package com.azure.authenticator.authentication.mfa;

import android.content.Context;
import android.database.Cursor;
import android.os.Build;
import android.text.TextUtils;
import com.azure.authenticator.PhoneFactorApplication;
import com.azure.authenticator.common.Util;
import com.azure.authenticator.storage.Storage;
import com.azure.authenticator.storage.database.AccountsSQLiteDatabase;
import com.azure.authenticator.telemetry.MfaAuthenticationLatencyManager;
import com.azure.authenticator.telemetry.TelemetryConstants;
import com.phonefactor.protocol.AuthenticationRequest;
import com.phonefactor.protocol.AuthenticationResponse;
import com.phonefactor.protocol.AuthenticationResultRequest;
import com.phonefactor.protocol.AuthenticationResultResponse;
import com.phonefactor.protocol.CheckForAuthenticationRequest;
import com.phonefactor.protocol.CheckForAuthenticationResponse;
import com.phonefactor.protocol.ParseException;
import com.phonefactor.protocol.PinChangeRequest;
import com.phonefactor.protocol.PinChangeResponse;
import com.phonefactor.protocol.PinValidationRequest;
import com.phonefactor.protocol.PinValidationResponse;
import com.phonefactor.protocol.PopConn;
import java.util.HashMap;

/* loaded from: classes.dex */
public class AuthenticationManager {
    private final PhoneFactorApplication _app;
    private final Context _context;
    private final String _fcmRegistrationId;
    private PendingAuthentication _pendingAuthentication;
    private final Storage _storage;

    /* loaded from: classes.dex */
    public enum AuthResponseEnum {
        ERROR_COMMUNICATION,
        ERROR_RESPONSE_PARSING,
        AUTH_DENIED,
        AUTH_SUCCESSFUL,
        AUTH_TIMEOUT,
        FRAUD_BLOCKED,
        FRAUD_NOT_BLOCKED,
        NO_PENDING_AUTHENTICATIONS_FOUND,
        ERROR_TIMEOUT,
        ERROR_UNKNOWN_ACCOUNT,
        PIN_CHANGE,
        PIN_ERROR_RETRY,
        PIN_ERROR_ALL_SAME_DIGIT,
        PIN_ERROR_HISTORY_DUPLICATE,
        PIN_ERROR_MINIMUM_LENGTH,
        PIN_ERROR_SEQUENTIAL_DIGITS,
        PIN_ERROR_SUBSET_OF_PHONE,
        PIN_ERROR_CHANGE_FAILURE
    }

    public AuthenticationManager(Context context, PendingAuthentication pendingAuthentication) {
        this._context = context;
        this._storage = new Storage(context.getApplicationContext());
        this._app = (PhoneFactorApplication) context.getApplicationContext();
        this._fcmRegistrationId = this._storage.readNotificationRegistrationId();
        this._pendingAuthentication = pendingAuthentication;
    }

    private AuthResponseEnum handleAuthResultResponse(AuthRequestDetails authRequestDetails, int i, String str) {
        AuthResponseEnum authResponseEnum;
        if (str == null) {
            return AuthResponseEnum.ERROR_COMMUNICATION;
        }
        try {
            AuthenticationResultResponse authenticationResultResponse = new AuthenticationResultResponse(str);
            MfaAuthenticationLatencyManager.logAuthResultRequestEnd(this._app);
            PhoneFactorApplication.logger.v("handleAuthResultResponse : response.getResult - " + authenticationResultResponse.getResult());
            PhoneFactorApplication.logger.v("handleAuthResultResponse : requestResult - " + i);
            if (authenticationResultResponse.getResult()) {
                switch (i) {
                    case 1:
                        authResponseEnum = AuthResponseEnum.AUTH_SUCCESSFUL;
                        break;
                    case 2:
                        authResponseEnum = AuthResponseEnum.AUTH_DENIED;
                        break;
                    case 3:
                    default:
                        PhoneFactorApplication.logger.e("Unexpected result: " + i);
                        authResponseEnum = AuthResponseEnum.AUTH_DENIED;
                        break;
                    case 4:
                        authResponseEnum = AuthResponseEnum.AUTH_DENIED;
                        break;
                    case 5:
                        if (!authRequestDetails.getFraudBlock()) {
                            authResponseEnum = AuthResponseEnum.FRAUD_NOT_BLOCKED;
                            break;
                        } else {
                            authResponseEnum = AuthResponseEnum.FRAUD_BLOCKED;
                            break;
                        }
                }
            } else {
                authResponseEnum = AuthResponseEnum.AUTH_DENIED;
            }
            return authResponseEnum;
        } catch (ParseException e) {
            PhoneFactorApplication.logger.e("Error in handleAuthResultResponse", e);
            PhoneFactorApplication.logger.e("responseStr - " + str);
            return AuthResponseEnum.ERROR_RESPONSE_PARSING;
        }
    }

