package com.microsoft.authorization.intunes;

import android.accounts.AuthenticatorException;
import android.accounts.OperationCanceledException;
import android.content.Context;
import android.os.ParcelFileDescriptor;
import android.text.TextUtils;
import android.util.Base64;
import com.microsoft.aad.adal.AuthenticationContext;
import com.microsoft.aad.adal.AuthenticationException;
import com.microsoft.aad.adal.AuthenticationResult;
import com.microsoft.authorization.OneDriveAccount;
import com.microsoft.authorization.OneDriveAccountType;
import com.microsoft.authorization.OneDriveLocalAccount;
import com.microsoft.authorization.OneDrivePlaceholderAccount;
import com.microsoft.authorization.SignInManager;
import com.microsoft.authorization.adal.ADALNetworkTasks;
import com.microsoft.authorization.adal.Constants;
import com.microsoft.authorization.instrumentation.AuthenticationTelemetryHelper;
import com.microsoft.authorization.instrumentation.InstrumentationIDs;
import com.microsoft.identity.common.internal.telemetry.TelemetryEventStrings;
import com.microsoft.instrumentation.util.ClientAnalyticsSession;
import com.microsoft.intune.mam.client.app.MAMComponents;
import com.microsoft.intune.mam.client.identity.MAMFileProtectionInfo;
import com.microsoft.intune.mam.client.identity.MAMFileProtectionManager;
import com.microsoft.intune.mam.client.identity.MAMPolicyManager;
import com.microsoft.intune.mam.client.identity.MAMSetUIIdentityCallback;
import com.microsoft.intune.mam.client.notification.MAMNotificationReceiver;
import com.microsoft.intune.mam.client.notification.MAMNotificationReceiverRegistry;
import com.microsoft.intune.mam.policy.AppPolicy;
import com.microsoft.intune.mam.policy.MAMCAComplianceStatus;
import com.microsoft.intune.mam.policy.MAMComplianceManager;
import com.microsoft.intune.mam.policy.MAMEnrollmentManager;
import com.microsoft.intune.mam.policy.MAMServiceAuthenticationCallback;
import com.microsoft.intune.mam.policy.MAMUserInfo;
import com.microsoft.intune.mam.policy.SaveLocation;
import com.microsoft.intune.mam.policy.notification.MAMComplianceNotification;
import com.microsoft.intune.mam.policy.notification.MAMEnrollmentNotification;
import com.microsoft.intune.mam.policy.notification.MAMNotification;
import com.microsoft.intune.mam.policy.notification.MAMNotificationType;
import com.microsoft.intune.mam.policy.notification.MAMUserNotification;
import com.microsoft.odsp.RampManager;
import com.microsoft.odsp.io.FileUtils;
import com.microsoft.odsp.io.Log;
import com.microsoft.odsp.mobile.MobileEnums;
import com.microsoft.odsp.mobile.QualityEvent;
import com.microsoft.odsp.mobile.TelemetryErrorDetails;
import java.io.File;
import java.io.IOException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.concurrent.TimeUnit;
import kotlinx.serialization.json.internal.JsonReaderKt;

/* loaded from: classes3.dex */
public class MAMComponentsBehavior {
    public static String PROTECT_IMAGE_CACHE_RAMP_KEY = "MAMProtectImageCache";
    public static final int WAIT_FOR_SIGNOUT_TIMEOUT = 4000;
    private static MAMComponentsBehavior c;
    private e a = null;
    private ArrayList<String> b = new ArrayList<>();

    /* loaded from: classes3.dex */
    class a implements Runnable {
        final /* synthetic */ Context a;
        final /* synthetic */ ArrayList b;

        a(Context context, ArrayList arrayList) {
            this.a = context;
            this.b = arrayList;
        }

        @Override // java.lang.Runnable
        public void run() {
            MAMComponentsBehavior.this.g(this.a, this.b);
        }
    }

