusCode.MSAL_ERROR);
            }
        }
        if (z) {
            tokenForResourceSync = BEARER_AUTH_HEADER_PREFIX + tokenForResourceSync;
        }
        builder.header(str, tokenForResourceSync);
    }

    private boolean isMiddleTierImageRequestForRoute(String str, String str2) {
        return str.startsWith(MiddleTierServiceProvider.getMiddleTierServiceBaseImageUrl()) && str.contains(str2);
    }

    private boolean isMiddleTierRequestForRoute(String str, String str2) {
        return str.startsWith(MiddleTierServiceProvider.getMiddleTierServiceBaseUrl()) && str.contains(str2);
    }

    @Override // com.microsoft.teams.networkutils.INetworkInterceptorExtension
    public Request intercept(Request request) throws IOException {
        String httpUrl = request.url().toString();
        if (!request.isHttps()) {
            return request;
        }
        Request.Builder newBuilder = request.newBuilder();
        if (isMiddleTierRequestForRoute(httpUrl, MT_CALENDAR_EVENTS_URL)) {
            addAuthorizationHeader(newBuilder, Headers.CLIENT_AUTHORIZATION, OutlookServiceProvider.getCalendarReadWriteScopeUrl(), true);
        } else if (isMiddleTierRequestForRoute(httpUrl, PERSONAL_FILES_URL) || isMiddleTierRequestForRoute(httpUrl, RECENT_FILES_URL)) {
            addAuthorizationHeader(newBuilder, Headers.CLIENT_AUTHORIZATION, GraphProvider.getMSGraphServiceOneDriveReadWriteScopeUrl(), true);
        } else if (httpUrl.contains(GraphProvider.getServiceUrl())) {
            addAuthorizationHeader(newBuilder, "Authorization", GraphProvider.getMSGraphServiceOneDriveReadWriteScopeUrl(), true);
        } else if (isMiddleTierRequestForRoute(httpUrl, UPDATE_MSA_NAME_URL)) {
            addAuthorizationHeader(newBuilder, Headers.CLIENT_AUTHORIZATION, MSA_SUBSTRATE_READ_WRITE_SCOPE, false);
        } else if (isMiddleTierImageRequestForRoute(httpUrl, PROFILE_PICTURE_URL) || isMiddleTierImageRequestForRoute(httpUrl, MSA_MERGED_PROFILE_PICTURE_URL)) {
            addAuthorizationHeader(newBuilder, Headers.CLIENT_AUTHORIZATION, MSA_SUBSTRATE_READ_WRITE_SCOPE, false);
        } else if (httpUrl.startsWith(OutlookServiceProvider.getOutServiceUrl()) && httpUrl.contains(OUTLOOK_CALENDAR_EVENTS_URL)) {
            addAuthorizationHeader(newBuilder, "Authorization", OutlookServiceProvider.getCalendarReadWriteScopeUrl(), true);
        }
        return newBuilder.build();
    }

    public boolean isMiddleTierRequestForRouteForTests(String str, String str2) {
        return isMiddleTierRequestForRoute(str, str2);
    }
}
