package com.airwatch.agent.profile.group.appwrapnsdk;

import android.database.Cursor;
import android.text.TextUtils;
import android.util.Base64;
import com.airwatch.afw.lib.AfwApp;
import com.airwatch.agent.appwrapper.AppWrapperUtility;
import com.airwatch.agent.appwrapper.ClientCertRequestMessage;
import com.airwatch.agent.appwrapper.data.AppWrapperConstants;
import com.airwatch.agent.appwrapper.data.AppWrapperContentProvider;
import com.airwatch.agent.database.AgentProfileDBAdapter;
import com.airwatch.agent.utility.StringUtils;
import com.airwatch.bizlib.appmanagement.ApplicationManager;
import com.airwatch.bizlib.profile.Profile;
import com.airwatch.bizlib.profile.ProfileGroup;
import com.airwatch.bizlib.profile.ProfileSetting;
import com.airwatch.core.Guard;
import com.airwatch.executor.priority.PriorityRunnableTask;
import com.airwatch.lib.afw.R;
import com.airwatch.sdk.configuration.SDKConfigurationKeys;
import com.airwatch.task.TaskQueue;
import com.airwatch.util.Logger;
import com.microsoft.identity.common.internal.cache.CacheKeyValueDelegate;
import java.io.ByteArrayInputStream;
import java.security.KeyStore;
import java.security.cert.X509Certificate;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.Vector;

/* loaded from: classes3.dex */
public class AppWrapperAndSDKAppTunnelingPolicyProfileGroup extends ProfileGroup {
    private static final String APPLICATION_ID = "packageid";
    public static final String NAME = "AppTunnel";
    private static final String TAG = "AppWrapperAndSDKAppTunnelingPolicyProfileGroup";
    public static final String TYPE = "AppTunnelingPoliciesV2";
    int retryCount;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: com.airwatch.agent.profile.group.appwrapnsdk.AppWrapperAndSDKAppTunnelingPolicyProfileGroup$2, reason: invalid class name */
    /* loaded from: classes3.dex */
    public static /* synthetic */ class AnonymousClass2 {
        static final /* synthetic */ int[] a;

        static {
            int[] iArr = new int[ProxyType.values().length];
            a = iArr;
            try {
                iArr[ProxyType.SSH_PROXY.ordinal()] = 1;
            } catch (NoSuchFieldError unused) {
            }
            try {
                a[ProxyType.MAG.ordinal()] = 2;
            } catch (NoSuchFieldError unused2) {
            }
            try {
                a[ProxyType.F5.ordinal()] = 3;
            } catch (NoSuchFieldError unused3) {
            }
        }
    }

    /* loaded from: classes3.dex */
    public class ProxyDefinition {
        int F5AuthMode;
        String F5Password;
        int F5ProxyPort;
        String F5User;
        int F5UserAccountType;
        String appId;
        int appTunnelMode;
        String certificateData;
        String certificatePassword;
        boolean enableAppTunnel;
        boolean enableF5Integration;
        boolean enableStandardProxy;
        int httpPort;
        int magHttpsPort;
        boolean magUsePublicSSL;
        String payloadcertificateuuid;
        String server;
        String standardProxyPort;
        String standardProxyUrl;
        String standardProxypassword;
        String standardProxyuserName;
        boolean useAuthenticationForStandard;

        public ProxyDefinition(ProfileGroup profileGroup) {
            this.appId = null;
            this.enableAppTunnel = false;
            this.appTunnelMode = 0;
            this.httpPort = 0;
            this.magHttpsPort = 0;
            this.magUsePublicSSL = false;
            this.enableF5Integration = false;
            this.F5ProxyPort = 0;
            this.F5AuthMode = 0;
            this.F5UserAccountType = 0;
            this.F5User = "";
            this.F5Password = "";
            this.payloadcertificateuuid = "";
            this.server = "";
            this.certificateData = "";
            this.certificatePassword = "";
            this.standardProxyUrl = "";
            this.enableStandardProxy = false;
            this.standardProxyPort = "";
            this.standardProxyuserName = "";
            this.standardProxypassword = "";
            this.useAuthenticationForStandard = false;
            parseGroup(profileGroup);
        }