    /* loaded from: classes3.dex */
    class b implements MAMServiceAuthenticationCallback {
        final /* synthetic */ Context a;

        b(MAMComponentsBehavior mAMComponentsBehavior, Context context) {
            this.a = context;
        }

        /* JADX WARN: Removed duplicated region for block: B:10:? A[RETURN, SYNTHETIC] */
        /* JADX WARN: Removed duplicated region for block: B:7:0x0033  */
        @Override // com.microsoft.intune.mam.policy.MAMServiceAuthenticationCallback
        /*
            Code decompiled incorrectly, please refer to instructions dump.
            To view partially-correct add '--show-bad-code' argument
        */
        public java.lang.String acquireToken(java.lang.String r4, java.lang.String r5, java.lang.String r6) {
            /*
                r3 = this;
                com.microsoft.authorization.SignInManager r4 = com.microsoft.authorization.SignInManager.getInstance()
                android.content.Context r0 = r3.a
                com.microsoft.authorization.OneDriveAccount r4 = r4.getAccountByCid(r0, r5)
                r0 = 0
                if (r4 == 0) goto L2f
                android.content.Context r1 = r3.a
                android.accounts.Account r4 = r4.getAccount()
                com.microsoft.authorization.adal.ADALConfigurationFetcher$ADALConfiguration r4 = com.microsoft.authorization.adal.ADALConfigurationFetcher.getADALConfigurationForAccount(r1, r4)
                java.lang.String r4 = r4.getADALAuthorityUrl()
                com.microsoft.authorization.adal.ADALNetworkTasks r1 = new com.microsoft.authorization.adal.ADALNetworkTasks
                android.content.Context r2 = r3.a
                r1.<init>(r2, r4)
                com.microsoft.aad.adal.AuthenticationResult r4 = r1.refreshAccessToken(r6, r5, r0)     // Catch: com.microsoft.aad.adal.AuthenticationException -> L27
                goto L30
            L27:
                r4 = move-exception
                java.lang.String r5 = "MAMComponentsBehavior"
                java.lang.String r6 = "Failed to acquire refresh token for MAM enrollment"
                com.microsoft.odsp.io.Log.ePiiFree(r5, r6, r4)
            L2f:
                r4 = r0
            L30:
                if (r4 != 0) goto L33
                goto L37
            L33:
                java.lang.String r0 = r4.getAccessToken()
            L37:
                return r0
            */
            throw new UnsupportedOperationException("Method not decompiled: com.microsoft.authorization.intunes.MAMComponentsBehavior.b.acquireToken(java.lang.String, java.lang.String, java.lang.String):java.lang.String");
        }
    }

    /* loaded from: classes3.dex */
    class c implements MAMServiceAuthenticationCallback {
        final /* synthetic */ String a;
        final /* synthetic */ String b;
        final /* synthetic */ Context c;

        c(MAMComponentsBehavior mAMComponentsBehavior, String str, String str2, Context context) {
            this.a = str;
            this.b = str2;
            this.c = context;
        }

        @Override // com.microsoft.intune.mam.policy.MAMServiceAuthenticationCallback
        public String acquireToken(String str, String str2, String str3) {
            AuthenticationResult authenticationResult;
            if (TextUtils.isEmpty(this.a)) {
                Log.ePiiFree("MAMComponentsBehavior", "Failed to acquire refresh token for MAM CA remediation since ADAL Authority is empty");
            }
            if (!str.equalsIgnoreCase(this.b)) {
                Log.ePiiFree("MAMComponentsBehavior", "Warning - Trying to acquire refresh token for an identity that is different from the registered identity.");
            }
            try {
                authenticationResult = new ADALNetworkTasks(this.c, this.a).refreshAccessToken(str3, str2, null);
            } catch (AuthenticationException e) {
                Log.ePiiFree("MAMComponentsBehavior", "Failed to acquire refresh token for MAM CA remediation", e);
                authenticationResult = null;
            }
            if (authenticationResult == null) {
                return null;
            }
            return authenticationResult.getAccessToken();
        }
    }

