package com.microsoft.aad.msal4j;

import com.microsoft.aad.msal4j.AbstractClientApplicationBase;
import com.nimbusds.oauth2.sdk.ParseException;
import com.nimbusds.oauth2.sdk.auth.ClientAuthentication;
import com.nimbusds.oauth2.sdk.auth.ClientAuthenticationMethod;
import com.nimbusds.oauth2.sdk.auth.ClientSecretPost;
import com.nimbusds.oauth2.sdk.auth.PrivateKeyJWT;
import com.nimbusds.oauth2.sdk.auth.Secret;
import com.nimbusds.oauth2.sdk.id.ClientID;
import java.net.MalformedURLException;
import java.net.Proxy;
import java.net.URL;
import java.util.Collections;
import java.util.Date;
import java.util.HashMap;
import java.util.Set;
import java.util.concurrent.CompletableFuture;
import java.util.concurrent.ExecutorService;
import javax.net.ssl.SSLSocketFactory;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/microsoft/aad/msal4j/OauthClientApplication.class */
public class OauthClientApplication extends AbstractClientApplicationBase implements IConfidentialClientApplication {
    private ClientAuthentication clientAuthentication;
    private CustomJWTAuthentication customJWTAuthentication;
    private boolean clientCertAuthentication;
    private ClientCertificate clientCertificate;
    private boolean sendX5c;
    private final String username;
    private final String password;

    /* loaded from: input_file:com/microsoft/aad/msal4j/OauthClientApplication$Builder.class */
    public static class Builder extends AbstractClientApplicationBase.Builder<Builder> {
        private IClientCredential clientCredential;
        private final String username;
        private final String password;
        private boolean sendX5c;

        private Builder(String str, IClientCredential iClientCredential, String str2, String str3) {
            super(str);
            this.sendX5c = true;
            this.clientCredential = iClientCredential;
            this.username = str2;
            this.password = str3;
        }

        public Builder sendX5c(boolean z) {
            this.sendX5c = z;
            return m1self();
        }

        /* renamed from: build, reason: merged with bridge method [inline-methods] */
        public OauthClientApplication m0build() {
            return new OauthClientApplication(this);
        }

        /* JADX INFO: Access modifiers changed from: protected */
        /* renamed from: self, reason: merged with bridge method [inline-methods] */
        public Builder m1self() {
            return this;
        }

        public /* bridge */ /* synthetic */ AbstractClientApplicationBase.Builder azureRegion(String str) {
            return super.azureRegion(str);
        }

        public /* bridge */ /* synthetic */ AbstractClientApplicationBase.Builder autoDetectRegion(boolean z) {
            return super.autoDetectRegion(z);
        }

        public /* bridge */ /* synthetic */ AbstractClientApplicationBase.Builder clientCapabilities(Set set) {
            return super.clientCapabilities(set);
        }

        public /* bridge */ /* synthetic */ AbstractClientApplicationBase.Builder aadInstanceDiscoveryResponse(String str) {
            return super.aadInstanceDiscoveryResponse(str);
        }

        public /* bridge */ /* synthetic */ AbstractClientApplicationBase.Builder setTokenCacheAccessAspect(ITokenCacheAccessAspect iTokenCacheAccessAspect) {
            return super.setTokenCacheAccessAspect(iTokenCacheAccessAspect);
        }

        public /* bridge */ /* synthetic */ AbstractClientApplicationBase.Builder applicationVersion(String str) {
            return super.applicationVersion(str);
        }

        public /* bridge */ /* synthetic */ AbstractClientApplicationBase.Builder applicationName(String str) {
            return super.applicationName(str);
        }

        public /* bridge */ /* synthetic */ AbstractClientApplicationBase.Builder readTimeoutForDefaultHttpClient(Integer num) {
            return super.readTimeoutForDefaultHttpClient(num);
        }

        public /* bridge */ /* synthetic */ AbstractClientApplicationBase.Builder connectTimeoutForDefaultHttpClient(Integer num) {
            return super.connectTimeoutForDefaultHttpClient(num);
        }

