package com.microsoft.identity.broker4j.broker.prt;

import com.google.gson.Gson;
import com.microsoft.identity.broker4j.broker.MicrosoftStsNonceUtil;
import com.microsoft.identity.broker4j.broker.crypto.IKeyEntry;
import com.microsoft.identity.broker4j.broker.platform.components.IBrokerPlatformComponents;
import com.microsoft.identity.broker4j.workplacejoin.data.WorkplaceJoinData;
import com.microsoft.identity.common.java.authorities.Authority;
import com.microsoft.identity.common.java.authscheme.BearerAuthenticationSchemeInternal;
import com.microsoft.identity.common.java.commands.parameters.BrokerSilentTokenCommandParameters;
import com.microsoft.identity.common.java.exception.BaseException;
import com.microsoft.identity.common.java.exception.ClientException;
import com.microsoft.identity.common.java.exception.ErrorStrings;
import com.microsoft.identity.common.java.jwt.IJwtRequestSigner;
import com.microsoft.identity.common.java.jwt.JwtRequestBody;
import com.microsoft.identity.common.java.logging.Logger;
import com.microsoft.identity.common.java.providers.microsoft.microsoftsts.AbstractMicrosoftStsTokenResponseHandler;
import com.microsoft.identity.common.java.providers.microsoft.microsoftsts.MicrosoftStsOAuth2Strategy;
import com.microsoft.identity.common.java.providers.microsoft.microsoftsts.MicrosoftStsTokenRequest;
import com.microsoft.identity.common.java.providers.microsoft.microsoftsts.MicrosoftStsTokenResponse;
import com.microsoft.identity.common.java.providers.microsoft.microsoftsts.MicrosoftStsTokenResponseHandler;
import com.microsoft.identity.common.java.providers.oauth2.IDToken;
import com.microsoft.identity.common.java.providers.oauth2.OAuth2StrategyParameters;
import com.microsoft.identity.common.java.providers.oauth2.TokenRequest;
import java.security.cert.CertificateEncodingException;
import java.util.HashMap;
import kotlin.setPageMargin;
import lombok.NonNull;

/* loaded from: classes2.dex */
public abstract class AbstractRegisteredDevicePrtStrategy extends AbstractPrtTokenStrategy<BrokerSilentTokenCommandParameters> {
    public static final String TAG = "AbstractRegisteredDevicePrtStrategy";
    private final IJwtRequestSigner mJwtRequestSigner;
    private final PrtProtocolVersion mPrtProtocolVersion;
    private final WorkplaceJoinData mWpjData;

    public AbstractRegisteredDevicePrtStrategy(@NonNull IBrokerPlatformComponents iBrokerPlatformComponents, @NonNull IJwtRequestSigner iJwtRequestSigner, @NonNull WorkplaceJoinData workplaceJoinData, @NonNull PrtProtocolVersion prtProtocolVersion) {
        super(iBrokerPlatformComponents, prtProtocolVersion);
        if (iBrokerPlatformComponents == null) {
            throw new NullPointerException("brokerPlatformComponents is marked non-null but is null");
        }
        if (iJwtRequestSigner == null) {
            throw new NullPointerException("jwtRequestSigner is marked non-null but is null");
        }
        if (workplaceJoinData == null) {
            throw new NullPointerException("wpjData is marked non-null but is null");
        }
        if (prtProtocolVersion == null) {
            throw new NullPointerException("prtProtocolVersion is marked non-null but is null");
        }
        this.mJwtRequestSigner = iJwtRequestSigner;
        this.mWpjData = workplaceJoinData;
        this.mPrtProtocolVersion = prtProtocolVersion;
    }

    private JwtRequestBody getJwtBody(@NonNull String str) throws ClientException {
        if (str == null) {
            throw new NullPointerException("correlationId is marked non-null but is null");
        }
        String str2 = TAG + ":getJwtBody";
        JwtRequestBody jwtRequestBody = new JwtRequestBody();
        jwtRequestBody.setClientId("29d9ed98-a469-4536-ade2-f981bc1d605e");
        jwtRequestBody.setJwtScope(PrtConstants.PRT_UPDATE_SCOPES);
        jwtRequestBody.setIssuer("29d9ed98-a469-4536-ade2-f981bc1d605e");
        jwtRequestBody.setGrantType("refresh_token");
        jwtRequestBody.setRefreshToken(getRefreshTokenClaim(str));
        jwtRequestBody.setAudience(getHomeAuthority().getAuthorityURL().toString());
        jwtRequestBody.setNonce(MicrosoftStsNonceUtil.getNonce(getHomeAuthority().getAuthorityURL().toString(), str));
        if (PrtProtocolVersion.V4_0.getValue().equals(this.mPrtProtocolVersion.getValue())) {
            Logger.info(str2, "Adding Prt V4 specific parameters to the Jwt body.");
            jwtRequestBody.setJweCrypto((setPageMargin) new Gson().fromJson(PrtConstants.REQUEST_JWE_CRYPTO_VALUE, setPageMargin.class));
            jwtRequestBody.setSessionKeyCrypto((setPageMargin) new Gson().fromJson(PrtConstants.REQUEST_SESSION_KEY_CRYPTO_VALUE, setPageMargin.class));
        }
        return jwtRequestBody;
    }