    /* loaded from: classes3.dex */
    class d implements MAMCallback<MAMEnrollmentManager.Result> {
        d(MAMComponentsBehavior mAMComponentsBehavior) {
        }

        @Override // com.microsoft.authorization.intunes.MAMCallback
        /* renamed from: a, reason: merged with bridge method [inline-methods] */
        public void onSuccess(MAMEnrollmentManager.Result result) {
            StringBuilder sb = new StringBuilder();
            sb.append("MAMUnRegistration returned with response: ");
            sb.append(result != null ? result.toString() : JsonReaderKt.NULL);
            Log.dPiiFree("MAMComponentsBehavior", sb.toString());
        }

        @Override // com.microsoft.authorization.intunes.MAMCallback
        public void onError(Exception exc) {
            Log.e("MAMComponentsBehavior", "Unregister user failed", exc);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes3.dex */
    public static class e implements MAMNotificationReceiver {
        private Context a;
        private Hashtable<String, MAMCallback<MAMEnrollmentManager.Result>> b = new Hashtable<>();
        private Hashtable<String, MAMCallback<MAMCAComplianceStatus>> c = new Hashtable<>();

        e(Context context) {
            this.a = context;
        }

        void a(String str, MAMCallback<MAMEnrollmentManager.Result> mAMCallback) {
            if (mAMCallback != null) {
                this.b.put(str, mAMCallback);
            } else {
                this.b.remove(str);
            }
        }

        void b(String str, MAMCallback<MAMCAComplianceStatus> mAMCallback) {
            if (mAMCallback != null) {
                this.c.put(str, mAMCallback);
            } else {
                this.c.remove(str);
            }
        }

        @Override // com.microsoft.intune.mam.client.notification.MAMNotificationReceiver
        public boolean onReceive(MAMNotification mAMNotification) {
            if (mAMNotification.getType() == MAMNotificationType.WIPE_USER_AUXILIARY_DATA) {
                OneDriveAccount businessAccountByEmailAddress = SignInManager.getInstance().getBusinessAccountByEmailAddress(this.a, ((MAMUserNotification) mAMNotification).getUserIdentity());
                if (businessAccountByEmailAddress == null) {
                    return true;
                }
                try {
                    return SignInManager.getInstance().signOutSingleAccount(this.a, businessAccountByEmailAddress, null).getResult(4000L, TimeUnit.MILLISECONDS).booleanValue();
                } catch (AuthenticatorException | OperationCanceledException | IOException unused) {
                    return false;
                }
            }
            if (mAMNotification.getType() == MAMNotificationType.MAM_ENROLLMENT_RESULT) {
                MAMEnrollmentNotification mAMEnrollmentNotification = (MAMEnrollmentNotification) mAMNotification;
                MAMCallback<MAMEnrollmentManager.Result> mAMCallback = this.b.get(mAMEnrollmentNotification.getUserIdentity());
                if (mAMCallback != null) {
                    mAMCallback.onSuccess(mAMEnrollmentNotification.getEnrollmentResult());
                    a(mAMEnrollmentNotification.getUserIdentity(), null);
                    return true;
                }
            } else if (mAMNotification.getType() == MAMNotificationType.COMPLIANCE_STATUS) {
                MAMComplianceNotification mAMComplianceNotification = (MAMComplianceNotification) mAMNotification;
                MAMCallback<MAMCAComplianceStatus> mAMCallback2 = this.c.get(mAMComplianceNotification.getUserIdentity());
                if (mAMCallback2 != null) {
                    MAMCAComplianceStatus complianceStatus = mAMComplianceNotification.getComplianceStatus();
                    if (complianceStatus == MAMCAComplianceStatus.COMPLIANT) {
                        mAMCallback2.onSuccess(complianceStatus);
                    } else {
                        mAMCallback2.onError(new MAMRemediateComplianceException(mAMComplianceNotification.getComplianceStatus(), mAMComplianceNotification.getComplianceErrorTitle(), mAMComplianceNotification.getComplianceErrorMessage()));
                    }
                    b(mAMComplianceNotification.getUserIdentity(), null);
                    return true;
                }
            }
            return false;
        }
    }

