package org.mule.modules.security.microsoft.microsoftonline;

import java.io.IOException;
import java.net.URL;
import java.nio.charset.Charset;
import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.Calendar;
import java.util.Date;
import java.util.TimeZone;
import java.util.UUID;
import javax.xml.bind.JAXBContext;
import javax.xml.bind.JAXBException;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.http.client.entity.UrlEncodedFormEntity;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.message.BasicNameValuePair;
import org.mule.modules.security.microsoft.InvalidCredentialsException;
import org.mule.modules.security.microsoft.MicrosoftAuthenticationBase;
import org.mule.modules.security.microsoft.MicrosoftAuthenticationException;
import org.mule.modules.security.microsoft.adfs.AdfsAuthentication;
import org.mule.modules.security.microsoft.microsoftonline.RealmInfo;
import org.mule.modules.security.microsoft.microsoftonline.crm.CrmOnlineAuthenticationPolicy;
import org.mule.modules.security.microsoft.utils.SamlTokenUtils;

/* loaded from: input_file:org/mule/modules/security/microsoft/microsoftonline/MicrosoftOnlineAuthentication.class */
public final class MicrosoftOnlineAuthentication extends MicrosoftAuthenticationBase {
    private static final Log log = LogFactory.getLog(MicrosoftOnlineAuthentication.class);
    private static final String MICROSOFTONLINE_USERREALM_URL = "https://login.microsoftonline.com/GetUserRealm.srf";
    private static final String MICROSOFTONLINE_STS_URL = "https://login.microsoftonline.com/extSTS.srf";
    private static final String MICROSOFTONLINE_REALM = "urn:federation:MicrosoftOnline";

    public MicrosoftOnlineAuthentication() throws MicrosoftAuthenticationException {
        this(false);
    }

    public MicrosoftOnlineAuthentication(boolean z) throws MicrosoftAuthenticationException {
        this(createHttpClient(z));
    }

    public MicrosoftOnlineAuthentication(CloseableHttpClient closeableHttpClient) {
        super(closeableHttpClient);
    }

    public RealmInfo getUserRealmInfo(CloseableHttpClient closeableHttpClient, String str) throws MicrosoftAuthenticationException {
        HttpPost httpPost = new HttpPost(MICROSOFTONLINE_USERREALM_URL);
        ArrayList arrayList = new ArrayList();
        arrayList.add(new BasicNameValuePair("login", str));
        arrayList.add(new BasicNameValuePair("xml", "1"));
        httpPost.setEntity(new UrlEncodedFormEntity(arrayList, Charset.forName("UTF-8")));
        try {
            CloseableHttpResponse execute = closeableHttpClient.execute(httpPost);
            Throwable th = null;
            try {
                try {
                    RealmInfo realmInfo = (RealmInfo) JAXBContext.newInstance(new Class[]{RealmInfo.class}).createUnmarshaller().unmarshal(execute.getEntity().getContent());
                    if (execute != null) {
                        if (0 != 0) {
                            try {
                                execute.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            execute.close();
                        }
                    }
                    return realmInfo;
                } finally {
                }
            } finally {
            }
        } catch (JAXBException e) {
            throw MicrosoftAuthenticationException.onlineRealmInfoParsingError(e);
        } catch (IOException e2) {
            throw MicrosoftAuthenticationException.onlineRealmInfoRequestError(e2);
        }
    }

    public String getSecurityTokenForSharepointOnline(String str, String str2, URL url, int i) throws MicrosoftAuthenticationException {
        return getSecurityTokenForSharepointOnline(str, str2, url, AdfsAuthentication.ADFS_USERNAME_PORTNAME, i);
    }

    public String getSecurityTokenForSharepointOnline(String str, String str2, URL url, String str3, int i) throws MicrosoftAuthenticationException {
        RealmInfo userRealmInfo = getUserRealmInfo(getHttpClient(), str);
        String substring = url.toString().substring(0, url.toString().length() - url.getPath().length());
        for (int i2 = 1; i2 <= i; i2++) {
            try {
                if (RealmInfo.NamespaceTypes.MANAGED.equalsIgnoreCase(userRealmInfo.getNamespaceType())) {
                    return getTokenFromMicrosoftOnline(str, str2, MICROSOFTONLINE_STS_URL, substring);
                }
                if (RealmInfo.NamespaceTypes.FEDERATED.equalsIgnoreCase(userRealmInfo.getNamespaceType())) {
                    return getTokenFromMicrosoftOnline(SamlTokenUtils.getRequestedSecurityTokenFromSecurityTokenResponse(new AdfsAuthentication(getHttpClient()).getTokenFromAdfs(str, str2, MICROSOFTONLINE_REALM, userRealmInfo.getMetadataUrl(), str3)), MICROSOFTONLINE_STS_URL, substring);
                }
                throw InvalidCredentialsException.onlineUnknownRealm();
            } catch (Exception e) {
                log.info("Error trying to authenticate for SharePoint Online.", e);
                if (i2 >= i) {
                    if (e instanceof MicrosoftAuthenticationException) {
                        throw e;
                    }
                    throw MicrosoftAuthenticationException.genericRequestSecurityTokenError("SharePoint", e);
                }
                log.info("Retries left: " + (i - i2));
            }
        }
        throw MicrosoftAuthenticationException.genericRequestSecurityTokenError("SharePoint");
    }

