package oracle.idm.mobile;

import android.text.TextUtils;
import android.util.Log;
import android.view.View;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Calendar;
import java.util.Date;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import oracle.idm.mobile.OMAuthenticationContext;
import oracle.idm.mobile.callback.OMCredentialCollectorCallback;
import oracle.idm.mobile.callback.OMInputParamCallback;
import oracle.idm.mobile.crypto.CryptoException;
import oracle.idm.mobile.crypto.CryptoScheme;
import oracle.idm.mobile.crypto.OMCryptoService;
import org.apache.http.HttpResponse;
import sun.util.locale.BaseLocale;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: classes.dex */
public class OfflineAuthenticationService extends AuthenticationService {
    private static final String OFFLINE_CREDENTIAL_COUNT = "offlineCredentialCount";
    private static final String className = OfflineAuthenticationService.class.getName();
    private boolean idleTimeOut;

    /* JADX INFO: Access modifiers changed from: protected */
    public OfflineAuthenticationService(OMAuthenticationServiceManager oMAuthenticationServiceManager, OMCredentialCollector oMCredentialCollector) {
        super(oMAuthenticationServiceManager, oMCredentialCollector);
        this.idleTimeOut = false;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static String createServerSpecificKey(String str, String str2, String str3, String str4) {
        StringBuilder sb = new StringBuilder(str);
        sb.append(BaseLocale.SEP);
        if (str3 != null) {
            sb.append(str3);
        }
        sb.append("::");
        sb.append(str4);
        sb.append(BaseLocale.SEP);
        sb.append(str2);
        return sb.toString();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static String createUserSpecificKey(String str, String str2, String str3) {
        StringBuilder sb = new StringBuilder(str);
        sb.append(BaseLocale.SEP);
        if (str2 != null) {
            sb.append(str2);
        }
        sb.append("::");
        sb.append(str3);
        return sb.toString();
    }