        public ProxyDefinition(String str) {
            this.appId = null;
            this.enableAppTunnel = false;
            this.appTunnelMode = 0;
            this.httpPort = 0;
            this.magHttpsPort = 0;
            this.magUsePublicSSL = false;
            this.enableF5Integration = false;
            this.F5ProxyPort = 0;
            this.F5AuthMode = 0;
            this.F5UserAccountType = 0;
            this.F5User = "";
            this.F5Password = "";
            this.payloadcertificateuuid = "";
            this.server = "";
            this.certificateData = "";
            this.certificatePassword = "";
            this.standardProxyUrl = "";
            this.enableStandardProxy = false;
            this.standardProxyPort = "";
            this.standardProxyuserName = "";
            this.standardProxypassword = "";
            this.useAuthenticationForStandard = false;
            this.appId = str;
        }

        private void parseGroup(ProfileGroup profileGroup) {
            Vector<ProfileGroup> profileGroups = AgentProfileDBAdapter.getInstance().getProfileGroups("CredentialsSettingsV2");
            Iterator<ProfileSetting> it = profileGroup.getSettings().iterator();
            while (it.hasNext()) {
                ProfileSetting next = it.next();
                if (next.getName().equalsIgnoreCase("packageid")) {
                    this.appId = next.getValue();
                }
                if (next.getName().equalsIgnoreCase(SDKConfigurationKeys.ENABLE_APP_TUNNEL)) {
                    this.enableAppTunnel = Boolean.parseBoolean(next.getValue());
                }
                if (next.getName().equalsIgnoreCase(SDKConfigurationKeys.APP_TUNNEL_MODE)) {
                    int parseInt = Integer.parseInt(next.getValue());
                    this.appTunnelMode = parseInt;
                    this.appTunnelMode = (parseInt % 3) + 1;
                }
                if (next.getName().equalsIgnoreCase(SDKConfigurationKeys.MAG_PROXY_SERVER)) {
                    this.server = next.getValue();
                }
                if (next.getName().equalsIgnoreCase(SDKConfigurationKeys.MAG_HTTP_PORT)) {
                    this.httpPort = Integer.parseInt(next.getValue());
                }
                if (next.getName().equalsIgnoreCase(SDKConfigurationKeys.MAG_HTTPS_PORT)) {
                    this.magHttpsPort = Integer.parseInt(next.getValue());
                }
                if (next.getName().equalsIgnoreCase(SDKConfigurationKeys.MAG_USE_PUBLIC_SSL)) {
                    this.magUsePublicSSL = Boolean.parseBoolean(next.getValue());
                }
                if (next.getName().equalsIgnoreCase(SDKConfigurationKeys.ENABLE_STANDARD_PROXY)) {
                    this.enableStandardProxy = Boolean.parseBoolean(next.getValue());
                }
                if (next.getName().equalsIgnoreCase("ProxyPort")) {
                    this.standardProxyPort = next.getValue();
                }
                if (next.getName().equalsIgnoreCase(SDKConfigurationKeys.STANDARD_PROXY_SERVER)) {
                    this.standardProxyUrl = next.getValue();
                }
                if (next.getName().equalsIgnoreCase("Username")) {
                    this.standardProxyuserName = next.getValue();
                }
                if (next.getName().equalsIgnoreCase("Password")) {
                    this.standardProxypassword = next.getValue();
                }
                if (next.getName().equalsIgnoreCase(SDKConfigurationKeys.STANDARD_PROXY_USE_AUTHENTICATION)) {
                    this.useAuthenticationForStandard = Boolean.parseBoolean(next.getValue());
                }
            }
            String str = this.payloadcertificateuuid;
            if (str == null || str.contentEquals("")) {
                return;
            }
            Iterator<ProfileGroup> it2 = profileGroups.iterator();
            while (it2.hasNext()) {
                ProfileGroup next2 = it2.next();
                if (next2.getUUID().contentEquals(this.payloadcertificateuuid)) {
                    AppWrapperAndSDKCertificateProfileGroup appWrapperAndSDKCertificateProfileGroup = (AppWrapperAndSDKCertificateProfileGroup) next2;
                    this.certificateData = AppWrapperAndSDKCertificateProfileGroup.getCertData(appWrapperAndSDKCertificateProfileGroup);
                    this.certificatePassword = AppWrapperAndSDKCertificateProfileGroup.getCertPassword(appWrapperAndSDKCertificateProfileGroup);
                }
            }
        }
    }