    protected MAMComponentsBehavior() {
    }

    private AppPolicy b(Context context) {
        return MAMPolicyManager.getPolicy(context);
    }

    private static String c(String str) throws NoSuchAlgorithmException {
        MessageDigest messageDigest = MessageDigest.getInstance(FileUtils.SHA_1);
        messageDigest.update(str.getBytes());
        return Base64.encodeToString(messageDigest.digest(), 2);
    }

    private e d(Context context) {
        if (this.a == null) {
            this.a = new e(context);
        }
        return this.a;
    }

    private boolean e(Context context) {
        return context.getSharedPreferences("mam_shared_preference", 0).getBoolean("cache_data_protected", false);
    }

    private boolean f() {
        String str = RampManager.getAllRampStates().get(PROTECT_IMAGE_CACHE_RAMP_KEY);
        if (str != null) {
            return str.equalsIgnoreCase(TelemetryEventStrings.Value.TRUE) || str.equals("1");
        }
        return false;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void g(Context context, ArrayList<String> arrayList) {
        OneDriveAccount findManagedAccount;
        if (!f() || (findManagedAccount = getInstance().findManagedAccount(context)) == null) {
            return;
        }
        Iterator<String> it = arrayList.iterator();
        while (it.hasNext()) {
            String next = it.next();
            File file = new File(next);
            if (file.exists()) {
                try {
                    protectFile(file, findManagedAccount.getPrimaryIdentifier(), context, "MixedContentCache");
                } catch (IOException unused) {
                }
            } else {
                Log.wPiiFree("MAMComponentsBehavior", "protectMixedContentCache: " + next + " does not exist!");
                if (context != null) {
                    QualityEvent createQosEvent = AuthenticationTelemetryHelper.createQosEvent(InstrumentationIDs.MAM_PROTECT_FILE, "CacheFolderNotExist", MobileEnums.OperationResultType.Diagnostic, findManagedAccount, context);
                    createQosEvent.setScenario("MixedContentCache");
                    HashMap hashMap = new HashMap();
                    hashMap.put(InstrumentationIDs.MAM_PROTECT_FILE_PATH, file.getAbsolutePath());
                    createQosEvent.setAdditionalProperties(hashMap);
                    ClientAnalyticsSession.getInstance().logEvent(createQosEvent);
                }
            }
        }
        if (arrayList.size() > 0) {
            h(context, true);
        }
    }

    public static MAMComponentsBehavior getInstance() {
        synchronized (MAMComponentsBehavior.class) {
            if (c == null) {
                c = new MAMComponentsBehavior();
            }
        }
        return c;
    }

    public static String getOneDriveRedirectUri(AuthenticationContext authenticationContext) {
        String redirectUriForBroker = authenticationContext.getRedirectUriForBroker();
        try {
            String c2 = c(redirectUriForBroker);
            char c3 = 65535;
            switch (c2.hashCode()) {
                case -733601217:
                    if (c2.equals(Constants.REDIRECT_URL_SHAREPOINT_RETAIL_DIGEST)) {
                        c3 = 3;
                        break;
                    }
                    break;
                case 632051339:
                    if (c2.equals(Constants.REDIRECT_URL_ONEDRIVE_RETAIL_DIGEST)) {
                        c3 = 1;
                        break;
                    }
                    break;
                case 948875237:
                    if (c2.equals(Constants.REDIRECT_URL_ONEDRIVE_DEBUG_DIGEST)) {
                        c3 = 0;
                        break;
                    }
                    break;
                case 1307246992:
                    if (c2.equals(Constants.REDIRECT_URL_SHAREPOINT_DEBUG_DIGEST)) {
                        c3 = 2;
                        break;
                    }
                    break;
            }
            return (c3 == 0 || c3 == 1 || c3 == 2 || c3 == 3) ? redirectUriForBroker : "urn:ietf:wg:oauth:2.0:oob";
        } catch (NoSuchAlgorithmException e2) {
            Log.ePiiFree("MAMComponentsBehavior", "Failed to create a digest from redirect URL", e2);
            return redirectUriForBroker;
        }
    }

