package com.microsoft.workaccount.authenticatorservice;

import android.accounts.Account;
import android.accounts.AccountAuthenticatorResponse;
import android.content.Context;
import android.os.Bundle;
import com.microsoft.identity.AndroidBrokerPlatformComponentsFactory;
import com.microsoft.identity.broker.operation.wpj.LegacyWpjLeaveOperation;
import com.microsoft.identity.broker4j.broker.BrokerAccountDataManager;
import com.microsoft.identity.broker4j.broker.BrokerUtil;
import com.microsoft.identity.broker4j.broker.IBrokerAccountDataManager;
import com.microsoft.identity.broker4j.broker.platform.components.IAccountDataStorage;
import com.microsoft.identity.broker4j.broker.platform.components.IBrokerPlatformComponents;
import com.microsoft.identity.broker4j.opentelemetry.AttributeName;
import com.microsoft.identity.broker4j.workplacejoin.AccountInfo;
import com.microsoft.identity.broker4j.workplacejoin.DeviceState;
import com.microsoft.identity.broker4j.workplacejoin.DiscoveryEndpoint;
import com.microsoft.identity.broker4j.workplacejoin.WorkplaceJoinFailure;
import com.microsoft.identity.broker4j.workplacejoin.data.RegSource;
import com.microsoft.identity.broker4j.workplacejoin.data.WorkplaceJoinData;
import com.microsoft.identity.broker4j.workplacejoin.exception.WorkplaceJoinException;
import com.microsoft.identity.broker4j.workplacejoin.handlers.DeviceStateRequestHandler;
import com.microsoft.identity.broker4j.workplacejoin.tasks.WorkplaceLeaveTask;
import com.microsoft.identity.client.BrokerUtils;
import com.microsoft.identity.common.internal.broker.AccountManagerBrokerAccount;
import com.microsoft.identity.common.java.broker.IBrokerAccount;
import com.microsoft.identity.common.java.broker.ICallValidator;
import com.microsoft.identity.common.java.exception.BaseException;
import com.microsoft.identity.common.java.exception.ClientException;
import com.microsoft.identity.common.java.exception.ServiceException;
import com.microsoft.identity.common.java.opentelemetry.OTelUtility;
import com.microsoft.identity.common.java.opentelemetry.SpanExtension;
import com.microsoft.identity.common.java.opentelemetry.SpanName;
import com.microsoft.identity.common.java.util.StringUtil;
import com.microsoft.identity.common.logging.Logger;
import com.microsoft.workaccount.BuildConfig;
import com.microsoft.workaccount.workplacejoin.core.ErrorMessages;
import com.microsoft.workaccount.workplacejoin.core.InstallCertActivity;
import com.microsoft.workaccount.workplacejoin.core.WPJOperation;
import com.microsoft.workaccount.workplacejoin.core.WorkplaceJoinApplication;
import com.samsung.android.knox.container.KnoxContainerManager;
import io.opentelemetry.api.trace.Span;
import io.opentelemetry.api.trace.StatusCode;
import io.opentelemetry.context.Scope;
import java.util.UUID;

@Deprecated
/* loaded from: classes6.dex */
public class AuthenticatorAPIHelper {
    private static final String JOIN_WITH_TOKENS = "joinWithTokens";
    private static final String PRE_AUTHORIZED_JOIN = "preAuthorizedJoin";
    private static final String TAG = "AuthenticatorHelper#";
    private final IBrokerAccountDataManager mAccountDataManager;
    private final IAccountDataStorage mBrokerAccountDataStorage;
    private final IBrokerPlatformComponents mComponents;
    private final Context mContext;
    private final WPJOperation mWpjOperation;

    public AuthenticatorAPIHelper(Context context) {
        this(context, AndroidBrokerPlatformComponentsFactory.createFromContext(context));
    }

    public AuthenticatorAPIHelper(Context context, IBrokerPlatformComponents iBrokerPlatformComponents) {
        this.mContext = context;
        this.mComponents = iBrokerPlatformComponents;
        IAccountDataStorage brokerAccountDataStorage = iBrokerPlatformComponents.getBrokerAccountDataStorage();
        this.mBrokerAccountDataStorage = brokerAccountDataStorage;
        this.mAccountDataManager = new BrokerAccountDataManager(brokerAccountDataStorage);
        this.mWpjOperation = new WPJOperation(iBrokerPlatformComponents);
    }