    /* loaded from: classes3.dex */
    public enum ProxyType {
        SSH_PROXY(1),
        MAG(2),
        F5(3),
        INVALID(0);

        int value;

        ProxyType(int i) {
            this.value = -1;
            this.value = i;
        }

        public static ProxyType getType(int i) {
            return i != 1 ? i != 2 ? i != 3 ? INVALID : F5 : MAG : SSH_PROXY;
        }

        public int getValue() {
            return this.value;
        }
    }

    public AppWrapperAndSDKAppTunnelingPolicyProfileGroup() {
        super(NAME, "AppTunnelingPoliciesV2");
    }

    public AppWrapperAndSDKAppTunnelingPolicyProfileGroup(String str, int i) {
        super(NAME, "AppTunnelingPoliciesV2", str, i);
    }

    public AppWrapperAndSDKAppTunnelingPolicyProfileGroup(String str, int i, String str2) {
        super(NAME, "AppTunnelingPoliciesV2", str, i, str2);
    }

    public AppWrapperAndSDKAppTunnelingPolicyProfileGroup(String str, String str2) {
        super(str, str2);
    }

    public AppWrapperAndSDKAppTunnelingPolicyProfileGroup(String str, String str2, String str3, int i) {
        super(str, str2, str3, i);
    }

    private boolean checkUserPassworAvailability() {
        try {
            Cursor query = AfwApp.getAppContext().getContentResolver().query(AppWrapperContentProvider.CONTENT_URI_PROXY, new String[]{AppWrapperConstants.COLUMN_PASSWORD, AppWrapperConstants.COLUMN_USERNAME}, "proxytype = 2  and  proxyusername <> ?", new String[]{""}, null);
            if (query.moveToFirst()) {
                return true;
            }
            query.close();
            return false;
        } catch (Exception e) {
            Logger.e(TAG, "PasscodeAge reterival error " + e.getMessage());
            return false;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public boolean getCertificate(ProxyDefinition proxyDefinition) {
        if (!shouldFetchCert(proxyDefinition.appId)) {
            return true;
        }
        proxyDefinition.certificateData = AppWrapperUtility.getMAGCertificate(proxyDefinition.appId, proxyDefinition.certificateData);
        return true ^ StringUtils.isEmptyOrNull(proxyDefinition.certificateData);
    }

    private void handleF5ProxySettings(ProxyDefinition proxyDefinition, String str, ProfileGroup profileGroup) {
        if (proxyDefinition.appId == null || proxyDefinition.appId.trim().length() == 0) {
            proxyDefinition.appId = AfwApp.getAppContext().getNonBrandedAppPackageName();
        }
        AppWrapperUtility.addAppTunnelProfile(proxyDefinition.appId, str, proxyDefinition.enableAppTunnel, proxyDefinition.appTunnelMode, proxyDefinition.server, proxyDefinition.httpPort, proxyDefinition.magHttpsPort, proxyDefinition.magUsePublicSSL, proxyDefinition.enableF5Integration, proxyDefinition.F5AuthMode, proxyDefinition.F5UserAccountType, proxyDefinition.F5Password, proxyDefinition.F5User, proxyDefinition.certificateData, proxyDefinition.certificatePassword);
        AppWrapperUtility.sendF5ProxyIntentBroadcast(proxyDefinition.appId, proxyDefinition.enableAppTunnel);
        AgentProfileDBAdapter.getInstance().updateProfileGroupStts(profileGroup.getUUID(), 1);
    }

