package com.airwatch.gateway.clients;

import android.app.Activity;
import android.app.ProgressDialog;
import android.content.Context;
import android.content.DialogInterface;
import android.content.Intent;
import android.graphics.Bitmap;
import android.net.Uri;
import android.os.Build;
import android.text.TextUtils;
import android.view.View;
import android.webkit.ClientCertRequest;
import android.webkit.ClientCertRequestHandler;
import android.webkit.HttpAuthHandler;
import android.webkit.WebView;
import androidx.fragment.app.FragmentActivity;
import com.airwatch.auth.helpers.IntegratedAuthDataModel;
import com.airwatch.auth.helpers.IntegratedAuthDataModelImpl;
import com.airwatch.auth.kerberos.KerberosTokenFetcher;
import com.airwatch.gateway.auth.GatewayAuthenticator;
import com.airwatch.gateway.clients.integrated_auth_handlers.BasicProxyHandler;
import com.airwatch.gateway.clients.integrated_auth_handlers.EnrollmentCredentialHandler;
import com.airwatch.gateway.clients.integrated_auth_handlers.IHttpHandler;
import com.airwatch.gateway.clients.integrated_auth_handlers.KerberosHandler;
import com.airwatch.gateway.clients.utils.DuplicateAuthHandler;
import com.airwatch.gateway.clients.utils.IAAuthDialog;
import com.airwatch.gateway.clients.utils.IACredentialsManagerFactory;
import com.airwatch.gateway.clients.utils.UpdateCredentialsResult;
import com.airwatch.gateway.config.GatewayConfigManager;
import com.airwatch.gateway.enums.GatewayConstants;
import com.airwatch.gateway.enums.ProxySetupType;
import com.airwatch.geofencing.GeofencingUtility;
import com.airwatch.login.UserCredential;
import com.airwatch.login.ui.fragments.SDKErrorDialog;
import com.airwatch.network.R;
import com.airwatch.proxy.ProxyUtility;
import com.airwatch.sdk.AirWatchSDKException;
import com.airwatch.sdk.SDKStatusCode;
import com.airwatch.sdk.certificate.CertificateFetchResult;
import com.airwatch.sdk.certificate.CertificateFetchUtility;
import com.airwatch.sdk.certificate.SCEPCertificateFetchListener;
import com.airwatch.sdk.certificate.SCEPCertificateFetcher;
import com.airwatch.sdk.certificate.SCEPContext;
import com.airwatch.sdk.configuration.SDKConfigurationKeys;
import com.airwatch.sdk.context.SDKContext;
import com.airwatch.sdk.context.SDKContextManager;
import com.airwatch.sdk.context.awsdkcontext.SDKContextHelper;
import com.airwatch.storage.SDKSecurePreferencesKeys;
import com.airwatch.task.CallbackFuture;
import com.airwatch.task.IFutureCallback;
import com.airwatch.task.TaskQueue;
import com.airwatch.util.ArrayUtils;
import com.airwatch.util.Logger;
import com.airwatch.util.UrlUtils;
import com.google.android.material.snackbar.Snackbar;
import java.security.KeyStore;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.concurrent.Callable;
import org.koin.java.KoinJavaComponent;

/* loaded from: classes4.dex */
public class AWWebViewDelegate implements IHttpHandler {
    private static final String EXTRA_BROWSER_RELOAD_URL = "pivd_browser_reload_url";
    private static final String PIVD_APP_ID = "com.airwatch.pivd";
    private static final String PLAYSTORE_URL = "market://details?id=";
    private static final String TAG = "AWWebViewDelegate";
    private IAAuthDialog iaDialog;
    private BasicProxyHandler mBasicProxyHandler;
    private EnrollmentCredentialHandler mEnrollmentCredentialHandler;
    private IntegratedAuthDataModel mIADataModel;
    private KerberosHandler mKerberosHandler;
    private ProgressDialog mAuthDialog = null;
    private Object certAuthHandler = null;
    private SDKContext sdkContext = (SDKContext) KoinJavaComponent.get(SDKContext.class);
    private SCEPCertificateFetcher scepCertificateFetcher = SCEPContext.getInstance().getSCEPCertificateFetcher();
    private final SCEPCertificateFetchListener mListener = new SCEPCertificateFetchListener() { // from class: com.airwatch.gateway.clients.AWWebViewDelegate.1
        @Override // com.airwatch.sdk.certificate.SCEPCertificateFetchListener
        public void onResult(CertificateFetchResult certificateFetchResult) {
            if (AWWebViewDelegate.this.certAuthHandler == null || certificateFetchResult.getStatus() != CertificateFetchResult.Status.SUCCESS) {
                return;
            }
            CertificateFetchUtility.authHandlerWithCertFromKeyStore(CertificateFetchUtility.getKey(), AWWebViewDelegate.this.certAuthHandler);
            AWWebViewDelegate.this.certAuthHandler = null;
            AWWebViewDelegate.this.scepCertificateFetcher.unregisterFetchListener(AWWebViewDelegate.this.mListener);
        }
    };

