package com.airwatch.agent.enterprise.oem.samsung.pivd;

import android.app.IntentService;
import android.content.Context;
import android.content.Intent;
import android.os.Build;
import android.os.Bundle;
import android.os.PowerManager;
import android.text.TextUtils;
import androidx.core.app.NotificationCompat;
import com.airwatch.agent.AirWatchApp;
import com.airwatch.agent.database.AgentProfileDBAdapter;
import com.airwatch.agent.hub.hostactivity.HostActivityIntentUtils;
import com.airwatch.agent.notification.DeviceNotificationFactory;
import com.airwatch.agent.notification.DeviceNotificationManager;
import com.airwatch.agent.notification.NotificationType;
import com.airwatch.agent.profile.AgentProfileManager;
import com.airwatch.agent.profile.group.AWEmailProfileGroup;
import com.airwatch.agent.profile.group.CertificateProfileGroup;
import com.airwatch.agent.profile.group.DerivedCredentialsManager;
import com.airwatch.agent.profile.group.LockdownProfileGroup;
import com.airwatch.agent.profile.group.google.mdm.GoogleCertificateProfileGroup;
import com.airwatch.agent.profile.pivd.DefaultDerivedCredentialsManager;
import com.airwatch.agent.utility.StatusManager;
import com.airwatch.agent.utility.task.TaskQueueNames;
import com.airwatch.androidagent.R;
import com.airwatch.bizlib.profile.Profile;
import com.airwatch.bizlib.profile.ProfileGroup;
import com.airwatch.bizlib.profile.ProfileSetting;
import com.airwatch.library.samsungelm.knox.command.pivd.PIVDConstants;
import com.airwatch.sdk.AWNotificationChannelPostOManager;
import com.airwatch.sdk.p2p.ServiceSecurity;
import com.airwatch.task.TaskQueue;
import com.airwatch.util.Logger;
import java.util.ArrayList;
import java.util.Date;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.UUID;
import java.util.Vector;
import java.util.concurrent.Callable;
import net.sqlcipher.database.SQLiteDatabase;

/* loaded from: classes3.dex */
public class PIVDService extends IntentService {
    public static final String CREDENTIAL_CHANNEL = "credential_fetch";
    public static final String PIVD_CONFIGURED = "pivd_configured";
    public static final String PIVD_P12 = "pivd_p12";
    public static final String PIVD_P12_ISSUER = "pivd_p12_issuer";
    public static final String PIVD_P12_PASSWORD = "pivd_p12_password";
    private static final String TAG = "PIVDService";
    private PowerManager.WakeLock mWakeLock;

    public PIVDService() {
        super(TAG);
    }

    private List<ProfileGroup> getDerivedCredentialsCertProfileGroup(String str) {
        Vector<ProfileGroup> profileGroups = AgentProfileManager.getInstance().getProfileGroups("com.airwatch.android.container.certificate");
        profileGroups.addAll(AgentProfileManager.getInstance().getProfileGroups(CertificateProfileGroup.TYPE));
        profileGroups.addAll(AgentProfileManager.getInstance().getProfileGroups(GoogleCertificateProfileGroup.TYPE));
        ArrayList arrayList = new ArrayList();
        Iterator<ProfileGroup> it = profileGroups.iterator();
        while (it.hasNext()) {
            ProfileGroup next = it.next();
            Iterator<ProfileSetting> it2 = next.getSettings().iterator();
            while (it2.hasNext()) {
                if (it2.next().getValue().equals("DerivedCredentials") && isTypeEqual(next.getSettings(), str)) {
                    arrayList.add(next);
                }
            }
        }
        return arrayList;
    }

    public static Map<ProfileGroup, String> getDerivedCredentialsCertTypeFromProfiles() {
        Vector<ProfileGroup> profileGroups = AgentProfileManager.getInstance().getProfileGroups("com.airwatch.android.container.certificate");
        profileGroups.addAll(AgentProfileManager.getInstance().getProfileGroups(CertificateProfileGroup.TYPE));
        profileGroups.addAll(AgentProfileManager.getInstance().getProfileGroups(GoogleCertificateProfileGroup.TYPE));
        HashMap hashMap = new HashMap();
        Iterator<ProfileGroup> it = profileGroups.iterator();
        while (it.hasNext()) {
            ProfileGroup next = it.next();
            Iterator<ProfileSetting> it2 = next.getSettings().iterator();
            while (true) {
                if (!it2.hasNext()) {
                    break;
                }
                if (it2.next().getValue().equals("DerivedCredentials")) {
                    hashMap.put(next, getType(next.getSettings()));
                    break;
                }
            }
        }
        return hashMap;
    }