    private boolean handleMAGProxySettings(ProxyDefinition proxyDefinition, String str, ProfileGroup profileGroup) {
        if (proxyDefinition.appId == null || ApplicationManager.isPrePopulatedApp(proxyDefinition.appId)) {
            AgentProfileDBAdapter.getInstance().updateProfileGroupStts(profileGroup.getUUID(), 1);
            return false;
        }
        if (proxyDefinition.appId == null || proxyDefinition.appId.trim().length() == 0) {
            Logger.d(TAG, "MAG: Appid missing : " + proxyDefinition.appId);
            proxyDefinition.appId = AfwApp.getAppContext().getNonBrandedAppPackageName();
        }
        Logger.i(TAG, "MAG: Appid for MAG : " + proxyDefinition.appId);
        if (!getCertificate(proxyDefinition)) {
            int i = this.retryCount;
            if (i < 4) {
                int i2 = i + 60;
                TaskQueue.getInstance().postDelayed(MAGFetchRetry.QUEUE_MAG_RETRY, new MAGFetchRetry(SDKConfigurationKeys.MAG_RETRY + proxyDefinition.appId, proxyDefinition.appId, i2), i2);
                return false;
            }
            Logger.e(TAG, "MAG: cert retrieval fails checking for password availability " + proxyDefinition.appId);
            if (!checkUserPassworAvailability() && ProxyType.getType(proxyDefinition.appTunnelMode).equals(ProxyType.MAG)) {
                Logger.d(TAG, "MAG notification");
                queuePasswordNotification(AgentProfileDBAdapter.getInstance().getProfileColVal(AgentProfileDBAdapter.getInstance().getProfileGroupColVal(profileGroup.getUUID(), "profileId"), "name") + CacheKeyValueDelegate.CACHE_VALUE_SEPARATOR + profileGroup.getName(), profileGroup.getIdentifier());
                AgentProfileDBAdapter.getInstance().updateProfileGroupStts(profileGroup.getUUID(), 0);
                AppWrapperUtility.addAppTunnelProfile(proxyDefinition.appId, str, proxyDefinition.enableAppTunnel, proxyDefinition.appTunnelMode, proxyDefinition.server, proxyDefinition.httpPort, proxyDefinition.magHttpsPort, proxyDefinition.magUsePublicSSL, proxyDefinition.enableF5Integration, proxyDefinition.magUsePublicSSL ? 1 : 0, proxyDefinition.F5UserAccountType, proxyDefinition.F5Password, proxyDefinition.F5User, proxyDefinition.certificateData, proxyDefinition.certificatePassword);
                return false;
            }
            ClientCertRequestMessage clientCertRequestMessage = new ClientCertRequestMessage(proxyDefinition.appId);
            try {
                clientCertRequestMessage.send();
                int responseStatusCode = clientCertRequestMessage.getResponseStatusCode();
                if (responseStatusCode != 200) {
                    Logger.e(TAG, "MAG Cert Download Error:  HTTP Status = " + responseStatusCode);
                    return false;
                }
                String certificateString = clientCertRequestMessage.getCertificateString();
                if (certificateString == null) {
                    Logger.e(TAG, "Cert reteriving error  cert==null");
                    return false;
                }
                proxyDefinition.certificateData = certificateString;
            } catch (Exception unused) {
                Logger.e(TAG, "Malformed URL for Client cert request.");
            }
        }
        Logger.d(TAG, "MAG: applying Profile in DB:  " + proxyDefinition.appId + " Tunnel Enable " + proxyDefinition.enableAppTunnel);
        AppWrapperUtility.addAppTunnelProfile(proxyDefinition.appId, str, proxyDefinition.enableAppTunnel, proxyDefinition.appTunnelMode, proxyDefinition.server, proxyDefinition.httpPort, proxyDefinition.magHttpsPort, proxyDefinition.magUsePublicSSL, proxyDefinition.enableF5Integration, proxyDefinition.magUsePublicSSL ? 1 : 0, proxyDefinition.F5UserAccountType, proxyDefinition.F5Password, proxyDefinition.F5User, proxyDefinition.certificateData, proxyDefinition.certificatePassword);
        AgentProfileDBAdapter.getInstance().updateProfileGroupStts(profileGroup.getUUID(), 1);
        AppWrapperUtility.sendMAGProxyIntentBroadcast(proxyDefinition.appId, proxyDefinition.enableAppTunnel ? 1 : 2);
        return true;
    }