    private GetAuthRequestResult handleGetAuthRequestResponse(String str) {
        AuthenticationResponse authenticationResponse;
        AccountsSQLiteDatabase accountsSQLiteDatabase;
        if (str == null) {
            return new GetAuthRequestResult(AuthResponseEnum.ERROR_COMMUNICATION);
        }
        AccountsSQLiteDatabase accountsSQLiteDatabase2 = null;
        Cursor cursor = null;
        boolean z = false;
        try {
            try {
                authenticationResponse = new AuthenticationResponse(str);
                MfaAuthenticationLatencyManager.logGetAuthRequestEnd(this._app);
                MfaAuthenticationLatencyManager.updateIdIfNecessary(this._app, authenticationResponse.getResponseGuid());
                if (authenticationResponse.getDosPreventer().length() > 0) {
                    PhoneFactorApplication.logger.i("Updating dosPreventer");
                    this._storage.writeDosPreventer(authenticationResponse.getDosPreventer());
                    this._storage.writeInvalidDosPreventer(false);
                }
                accountsSQLiteDatabase = new AccountsSQLiteDatabase(this._context);
            } catch (Throwable th) {
                th = th;
            }
        } catch (Exception e) {
            e = e;
        }
        try {
            String pushNotificationDeviceToken = authenticationResponse.getPushNotificationDeviceToken();
            String readActivatedNotificationRegistrationId = this._storage.readActivatedNotificationRegistrationId();
            if (!TextUtils.isEmpty(pushNotificationDeviceToken) && !TextUtils.isEmpty(this._fcmRegistrationId) && !this._fcmRegistrationId.equals(pushNotificationDeviceToken) && !TextUtils.isEmpty(this._storage.readDosPreventer()) && !TextUtils.isEmpty(readActivatedNotificationRegistrationId)) {
                PhoneFactorApplication.logger.i("Current FCM Registration Id: " + this._fcmRegistrationId);
                PhoneFactorApplication.logger.i("Activated FCM Registration Id: " + readActivatedNotificationRegistrationId);
                PhoneFactorApplication.logger.i("FCM Registration Id Returned by MFA Server: " + pushNotificationDeviceToken);
                this._storage.writeActivatedNotificationRegistrationId(pushNotificationDeviceToken);
                z = true;
            }
            String groupKey = authenticationResponse.getGroupKey();
            PhoneFactorApplication.logger.i("authResponse.getGroupKey(): " + groupKey);
            PhoneFactorApplication.logger.i("authResponse.getUsername(): " + authenticationResponse.getUsername());
            PhoneFactorApplication.logger.i("authResponse.getOathCode(): " + (TextUtils.isEmpty(this._pendingAuthentication.getOathCode()) ? "empty" : "not empty"));
            if (groupKey == null || groupKey.length() == 0 || authenticationResponse.getUsername() == null || authenticationResponse.getUsername().length() == 0) {
                if (this._pendingAuthentication.getOathCode().length() > 0) {
                    GetAuthRequestResult getAuthRequestResult = new GetAuthRequestResult(AuthResponseEnum.NO_PENDING_AUTHENTICATIONS_FOUND);
                    accountsSQLiteDatabase.close();
                    return getAuthRequestResult;
                }
                GetAuthRequestResult getAuthRequestResult2 = new GetAuthRequestResult(AuthResponseEnum.ERROR_TIMEOUT);
                accountsSQLiteDatabase.close();
                return getAuthRequestResult2;
            }
            if (accountsSQLiteDatabase.doesMfaAccountExist(groupKey, authenticationResponse.getUsername())) {
                accountsSQLiteDatabase.updateMfaAccount(groupKey, authenticationResponse.getUsername(), authenticationResponse.getAccountName(), authenticationResponse.getOathTokenEnabled());