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: com.airwatch.gateway.clients.AWWebViewDelegate$4, reason: invalid class name */
    /* loaded from: classes4.dex */
    public static /* synthetic */ class AnonymousClass4 {
        static final /* synthetic */ int[] a;

        static {
            int[] iArr = new int[UpdateCredentialsResult.values().length];
            a = iArr;
            try {
                iArr[UpdateCredentialsResult.SUCCESS.ordinal()] = 1;
            } catch (NoSuchFieldError unused) {
            }
            try {
                a[UpdateCredentialsResult.FAILED_USERNAME_DIFFERENT.ordinal()] = 2;
            } catch (NoSuchFieldError unused2) {
            }
            try {
                a[UpdateCredentialsResult.FAILED_INCORRECT_PASSWORD.ordinal()] = 3;
            } catch (NoSuchFieldError unused3) {
            }
            try {
                a[UpdateCredentialsResult.FAILED_NETWORK_ERROR_DURING_VERIFICATION.ordinal()] = 4;
            } catch (NoSuchFieldError unused4) {
            }
            try {
                a[UpdateCredentialsResult.PARTIAL_SUCCESS_APP_LEVEL_SUCCESS_ANCHOR_APP_FAILED.ordinal()] = 5;
            } catch (NoSuchFieldError unused5) {
            }
        }
    }

    /* loaded from: classes4.dex */
    private class a implements IAAuthDialog.IADialogActionListener {
        private WebView b;
        private String c;
        private String d;
        private HttpAuthHandler e;
        private boolean f;

        public a(WebView webView, String str, String str2, HttpAuthHandler httpAuthHandler, boolean z) {
            this.b = webView;
            this.c = str;
            this.d = str2;
            this.e = httpAuthHandler;
            this.f = z;
        }

        @Override // com.airwatch.gateway.clients.utils.IAAuthDialog.IADialogActionListener
        public void onCancel() {
            DuplicateAuthHandler duplicateAuthHandler = DuplicateAuthHandler.getInstance();
            if (this.f) {
                this.e.cancel();
            } else {
                for (HttpAuthHandler httpAuthHandler : duplicateAuthHandler.get(this.c)) {
                    Logger.v(AWWebViewDelegate.TAG, String.format("Cancelling authentication for : %s for host : %s", httpAuthHandler, this.c));
                    httpAuthHandler.cancel();
                }
            }
            duplicateAuthHandler.remove(this.c);
        }

        @Override // com.airwatch.gateway.clients.utils.IAAuthDialog.IADialogActionListener
        public void onSave(String str, char[] cArr) {
            if (!this.f) {
                if (!TextUtils.isEmpty(str) && !ArrayUtils.isEmpty(cArr)) {
                    if (AWWebViewDelegate.this.mIADataModel.isHostAllowedForIA(this.c)) {
                        AWWebViewDelegate.this.updateCredentials(this.b, str, cArr, this.c);
                    } else {
                        AWWebViewDelegate.this.mIADataModel.setCachedCredentialsForNonIA(this.c, str, cArr);
                    }
                }
                Logger.d(AWWebViewDelegate.TAG, "Proceeding with new user entered credentials.");
                for (HttpAuthHandler httpAuthHandler : DuplicateAuthHandler.getInstance().get(this.c)) {
                    Logger.v(AWWebViewDelegate.TAG, String.format("Authenticating : %s for host : %s", httpAuthHandler, this.c));
                    httpAuthHandler.proceed(str, new String(cArr));
                }
                DuplicateAuthHandler.getInstance().remove(this.c);
                return;
            }
            String fetchKerberosToken = new KerberosTokenFetcher(this.b.getContext()).fetchKerberosToken(this.c, UrlUtils.removeDomain(str), cArr);
            if (fetchKerberosToken != null && !TextUtils.isEmpty(fetchKerberosToken.trim())) {
                AWWebViewDelegate.this.updateCredentials(this.b, str, cArr, this.c);
            }
            if (this.d.startsWith("http://")) {
                this.e.proceed(GatewayConstants.AW_KERBEROS_MESSAGE_STRING, fetchKerberosToken);
            } else {
                HashMap hashMap = new HashMap();
                if (fetchKerberosToken != null && !fetchKerberosToken.trim().equals("")) {
                    hashMap.put("Authorization", "Negotiate " + fetchKerberosToken);
                }
                this.e.cancel();
                this.b.loadUrl(this.d, hashMap);
            }
            DuplicateAuthHandler.getInstance().remove(this.c);
        }
    }