    private boolean handleProxyType(ProxyDefinition proxyDefinition, String str, ProfileGroup profileGroup) {
        int i = AnonymousClass2.a[ProxyType.getType(proxyDefinition.appTunnelMode).ordinal()];
        if (i == 1) {
            handleStandardProxySettings(proxyDefinition, str, profileGroup);
        } else {
            if (i == 2) {
                return handleMAGProxySettings(proxyDefinition, str, profileGroup);
            }
            if (i == 3) {
                handleF5ProxySettings(proxyDefinition, str, profileGroup);
            }
        }
        return true;
    }

    private void handleStandardProxySettings(ProxyDefinition proxyDefinition, String str, ProfileGroup profileGroup) {
        try {
            Guard.argumentIsNotNullOrEmpty(proxyDefinition.appId);
            AppWrapperUtility.addProxyProfile(proxyDefinition.appTunnelMode, proxyDefinition.standardProxyUrl, proxyDefinition.standardProxyPort, proxyDefinition.useAuthenticationForStandard, false, proxyDefinition.standardProxyuserName, proxyDefinition.standardProxypassword, str, proxyDefinition.enableStandardProxy, proxyDefinition.appId, "", "", "");
            AgentProfileDBAdapter.getInstance().updateProfileGroupStts(profileGroup.getUUID(), 1);
        } catch (IllegalArgumentException unused) {
            Logger.e("AppId is null for profileUUID: " + str);
        }
    }

    private void queuePasswordNotification(String str, String str2) {
        AfwApp.getAppContext().getClient().getNotificationManager().queueAppwrapperTunnelProxyPasswordNotification(str, str2);
    }

    private boolean shouldFetchCert(String str) {
        String stringField = AppWrapperUtility.getStringField(AppWrapperContentProvider.CONTENT_URI_PROXY, AppWrapperConstants.COLUMN_CERTIFICATE_DATA, AppWrapperConstants.COLUMN_PACKAGE_ID, str);
        if (TextUtils.isEmpty(stringField)) {
            return true;
        }
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(Base64.decode(stringField, 0));
        try {
            KeyStore keyStore = KeyStore.getInstance("PKCS12");
            keyStore.load(byteArrayInputStream, str.toCharArray());
            Enumeration<String> aliases = keyStore.aliases();
            boolean z = true;
            while (aliases.hasMoreElements()) {
                ((X509Certificate) ((KeyStore.PrivateKeyEntry) keyStore.getEntry(aliases.nextElement(), null)).getCertificate()).checkValidity();
                z = false;
            }
            return z;
        } catch (Exception e) {
            Logger.d(TAG, "Certificate Exception ", (Throwable) e);
            return true;
        }
    }

    public boolean apply(int i, String str) {
        this.retryCount = i;
        Logger.e(TAG, "MAG: retry count:" + this.retryCount);
        applyConfiguration("AppTunnelingPoliciesV2", str);
        return true;
    }

    protected boolean applyConfiguration(String str, String str2) {
        if (!AfwApp.getAppContext().getClient().isAppEnrolled()) {
            return true;
        }
        AgentProfileDBAdapter agentProfileDBAdapter = AgentProfileDBAdapter.getInstance();
        Iterator<ProfileGroup> it = agentProfileDBAdapter.getProfileGroups(str).iterator();
        while (it.hasNext()) {
            ProfileGroup next = it.next();
            ProxyDefinition proxyDefinition = new ProxyDefinition(next);
            if (str2 != null || next.getSttsId() != 1) {
                if (str2 == null || str2.equalsIgnoreCase(proxyDefinition.appId)) {
                    if (!handleProxyType(proxyDefinition, agentProfileDBAdapter.getProfileUniqueIdUsingGroupId(next.getUUID()), next)) {
                        return false;
                    }
                }
            }
        }
        return true;
    }

