package com.microsoft.identity.broker4j.broker.prt;

import com.microsoft.identity.common.java.authorities.Authority;
import com.microsoft.identity.common.java.authorities.AzureActiveDirectoryAuthority;
import com.microsoft.identity.common.java.authorities.UnknownAuthority;
import com.microsoft.identity.common.java.exception.ClientException;
import com.microsoft.identity.common.java.exception.ErrorStrings;
import com.microsoft.identity.common.java.logging.Logger;
import com.microsoft.identity.common.java.providers.microsoft.azureactivedirectory.AzureActiveDirectory;
import com.microsoft.identity.common.java.util.StringUtil;
import edu.umd.cs.findbugs.annotations.Nullable;
import java.net.URI;
import java.net.URISyntaxException;
import java.util.List;
import kotlin.getMethodsOrBuilder;
import lombok.NonNull;

/* loaded from: classes2.dex */
public final class PrtUtils {
    private static final String TAG = "PrtUtils";

    private PrtUtils() {
        throw new UnsupportedOperationException("This is a utility class and cannot be instantiated");
    }

    public static String getAuthorityForAcquiringToken(@NonNull String str, @Nullable String str2) throws ClientException {
        if (str == null) {
            throw new NullPointerException("requestAuthority is marked non-null but is null");
        }
        StringBuilder sb = new StringBuilder();
        String str3 = TAG;
        sb.append(str3);
        sb.append(":getAuthorityForAcquiringToken");
        String sb2 = sb.toString();
        try {
            getMethodsOrBuilder getmethodsorbuilder = new getMethodsOrBuilder(str);
            List<String> pathSegments = getmethodsorbuilder.getPathSegments();
            if (pathSegments.size() == 0) {
                throw new ClientException(ErrorStrings.AUTHORITY_URL_NOT_VALID, "The URL does not contain path segment.");
            }
            if (StringUtil.isNullOrEmpty(str2)) {
                Logger.warn(sb2, "PRT authority is null, using passed in authority " + str);
                return str;
            }
            String str4 = pathSegments.get(0);
            URI build = getmethodsorbuilder.build();
            if (build.getAuthority().equalsIgnoreCase(new URI(str2).getAuthority())) {
                return str;
            }
            if (isHomeTenantRequest(str4, build.getAuthority())) {
                return AzureActiveDirectoryAuthority.convertToDefaultAuthority(str2);
            }
            Logger.warn(str3, "Passed in authority host doesn't match with prt authority, request authority: " + str + " ,prt authority: " + str2);
            throw new ClientException(ErrorStrings.AUTHORITY_URL_NOT_VALID, "Authority Url cloud passed in doesn't match with the PRT's authority.");
        } catch (URISyntaxException e) {
            throw new ClientException("malformed_url", e.getMessage(), e);
        }
    }

    private static boolean isHomeTenantRequest(@NonNull String str, @NonNull String str2) {
        if (str == null) {
            throw new NullPointerException("tenant is marked non-null but is null");
        }
        if (str2 == null) {
            throw new NullPointerException("requestAuthorityUri is marked non-null but is null");
        }
        String str3 = TAG + ":isHomeTenantRequest";
        try {
            if (str.equalsIgnoreCase("common") || str.equalsIgnoreCase("organizations")) {
                return str2.equalsIgnoreCase(new URI(AzureActiveDirectory.getDefaultCloudUrl()).getAuthority());
            }
            return false;
        } catch (URISyntaxException e) {
            Logger.error(str3, "Failed to determine if request is for home tenant", e);
            return false;
        }
    }

    public static boolean validateRequestAuthority(@NonNull Authority authority, @NonNull Authority authority2) {
        if (authority == null) {
            throw new NullPointerException("requestAuthority is marked non-null but is null");
        }
        if (authority2 == null) {
            throw new NullPointerException("prtHomeAuthority is marked non-null but is null");
        }
        String str = TAG + ":validateRequestAuthority";
        if (authority instanceof UnknownAuthority) {
            Logger.info(str, "Request authority is unknown authority.");
            return false;
        }
        if (authority2.getAuthorityURL().getAuthority().equals(authority.getAuthorityURL().getAuthority())) {
            return true;
        }
        if (!(authority instanceof AzureActiveDirectoryAuthority)) {
            Logger.info(str, "Request authority is not AAD authority.");
            return false;
        }
        AzureActiveDirectoryAuthority azureActiveDirectoryAuthority = (AzureActiveDirectoryAuthority) authority;
        if (isHomeTenantRequest(azureActiveDirectoryAuthority.getAudience().getTenantId(), azureActiveDirectoryAuthority.getAuthorityUri().getAuthority())) {
            Logger.info(str, "Request is for home tenant.");
            return true;
        }
        try {
            return azureActiveDirectoryAuthority.isSameCloudAsAuthority((AzureActiveDirectoryAuthority) authority2);
        } catch (ClientException e) {
            Logger.error(str, "Failed to compare request authority to home authority", e);
            return false;
        }
    }
}