    private void h(Context context, boolean z) {
        Log.iPiiFree("MAMComponentsBehavior", "recordCacheDataProtected: " + z);
        context.getSharedPreferences("mam_shared_preference", 0).edit().putBoolean("cache_data_protected", z).commit();
    }

    private void i(Context context) {
        ((MAMNotificationReceiverRegistry) MAMComponents.get(MAMNotificationReceiverRegistry.class)).registerReceiver(d(context), MAMNotificationType.MAM_ENROLLMENT_RESULT);
    }

    private void j(Context context) {
        ((MAMNotificationReceiverRegistry) MAMComponents.get(MAMNotificationReceiverRegistry.class)).registerReceiver(d(context), MAMNotificationType.COMPLIANCE_STATUS);
    }

    private void k(Context context) {
        ((MAMNotificationReceiverRegistry) MAMComponents.get(MAMNotificationReceiverRegistry.class)).registerReceiver(d(context), MAMNotificationType.WIPE_USER_AUXILIARY_DATA);
    }

    public void addMixedContentCacheFolder(String str) {
        if (this.b.contains(str)) {
            return;
        }
        this.b.add(str);
    }

    public OneDriveAccount findManagedAccount(Context context) {
        for (OneDriveAccount oneDriveAccount : SignInManager.getInstance().getLocalAccounts(context)) {
            if ((oneDriveAccount instanceof OneDriveLocalAccount) && getInstance().isIdentityManaged(oneDriveAccount.getPrimaryIdentifier())) {
                return oneDriveAccount;
            }
        }
        return null;
    }

    public String getFileIdentity(ParcelFileDescriptor parcelFileDescriptor) throws IOException {
        MAMFileProtectionInfo protectionInfo = MAMFileProtectionManager.getProtectionInfo(parcelFileDescriptor);
        if (protectionInfo != null) {
            return protectionInfo.getIdentity();
        }
        return null;
    }

    public String getFileIdentity(File file) throws IOException {
        MAMFileProtectionInfo protectionInfo = MAMFileProtectionManager.getProtectionInfo(file);
        if (protectionInfo != null) {
            return protectionInfo.getIdentity();
        }
        return null;
    }

    public String getPrimaryIntuneUserEmailAddress() {
        MAMUserInfo mAMUserInfo = (MAMUserInfo) MAMComponents.get(MAMUserInfo.class);
        if (mAMUserInfo != null) {
            return mAMUserInfo.getPrimaryUser();
        }
        return null;
    }

    public String getUIPolicyIdentity(Context context) {
        return MAMPolicyManager.getUIPolicyIdentity(context);
    }

    public boolean isIdentityManaged(String str) {
        return str != null && MAMPolicyManager.getIsIdentityManaged(str);
    }

    public boolean isIntuneAccountAlreadySignedIn(Context context) {
        OneDriveAccount businessAccountByEmailAddress = SignInManager.getInstance().getBusinessAccountByEmailAddress(context, getPrimaryIntuneUserEmailAddress());
        return (businessAccountByEmailAddress == null || (businessAccountByEmailAddress instanceof OneDrivePlaceholderAccount)) ? false : true;
    }

    public boolean isMAMPinCodeEnabled(Context context) {
        return b(context).getIsPinRequired();
    }

