package com.airwatch.agent.vpn.container;

import com.airwatch.afw.lib.AfwApp;
import com.airwatch.agent.AirWatchApp;
import com.airwatch.agent.appmanagement.AppManagerFactory;
import com.airwatch.agent.database.AgentProfileDBAdapter;
import com.airwatch.agent.enterprise.container.ContainerManagerFactory;
import com.airwatch.agent.enterprise.container.IntelContainerManager;
import com.airwatch.agent.notification.DeviceNotificationFactory;
import com.airwatch.agent.notification.DeviceNotificationManager;
import com.airwatch.agent.notification.NotificationType;
import com.airwatch.agent.profile.group.container.ContainerCertificateProfileGroup;
import com.airwatch.agent.thirdparty.globalprotect.GlobalProtectCommands;
import com.airwatch.agent.thirdparty.vpn.VpnUtility;
import com.airwatch.agent.utility.StatusManager;
import com.airwatch.agent.utility.StringUtils;
import com.airwatch.androidagent.R;
import com.airwatch.bizlib.model.CertificateDefinitionAnchorApp;
import com.airwatch.bizlib.profile.ProfileGroup;
import com.airwatch.bizlib.profile.ProfileSetting;
import com.airwatch.util.Logger;
import java.util.Date;
import java.util.Iterator;
import java.util.List;
import java.util.UUID;
import java.util.Vector;
import org.json.JSONArray;
import org.json.JSONException;
import org.json.JSONObject;

/* loaded from: classes3.dex */
public class TunnelContainerVpnConfiguration extends ContainerVPNConfiguration {
    private static final String CERTIFICATE_ALIAS = "CertificateAlias";
    private static final String CERTIFICATE_AUTHENTICATION_ENABLED = "CertificateAuthenticationEnabled";
    public static final String CLIENT_PACKAGE_NAME = "com.airwatch.tunnel";
    public static final String CLIENT_TYPE = "Tunnel";
    private static final String CONNECTION_TYPE = "connectionType";
    public static final String UIDPID_SEARCH_ENABLED = "uidpid_search_enabled";
    private boolean enableVPNOnDemand;
    public String sslRotationList;
    private String trafficRules;
    public String vpnuuid = "";
    private final String TAG = "TunnelContainerVPNConfiguration";

    private JSONArray getCaCertList() {
        JSONArray jSONArray = new JSONArray();
        if (StringUtils.isEmptyOrNull(this.sslRotationList)) {
            return jSONArray;
        }
        try {
            for (String str : this.sslRotationList.split(",")) {
                jSONArray.put(getCaCertSpecJsonByUUID(str.trim()));
            }
            return jSONArray;
        } catch (Exception e) {
            Logger.e("TunnelContainerVPNConfiguration", "Error encountered when getting RotationList", (Throwable) e);
            return new JSONArray();
        }
    }

    public static void queueConfigurationNotification(String str) {
        DeviceNotificationManager.deleteAllNotificationsByTypePayload(NotificationType.CONTAINER_TUNNEL_PENDING, str);
        StatusManager.removeContainerTunnelConfigurationNotification();
        DeviceNotificationManager.addNewNotification(DeviceNotificationFactory.createNotification(NotificationType.CONTAINER_TUNNEL_PENDING, AirWatchApp.getAppContext().getResources().getString(R.string.container_vpn_profile_name), AirWatchApp.getAppContext().getResources().getString(R.string.container_tunnel_configuration_ready_desc), new Date(), UUID.randomUUID().toString(), str));
        StatusManager.notifyContainerTunnelConfigurationReady();
    }

    @Override // com.airwatch.agent.vpn.container.ContainerVPNConfiguration
    protected String applyCertAndGetAliasName(ProfileGroup profileGroup) {
        CertificateDefinitionAnchorApp certificateDefinitionAnchorApp = new CertificateDefinitionAnchorApp(profileGroup);
        certificateDefinitionAnchorApp.setEnableTima(true);
        if (VpnUtility.persistTunnelCertData(certificateDefinitionAnchorApp, 0)) {
            return certificateDefinitionAnchorApp.getFullName();
        }
        return null;
    }

