package com.microsoft.aad.msal4j;

import com.microsoft.aad.msal4j.AuthorizationRequestUrlParameters;
import java.net.InetAddress;
import java.net.URI;
import java.net.URL;
import java.security.SecureRandom;
import java.util.Base64;
import java.util.UUID;
import java.util.concurrent.CompletableFuture;
import java.util.concurrent.atomic.AtomicReference;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:applicationinsights-agent-3.4.0.jar:inst/com/microsoft/aad/msal4j/InteractiveRequest.classdata */
public class InteractiveRequest extends MsalRequest {
    private AtomicReference<CompletableFuture<IAuthenticationResult>> futureReference;
    private InteractiveRequestParameters interactiveRequestParameters;
    private String verifier;
    private String state;
    private PublicClientApplication publicClientApplication;
    private URL authorizationUrl;

    /* JADX INFO: Access modifiers changed from: package-private */
    public InteractiveRequest(InteractiveRequestParameters interactiveRequestParameters, AtomicReference<CompletableFuture<IAuthenticationResult>> atomicReference, PublicClientApplication publicClientApplication, RequestContext requestContext) {
        super(publicClientApplication, (AbstractMsalAuthorizationGrant) null, requestContext);
        this.interactiveRequestParameters = interactiveRequestParameters;
        this.futureReference = atomicReference;
        this.publicClientApplication = publicClientApplication;
        validateRedirectUrl(interactiveRequestParameters.redirectUri());
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public URL authorizationUrl() {
        if (this.authorizationUrl == null) {
            this.authorizationUrl = createAuthorizationUrl();
        }
        return this.authorizationUrl;
    }

    private void validateRedirectUrl(URI uri) {
        try {
            if (!InetAddress.getByName(uri.getHost()).isLoopbackAddress()) {
                throw new MsalClientException(String.format("Only loopback redirect uri is supported, but %s was found Configure http://localhost or http://localhost:port both during app registrationand when you create the create the InteractiveRequestParameters object", uri.getHost()), AuthenticationErrorCode.LOOPBACK_REDIRECT_URI);
            }
            if (!uri.getScheme().equals("http")) {
                throw new MsalClientException(String.format("Only http uri scheme is supported but %s was found. Configure http://localhostor http://localhost:port both during app registration and when you create the create the InteractiveRequestParameters object", uri.toString()), AuthenticationErrorCode.LOOPBACK_REDIRECT_URI);
            }
        } catch (Exception e) {
            throw new MsalClientException(e);
        }
    }

    private URL createAuthorizationUrl() {
        AuthorizationRequestUrlParameters.Builder instanceAware = AuthorizationRequestUrlParameters.builder(this.interactiveRequestParameters.redirectUri().toString(), this.interactiveRequestParameters.scopes()).prompt(this.interactiveRequestParameters.prompt()).claimsChallenge(this.interactiveRequestParameters.claimsChallenge()).loginHint(this.interactiveRequestParameters.loginHint()).domainHint(this.interactiveRequestParameters.domainHint()).correlationId(this.publicClientApplication.correlationId()).instanceAware(this.interactiveRequestParameters.instanceAware());
        addPkceAndState(instanceAware);
        return this.publicClientApplication.getAuthorizationRequestUrl(instanceAware.build());
    }

    private void addPkceAndState(AuthorizationRequestUrlParameters.Builder builder) {
        byte[] bArr = new byte[32];
        new SecureRandom().nextBytes(bArr);
        this.verifier = Base64.getUrlEncoder().withoutPadding().encodeToString(bArr);
        this.state = UUID.randomUUID().toString() + UUID.randomUUID().toString();
        builder.codeChallenge(StringHelper.createBase64EncodedSha256Hash(this.verifier)).codeChallengeMethod("S256").state(this.state);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public AtomicReference<CompletableFuture<IAuthenticationResult>> futureReference() {
        return this.futureReference;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public InteractiveRequestParameters interactiveRequestParameters() {
        return this.interactiveRequestParameters;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String verifier() {
        return this.verifier;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String state() {
        return this.state;
    }
}