    private final AccountInfo createAccountInfoFromBundle(Bundle bundle, String str) {
        if (StringUtil.isNullOrEmpty(bundle.getString("account.userinfo.userid"))) {
            Logger.warn("AuthenticatorHelper#createAccountInfoFromBundle", "accountInfo not provided.");
            return null;
        }
        Logger.verbose("AuthenticatorHelper#createAccountInfoFromBundle", "accountInfo is provided.");
        AccountInfo accountInfo = new AccountInfo(str, false, false);
        accountInfo.setUniqueId(bundle.getString("account.userinfo.userid.list"));
        accountInfo.setDisplayableId(str);
        accountInfo.setHomeAccountId(bundle.getString("account.userinfo.userid"));
        accountInfo.setGivenName(bundle.getString("account.userinfo.given.name"));
        accountInfo.setFamilyName(bundle.getString("account.userinfo.family.name"));
        accountInfo.setIdentityProvider(bundle.getString("account.userinfo.identity.provider"));
        accountInfo.setTenantId(bundle.getString("account.userinfo.tenantid"));
        return accountInfo;
    }

    private DeviceStateRequestHandler.IOnQueryDeviceCallback createGetDeviceRegistrationStateCallback(final AccountAuthenticatorResponse accountAuthenticatorResponse, final Account account, final boolean z) {
        return new DeviceStateRequestHandler.IOnQueryDeviceCallback() { // from class: com.microsoft.workaccount.authenticatorservice.AuthenticatorAPIHelper.1
            @Override // com.microsoft.identity.broker4j.workplacejoin.handlers.DeviceStateRequestHandler.IOnQueryDeviceCallback
            public void onComplete(DeviceState deviceState) {
                Bundle successBundle = AuthenticatorAPIHelper.getSuccessBundle(account);
                successBundle.putBoolean(WorkplaceJoinApplication.DATA_DRS_DEVICE_STATE, deviceState == DeviceState.DEVICE_VALID);
                accountAuthenticatorResponse.onResult(successBundle);
            }

            @Override // com.microsoft.identity.broker4j.workplacejoin.handlers.DeviceStateRequestHandler.IOnQueryDeviceCallback
            public void onError(Exception exc) {
                Logger.error("AuthenticatorHelper#createGetDeviceRegistrationStateCallback", "Failed to query device state. " + WorkplaceJoinFailure.INTERNAL.toString(), exc);
                AuthenticatorAPIHelper.this.returnError(accountAuthenticatorResponse, exc, z);
            }
        };
    }

    private Bundle getAuthenticatorResponseBundle(IBrokerAccount iBrokerAccount) {
        Span current = SpanExtension.current();
        Bundle successBundle = getSuccessBundle(iBrokerAccount.getUsername(), iBrokerAccount.getType());
        try {
            successBundle.putString(WorkplaceJoinApplication.DATA_DEVICE_ID, this.mComponents.getWpjController().getWorkplaceJoinEntryForWPJAPI().getDeviceId());
            current.setStatus(StatusCode.OK);
        } catch (WorkplaceJoinException e) {
            Logger.error("AuthenticatorHelper#getAuthenticatorResponseBundle", "failed to get device id to authenticator.", e);
            current.setStatus(StatusCode.ERROR, "failed to get device id to authenticator.");
            current.recordException(e);
        }
        return successBundle;
    }

    private UUID getCorrelationIdFromBundle(Bundle bundle) {
        return bundle != null ? UUID.fromString(bundle.getString("correlation_id", UUID.randomUUID().toString())) : UUID.randomUUID();
    }

    public static Bundle getErrorBundle(String str, WorkplaceJoinFailure workplaceJoinFailure) {
        Bundle bundle = new Bundle();
        bundle.putString("errorMessage", str);
        bundle.putString(WorkplaceJoinApplication.DATA_FAILURE_TYPE, workplaceJoinFailure.name());
        return bundle;
    }

    private RegSource getRegSource(Bundle bundle) {
        String callingPackageName = BrokerUtils.getCallingPackageName(this.mContext, bundle.getInt("callerUid", -1));
        SpanExtension.current().setAttribute(AttributeName.calling_package_name.name(), callingPackageName);
        return BrokerUtils.getRegSourceFromPackageName(callingPackageName);
    }

    public static Bundle getServiceExceptionErrorBundle(ServiceException serviceException) {
        Bundle bundle = new Bundle();
        bundle.putString("error", serviceException.getErrorCode());
        bundle.putString("error_description", serviceException.getMessage());
        bundle.putString("error_codes", serviceException.getOAuthSubErrorCode());
        bundle.putInt("status_code", serviceException.getHttpStatusCode());
        bundle.putString("correlation_id", serviceException.getCorrelationId());
        bundle.putString("errorMessage", serviceException.getErrorCode());
        return bundle;
    }