    protected JSONObject getCaCertSpecJson(String str, String str2) throws JSONException {
        JSONObject jSONObject = new JSONObject();
        JSONArray jSONArray = new JSONArray();
        JSONObject jSONObject2 = new JSONObject();
        jSONObject2.put("value", "Cert");
        jSONObject2.put("name", CertificateDefinitionAnchorApp.TYPE_NAME);
        jSONArray.put(jSONObject2);
        JSONObject jSONObject3 = new JSONObject();
        jSONObject3.put("value", str);
        jSONObject3.put("name", "CertificateName");
        jSONArray.put(jSONObject3);
        JSONObject jSONObject4 = new JSONObject();
        jSONObject4.put("value", str2);
        jSONObject4.put("name", "CertificateData");
        jSONArray.put(jSONObject4);
        JSONObject jSONObject5 = new JSONObject();
        jSONObject5.put("value", "garbageThumbCA");
        jSONObject5.put("name", "CertificateThumbprint");
        jSONArray.put(jSONObject5);
        JSONObject jSONObject6 = new JSONObject();
        jSONObject6.put("value", AfwApp.FALSE);
        jSONObject6.put("name", CertificateDefinitionAnchorApp.CERTIFICATE_INSTALLABLE);
        jSONArray.put(jSONObject6);
        jSONObject.put(ProfileGroup._JSON_KEY_SETTINGS, jSONArray);
        return jSONObject;
    }

    protected JSONObject getCaCertSpecJsonByUUID(String str) throws JSONException {
        ProfileGroup profileGroupByUUID = AgentProfileDBAdapter.getInstance().getProfileGroupByUUID(str);
        if (profileGroupByUUID != null) {
            return getCaCertSpecJson(getCertName(profileGroupByUUID), ContainerCertificateProfileGroup.getCertData((ContainerCertificateProfileGroup) profileGroupByUUID));
        }
        throw new NullPointerException("Coudln't find PG for uuid " + str);
    }

    @Override // com.airwatch.agent.vpn.container.ContainerVPNConfiguration
    protected String getCertName(ProfileGroup profileGroup) {
        return new CertificateDefinitionAnchorApp(profileGroup).getName();
    }

    @Override // com.airwatch.agent.vpn.container.ContainerVPNConfiguration
    public String getClientPackage() {
        return "com.airwatch.tunnel";
    }

    @Override // com.airwatch.agent.vpn.container.ContainerVPNConfiguration
    public String getClientVpnConfigJsonString() {
        JSONObject jSONObject = new JSONObject();
        JSONObject jSONObject2 = new JSONObject();
        JSONObject jSONObject3 = new JSONObject();
        JSONObject jSONObject4 = new JSONObject();
        JSONObject jSONObject5 = new JSONObject();
        try {
            jSONObject.put(ContainerVPNConfiguration.KNOX_VPN_PARAMETERS_JSON_KEY, jSONObject3);
            jSONObject3.put(ContainerVPNConfiguration.PROFILE_ATTRIBUTE_JSON_KEY, jSONObject4);
            jSONObject3.put("knox", jSONObject2);
            jSONObject3.put("vendor", jSONObject5);
            String str = this.vpnuuid;
            if (str == null || str.isEmpty()) {
                jSONObject4.put("profileName", this.parentUuid);
            } else {
                jSONObject4.put("profileName", this.vpnuuid);
            }
            if (this.connectionName.contains(" ")) {
                this.connectionName = this.connectionName.replace(" ", "");
            }
            jSONObject4.put("vpn_type", "ssl");
            jSONObject4.put("vpn_route_type", 0);
            jSONObject2.put("uidpid_search_enabled", 1);
            jSONObject2.put(CONNECTION_TYPE, "keepon");
            jSONObject5.put("Server", this.servername);
            boolean z = (this.certificateAlias == null || this.certificateAlias.length() == 0) ? false : true;
            jSONObject5.put(CERTIFICATE_AUTHENTICATION_ENABLED, z);
            if (z) {
                jSONObject5.put(CERTIFICATE_ALIAS, this.certificateAlias);
                jSONObject5.put("CertificatePassword", this.certificatePassword);
            }
            if (this.caCertificateAlias != null) {
                jSONObject5.put("CACertificateAlias", this.caCertificateAlias);
            }
            jSONObject5.put("EnableVPNOnDemand", this.enableVPNOnDemand);
            jSONObject5.put("TrafficRules", new JSONObject(this.trafficRules));
            jSONObject5.put("WhiteListedApps", new JSONArray(getWhitelistedApplicationList()));
            JSONObject caCertSpecJson = getCaCertSpecJson(this.caCertificateAlias, this.caCertificateData);
            JSONArray caCertList = getCaCertList();
            jSONObject5.put("caCert", caCertSpecJson);
            jSONObject5.put("caCertList", caCertList);
            jSONObject5.put("ConnectionName", this.connectionName);
        } catch (JSONException unused) {
            Logger.e("TunnelContainerVPNConfiguration", "Knox vpn profile exception ");
        }
        return jSONObject.toString();
    }