        public /* bridge */ /* synthetic */ AbstractClientApplicationBase.Builder sslSocketFactory(SSLSocketFactory sSLSocketFactory) {
            return super.sslSocketFactory(sSLSocketFactory);
        }

        public /* bridge */ /* synthetic */ AbstractClientApplicationBase.Builder httpClient(IHttpClient iHttpClient) {
            return super.httpClient(iHttpClient);
        }

        public /* bridge */ /* synthetic */ AbstractClientApplicationBase.Builder proxy(Proxy proxy) {
            return super.proxy(proxy);
        }

        public /* bridge */ /* synthetic */ AbstractClientApplicationBase.Builder executorService(ExecutorService executorService) {
            return super.executorService(executorService);
        }

        public /* bridge */ /* synthetic */ AbstractClientApplicationBase.Builder logPii(boolean z) {
            return super.logPii(z);
        }

        public /* bridge */ /* synthetic */ AbstractClientApplicationBase.Builder correlationId(String str) {
            return super.correlationId(str);
        }

        public /* bridge */ /* synthetic */ AbstractClientApplicationBase.Builder validateAuthority(boolean z) {
            return super.validateAuthority(z);
        }

        public /* bridge */ /* synthetic */ AbstractClientApplicationBase.Builder b2cAuthority(String str) throws MalformedURLException {
            return super.b2cAuthority(str);
        }

        public /* bridge */ /* synthetic */ AbstractClientApplicationBase.Builder authority(String str) throws MalformedURLException {
            return super.authority(str);
        }
    }

    private OauthClientApplication(Builder builder) {
        super(builder);
        this.clientCertAuthentication = false;
        ParameterValidationUtils.validateNotNull("username", builder.username);
        ParameterValidationUtils.validateNotNull("password", builder.password);
        this.sendX5c = builder.sendX5c;
        this.log = LoggerFactory.getLogger(ConfidentialClientApplication.class);
        initClientAuthentication(builder.clientCredential);
        this.username = builder.username;
        this.password = builder.password;
    }

    public CompletableFuture<IAuthenticationResult> acquireToken(ClientCredentialParameters clientCredentialParameters) {
        ParameterValidationUtils.validateNotNull("parameters", clientCredentialParameters);
        return executeRequest(new OauthCredentialRequest(clientCredentialParameters, this.username, this.password, this, new RequestContext(this, PublicApi.ACQUIRE_TOKEN_FOR_CLIENT, clientCredentialParameters)));
    }

    public CompletableFuture<IAuthenticationResult> acquireToken(OnBehalfOfParameters onBehalfOfParameters) {
        throw new IllegalStateException("Use ConfidentialClientApplication instead");
    }

    private void initClientAuthentication(IClientCredential iClientCredential) {
        ParameterValidationUtils.validateNotNull("clientCredential", iClientCredential);
        if (iClientCredential instanceof ClientSecret) {
            this.clientAuthentication = new ClientSecretPost(new ClientID(clientId()), new Secret(((ClientSecret) iClientCredential).clientSecret()));
            return;
        }
        if (iClientCredential instanceof ClientCertificate) {
            this.clientCertAuthentication = true;
            this.clientCertificate = (ClientCertificate) iClientCredential;
            this.clientAuthentication = buildValidClientCertificateAuthority();
        } else {
            if (!(iClientCredential instanceof ClientAssertion)) {
                throw new IllegalArgumentException("Unsupported client credential");
            }
            this.clientAuthentication = createClientAuthFromClientAssertion((ClientAssertion) iClientCredential);
        }
    }

    protected ClientAuthentication clientAuthentication() {
        if (this.clientCertAuthentication) {
            if (this.clientAuthentication.getJWTAuthenticationClaimsSet().getExpirationTime().before(new Date(System.currentTimeMillis()))) {
                this.clientAuthentication = buildValidClientCertificateAuthority();
            }
        }
        return this.clientAuthentication;
    }

    private ClientAuthentication buildValidClientCertificateAuthority() {
        return createClientAuthFromClientAssertion(JwtHelper.buildJwt(clientId(), this.clientCertificate, this.authenticationAuthority.selfSignedJwtAudience(), this.sendX5c));
    }