    public static Bundle getSuccessBundle(Account account) {
        return getSuccessBundle(account.name, account.type);
    }

    public static Bundle getSuccessBundle(String str, String str2) {
        Bundle bundle = new Bundle();
        bundle.putString("authAccount", str);
        bundle.putString("accountType", str2);
        return bundle;
    }

    public static boolean isJoinRequestWithAccessToken(Bundle bundle) {
        return (StringUtil.isNullOrEmpty(bundle.getString(WorkplaceJoinApplication.DATA_TOKEN)) || StringUtil.isNullOrEmpty(bundle.getString(WorkplaceJoinApplication.DATA_UPN))) ? false : true;
    }

    public static boolean isPreAuthorizedJoinChallenge(Bundle bundle) {
        return (StringUtil.isNullOrEmpty(bundle.getString(WorkplaceJoinApplication.DATA_PREAUTHORIZED_JOIN_CHALLENGE)) || StringUtil.isNullOrEmpty(bundle.getString(WorkplaceJoinApplication.DATA_TENANT_ID))) ? false : true;
    }

    private Bundle performJoinRequestWithAccessTokenFromBundle(AccountAuthenticatorResponse accountAuthenticatorResponse, Bundle bundle, DiscoveryEndpoint discoveryEndpoint) {
        String string = bundle.getString(WorkplaceJoinApplication.DATA_UPN);
        String string2 = bundle.getString(WorkplaceJoinApplication.DATA_DISPLAYABLE_ID);
        String string3 = bundle.getString(WorkplaceJoinApplication.DATA_TOKEN);
        String string4 = bundle.getString(WorkplaceJoinApplication.DATA_REFRESH_TOKEN);
        AccountInfo createAccountInfoFromBundle = createAccountInfoFromBundle(bundle, string2);
        boolean z = bundle.getBoolean(WorkplaceJoinApplication.DATA_IS_SHARED_DEVICE, false);
        boolean z2 = !Boolean.toString(true).equalsIgnoreCase(bundle.getString(WorkplaceJoinApplication.DATA_NO_CERT_INSTALL));
        SpanExtension.current().setAttribute(AttributeName.is_cert_required.name(), z2);
        UUID correlationIdFromBundle = getCorrelationIdFromBundle(bundle);
        Logger.verbose("AuthenticatorHelper#performJoinRequestWithAccessTokenFromBundle", "isCertRequired = " + Boolean.toString(z2));
        try {
            this.mWpjOperation.legacyWpjJoinWithTokens(discoveryEndpoint, string, string2, string3, string4, createAccountInfoFromBundle, getRegSource(bundle), z, correlationIdFromBundle);
            if (!z2) {
                return getAuthenticatorResponseBundle(this.mBrokerAccountDataStorage.getAccount(this.mComponents.getWpjController().getAccountNameForWPJAPI(), "com.microsoft.workaccount"));
            }
            Bundle bundle2 = new Bundle();
            bundle2.putParcelable(KnoxContainerManager.INTENT_BUNDLE, InstallCertActivity.getInstallCertActivityIntent(this.mContext, accountAuthenticatorResponse));
            return bundle2;
        } catch (WorkplaceJoinException | BaseException e) {
            Logger.error("AuthenticatorHelper#performJoinRequestWithAccessTokenFromBundle", e.getMessage(), e);
            SpanExtension.current().setStatus(StatusCode.ERROR);
            SpanExtension.current().recordException(e);
            return getErrorBundle(e.getMessage(), WorkplaceJoinFailure.INTERNAL);
        }
    }