    public AWWebViewDelegate() {
        initHttpHandlers();
    }

    private void fetchCertificate(final Context context, final WebView webView, final Object obj) {
        CertificateFetchUtility.fetchKey(context, new SDKContextHelper.AWContextCallBack() { // from class: com.airwatch.gateway.clients.AWWebViewDelegate.2
            @Override // com.airwatch.sdk.context.awsdkcontext.SDKContextHelper.AWContextCallBack
            public void onFailed(AirWatchSDKException airWatchSDKException) {
                if (AWWebViewDelegate.this.mAuthDialog != null) {
                    AWWebViewDelegate.this.mAuthDialog.dismiss();
                }
                SDKStatusCode errorCode = airWatchSDKException.getErrorCode();
                Intent launchIntentForPackage = context.getPackageManager().getLaunchIntentForPackage(AWWebViewDelegate.PIVD_APP_ID);
                if (SDKStatusCode.SDK_CERT_FETCH_FAILED == errorCode) {
                    Logger.w(AWWebViewDelegate.TAG, "CertAuth: failed to retrieve cert from console for IA ", (Throwable) airWatchSDKException);
                    CertificateFetchUtility.authHandlerWithCertFromKeyChain(context, obj);
                    return;
                }
                if (SDKStatusCode.SDK_ERROR_SCEP_PENDING == errorCode) {
                    AWWebViewDelegate.this.certAuthHandler = obj;
                    AWWebViewDelegate.this.scepCertificateFetcher.registerFetchListener(AWWebViewDelegate.this.mListener);
                    return;
                }
                if (SDKStatusCode.SDK_DERIVED_CREDENTIALS_ACTIVATION_FAILURE != errorCode || launchIntentForPackage == null) {
                    if (SDKStatusCode.SDK_DERIVED_CREDENTIALS_FAILURE == errorCode) {
                        AWWebViewDelegate.this.showAlertDialog(webView, new Intent("android.intent.action.VIEW", Uri.parse("market://details?id=com.airwatch.pivd")), context.getString(R.string.pivd_not_found), context.getString(R.string.pivd_install_playstore), context.getString(R.string.install));
                        return;
                    }
                    return;
                }
                String url = webView.getUrl();
                if (url != null) {
                    launchIntentForPackage.putExtra(AWWebViewDelegate.EXTRA_BROWSER_RELOAD_URL, url);
                }
                AWWebViewDelegate.this.showAlertDialog(webView, launchIntentForPackage, context.getString(R.string.activation_failure), context.getString(R.string.pivd_activate_cred), context.getString(R.string.activate));
            }

            @Override // com.airwatch.sdk.context.awsdkcontext.SDKContextHelper.AWContextCallBack
            public void onSuccess(int i, Object obj2) {
                if (AWWebViewDelegate.this.mAuthDialog != null) {
                    AWWebViewDelegate.this.mAuthDialog.dismiss();
                }
                CertificateFetchUtility.authHandlerWithCertFromKeyStore((KeyStore) obj2, obj);
            }
        }, SDKContextManager.getSDKContext().getSDKConfiguration());
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static /* synthetic */ void lambda$showAlertDialog$1(Context context, Intent intent, DialogInterface dialogInterface, int i) {
        context.startActivity(intent);
        dialogInterface.dismiss();
    }