    private DerivedCredentialsManager getDerivedCredentialsManager(String str, ProfileGroup profileGroup) {
        return profileGroup.getType().equals("com.airwatch.android.container.certificate") ? new KnoxDerivedCredentialsManager(str) : new DefaultDerivedCredentialsManager(this, str);
    }

    private List<Profile> getDerivedCredentialsProfile(String str) {
        ArrayList arrayList = new ArrayList();
        List<ProfileGroup> derivedCredentialsCertProfileGroup = getDerivedCredentialsCertProfileGroup(str);
        List<Profile> allProfiles = AgentProfileManager.getInstance().getAllProfiles();
        for (ProfileGroup profileGroup : derivedCredentialsCertProfileGroup) {
            for (Profile profile : allProfiles) {
                if (profileGroup.getParentProfileId().equals(profile.getIdentifier())) {
                    arrayList.add(profile);
                }
            }
        }
        return arrayList;
    }

    private static String getType(Vector<ProfileSetting> vector) {
        Iterator<ProfileSetting> it = vector.iterator();
        while (it.hasNext()) {
            ProfileSetting next = it.next();
            if (next.getName().equals("KeyUsage")) {
                return next.getValue();
            }
        }
        return "";
    }

    private boolean isTypeEqual(Vector<ProfileSetting> vector, String str) {
        Iterator<ProfileSetting> it = vector.iterator();
        while (it.hasNext()) {
            if (it.next().getValue().equals(str)) {
                return true;
            }
        }
        return false;
    }

    private void showAgentActivityAndDeleteNotification() {
        DeviceNotificationManager.deleteAllNotificationsByTypePayload(NotificationType.DERIVED_CREDENTIALS_NOTIFICATION, "");
        StatusManager.removeDervivedCredentialsNotification();
        Intent activityIntent = HostActivityIntentUtils.getActivityIntent(AirWatchApp.getAppContext());
        activityIntent.addFlags(SQLiteDatabase.CREATE_IF_NECESSARY);
        AirWatchApp.getAppContext().startActivity(activityIntent);
    }

    private void showDerivedCredentialsNotification(String str, String str2) {
        DeviceNotificationManager.deleteAllNotificationsByType(NotificationType.DERIVED_CREDENTIALS_NOTIFICATION);
        DeviceNotificationManager.addNewNotification(DeviceNotificationFactory.createNotification(NotificationType.DERIVED_CREDENTIALS_NOTIFICATION, str, str2, new Date(), UUID.randomUUID().toString(), ""));
        StatusManager.addNewDerivedCredentialsNotification(str2);
    }

    private boolean updateProfileDbAndReapplyProfile(final Profile profile, String str, String str2, String str3, String str4) {
        Logger.d(TAG, "reapplying profile");
        final AgentProfileDBAdapter agentProfileDBAdapter = AgentProfileDBAdapter.getInstance();
        Vector<ProfileGroup> profileGroups = agentProfileDBAdapter.getProfileGroups("com.airwatch.android.container.certificate");
        profileGroups.addAll(agentProfileDBAdapter.getProfileGroups(CertificateProfileGroup.TYPE));
        profileGroups.addAll(agentProfileDBAdapter.getProfileGroups(GoogleCertificateProfileGroup.TYPE));
        Iterator<ProfileGroup> it = profileGroups.iterator();
        while (it.hasNext()) {
            ProfileGroup next = it.next();
            Iterator<ProfileSetting> it2 = next.getSettings().iterator();
            while (it2.hasNext()) {
                if (it2.next().getValue().equals("DerivedCredentials") && isTypeEqual(next.getSettings(), str)) {
                    String identifier = next.getIdentifier();
                    DerivedCredentialsManager derivedCredentialsManager = getDerivedCredentialsManager(str, next);
                    derivedCredentialsManager.updateAgentProfileDBSettings(identifier, str2, str3, str4);
                    derivedCredentialsManager.updateCertificateDefinitionAnchorApp(this, "DerivedCredentials", identifier, str2, str3, str4);
                }
            }
        }
        ArrayList arrayList = new ArrayList();
        Iterator<ProfileGroup> it3 = profile.getGroups().iterator();
        while (it3.hasNext()) {
            final ProfileGroup next2 = it3.next();
            arrayList.add(next2);
            AgentProfileDBAdapter.doInsideUpdate(new Callable<Boolean>() { // from class: com.airwatch.agent.enterprise.oem.samsung.pivd.PIVDService.1
                @Override // java.util.concurrent.Callable
                /* renamed from: a, reason: merged with bridge method [inline-methods] */
                public Boolean call() throws Exception {
                    ProfileGroup profileGroup = next2;
                    if (!(profileGroup instanceof AWEmailProfileGroup) && !(profileGroup instanceof LockdownProfileGroup)) {
                        agentProfileDBAdapter.removeProfileIfNeeded(profile, profileGroup);
                    }
                    return Boolean.valueOf(agentProfileDBAdapter.updateProfileGroupStts(next2.getUUID(), -1));
                }
            });
        }
        AgentProfileManager.getInstance().applyProfiles(arrayList);
        return true;
    }