    private ClientAuthentication createClientAuthFromClientAssertion(ClientAssertion clientAssertion) {
        HashMap hashMap = new HashMap();
        try {
            hashMap.put("client_assertion_type", Collections.singletonList("urn:ietf:params:oauth:client-assertion-type:jwt-bearer"));
            hashMap.put("client_assertion", Collections.singletonList(clientAssertion.assertion()));
            return PrivateKeyJWT.parse(hashMap);
        } catch (ParseException e) {
            if (e.getMessage().contains("Issuer and subject in client JWT assertion must designate the same client identifier")) {
                return new CustomJWTAuthentication(ClientAuthenticationMethod.PRIVATE_KEY_JWT, clientAssertion, new ClientID(clientId()));
            }
            throw new MsalClientException(e);
        }
    }

    public static Builder builder(String str, IClientCredential iClientCredential, String str2, String str3) {
        return new Builder(str, iClientCredential, str2, str3);
    }

    public boolean sendX5c() {
        return this.sendX5c;
    }

    public /* bridge */ /* synthetic */ String azureRegion() {
        return super.azureRegion();
    }

    public /* bridge */ /* synthetic */ boolean autoDetectRegion() {
        return super.autoDetectRegion();
    }

    public /* bridge */ /* synthetic */ String clientCapabilities() {
        return super.clientCapabilities();
    }

    public /* bridge */ /* synthetic */ AadInstanceDiscoveryResponse aadAadInstanceDiscoveryResponse() {
        return super.aadAadInstanceDiscoveryResponse();
    }

    public /* bridge */ /* synthetic */ String applicationVersion() {
        return super.applicationVersion();
    }

    public /* bridge */ /* synthetic */ String applicationName() {
        return super.applicationName();
    }

    public /* bridge */ /* synthetic */ TokenCache tokenCache() {
        return super.tokenCache();
    }

    public /* bridge */ /* synthetic */ Integer readTimeoutForDefaultHttpClient() {
        return super.readTimeoutForDefaultHttpClient();
    }

    public /* bridge */ /* synthetic */ Integer connectTimeoutForDefaultHttpClient() {
        return super.connectTimeoutForDefaultHttpClient();
    }

    public /* bridge */ /* synthetic */ SSLSocketFactory sslSocketFactory() {
        return super.sslSocketFactory();
    }

    public /* bridge */ /* synthetic */ Proxy proxy() {
        return super.proxy();
    }

    public /* bridge */ /* synthetic */ boolean logPii() {
        return super.logPii();
    }

    public /* bridge */ /* synthetic */ String correlationId() {
        return super.correlationId();
    }

    public /* bridge */ /* synthetic */ boolean validateAuthority() {
        return super.validateAuthority();
    }

    public /* bridge */ /* synthetic */ String authority() {
        return super.authority();
    }

    public /* bridge */ /* synthetic */ String clientId() {
        return super.clientId();
    }

    public /* bridge */ /* synthetic */ URL getAuthorizationRequestUrl(AuthorizationRequestUrlParameters authorizationRequestUrlParameters) {
        return super.getAuthorizationRequestUrl(authorizationRequestUrlParameters);
    }

    public /* bridge */ /* synthetic */ CompletableFuture removeAccount(IAccount iAccount) {
        return super.removeAccount(iAccount);
    }

    public /* bridge */ /* synthetic */ CompletableFuture getAccounts() {
        return super.getAccounts();
    }

    public /* bridge */ /* synthetic */ CompletableFuture acquireTokenSilently(SilentParameters silentParameters) throws MalformedURLException {
        return super.acquireTokenSilently(silentParameters);
    }

    public /* bridge */ /* synthetic */ CompletableFuture acquireToken(RefreshTokenParameters refreshTokenParameters) {
        return super.acquireToken(refreshTokenParameters);
    }

    public /* bridge */ /* synthetic */ CompletableFuture acquireToken(AuthorizationCodeParameters authorizationCodeParameters) {
        return super.acquireToken(authorizationCodeParameters);
    }
}