    private Bundle performPreAuthorizedJoinChallengeFromBundle(Bundle bundle, DiscoveryEndpoint discoveryEndpoint) {
        String string = bundle.getString(WorkplaceJoinApplication.DATA_TENANT_ID);
        String string2 = bundle.getString(WorkplaceJoinApplication.DATA_PREAUTHORIZED_JOIN_CHALLENGE);
        boolean z = bundle.getBoolean(WorkplaceJoinApplication.DATA_IS_SHARED_DEVICE, false);
        boolean z2 = bundle.getBoolean(WorkplaceJoinApplication.DATA_IS_PREAUTHORIZED_CHALLENGE_DEVICE_BOUND, false);
        UUID correlationIdFromBundle = getCorrelationIdFromBundle(bundle);
        Logger.verbose("AuthenticatorHelper#performPreAuthorizedJoinChallengeFromBundle", "isPreAuthorizedChallengeDeviceBound = " + Boolean.toString(z2));
        try {
            this.mWpjOperation.deviceRegistrationWithPreAuthorizedJoinChallenge(discoveryEndpoint, string, string2, getRegSource(bundle), z2, z, correlationIdFromBundle);
            return getAuthenticatorResponseBundle(this.mBrokerAccountDataStorage.getAccount(this.mComponents.getWpjController().getAccountNameForWPJAPI(), "com.microsoft.workaccount"));
        } catch (WorkplaceJoinException | BaseException e) {
            Logger.error("AuthenticatorHelper#performPreAuthorizedJoinChallengeFromBundle", e.getMessage(), e);
            Span current = SpanExtension.current();
            current.setStatus(StatusCode.ERROR, e.getMessage());
            current.recordException(e);
            return getErrorBundle(e.getMessage(), WorkplaceJoinFailure.INTERNAL);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void returnError(AccountAuthenticatorResponse accountAuthenticatorResponse, Exception exc, boolean z) {
        SpanExtension.current().recordException(exc);
        if (!z) {
            accountAuthenticatorResponse.onError(5, exc.getMessage());
            return;
        }
        if (exc instanceof ServiceException) {
            accountAuthenticatorResponse.onResult(getServiceExceptionErrorBundle((ServiceException) exc));
        } else if (!(exc instanceof WorkplaceJoinException)) {
            accountAuthenticatorResponse.onResult(getErrorBundle(exc.getMessage(), WorkplaceJoinFailure.INTERNAL));
        } else {
            WorkplaceJoinException workplaceJoinException = (WorkplaceJoinException) exc;
            accountAuthenticatorResponse.onResult(getErrorBundle(workplaceJoinException.getMessage(), workplaceJoinException.getFailureType()));
        }
    }

    @Deprecated
    public Bundle getCertInstalledStatus(Account account) {
        Bundle successBundle = getSuccessBundle(account);
        Logger.info("AuthenticatorHelper#getCertInstalledStatus", "Sending cert install status false");
        successBundle.putString(WorkplaceJoinApplication.DATA_CERT_INSTALLED, Boolean.toString(false));
        return successBundle;
    }

    public Bundle getDeviceId(Account account) {
        WorkplaceJoinData workplaceJoinEntryForWPJAPI = this.mComponents.getWpjController().getWorkplaceJoinEntryForWPJAPI();
        if (workplaceJoinEntryForWPJAPI == null) {
            return getErrorBundle("Failed to get WPJ Data. Cannot get Device ID", WorkplaceJoinFailure.INTERNAL);
        }
        try {
            String deviceId = workplaceJoinEntryForWPJAPI.getDeviceId();
            Bundle successBundle = getSuccessBundle(account);
            successBundle.putString(WorkplaceJoinApplication.DATA_DEVICE_ID, deviceId);
            Logger.infoPII("AuthenticatorHelper#getDeviceId", "Sending device id. " + deviceId);
            return successBundle;
        } catch (WorkplaceJoinException e) {
            return getErrorBundle(e.getMessage(), e.getFailureType());
        }
    }

