package com.microsoft.aad.msal4j;

import java.net.MalformedURLException;
import java.net.URL;
import org.eclipse.jetty.util.URIUtil;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:lib/msal4j-1.13.0.jar:com/microsoft/aad/msal4j/Authority.class */
public abstract class Authority {
    private static final String ADFS_PATH_SEGMENT = "adfs";
    private static final String B2C_PATH_SEGMENT = "tfp";
    private static final String USER_REALM_ENDPOINT = "common/userrealm";
    private static final String userRealmEndpointFormat = "https://%s/common/userrealm/%s?api-version=1.0";
    String authority;
    final URL canonicalAuthorityUrl;
    protected final AuthorityType authorityType;
    String selfSignedJwtAudience;
    String host;
    String tenant;
    boolean isTenantless;
    String authorizationEndpoint;
    String tokenEndpoint;
    String deviceCodeEndpoint;

    /* JADX INFO: Access modifiers changed from: package-private */
    public URL tokenEndpointUrl() throws MalformedURLException {
        return new URL(this.tokenEndpoint);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Authority(URL url, AuthorityType authorityType) {
        this.canonicalAuthorityUrl = url;
        this.authorityType = authorityType;
        setCommonAuthorityProperties();
    }

    private void setCommonAuthorityProperties() {
        this.tenant = getTenant(this.canonicalAuthorityUrl, this.authorityType);
        this.host = this.canonicalAuthorityUrl.getAuthority().toLowerCase();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static Authority createAuthority(URL url) {
        validateAuthority(url);
        AuthorityType detectAuthorityType = detectAuthorityType(url);
        if (detectAuthorityType == AuthorityType.AAD) {
            return new AADAuthority(url);
        }
        if (detectAuthorityType == AuthorityType.B2C) {
            return new B2CAuthority(url);
        }
        if (detectAuthorityType == AuthorityType.ADFS) {
            return new ADFSAuthority(url);
        }
        throw new IllegalArgumentException("Unsupported Authority Type");
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static AuthorityType detectAuthorityType(URL url) {
        if (url == null) {
            throw new NullPointerException("canonicalAuthorityUrl");
        }
        String substring = url.getPath().substring(1);
        if (StringHelper.isBlank(substring)) {
            throw new IllegalArgumentException("authority Uri should have at least one segment in the path (i.e. https://<host>/<path>/...)");
        }
        String substring2 = substring.substring(0, substring.indexOf("/"));
        return isB2CAuthority(substring2) ? AuthorityType.B2C : isAdfsAuthority(substring2) ? AuthorityType.ADFS : AuthorityType.AAD;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void validateAuthority(URL url) {
        if (!url.getProtocol().equalsIgnoreCase(URIUtil.HTTPS)) {
            throw new IllegalArgumentException("authority should use the 'https' scheme");
        }
        if (url.toString().contains("#")) {
            throw new IllegalArgumentException("authority is invalid format (contains fragment)");
        }
        if (!StringHelper.isBlank(url.getQuery())) {
            throw new IllegalArgumentException("authority cannot contain query parameters");
        }
        String path = url.getPath();
        if (path.length() == 0) {
            throw new IllegalArgumentException("Authority Uri should have at least one segment in the path");
        }
        String[] split = path.substring(1).split("/");
        if (split.length == 0) {
            throw new IllegalArgumentException("Authority Uri must have at least one path segment. This is usually 'common' or the application's tenant id.");
        }
        for (String str : split) {
            if (StringHelper.isBlank(str)) {
                throw new IllegalArgumentException("Authority Uri should not have empty path segments");
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static String getTenant(URL url, AuthorityType authorityType) {
        String[] split = url.getPath().substring(1).split("/");
        return authorityType == AuthorityType.B2C ? split[1] : split[0];
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String getUserRealmEndpoint(String str) {
        return String.format(userRealmEndpointFormat, this.host, str);
    }

    private static boolean isAdfsAuthority(String str) {
        return str.compareToIgnoreCase(ADFS_PATH_SEGMENT) == 0;
    }

    private static boolean isB2CAuthority(String str) {
        return str.compareToIgnoreCase(B2C_PATH_SEGMENT) == 0;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String deviceCodeEndpoint() {
        return this.deviceCodeEndpoint;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static String enforceTrailingSlash(String str) {
        String lowerCase = str.toLowerCase();
        if (!lowerCase.endsWith("/")) {
            lowerCase = lowerCase + "/";
        }
        return lowerCase;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String authority() {
        return this.authority;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public URL canonicalAuthorityUrl() {
        return this.canonicalAuthorityUrl;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public AuthorityType authorityType() {
        return this.authorityType;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String selfSignedJwtAudience() {
        return this.selfSignedJwtAudience;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String host() {
        return this.host;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String tenant() {
        return this.tenant;
    }

    boolean isTenantless() {
        return this.isTenantless;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String authorizationEndpoint() {
        return this.authorizationEndpoint;
    }

    String tokenEndpoint() {
        return this.tokenEndpoint;
    }
}
