package com.microsoft.aad.msal4j;

import java.net.URL;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:com/microsoft/aad/msal4j/AuthenticationAuthority.class */
public class AuthenticationAuthority {
    private static final String TENANTLESS_TENANT_NAME = "common";
    private static final String DISCOVERY_ENDPOINT = "common/discovery/instance";
    private static final String TOKEN_ENDPOINT = "/oauth2/v2.0/token";
    private static final String USER_REALM_ENDPOINT = "common/userrealm";
    static final String DEVICE_CODE_ENDPOINT = "/oauth2/v2.0/devicecode";
    private String host;
    private String issuer;
    private String tokenEndpoint;
    private String deviceCodeEndpoint;
    protected final AuthorityType authorityType;
    private boolean isTenantless;
    private String tokenUri;
    private String selfSignedJwtAudience;
    private final URL authorityUrl;
    private String tenant;
    private final Logger log = LoggerFactory.getLogger(AuthenticationAuthority.class);
    private final String userRealmEndpointFormat = "https://%s/common/userrealm/%s?api-version=1.0";
    private final String tokenEndpointFormat = "https://%s/{tenant}/oauth2/v2.0/token";
    private final String devicecodeEndpointFormat = "https://%s/{tenant}/oauth2/v2.0/devicecode";
    private String authority = "https://%s/%s/";

    /* JADX INFO: Access modifiers changed from: package-private */
    public AuthenticationAuthority(URL url) {
        this.authorityUrl = url;
        this.authorityType = detectAuthorityType(url);
        validateAuthorityUrl();
        setupAuthorityProperties();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String getUserRealmEndpoint(String str) {
        return String.format("https://%s/common/userrealm/%s?api-version=1.0", this.host, str);
    }

    void setSelfSignedJwtAudience(String str) {
        this.selfSignedJwtAudience = str;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static String getTenant(URL url) {
        String substring = url.getPath().substring(1);
        return substring.substring(0, substring.indexOf("/"));
    }

    void setupAuthorityProperties() {
        this.tenant = getTenant(this.authorityUrl);
        this.host = this.authorityUrl.getAuthority().toLowerCase();
        this.authority = String.format(this.authority, this.host, this.tenant);
        getClass();
        this.tokenEndpoint = String.format("https://%s/{tenant}/oauth2/v2.0/token", this.host);
        this.tokenEndpoint = this.tokenEndpoint.replace("{tenant}", this.tenant);
        this.tokenUri = this.tokenEndpoint;
        this.issuer = this.tokenUri;
        getClass();
        this.deviceCodeEndpoint = String.format("https://%s/{tenant}/oauth2/v2.0/devicecode", this.host);
        this.deviceCodeEndpoint = this.deviceCodeEndpoint.replace("{tenant}", this.tenant);
        this.isTenantless = TENANTLESS_TENANT_NAME.equalsIgnoreCase(this.tenant);
        setSelfSignedJwtAudience(getIssuer());
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static AuthorityType detectAuthorityType(URL url) {
        if (url == null) {
            throw new NullPointerException("authorityUrl");
        }
        String substring = url.getPath().substring(1);
        if (StringHelper.isBlank(substring)) {
            throw new IllegalArgumentException("'authority' Uri should have at least one segment in the path (i.e. https://<host>/<path>/...)");
        }
        return isAdfsAuthority(substring.substring(0, substring.indexOf("/"))) ? AuthorityType.ADFS : AuthorityType.AAD;
    }

    void validateAuthorityUrl() {
        if (!this.authorityUrl.getProtocol().equalsIgnoreCase("https")) {
            throw new IllegalArgumentException("'authority' should use the 'https' scheme");
        }
        if (this.authorityUrl.toString().contains("#")) {
            throw new IllegalArgumentException("authority is invalid format (contains fragment)");
        }
        if (!StringHelper.isBlank(this.authorityUrl.getQuery())) {
            throw new IllegalArgumentException("authority cannot contain query parameters");
        }
    }

    static boolean isAdfsAuthority(String str) {
        return str.compareToIgnoreCase("adfs") == 0;
    }

    Logger getLog() {
        return this.log;
    }

    String getUserRealmEndpointFormat() {
        getClass();
        return "https://%s/common/userrealm/%s?api-version=1.0";
    }

    String getTokenEndpointFormat() {
        getClass();
        return "https://%s/{tenant}/oauth2/v2.0/token";
    }

    String getDevicecodeEndpointFormat() {
        getClass();
        return "https://%s/{tenant}/oauth2/v2.0/devicecode";
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String getAuthority() {
        return this.authority;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String getHost() {
        return this.host;
    }

    String getIssuer() {
        return this.issuer;
    }

    String getTokenEndpoint() {
        return this.tokenEndpoint;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String getDeviceCodeEndpoint() {
        return this.deviceCodeEndpoint;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public AuthorityType getAuthorityType() {
        return this.authorityType;
    }

    boolean isTenantless() {
        return this.isTenantless;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String getTokenUri() {
        return this.tokenUri;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String getSelfSignedJwtAudience() {
        return this.selfSignedJwtAudience;
    }

    URL getAuthorityUrl() {
        return this.authorityUrl;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String getTenant() {
        return this.tenant;
    }
}