    public void getDeviceState(AccountAuthenticatorResponse accountAuthenticatorResponse, Account account, boolean z) {
        Scope makeCurrentSpan;
        WorkplaceJoinData workplaceJoinEntryForWPJAPI;
        Span createSpan = OTelUtility.createSpan(SpanName.DeviceState.name());
        UUID correlationIdFromBundle = getCorrelationIdFromBundle(null);
        try {
            try {
                makeCurrentSpan = SpanExtension.makeCurrentSpan(createSpan);
                try {
                    createSpan.setAttribute(AttributeName.correlation_id.name(), correlationIdFromBundle.toString());
                    workplaceJoinEntryForWPJAPI = this.mComponents.getWpjController().getWorkplaceJoinEntryForWPJAPI();
                } catch (Throwable th) {
                    if (makeCurrentSpan != null) {
                        try {
                            makeCurrentSpan.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    }
                    throw th;
                }
            } catch (Exception e) {
                Logger.error("AuthenticatorHelper# :getDeviceState", "Failed to retrieve device state. " + WorkplaceJoinFailure.INTERNAL.toString(), e);
                createSpan.recordException(e);
                createSpan.setStatus(StatusCode.ERROR);
                returnError(accountAuthenticatorResponse, e, z);
            }
            if (workplaceJoinEntryForWPJAPI == null) {
                Logger.verbose("AuthenticatorHelper# :getDeviceState", "WPJ data not found.");
                returnError(accountAuthenticatorResponse, new WorkplaceJoinException(WorkplaceJoinException.DEVICE_IS_NOT_WORKPLACE_JOINED, WorkplaceJoinFailure.INTERNAL), z);
                createSpan.setStatus(StatusCode.ERROR, "WPJ data not found.");
                if (makeCurrentSpan != null) {
                    makeCurrentSpan.close();
                }
                return;
            }
            createSpan.setAttribute(AttributeName.tenant_id.name(), workplaceJoinEntryForWPJAPI.getTenantId());
            createSpan.setAttribute(AttributeName.is_shared_device.name(), workplaceJoinEntryForWPJAPI.isSharedDevice());
            DeviceState deviceState = this.mWpjOperation.getDeviceState(workplaceJoinEntryForWPJAPI, correlationIdFromBundle);
            Logger.info("AuthenticatorHelper# :getDeviceState", "Device state fetched is " + deviceState.name());
            Bundle successBundle = getSuccessBundle(account);
            successBundle.putBoolean(WorkplaceJoinApplication.DATA_DRS_DEVICE_STATE, deviceState == DeviceState.DEVICE_VALID);
            accountAuthenticatorResponse.onResult(successBundle);
            createSpan.setAttribute(AttributeName.device_state.name(), deviceState.name());
            createSpan.setStatus(StatusCode.OK);
            if (makeCurrentSpan != null) {
                makeCurrentSpan.close();
            }
        } finally {
            createSpan.end();
        }
    }

    public void getDeviceToken(AccountAuthenticatorResponse accountAuthenticatorResponse, Account account, boolean z, Bundle bundle, ICallValidator iCallValidator) {
        String string = bundle.getString("correlation_id");
        String string2 = bundle.getString("resource");
        String string3 = bundle.getString("scope");
        int i = bundle.getInt("callerUid", -1);
        if (i == -1) {
            Logger.info("AuthenticatorHelper#:getDeviceToken", "No calling UID found associated with the calling application.");
            returnError(accountAuthenticatorResponse, new WorkplaceJoinException(WorkplaceJoinException.NO_CALLER_UID_ON_REQUEST, WorkplaceJoinFailure.INTERNAL), z);
            return;
        }
        try {
            iCallValidator.throwIfNotInvokedByAcceptableApp("AuthenticatorHelper#:getDeviceToken", i, BuildConfig.DEVICE_TOKEN_APPS);
            WorkplaceJoinData workplaceJoinEntryForWPJAPI = this.mComponents.getWpjController().getWorkplaceJoinEntryForWPJAPI();
            if (workplaceJoinEntryForWPJAPI == null) {
                Logger.verbose("AuthenticatorHelper#:getDeviceToken", "WPJ data not found.");
                returnError(accountAuthenticatorResponse, new WorkplaceJoinException(WorkplaceJoinException.DEVICE_IS_NOT_WORKPLACE_JOINED, WorkplaceJoinFailure.INTERNAL), z);
                return;
            }
            try {
                String deviceToken = new WPJOperation(this.mComponents).getDeviceToken(workplaceJoinEntryForWPJAPI, string2, string, string3);
                Bundle successBundle = getSuccessBundle(account);
                successBundle.putString(WorkplaceJoinApplication.DATA_DEVICE_TOKEN, deviceToken);
                accountAuthenticatorResponse.onResult(successBundle);
            } catch (BaseException e) {
                Logger.error("AuthenticatorHelper#:getDeviceToken", "getDeviceToken Operation failed unexpectedly", e);
                returnError(accountAuthenticatorResponse, e, z);
            }
        } catch (ClientException e2) {
            Logger.error("AuthenticatorHelper#:getDeviceToken", "App is not allowed to invoke get device token operation", e2);
            returnError(accountAuthenticatorResponse, e2, z);
        }
    }