    @Override // com.airwatch.agent.vpn.container.ContainerVPNConfiguration
    public String getJsonBasicConfigString() {
        JSONObject commonJson = getCommonJson();
        try {
            commonJson.put("ConnectionName", this.vpnuuid);
            commonJson.put("vpn_application_inside_container", true);
        } catch (Exception e) {
            Logger.e("TunnelContainerVPNConfiguration", "Json exception ", (Throwable) e);
        }
        return commonJson.toString();
    }

    public String[] getWhitelistedApplicationList() {
        String[] strArr = new String[0];
        if (this.vPNApplications != null && !this.vPNApplications.isEmpty()) {
            strArr = this.vPNApplications.split(",");
        }
        String[] strArr2 = (String[]) AppManagerFactory.getApplicationManager().getVPNApplications(this.vpnuuid).toArray(new String[0]);
        String[] strArr3 = new String[strArr.length + strArr2.length];
        for (int i = 0; i < strArr.length; i++) {
            strArr3[i] = strArr[i];
        }
        for (int i2 = 0; i2 < strArr2.length; i2++) {
            strArr3[strArr.length + i2] = strArr2[i2];
        }
        return strArr3;
    }

    @Override // com.airwatch.agent.vpn.container.ContainerVPNConfiguration
    public boolean needsNotification() {
        return true;
    }

    @Override // com.airwatch.agent.vpn.container.ContainerVPNConfiguration
    public void parse(ProfileGroup profileGroup, boolean z) {
        super.parse(profileGroup, z);
        Vector<ProfileGroup> vector = new Vector<>();
        Iterator<ProfileSetting> it = profileGroup.getSettings().iterator();
        while (it.hasNext()) {
            ProfileSetting next = it.next();
            if (next.getName().equalsIgnoreCase("TrafficRules")) {
                this.trafficRules = next.getValue();
            } else if (next.getName().equalsIgnoreCase("EnableVPNOnDemand")) {
                this.enableVPNOnDemand = Boolean.parseBoolean(next.getValue());
            } else if (next.getName().equalsIgnoreCase(GlobalProtectCommands.VPNUUID)) {
                this.vpnuuid = next.getValue();
            } else if (next.getName().equalsIgnoreCase("VPNServerPublicSSLUUID")) {
                this.caPayloadcertificateuuid = next.getValue();
                vector.add(AgentProfileDBAdapter.getInstance().getProfileGroupByUUID(this.caPayloadcertificateuuid));
            } else if ("VPNServerPublicSslUuidList".equalsIgnoreCase(next.getName())) {
                this.sslRotationList = next.getValue();
            }
        }
        processCACert(z, vector);
    }

    @Override // com.airwatch.agent.vpn.container.ContainerVPNConfiguration
    public boolean shouldProceedAhead() {
        List<String> packages = ContainerManagerFactory.getContainerManager().getPackages(ContainerManagerFactory.getContainerManager() instanceof IntelContainerManager ? "Airwatch" : "DEMO_CONTAINER");
        return packages != null && packages.contains("com.airwatch.tunnel");
    }

    @Override // com.airwatch.agent.vpn.container.ContainerVPNConfiguration
    public boolean supportsJson() {
        return true;
    }

    @Override // com.airwatch.agent.vpn.container.ContainerVPNConfiguration
    public void takeDependencyAction(ProfileGroup profileGroup) {
        queueConfigurationNotification(profileGroup.getUUID());
    }
}