    @Override // com.airwatch.bizlib.profile.ProfileGroup
    protected boolean applyImpl() {
        return applyConfiguration("AppTunnelingPoliciesV2", null);
    }

    @Override // com.airwatch.bizlib.profile.ProfileGroup
    public String getLocalizedName() {
        return AfwApp.getAppContext().getResources().getString(R.string.app_wrapper_proxy_profile_name);
    }

    @Override // com.airwatch.bizlib.profile.ProfileGroup
    public CharSequence getProfileDescription() {
        return AfwApp.getAppContext().getResources().getString(R.string.app_wrapper_proxy_profile_description);
    }

    @Override // com.airwatch.bizlib.profile.ProfileGroup
    public boolean groupListRemoved(Profile profile) {
        Iterator<ProfileGroup> it = profile.getGroups().iterator();
        while (it.hasNext()) {
            if (it.next() instanceof AppWrapperAndSDKAppTunnelingPolicyProfileGroup) {
                return true;
            }
        }
        String stringField = AppWrapperUtility.getStringField(AppWrapperContentProvider.CONTENT_URI_PROXY, AppWrapperConstants.COLUMN_PACKAGE_ID, "profile_id", profile.getUniqueIdentifier());
        if (stringField != null && stringField.length() > 0) {
            AppWrapperUtility.sendF5ProxyIntentBroadcast(stringField, false);
            AppWrapperUtility.sendMAGProxyIntentBroadcast(stringField, 2);
        }
        AppWrapperUtility.removeApplicationUsingProfileIdFromProxyTable(profile.getUniqueIdentifier());
        return true;
    }

    @Override // com.airwatch.bizlib.profile.ProfileGroup
    public boolean groupRemovedEntWipe(ProfileGroup profileGroup) {
        return groupRemoved(profileGroup);
    }

    @Override // com.airwatch.bizlib.profile.ProfileGroup
    protected boolean groupRemovedImpl(ProfileGroup profileGroup) {
        String profileUniqueIdUsingGroupId = AgentProfileDBAdapter.getInstance().getProfileUniqueIdUsingGroupId(profileGroup.getUUID());
        Logger.i(TAG, "AppTunnelingPolicies : groupRemoved id : " + profileUniqueIdUsingGroupId);
        AppWrapperUtility.removeApplicationUsingProfileId(profileUniqueIdUsingGroupId);
        return true;
    }

    @Override // com.airwatch.bizlib.profile.ProfileGroup
    public boolean isAppWrappingProfileGroup() {
        return true;
    }

    public boolean updateCertificate(final String str) {
        Logger.i(TAG, "MAG: inside  updating cert Appid :" + str);
        String stringField = AppWrapperUtility.getStringField(AppWrapperContentProvider.CONTENT_URI_PROXY, AppWrapperConstants.COLUMN_CERTIFICATE_DATA, AppWrapperConstants.COLUMN_PACKAGE_ID, str);
        if (stringField == null || stringField.trim().length() <= 0) {
            AfwApp.getPrioritySerialExecutor().execute(new PriorityRunnableTask(PriorityRunnableTask.EnumPriorityRunnable.LOWEST) { // from class: com.airwatch.agent.profile.group.appwrapnsdk.AppWrapperAndSDKAppTunnelingPolicyProfileGroup.1
                @Override // java.lang.Runnable
                public void run() {
                    ProxyDefinition proxyDefinition = new ProxyDefinition(str);
                    if (AppWrapperAndSDKAppTunnelingPolicyProfileGroup.this.getCertificate(proxyDefinition)) {
                        Logger.i(AppWrapperAndSDKAppTunnelingPolicyProfileGroup.TAG, "MAG: Now  updating cert Appid :" + str);
                        AppWrapperUtility.updateField(AppWrapperContentProvider.CONTENT_URI_PROXY, AppWrapperConstants.COLUMN_PACKAGE_ID, str, AppWrapperConstants.COLUMN_CERTIFICATE_DATA, proxyDefinition.certificateData);
                    }
                }
            });
            return true;
        }
        Logger.d(TAG, "MAG: cert is existing already returning cert Appid :" + str);
        return true;
    }
}