    public void getIsSharedDevice(AccountAuthenticatorResponse accountAuthenticatorResponse, Account account, boolean z) {
        try {
            Bundle successBundle = getSuccessBundle(account);
            successBundle.putBoolean(WorkplaceJoinApplication.DATA_IS_SHARED_DEVICE, this.mComponents.getWpjController().isDeviceRegisteredAsShared());
            accountAuthenticatorResponse.onResult(successBundle);
        } catch (Exception e) {
            Logger.error("AuthenticatorHelper#getIsSharedDevice", "Failed to retrieve is Shared Device value." + WorkplaceJoinFailure.INTERNAL.toString(), e);
            returnError(accountAuthenticatorResponse, e, z);
        }
    }

    public Bundle getOnPremStatus(Account account) {
        boolean isOnPremCert = this.mComponents.getWpjController().getWorkplaceJoinEntryForWPJAPI().getCertificateData().isOnPremCert();
        Bundle successBundle = getSuccessBundle(account);
        successBundle.putBoolean(WorkplaceJoinApplication.DATA_ONPREM_VERIFY, isOnPremCert);
        Logger.info(TAG, "Is on-prem cert:" + isOnPremCert);
        return successBundle;
    }

    public String getPreprovisionedBlob(Bundle bundle) throws WorkplaceJoinException {
        if (this.mComponents.getWpjController().isDeviceWorkplaceJoined()) {
            throw new WorkplaceJoinException(ErrorMessages.AlreadyWPJ, WorkplaceJoinFailure.USER);
        }
        UUID correlationIdFromBundle = getCorrelationIdFromBundle(bundle);
        String string = bundle.getString(WorkplaceJoinApplication.DATA_TENANT_ID);
        if (StringUtil.isNullOrEmpty(string)) {
            throw new WorkplaceJoinException("Invalid tenant id.", WorkplaceJoinFailure.USER);
        }
        try {
            return this.mWpjOperation.getPreProvisionedBlob(string, correlationIdFromBundle);
        } catch (BaseException e) {
            throw new WorkplaceJoinException(e.getMessage(), WorkplaceJoinFailure.INTERNAL);
        }
    }

    public Bundle getUPN(Account account) {
        WorkplaceJoinData workplaceJoinEntryForWPJAPI = this.mComponents.getWpjController().getWorkplaceJoinEntryForWPJAPI();
        String upn = workplaceJoinEntryForWPJAPI != null ? workplaceJoinEntryForWPJAPI.getUpn() : null;
        Bundle successBundle = getSuccessBundle(account);
        successBundle.putString(WorkplaceJoinApplication.DATA_UPN, upn);
        return successBundle;
    }

    public Bundle getUserInfo(Account account) {
        AccountManagerBrokerAccount adapt = AccountManagerBrokerAccount.adapt(account);
        String accountHomeAccountId = this.mAccountDataManager.getAccountHomeAccountId(adapt);
        String accountUserIdList = this.mAccountDataManager.getAccountUserIdList(adapt);
        String accountGivenName = this.mAccountDataManager.getAccountGivenName(adapt);
        String accountFamilyName = this.mAccountDataManager.getAccountFamilyName(adapt);
        String accountIdp = this.mAccountDataManager.getAccountIdp(adapt);
        String accountDisplayableUserId = this.mAccountDataManager.getAccountDisplayableUserId(adapt);
        String accountHomeTenantId = this.mAccountDataManager.getAccountHomeTenantId(adapt);
        Bundle successBundle = getSuccessBundle(account);
        successBundle.putString("account.userinfo.userid", accountHomeAccountId);
        successBundle.putString("account.userinfo.userid.list", accountUserIdList);
        successBundle.putString("account.userinfo.given.name", accountGivenName);
        successBundle.putString("account.userinfo.family.name", accountFamilyName);
        successBundle.putString("account.userinfo.identity.provider", accountIdp);
        successBundle.putString("account.userinfo.userid.displayable", accountDisplayableUserId);
        successBundle.putString("account.userinfo.tenantid", accountHomeTenantId);
        WorkplaceJoinData workplaceJoinEntryForWPJAPI = this.mComponents.getWpjController().getWorkplaceJoinEntryForWPJAPI();
        boolean z = workplaceJoinEntryForWPJAPI != null && adapt.getUsername().equalsIgnoreCase(workplaceJoinEntryForWPJAPI.getUpn());
        boolean accountNgcStatus = this.mAccountDataManager.getAccountNgcStatus(adapt);
        successBundle.putBoolean(WorkplaceJoinApplication.DATA_IS_JOINED, z);
        successBundle.putBoolean("com.microsoft.workaccount.isNGC", accountNgcStatus);
        Logger.info(TAG, "Returning userinfo details");
        return successBundle;
    }