    private String performOfflineAuthentication(OMAuthenticationContext oMAuthenticationContext) {
        String str = className + "_performOfflineAuthentication";
        Map<String, Object> inputParams = oMAuthenticationContext.getInputParams();
        if (inputParams == null || inputParams.isEmpty() || !inputParams.containsKey("username") || !inputParams.containsKey("password")) {
            oMAuthenticationContext.setStatus(OMAuthenticationContext.AuthContextStatus.OFFLINE_COLLECT_CREDENTIAL);
            return null;
        }
        inputParams.remove(OMSecurityConstants.COLLECT_OFFLINE_CREDENTIAL);
        String str2 = (String) inputParams.get("username");
        String str3 = (String) inputParams.get("password");
        String str4 = (String) inputParams.get("identityDomain");
        String credentialKey = oMAuthenticationContext.getCredentialKey() != null ? oMAuthenticationContext.getCredentialKey() : this.asm.getAppCredentialKey();
        String createServerSpecificKey = createServerSpecificKey(oMAuthenticationContext.getAuthRequest().getAuthenticationURL().toString(), credentialKey, str4, str2);
        String createUserSpecificKey = createUserSpecificKey(credentialKey, str4, str2);
        Log.d(str, "Performing offline authentication for user: " + str2);
        if (!TextUtils.isEmpty(str4)) {
            str2 = str4 + "." + str2;
        }
        OMCredential retrieveOfflineCredential = retrieveOfflineCredential(createServerSpecificKey);
        if (retrieveOfflineCredential == null && (retrieveOfflineCredential = retrieveOfflineCredential(createUserSpecificKey)) != null) {
            Log.d(str, "Offline Credentials available for userSpecificKey");
            OMCredentialStore credentialStoreService = this.asm.getMobileSecurityService().getCredentialStoreService();
            credentialStoreService.addCredential(createServerSpecificKey, retrieveOfflineCredential);
            credentialStoreService.deleteCredential(createUserSpecificKey);
            oMAuthenticationContext.setOfflineCredentialKey(createServerSpecificKey);
        }
        boolean z = false;
        if (retrieveOfflineCredential != null) {
            Log.d(str, "Offline Credentials available for user: " + str2);
            String userName = retrieveOfflineCredential.getUserName();
            String rawUserPassword = retrieveOfflineCredential.getRawUserPassword();
            String identityDomain = retrieveOfflineCredential.getIdentityDomain();
            if (!TextUtils.isEmpty(identityDomain)) {
                z = true;
                userName = identityDomain + "." + userName;
            }
            if (str2 != null && str2.length() != 0 && str3 != null && str3.length() != 0 && str2.equals(userName)) {
                boolean match = this.mss.getCryptoService().match(str3, rawUserPassword, this.mss.getMobileSecurityConfig().getSaltLength());
                oMAuthenticationContext.setAuthenticatedMode(OMAuthenticationContext.AuthenticatedMode.LOCAL);
                if (match) {
                    Log.d(str, "Offline Credentials match for user: " + str2);
                    oMAuthenticationContext.setOfflineCredentialKey(createServerSpecificKey);
                    OMAuthenticationContext retrieveAuthenticationContext = this.asm.retrieveAuthenticationContext();
                    OMAuthenticationScheme authenticationScheme = oMAuthenticationContext.getAuthRequest().getAuthenticationScheme();
                    Log.d(str, "Case Offline Authentication with scheme: " + ((Object) authenticationScheme));
                    if (retrieveAuthenticationContext != null) {
                        Log.d(str, "Case [Offline Authentication with an existing authentication context]");
                        switch (authenticationScheme) {
                            case OAUTH20:
                                List<OAuthToken> oAuthTokenList = retrieveAuthenticationContext.getOAuthTokenList();
                                if (oAuthTokenList != null && !oAuthTokenList.isEmpty()) {
                                    Log.d(str, "Adding the previously retained access tokens (" + oAuthTokenList.size() + ") to the new auth context!");
                                    oMAuthenticationContext.setOAuthTokenList(new ArrayList(oAuthTokenList));
                                }
                                break;
                            case BASIC:
                                if (!str2.equals(retrieveAuthenticationContext.getUserName())) {
                                    Log.d(str, "Session for user: " + retrieveAuthenticationContext.getUserName() + " is already avaliable, hence clearing it off to complete offline authentication for user: " + str2);
                                    retrieveAuthenticationContext.deleteAuthContext(true, true, true, true, false, false);
                                    break;
                                }
                                break;
                        }
                    }
                    if (authenticationScheme == OMAuthenticationScheme.OAUTH20) {
                        oMAuthenticationContext.setAuthenticationProvider(OMAuthenticationContext.AuthenticationProvider.OAUTH20);
                    } else {
                        oMAuthenticationContext.setAuthenticationProvider(OMAuthenticationContext.AuthenticationProvider.OFFLINE);
                    }
                    oMAuthenticationContext.setStatus(OMAuthenticationContext.AuthContextStatus.COMPLETED);
                    return null;
                }
                Log.d(str, "Offline Credentials mis-matched for user: " + str2);
                oMAuthenticationContext.setStatus(OMAuthenticationContext.AuthContextStatus.FAILURE);
                if (z) {
                    oMAuthenticationContext.setMobileException(new OMMobileSecurityException(OMErrorCode.UN_PWD_TENANT_INVALID, (String) null, this.mss.getApplicationContext()));
                } else {
                    oMAuthenticationContext.setMobileException(new OMMobileSecurityException(OMErrorCode.UN_PWD_INVALID, (String) null, this.mss.getApplicationContext()));
                }
            }
        } else {
            Log.d(str, "Offline Credentials not available for user: " + str2);
        }
        return null;
    }

    private OMCredential retrieveOfflineCredential(String str) {
        return this.asm.getMobileSecurityService().getCredentialStoreService().getCredential(str);
    }

    private void storeOfflineCredentialsCount(boolean z) {
        OMCredentialStore credentialStoreService = this.asm.getMobileSecurityService().getCredentialStoreService();
        int i = credentialStoreService.getInt(OFFLINE_CREDENTIAL_COUNT);
        int i2 = z ? i + 1 : i - 1;
        if (i2 < 0) {
            i2 = 0;
        }
        credentialStoreService.putInt(OFFLINE_CREDENTIAL_COUNT, i2);
    }