    private void processRequestLocally(Object obj, WebView webView) {
        if (!CertificateFetchUtility.isCertAuthEnabled()) {
            CertificateFetchUtility.cancelCertAuthRequest(obj);
            return;
        }
        KeyStore key = CertificateFetchUtility.getKey();
        if (key != null && this.sdkContext.getKeyStore().isCertificateValid(this.sdkContext.getSDKSecurePreferences().getString(SDKSecurePreferencesKeys.IA_CERT_ALIAS, ""))) {
            CertificateFetchUtility.authHandlerWithCertFromKeyStore(key, obj);
            return;
        }
        Context context = webView.getContext();
        this.mAuthDialog = ProgressDialog.show(context, null, context.getString(R.string.awsdk_authenticating), true);
        fetchCertificate(context, webView, obj);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void showAlertDialog(View view, final Intent intent, String str, String str2, String str3) {
        final Context context = view.getContext();
        SDKErrorDialog sDKErrorDialog = new SDKErrorDialog(str, str2, new DialogInterface.OnClickListener() { // from class: com.airwatch.gateway.clients.-$$Lambda$AWWebViewDelegate$FLN0-LR53DfP5l7GM3ySfWDGMq4
            @Override // android.content.DialogInterface.OnClickListener
            public final void onClick(DialogInterface dialogInterface, int i) {
                AWWebViewDelegate.lambda$showAlertDialog$1(context, intent, dialogInterface, i);
            }
        }, str3, new DialogInterface.OnClickListener() { // from class: com.airwatch.gateway.clients.-$$Lambda$AWWebViewDelegate$6x_o3VeNHorf47cx9ndFQs6qAbQ
            @Override // android.content.DialogInterface.OnClickListener
            public final void onClick(DialogInterface dialogInterface, int i) {
                dialogInterface.dismiss();
            }
        }, view.getContext().getResources().getString(R.string.cancel));
        sDKErrorDialog.setCancelable(true);
        sDKErrorDialog.show(((FragmentActivity) view.getContext()).getSupportFragmentManager(), "AWWebView");
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void showSnackbar(WebView webView, String str) {
        Snackbar.make(webView, str, 0).show();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void updateCredentials(final WebView webView, final String str, final char[] cArr, final String str2) {
        CallbackFuture post = TaskQueue.getInstance().post("IA", new Callable() { // from class: com.airwatch.gateway.clients.-$$Lambda$AWWebViewDelegate$g4TWgEhcQodAa7hpUbT6oeQO0oI
            @Override // java.util.concurrent.Callable
            public final Object call() {
                UpdateCredentialsResult updateCredentials;
                updateCredentials = IACredentialsManagerFactory.INSTANCE.getIaCredentialsManager().updateCredentials(str, cArr);
                return updateCredentials;
            }
        });
        final ProgressDialog show = ProgressDialog.show(webView.getContext(), null, webView.getContext().getString(R.string.awsdk_authenticating), true);
        post.on((IFutureCallback) new IFutureCallback<UpdateCredentialsResult>() { // from class: com.airwatch.gateway.clients.AWWebViewDelegate.3
            @Override // com.airwatch.task.IFutureSuccessCallback
            /* renamed from: a, reason: merged with bridge method [inline-methods] */
            public void onSuccess(UpdateCredentialsResult updateCredentialsResult) {
                show.dismiss();
                int i = AnonymousClass4.a[updateCredentialsResult.ordinal()];
                if (i == 1) {
                    AWWebViewDelegate.this.mIADataModel.setCachedUserForIA(str2, str);
                    AWWebViewDelegate.this.showSnackbar(webView, "Updating credentials succeeded.");
                    return;
                }
                if (i == 2) {
                    AWWebViewDelegate.this.showSnackbar(webView, "Updating credentials failed. Incorrect username entered.");
                    return;
                }
                if (i == 3) {
                    AWWebViewDelegate.this.showSnackbar(webView, "Updating credentials failed. Incorrect password entered.");
                } else if (i == 4) {
                    AWWebViewDelegate.this.showSnackbar(webView, "Updating credentials failed due to a network error.");
                } else {
                    if (i != 5) {
                        return;
                    }
                    AWWebViewDelegate.this.showSnackbar(webView, "Credentials updated in this app. Failed to update credentials across all apps.");
                }
            }

            @Override // com.airwatch.task.IFutureFailureCallback
            public void onFailure(Exception exc) {
                show.dismiss();
                AWWebViewDelegate.this.showSnackbar(webView, "Updating credentials failed due to unexpected error.");
                Logger.e(AWWebViewDelegate.TAG, "Updating credentials failed.", (Throwable) exc);
            }
        });
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void addLocalProxyAuth(HttpAuthHandler httpAuthHandler, String str) {
        if (ProxyUtility.isWithProxyAuthenticator() && GatewayAuthenticator.LOCAL_PROXY_AUTH_REALM.equals(str)) {
            Logger.d(TAG, "Add Auth Data for AWWebView");
            httpAuthHandler.proceed(GatewayAuthenticator.SDK_INTERNAL_CLIENT, GatewayAuthenticator.INSTANCE.getAuthToken());
        }
    }