    public boolean isSaveToLocalAllowed(Context context) {
        return b(context).getIsSaveToLocationAllowed(SaveLocation.LOCAL, null);
    }

    public boolean isSaveToLocalAllowed(String str) {
        return MAMPolicyManager.getPolicyForIdentity(str).getIsSaveToLocationAllowed(SaveLocation.LOCAL, null);
    }

    public void onClearMixedContentCacheCompleted(Context context) {
        h(context, false);
    }

    public void protectFile(File file, String str, Context context, String str2) throws IOException {
        try {
            Log.iPiiFree("MAMComponentsBehavior", "protectFile(" + str2 + ") path: " + file.getAbsolutePath());
            MAMFileProtectionManager.protect(file, str);
        } catch (IOException e2) {
            Log.ePiiFree("MAMComponentsBehavior", "protectFile(" + str2 + ") failed. path: " + file.getAbsolutePath(), e2);
            if (context != null) {
                QualityEvent createQosEvent = AuthenticationTelemetryHelper.createQosEvent(InstrumentationIDs.MAM_PROTECT_FILE, "IOException", MobileEnums.OperationResultType.Diagnostic, SignInManager.getInstance().getAccountByEmailAddress(context, str, OneDriveAccountType.BUSINESS), context);
                createQosEvent.setScenario(str2);
                createQosEvent.setErrorDetails(new TelemetryErrorDetails(0, e2.getClass().getName(), e2.getMessage()));
                HashMap hashMap = new HashMap();
                hashMap.put(InstrumentationIDs.MAM_PROTECT_FILE_PATH, file.getAbsolutePath());
                createQosEvent.setAdditionalProperties(hashMap);
                ClientAnalyticsSession.getInstance().logEvent(createQosEvent);
            }
            throw e2;
        }
    }

    public void registerAccountForMAM(Context context, String str, String str2, String str3, String str4, MAMCallback<MAMEnrollmentManager.Result> mAMCallback) {
        d(context).a(str, mAMCallback);
        ((MAMEnrollmentManager) MAMComponents.get(MAMEnrollmentManager.class)).registerAccountForMAM(str, str2, str3, str4);
    }

    public void registerAuthenticationCallback(Context context) {
        ((MAMEnrollmentManager) MAMComponents.get(MAMEnrollmentManager.class)).registerAuthenticationCallback(new b(this, context));
    }

    public void registerIntuneReceivers(Context context) {
        k(context);
        i(context);
        j(context);
    }

    public void registerSignInAuthenticationCallback(Context context, String str, String str2) {
        ((MAMEnrollmentManager) MAMComponents.get(MAMEnrollmentManager.class)).registerAuthenticationCallback(new c(this, str2, str, context));
    }

    public void remediateComplianceForMAM(Context context, String str, String str2, String str3, String str4, Boolean bool, MAMCallback<MAMCAComplianceStatus> mAMCallback) {
        d(context).b(str, mAMCallback);
        ((MAMComplianceManager) MAMComponents.get(MAMComplianceManager.class)).remediateCompliance(str, str2, str3, str4, bool.booleanValue());
    }

    public void setUIPolicyIdentity(Context context, String str, MAMSetUIIdentityCallback mAMSetUIIdentityCallback) {
        MAMPolicyManager.setUIPolicyIdentity(context, str, mAMSetUIIdentityCallback);
        if (isIdentityManaged(str)) {
            new Thread(new a(context, new ArrayList(this.b))).start();
        }
    }

    public boolean shouldClearMixedContentCache(Context context) {
        return e(context) && !(findManagedAccount(context) != null);
    }

    public void unregisterAccountInMAM(Context context, String str) {
        d dVar = new d(this);
        Log.dPiiFree("MAMComponentsBehavior", "Attempting to unregister user");
        d(context).a(str, dVar);
        ((MAMEnrollmentManager) MAMComponents.get(MAMEnrollmentManager.class)).unregisterAccountForMAM(str);
    }
}