    @Override // oracle.idm.mobile.AuthenticationService
    public void collectInputParams(final SDKViewFlipper sDKViewFlipper, Map<String, Object> map, final OMInputParamCallback oMInputParamCallback) {
        if (map != null && !map.isEmpty() && map.containsKey("username") && map.containsKey("password")) {
            oMInputParamCallback.sendInputParam(map);
            return;
        }
        String str = (String) map.get(OMSecurityConstants.COLLECT_OFFLINE_CREDENTIAL);
        if (str == null || !str.equals("true")) {
            oMInputParamCallback.sendInputParam(map);
            return;
        }
        if (TextUtils.isEmpty((String) map.get("username")) && this.mss.getMobileSecurityConfig().isAnyRCFeatureEnabled()) {
            this.asm.getRememberCredentialsUtil().updateParamsWithRememberedCredentials(map);
        }
        View processViewRequest = this.view.processViewRequest(map, new OMCredentialCollectorCallback() { // from class: oracle.idm.mobile.OfflineAuthenticationService.1
            @Override // oracle.idm.mobile.callback.OMCredentialCollectorCallback
            public void processCancelResponse() {
                OfflineAuthenticationService.this.freeResources(sDKViewFlipper, R.id.loginWebView);
                oMInputParamCallback.sendInputParam(null);
            }

            @Override // oracle.idm.mobile.callback.OMCredentialCollectorCallback
            public void processLoginResponse(Map<String, Object> map2) {
                OfflineAuthenticationService.this.freeResources(sDKViewFlipper, R.id.loginWebView);
                if (OfflineAuthenticationService.this.asm.getApplicationContext() != null) {
                    OfflineAuthenticationService.this.showProgressView(OfflineAuthenticationService.this.asm.getApplicationContext(), sDKViewFlipper);
                }
                if (OfflineAuthenticationService.this.mss.getMobileSecurityConfig().isAnyRCFeatureEnabled()) {
                    OfflineAuthenticationService.this.asm.getRememberCredentialsUtil().storeRememberCredentialsUIPreferences(map2);
                }
                oMInputParamCallback.sendInputParam(map2);
            }
        });
        sDKViewFlipper.removeAllViews();
        sDKViewFlipper.addView(processViewRequest);
    }