    @Override // com.airwatch.gateway.clients.integrated_auth_handlers.IHttpHandler
    public void handleRequest(WebView webView, HttpAuthHandler httpAuthHandler, String str, String str2, String str3, boolean z) {
        UserCredential cachedCredentialsForNonIA = this.mIADataModel.getCachedCredentialsForNonIA(str);
        if (!this.mIADataModel.isHostAllowedForIA(str) && cachedCredentialsForNonIA != null && httpAuthHandler.useHttpAuthUsernamePassword()) {
            httpAuthHandler.proceed(cachedCredentialsForNonIA.getUsername(), new String(cachedCredentialsForNonIA.getPassword()));
            return;
        }
        List<HttpAuthHandler> list = DuplicateAuthHandler.getInstance().get(str);
        if (list == null || list.isEmpty()) {
            ArrayList arrayList = new ArrayList();
            arrayList.add(httpAuthHandler);
            DuplicateAuthHandler.getInstance().add(str, arrayList);
        } else {
            Logger.d(TAG, String.format("Received duplicate auth request for %s. Handler : %s", str, httpAuthHandler));
            list.add(httpAuthHandler);
            DuplicateAuthHandler.getInstance().add(str, list);
        }
        a aVar = new a(webView, str, str3, httpAuthHandler, z);
        if (this.iaDialog == null) {
            this.iaDialog = new IAAuthDialog(webView.getContext(), str, aVar);
        }
        if (this.iaDialog.isShowing()) {
            return;
        }
        this.iaDialog.show();
    }

    protected void initHttpHandlers() {
        this.mIADataModel = new IntegratedAuthDataModelImpl();
        this.mKerberosHandler = new KerberosHandler();
        this.mEnrollmentCredentialHandler = new EnrollmentCredentialHandler();
        this.mBasicProxyHandler = new BasicProxyHandler();
    }

    public void onPageStarted(WebView webView, String str, Bitmap bitmap) {
        if (SDKContextManager.getSDKContext().getSDKConfiguration().getBooleanValue(SDKConfigurationKeys.GEOFENCE_GROUP, SDKConfigurationKeys.ENABLE_GEOFENCING)) {
            GeofencingUtility geofencingUtility = GeofencingUtility.getInstance();
            if (webView.getContext() instanceof Activity) {
                geofencingUtility.checkGeofencingControl((Activity) webView.getContext());
            }
        }
    }

    public void onReceivedClientCertRequest(WebView webView, ClientCertRequest clientCertRequest) {
        Logger.d(TAG, "Cert auth request called.");
        processRequestLocally(clientCertRequest, webView);
    }

    public void onReceivedClientCertRequest(WebView webView, ClientCertRequestHandler clientCertRequestHandler, String str) {
        Logger.d(TAG, "Cert auth request (<API 21) called for Host: " + str);
        processRequestLocally(clientCertRequestHandler, webView);
    }

    public boolean onReceivedError(WebView webView, int i, String str, String str2) {
        return false;
    }

    public void onReceivedHttpAuthRequest(WebView webView, HttpAuthHandler httpAuthHandler, String str, String str2) {
        Logger.d(TAG, "onReceivedHttpAuthRequest called for host " + str + "realm " + str2);
        GatewayConfigManager.getInstance();
        if (Build.VERSION.SDK_INT >= 21) {
            str = UrlUtils.removeNonFqdnSuffixFromHost(str);
        }
        String removePort = UrlUtils.removePort(str);
        if ("127.0.0.1".equals(removePort)) {
            addLocalProxyAuth(httpAuthHandler, str2);
            return;
        }
        if (this.mIADataModel.getTunnellingType() == ProxySetupType.MAG) {
            this.mKerberosHandler.setNextHandler(this.mEnrollmentCredentialHandler.setNextHandler(this)).handleRequest(webView, httpAuthHandler, removePort, str2, webView.getUrl(), true);
        } else if (this.mIADataModel.getTunnellingType() == ProxySetupType.BASIC_USERNAME_PASSWORD) {
            this.mEnrollmentCredentialHandler.setNextHandler(this.mBasicProxyHandler.setNextHandler(this)).handleRequest(webView, httpAuthHandler, removePort, str2, "", false);
        } else {
            this.mEnrollmentCredentialHandler.setNextHandler(this).handleRequest(webView, httpAuthHandler, removePort, str2, "", false);
        }
    }

    public boolean shouldOverrideUrlLoading(WebView webView, String str) {
        return false;
    }
}