    @Override // android.app.IntentService, android.app.Service
    public void onCreate() {
        super.onCreate();
        PowerManager.WakeLock newWakeLock = ((PowerManager) getSystemService("power")).newWakeLock(1, "PIVD:IntentServiceWakeLock");
        this.mWakeLock = newWakeLock;
        newWakeLock.acquire();
        if (Build.VERSION.SDK_INT >= 26) {
            new AWNotificationChannelPostOManager(this).createNotificationChannel(CREDENTIAL_CHANNEL, "PIV-D Credential Channel", "Fetches and configures credentials", 3);
            startForeground(1, new NotificationCompat.Builder(this, CREDENTIAL_CHANNEL).setSmallIcon(R.drawable.generic_notification).setContentTitle("PIVD- Credentials").setContentText("Fetching and configuring credentials").setPriority(-1).build());
        }
    }

    @Override // android.app.IntentService, android.app.Service
    public void onDestroy() {
        super.onDestroy();
        this.mWakeLock.release();
    }

    @Override // android.app.IntentService
    public void onHandleIntent(Intent intent) {
        String binderCallingPackageId = ServiceSecurity.getBinderCallingPackageId(getApplicationContext());
        if (intent == null || !ServiceSecurity.isAppAccessPermitted(binderCallingPackageId, getApplicationContext())) {
            Logger.e(TAG, "app access not granted " + binderCallingPackageId);
            return;
        }
        String action = intent.getAction();
        if (!PIVDConstants.ACTION_PIVD_TOKEN.equals(action)) {
            if (!PIVDConstants.ACTION_PIVD_FETCH.equals(action)) {
                if (PIVDConstants.ACTION_PIVD_AUTHENTICATE.equalsIgnoreCase(action)) {
                    TaskQueue.getInstance().post(TaskQueueNames.QUEUE_ACTIVITY_WORKER, new PIVDSetupRunnable(PIVDConstants.ACTION_PIVD_CONFIGURE_CREDENTIALS, ""));
                    return;
                }
                return;
            }
            Map<ProfileGroup, String> derivedCredentialsCertTypeFromProfiles = getDerivedCredentialsCertTypeFromProfiles();
            for (ProfileGroup profileGroup : derivedCredentialsCertTypeFromProfiles.keySet()) {
                String str = derivedCredentialsCertTypeFromProfiles.get(profileGroup);
                Logger.d(TAG, "fetch credentials for certificate type " + str);
                getDerivedCredentialsManager(str, profileGroup).fetchCredentials();
            }
            return;
        }
        Logger.d(TAG, "received data from pivd app ");
        Bundle bundleExtra = intent.getBundleExtra(PIVDConstants.EXTRA_NAME_PIVD_DATA);
        String string = bundleExtra.getString(PIVDConstants.EXTRA_NAME_PIVD_TYPE);
        String string2 = bundleExtra.getString(PIVD_P12);
        String string3 = bundleExtra.getString(PIVD_P12_PASSWORD);
        String string4 = bundleExtra.getString(PIVD_P12_ISSUER);
        boolean z = bundleExtra.getBoolean(PIVD_CONFIGURED);
        showAgentActivityAndDeleteNotification();
        if (!z || TextUtils.isEmpty(string2) || TextUtils.isEmpty(string3)) {
            showDerivedCredentialsNotification(getString(R.string.pivd_activate_title), getString(R.string.pivd_activate_desc));
            return;
        }
        Iterator<Profile> it = getDerivedCredentialsProfile(string).iterator();
        while (it.hasNext()) {
            updateProfileDbAndReapplyProfile(it.next(), string, string2, string3, string4);
        }
    }

    public void setContext(Context context) {
        attachBaseContext(context);
    }
}