    @Override // oracle.idm.mobile.AuthenticationService
    public String handleAuthentication(OMAuthenticationRequest oMAuthenticationRequest, OMAuthenticationContext oMAuthenticationContext) throws OMMobileSecurityException {
        oMAuthenticationContext.setStatus(OMAuthenticationContext.AuthContextStatus.ONLINE_IN_PROGRESS);
        if (this.asm.getFailureCount() > this.mss.getMobileSecurityConfig().getMaxFailureAttempts()) {
            Log.d(className + "_handleAuthentication", "Maximum Failure attempts has reached.");
            oMAuthenticationContext.deleteAuthContext(true, true, true, true, false, false);
            this.asm.resetFailureCount();
            return null;
        }
        String credentialKey = oMAuthenticationContext.getCredentialKey() != null ? oMAuthenticationContext.getCredentialKey() : this.asm.getAppCredentialKey();
        if (this.asm.getMobileSecurityService().getCredentialStoreService().getInt(OFFLINE_CREDENTIAL_COUNT) == 0) {
            return null;
        }
        OMAuthenticationContext retrieveAuthenticationContext = this.asm.retrieveAuthenticationContext(credentialKey);
        if (!oMAuthenticationRequest.isSsoAgentRequest()) {
            if (!oMAuthenticationRequest.isForceAuthentication() && retrieveAuthenticationContext != null && retrieveAuthenticationContext.isValid()) {
                oMAuthenticationContext.copyFromAuthContext(retrieveAuthenticationContext);
                oMAuthenticationContext.setAuthenticatedMode(retrieveAuthenticationContext.getAuthenticatedMode());
                oMAuthenticationContext.setStatus(OMAuthenticationContext.AuthContextStatus.COMPLETED);
                return null;
            }
            Map<String, Object> inputParams = oMAuthenticationContext.getInputParams();
            if (inputParams == null || inputParams.isEmpty() || !inputParams.containsKey("username") || !inputParams.containsKey("password")) {
                oMAuthenticationContext.setStatus(OMAuthenticationContext.AuthContextStatus.OFFLINE_COLLECT_CREDENTIAL);
                return null;
            }
        }
        OMConnectivityMode connectivityMode = oMAuthenticationContext.getAuthRequest().getConnectivityMode();
        Log.d(className + "_handleAuthentication", "OMConnectivityMode = " + connectivityMode.name());
        if (connectivityMode == OMConnectivityMode.ONLINE) {
            return null;
        }
        if (connectivityMode == OMConnectivityMode.OFFLINE) {
            return performOfflineAuthentication(oMAuthenticationContext);
        }
        boolean isNetworkAvailable = this.mss.getConnectionHandler().isNetworkAvailable(oMAuthenticationRequest.getAuthenticationURL().toString());
        if (oMAuthenticationRequest.getAuthenticationScheme() != OMAuthenticationScheme.BASIC) {
            if (isNetworkAvailable) {
                return null;
            }
            return performOfflineAuthentication(oMAuthenticationContext);
        }
        OMAuthenticationContext retrieveAuthenticationContext2 = this.asm.retrieveAuthenticationContext();
        String str = (String) oMAuthenticationContext.getInputParams().get("username");
        if (retrieveAuthenticationContext2 != null && !TextUtils.isEmpty(str) && !str.equals(retrieveAuthenticationContext2.getUserName())) {
            Log.d(className + "_handleAuthentication", "Session for user: " + retrieveAuthenticationContext2.getUserName() + " already available!");
            if (isNetworkAvailable) {
                return null;
            }
            return performOfflineAuthentication(oMAuthenticationContext);
        }
        try {
            HashMap hashMap = new HashMap(this.asm.getMobileSecurityService().getMobileSecurityConfig().getCustomAuthHeaders());
            addIdentityDomain(hashMap, (String) oMAuthenticationContext.getInputParams().get("identityDomain"));
            HttpResponse httpGetWithHttpResponse = this.mss.getConnectionHandler().httpGetWithHttpResponse(oMAuthenticationRequest.getAuthenticationURL(), hashMap);
            int statusCode = httpGetWithHttpResponse.getStatusLine().getStatusCode();
            try {
                httpGetWithHttpResponse.getEntity().consumeContent();
            } catch (IOException e) {
                Log.e(className + "_handleAuthentication", "Exception while consuming HTTPEntity", e);
            }
            if (statusCode == 401) {
                Log.d(className + "_handleAuthentication", "Cookies are NOT valid. Hence, doing online authentication.");
                return null;
            }
            Log.d(className + "_handleAuthentication", "Cookies are valid. Hence, doing offline authentication.");
            return performOfflineAuthentication(oMAuthenticationContext);
        } catch (OMMobileSecurityException e2) {
            Log.d(className + "_handleAuthentication", "Could not connect to server to check cookie validity. Falling back to offline authentication.");
            return performOfflineAuthentication(oMAuthenticationContext);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void handleAuthenticationCompleted(OMAuthenticationRequest oMAuthenticationRequest, OMAuthenticationContext oMAuthenticationContext) {
        OMCredential oMCredential = new OMCredential();
        Map<String, Object> inputParams = oMAuthenticationContext.getInputParams();
        boolean z = false;
        String str = (String) inputParams.get("username");
        String str2 = (String) inputParams.get("password");
        String url = oMAuthenticationRequest.getAuthenticationURL().toString();
        if (str != null && str.length() != 0 && str2 != null && str2.length() != 0) {
            oMCredential.setUserName(str);
            OMMobileSecurityConfiguration mobileSecurityConfig = this.mss.getMobileSecurityConfig();
            CryptoScheme cryptoScheme = mobileSecurityConfig.getCryptoScheme();
            OMCryptoService cryptoService = this.mss.getCryptoService();
            String str3 = str2;
            try {
                str3 = CryptoScheme.PLAINTEXT != cryptoScheme ? CryptoScheme.isHashAlgorithm(cryptoScheme) ? cryptoService.hash(str2, cryptoScheme, mobileSecurityConfig.getSaltLength(), true) : cryptoService.encrypt(str2, cryptoScheme, mobileSecurityConfig.getCryptoMode(), mobileSecurityConfig.getCryptoPadding(), true) : cryptoService.prefixAlgorithm(cryptoScheme, str2);
            } catch (CryptoException e) {
                Log.d(className + "_handleAuthenticationCompleted", e.getLocalizedMessage(), e);
            }
            oMCredential.setUserPassword(str3);
            z = true;
        }
        String str4 = (String) inputParams.get("identityDomain");
        if (str4 != null && str4.length() != 0) {
            oMCredential.setIdentityDomain(str4);
        }
        if (!z || oMAuthenticationContext.getAuthenticatedMode() == OMAuthenticationContext.AuthenticatedMode.LOCAL) {
            return;
        }
        String credentialKey = oMAuthenticationContext.getCredentialKey() != null ? oMAuthenticationContext.getCredentialKey() : this.asm.getAppCredentialKey();
        OMCredentialStore credentialStoreService = this.asm.getMobileSecurityService().getCredentialStoreService();
        String createServerSpecificKey = createServerSpecificKey(url, credentialKey, str4, str);
        Log.d(className, "Saving Offline Credentials for User: " + str);
        credentialStoreService.addCredential(createServerSpecificKey, oMCredential);
        storeOfflineCredentialsCount(true);
        oMAuthenticationContext.setOfflineCredentialKey(createServerSpecificKey);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean isIdleTimeOut() {
        return this.idleTimeOut;
    }