    public String getSecurityTokenForCrmOnline(String str, String str2, URL url, int i) throws MicrosoftAuthenticationException {
        return getSecurityTokenForCrmOnline(str, str2, url, AdfsAuthentication.ADFS_USERNAME_PORTNAME, i);
    }

    public String getSecurityTokenForCrmOnline(String str, String str2, URL url, String str3, int i) throws MicrosoftAuthenticationException {
        String str4 = url + "?WSDL=wsdl0";
        try {
            CrmOnlineAuthenticationPolicy crmOnlineAuthenticationPolicy = new CrmOnlineAuthenticationPolicy(str4);
            RealmInfo userRealmInfo = getUserRealmInfo(getHttpClient(), str);
            for (int i2 = 1; i2 <= i; i2++) {
                try {
                    if (RealmInfo.NamespaceTypes.MANAGED.equalsIgnoreCase(userRealmInfo.getNamespaceType())) {
                        return getTokenFromMicrosoftOnline(str, str2, crmOnlineAuthenticationPolicy.getIssuerUri().toString(), crmOnlineAuthenticationPolicy.getAppliesTo());
                    }
                    if (!RealmInfo.NamespaceTypes.FEDERATED.equalsIgnoreCase(userRealmInfo.getNamespaceType())) {
                        throw InvalidCredentialsException.onlineUnknownRealm();
                    }
                    new AdfsAuthentication(getHttpClient()).getTokenFromAdfs(str, str2, crmOnlineAuthenticationPolicy.getMicrosoftOnlineIdentifier(), userRealmInfo.getMetadataUrl(), str3);
                    return null;
                } catch (Exception e) {
                    log.info("Error trying to authenticate for CRM Online.", e);
                    if (i2 >= i) {
                        if (e instanceof MicrosoftAuthenticationException) {
                            throw e;
                        }
                        throw MicrosoftAuthenticationException.genericRequestSecurityTokenError("CRM", e);
                    }
                    log.info("Retries left: " + (i - i2));
                }
            }
            throw MicrosoftAuthenticationException.genericRequestSecurityTokenError("CRM");
        } catch (Exception e2) {
            throw new MicrosoftAuthenticationException("[CRM] Error trying to read the CRM authentication policy from '" + str4 + "'", e2);
        }
    }

    public String getTokenFromMicrosoftOnline(String str, String str2, String str3, String str4) throws MicrosoftAuthenticationException {
        TimeZone timeZone = TimeZone.getTimeZone("GMT");
        Calendar calendar = Calendar.getInstance(timeZone);
        Calendar calendar2 = (Calendar) calendar.clone();
        calendar2.add(12, 5);
        Date time = calendar.getTime();
        Date time2 = calendar2.getTime();
        SimpleDateFormat simpleDateFormat = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.SSS'Z'");
        simpleDateFormat.setTimeZone(timeZone);
        return getSecurityTokenRequestResponseFromSts("MicrosoftOnline", getHttpClient(), str3, String.format(loadSoapMessage("MicrosoftOnlineUsernamePassword.xml"), UUID.randomUUID().toString(), UUID.randomUUID().toString(), str3, UUID.randomUUID().toString(), simpleDateFormat.format(time), simpleDateFormat.format(time2), UUID.randomUUID().toString(), str, str2, str4));
    }

    private String getTokenFromMicrosoftOnline(String str, String str2, String str3) throws MicrosoftAuthenticationException {
        TimeZone timeZone = TimeZone.getTimeZone("GMT");
        Calendar calendar = Calendar.getInstance(timeZone);
        Calendar calendar2 = (Calendar) calendar.clone();
        calendar2.add(12, 5);
        Date time = calendar.getTime();
        Date time2 = calendar2.getTime();
        SimpleDateFormat simpleDateFormat = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.SSS'Z'");
        simpleDateFormat.setTimeZone(timeZone);
        return getSecurityTokenRequestResponseFromSts("MicrosoftOnline", getHttpClient(), str2, String.format(loadSoapMessage("MicrosoftOnlineIssuedToken.xml"), UUID.randomUUID().toString(), str2, UUID.randomUUID().toString(), simpleDateFormat.format(time), simpleDateFormat.format(time2), str, str3));
    }
}