    @Override // com.microsoft.identity.broker4j.broker.prt.AbstractPrtTokenStrategy
    public MicrosoftStsTokenRequest createTokenRequestInternal(@NonNull BrokerSilentTokenCommandParameters brokerSilentTokenCommandParameters) throws ClientException {
        if (brokerSilentTokenCommandParameters == null) {
            throw new NullPointerException("parameters is marked non-null but is null");
        }
        String str = TAG + ":createTokenRequestInternal";
        MicrosoftStsTokenRequest microsoftStsTokenRequest = new MicrosoftStsTokenRequest();
        microsoftStsTokenRequest.setGrantType(TokenRequest.GrantTypes.JWT_BEARER);
        microsoftStsTokenRequest.setPKeyAuthHeaderAllowed(brokerSilentTokenCommandParameters.isPKeyAuthHeaderAllowed());
        microsoftStsTokenRequest.setScope(PrtConstants.PRT_UPDATE_SCOPES);
        try {
            String signedJwt = this.mJwtRequestSigner.getSignedJwt(getJwtBody(brokerSilentTokenCommandParameters.getCorrelationId()));
            HashMap hashMap = new HashMap();
            hashMap.put("request", signedJwt);
            if (PrtProtocolVersion.V4_0.getValue().equals(this.mPrtProtocolVersion.getValue())) {
                Logger.info(str, "Adding Prt V4 specific parameters to the request body.");
                hashMap.put("jwe_crypto", PrtConstants.REQUEST_JWE_CRYPTO_VALUE);
                hashMap.put("session_key_crypto", PrtConstants.REQUEST_SESSION_KEY_CRYPTO_VALUE);
            }
            microsoftStsTokenRequest.setExtraParameters(hashMap.entrySet());
            OAuth2StrategyParameters build = OAuth2StrategyParameters.builder().platformComponents(this.mBrokerPlatformComponents).authenticationScheme(new BearerAuthenticationSchemeInternal()).build();
            Authority mHomeAuthority = getMHomeAuthority();
            mHomeAuthority.setSlice(brokerSilentTokenCommandParameters.getAuthority().getSlice());
            this.mOAuth2Strategy = (MicrosoftStsOAuth2Strategy) mHomeAuthority.createOAuth2Strategy(build);
            return microsoftStsTokenRequest;
        } catch (CertificateEncodingException e) {
            Logger.info(str, "Unable to retrieve encoded certificate to sign the JWT");
            throw new ClientException(ErrorStrings.CERTIFICATE_ENCODING_ERROR, "Unable to retrieve encoded certificate to sign the JWT", e);
        }
    }

    @Override // com.microsoft.identity.broker4j.broker.prt.AbstractPrtTokenStrategy
    protected IKeyEntry extractSessionKey(@NonNull MicrosoftStsTokenResponse microsoftStsTokenResponse) throws BaseException {
        if (microsoftStsTokenResponse == null) {
            throw new NullPointerException("tokenResponse is marked non-null but is null");
        }
        return this.mBrokerPlatformComponents.getBrokerKeyFactory().getSessionKeyLoader().importSessionKey(new IDToken(microsoftStsTokenResponse.getIdToken()), microsoftStsTokenResponse.getSessionKeyJwe(), this.mWpjData.getCertificateData().getSessionTransportKey());
    }

    @Override // com.microsoft.identity.broker4j.broker.prt.AbstractPrtTokenStrategy
    protected String getDeviceId(@NonNull MicrosoftStsTokenResponse microsoftStsTokenResponse) throws BaseException {
        if (microsoftStsTokenResponse != null) {
            return this.mWpjData.getCertificateData().getDeviceId();
        }
        throw new NullPointerException("tokenResponse is marked non-null but is null");
    }

    /* renamed from: getHomeAuthority */
    protected abstract Authority getMHomeAuthority();

    protected abstract String getRefreshTokenClaim(@NonNull String str) throws ClientException;

    @Override // com.microsoft.identity.broker4j.broker.prt.AbstractPrtTokenStrategy
    public AbstractMicrosoftStsTokenResponseHandler getResponseHandler() {
        return new MicrosoftStsTokenResponseHandler();
    }
}