    @Override // oracle.idm.mobile.AuthenticationService
    public boolean isValid(OMAuthenticationContext oMAuthenticationContext, boolean z) throws OMMobileSecurityException {
        if (oMAuthenticationContext.getAuthenticatedMode() == OMAuthenticationContext.AuthenticatedMode.LOCAL) {
            this.idleTimeOut = false;
            Date time = Calendar.getInstance().getTime();
            Date sessionExpiry = oMAuthenticationContext.getSessionExpiry();
            if (sessionExpiry != null && oMAuthenticationContext.getSessionExpInSecs() != 0 && (time.after(sessionExpiry) || time.equals(sessionExpiry))) {
                Log.d(className + "_isValid", "Session is expired.");
                if (this.mss.getMobileSecurityConfig().isAnyRCFeatureEnabled()) {
                    this.asm.getRememberCredentialsUtil().inValidateAutoLoginCredentials();
                }
                oMAuthenticationContext.deleteAuthContext(true, true, true, true, false, false);
                return false;
            }
            Date idleTimeExpiry = oMAuthenticationContext.getIdleTimeExpiry();
            if (idleTimeExpiry != null && oMAuthenticationContext.getIdleTimeExpInSecs() != 0 && (time.after(idleTimeExpiry) || time.equals(idleTimeExpiry))) {
                Log.d(className + "_isValid", "Idle time is expired.");
                this.idleTimeOut = true;
                return false;
            }
            if (oMAuthenticationContext.getIdleTimeExpInSecs() > 0) {
                oMAuthenticationContext.resetIdleTime();
                Log.d(className + "_isValid", "Idle time is reset to : " + oMAuthenticationContext.getIdleTimeExpiry().getTime());
            }
        }
        return true;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // oracle.idm.mobile.AuthenticationService
    public void logout(OMAuthenticationContext oMAuthenticationContext, boolean z, boolean z2, boolean z3, boolean z4) {
        if (z) {
            String userName = oMAuthenticationContext.getUserName();
            if (TextUtils.isEmpty(userName)) {
                Log.d(className + "_logout", "Invalid username to be removed from credential store.");
                return;
            }
            this.asm.getMobileSecurityService().getCredentialStoreService().deleteCredential(createServerSpecificKey(this.asm.getMobileSecurityService().getMobileSecurityConfig().getAuthenticationURL().toString(), oMAuthenticationContext.getCredentialKey() != null ? oMAuthenticationContext.getCredentialKey() : this.asm.getAppCredentialKey(), oMAuthenticationContext.getIdentityDomain(), userName));
            storeOfflineCredentialsCount(false);
            Log.d(className + "_logout", "Offline credentials for the user " + userName + " is removed from the credential store.");
        }
    }
}