    public Bundle getVersion(Account account) {
        Bundle successBundle = getSuccessBundle(account);
        successBundle.putString(WorkplaceJoinApplication.DATA_VERSION, WorkplaceJoinApplication.PROTOCOL_VERSION_CODE + "");
        Logger.info(TAG, "Sending protocol version:" + WorkplaceJoinApplication.PROTOCOL_VERSION);
        return successBundle;
    }

    public String getWpjAccountName() {
        return this.mComponents.getWpjController().getAccountNameForWPJAPI();
    }

    public Bundle installCertSilently() {
        WorkplaceJoinData workplaceJoinEntryForWPJAPI = this.mComponents.getWpjController().getWorkplaceJoinEntryForWPJAPI();
        if (workplaceJoinEntryForWPJAPI == null) {
            Logger.verbose("AuthenticatorHelper#:installCertSilently", "WPJ not found.");
            return getErrorBundle(WorkplaceJoinException.DEVICE_IS_NOT_WORKPLACE_JOINED, WorkplaceJoinFailure.INTERNAL);
        }
        try {
            boolean installCertificateSilently = this.mWpjOperation.installCertificateSilently(workplaceJoinEntryForWPJAPI, this.mContext);
            Bundle bundle = new Bundle();
            bundle.putBoolean(WorkplaceJoinApplication.DATA_CERT_INSTALLED, installCertificateSilently);
            return bundle;
        } catch (ClientException e) {
            return getErrorBundle(e.getMessage(), WorkplaceJoinFailure.CERTIFICATE);
        }
    }

    public void removeAccountData(AccountAuthenticatorResponse accountAuthenticatorResponse, Account account, boolean z) {
        Scope makeCurrentSpan;
        String accountNameForWPJAPI;
        Logger.verbose("AuthenticatorHelper#:removeAccountData", "removeAccountData called for account");
        Logger.verbosePII("AuthenticatorHelper#:removeAccountData", "account.name:" + account.name);
        Span createSpan = OTelUtility.createSpan(SpanName.WorkplaceLeave.name());
        this.mComponents.getPlatformUtil().removeCookiesFromWebView();
        Logger.verbose("AuthenticatorHelper#:removeAccountData", "Removed cookies from webview hosted at authenticator process.");
        BrokerUtil.removeAccountFromTokenCache(this.mComponents, AccountManagerBrokerAccount.adapt(account));
        try {
            try {
                makeCurrentSpan = SpanExtension.makeCurrentSpan(createSpan);
                try {
                    accountNameForWPJAPI = this.mComponents.getWpjController().getAccountNameForWPJAPI();
                } catch (Throwable th) {
                    if (makeCurrentSpan != null) {
                        try {
                            makeCurrentSpan.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    }
                    throw th;
                }
            } finally {
                createSpan.end();
            }
        } catch (WorkplaceJoinException | ClientException e) {
            createSpan.setStatus(StatusCode.ERROR);
            createSpan.recordException(e);
            if (accountAuthenticatorResponse != null) {
                returnError(accountAuthenticatorResponse, e, z);
            }
        }
        if (accountNameForWPJAPI == null) {
            createSpan.setStatus(StatusCode.ERROR, WorkplaceJoinException.DEVICE_IS_NOT_WORKPLACE_JOINED);
            Logger.error("AuthenticatorHelper#:removeAccountData", WorkplaceJoinException.DEVICE_IS_NOT_WORKPLACE_JOINED, null);
            throw new WorkplaceJoinException(WorkplaceJoinException.DEVICE_IS_NOT_WORKPLACE_JOINED, WorkplaceJoinFailure.INTERNAL);
        }
        if (!this.mBrokerAccountDataStorage.isAccountMatching(AccountManagerBrokerAccount.adapt(account), accountNameForWPJAPI)) {
            createSpan.setStatus(StatusCode.ERROR, "The provided login hint does not match with Workplace Joined account");
            Logger.error("AuthenticatorHelper#:removeAccountData", "The provided login hint does not match with Workplace Joined account", null);
            throw new WorkplaceJoinException("The provided login hint does not match with Workplace Joined account", WorkplaceJoinFailure.INTERNAL);
        }
        WorkplaceJoinData workplaceJoinEntryForWPJAPI = this.mComponents.getWpjController().getWorkplaceJoinEntryForWPJAPI();
        UUID correlationIdFromBundle = getCorrelationIdFromBundle(null);
        createSpan.setAttribute(AttributeName.tenant_id.name(), workplaceJoinEntryForWPJAPI.getTenantId());
        createSpan.setAttribute(AttributeName.correlation_id.name(), correlationIdFromBundle.toString());
        createSpan.setAttribute(AttributeName.wpj_controller.name(), this.mComponents.getWpjController().getControllerNameForTelemetry());
        boolean execute = WorkplaceLeaveTask.execute(this.mComponents, correlationIdFromBundle, workplaceJoinEntryForWPJAPI);
        if (accountAuthenticatorResponse != null) {
            Bundle successBundle = getSuccessBundle(account);
            successBundle.putBoolean(LegacyWpjLeaveOperation.DEVICE_DELETED_FROM_DRS, execute);
            accountAuthenticatorResponse.onResult(successBundle);
        }
        createSpan.setStatus(execute ? StatusCode.OK : StatusCode.ERROR);
        if (makeCurrentSpan != null) {
            makeCurrentSpan.close();
        }
    }

    public Bundle startJoinWPJAPIScenario(AccountAuthenticatorResponse accountAuthenticatorResponse, Bundle bundle) {
        DiscoveryEndpoint fromString = DiscoveryEndpoint.fromString(bundle.getString(WorkplaceJoinApplication.DATA_DISCOVERY));
        Logger.verbose("AuthenticatorHelper#:performWpjJoin", "Bundle has discovery flag:" + fromString);
        Span createSpan = OTelUtility.createSpan(SpanName.WorkplaceJoin.name());
        try {
            Scope makeCurrentSpan = SpanExtension.makeCurrentSpan(createSpan);
            try {
                if (isPreAuthorizedJoinChallenge(bundle)) {
                    Logger.verbose("AuthenticatorHelper#:performWpjJoin", "Performing WPJ with pre-authorized join challenge.");
                    createSpan.setAttribute(AttributeName.join_flow_type.name(), PRE_AUTHORIZED_JOIN);
                    if (!this.mComponents.getWpjController().isDeviceWorkplaceJoined()) {
                        Bundle performPreAuthorizedJoinChallengeFromBundle = performPreAuthorizedJoinChallengeFromBundle(bundle, fromString);
                        if (makeCurrentSpan != null) {
                            makeCurrentSpan.close();
                        }
                        return performPreAuthorizedJoinChallengeFromBundle;
                    }
                    Logger.error("AuthenticatorHelper#:performWpjJoin", "Device already WorkplaceJoined.", null);
                    createSpan.setStatus(StatusCode.ERROR, "Device already WorkplaceJoined.");
                    Bundle errorBundle = getErrorBundle(ErrorMessages.AlreadyWPJ, WorkplaceJoinFailure.INTERNAL);
                    if (makeCurrentSpan != null) {
                        makeCurrentSpan.close();
                    }
                    return errorBundle;
                }
                if (!isJoinRequestWithAccessToken(bundle)) {
                    Logger.error("AuthenticatorHelper#:performWpjJoin", "Required parameters for both join flows are not found.", null);
                    createSpan.setStatus(StatusCode.ERROR, "Required parameters for both join flows are not found.");
                    Bundle errorBundle2 = getErrorBundle("Required parameters for both join flows are not found.", WorkplaceJoinFailure.INTERNAL);
                    if (makeCurrentSpan != null) {
                        makeCurrentSpan.close();
                    }
                    return errorBundle2;
                }
                Logger.verbose("AuthenticatorHelper#:performWpjJoin", "Performing join request with AT.");
                createSpan.setAttribute(AttributeName.join_flow_type.name(), "joinWithTokens");
                if (this.mComponents.getWpjController().getWorkplaceJoinEntryForWPJAPI() == null) {
                    Bundle performJoinRequestWithAccessTokenFromBundle = performJoinRequestWithAccessTokenFromBundle(accountAuthenticatorResponse, bundle, fromString);
                    if (makeCurrentSpan != null) {
                        makeCurrentSpan.close();
                    }
                    return performJoinRequestWithAccessTokenFromBundle;
                }
                Logger.error("AuthenticatorHelper#:performWpjJoin", "Legacy space is already occupied.", null);
                createSpan.setStatus(StatusCode.ERROR, "Legacy space is already occupied.");
                Bundle errorBundle3 = getErrorBundle(ErrorMessages.AlreadyWPJ, WorkplaceJoinFailure.INTERNAL);
                if (makeCurrentSpan != null) {
                    makeCurrentSpan.close();
                }
                return errorBundle3;
            } finally {
            }
        } finally {
        }
    }
}