                GetAuthRequestResult getAuthRequestResult3 = new GetAuthRequestResult(new AuthRequestDetails(authenticationResponse, z));
                accountsSQLiteDatabase.close();
                return getAuthRequestResult3;
            }
            PhoneFactorApplication.logger.e("Auth for unknown account");
            HashMap hashMap = new HashMap();
            Cursor account = accountsSQLiteDatabase.getAccount(authenticationResponse.getUsername());
            if (account.getCount() > 0) {
                hashMap.put(TelemetryConstants.Properties.MfaUsernameFound, "true");
                String string = account.getString(account.getColumnIndex(AccountsSQLiteDatabase.COLUMN_GROUP_KEY));
                String string2 = account.getString(account.getColumnIndex(AccountsSQLiteDatabase.COLUMN_OATH_SECRET_KEY));
                hashMap.put(TelemetryConstants.Properties.MfaDefaultGroupKey, String.valueOf(AccountsSQLiteDatabase.DEFAULT_GROUP_KEY_TEXT.equals(string)));
                hashMap.put(TelemetryConstants.Properties.MfaEmptySecretKey, String.valueOf(TextUtils.isEmpty(string2)));
            } else {
                hashMap.put(TelemetryConstants.Properties.MfaUsernameFound, "false");
            }
            PhoneFactorApplication.telemetry.trackEvent(TelemetryConstants.Events.MfaRequestUnknownAccount, hashMap);
            GetAuthRequestResult getAuthRequestResult4 = new GetAuthRequestResult(AuthResponseEnum.ERROR_UNKNOWN_ACCOUNT);
            if (account != null) {
                account.close();
            }
            accountsSQLiteDatabase.close();
            return getAuthRequestResult4;
        } catch (Exception e2) {
            e = e2;
            accountsSQLiteDatabase2 = accountsSQLiteDatabase;
            PhoneFactorApplication.logger.e("Error in handling auth request response.", e);
            if (this._pendingAuthentication.getOathCode().length() > 0) {
                GetAuthRequestResult getAuthRequestResult5 = new GetAuthRequestResult(AuthResponseEnum.NO_PENDING_AUTHENTICATIONS_FOUND);
                if (0 != 0) {
                    cursor.close();
                }
                if (accountsSQLiteDatabase2 == null) {
                    return getAuthRequestResult5;
                }
                accountsSQLiteDatabase2.close();
                return getAuthRequestResult5;
            }
            GetAuthRequestResult getAuthRequestResult6 = new GetAuthRequestResult(AuthResponseEnum.ERROR_RESPONSE_PARSING);
            if (0 != 0) {
                cursor.close();
            }
            if (accountsSQLiteDatabase2 == null) {
                return getAuthRequestResult6;
            }
            accountsSQLiteDatabase2.close();
            return getAuthRequestResult6;
        } catch (Throwable th2) {
            th = th2;
            accountsSQLiteDatabase2 = accountsSQLiteDatabase;
            if (0 != 0) {
                cursor.close();
            }
            if (accountsSQLiteDatabase2 != null) {
                accountsSQLiteDatabase2.close();
            }
            throw th;
        }
    }

    private AuthResponseEnum handlePinAuthResponse(AuthRequestDetails authRequestDetails, String str) {
        AuthResponseEnum authResponseEnum;
        if (str == null) {
            return AuthResponseEnum.ERROR_COMMUNICATION;
        }
        try {
            PinValidationResponse pinValidationResponse = new PinValidationResponse(str);
            MfaAuthenticationLatencyManager.logPinValidationRequestEnd(this._app);
            PhoneFactorApplication.logger.v("handlePinAuthResponse : response.getResult - " + pinValidationResponse.getResult());
            switch (pinValidationResponse.getResult()) {
                case 1:
                    if (!authRequestDetails.getPinChangeRequired()) {
                        authResponseEnum = performAuthResultRequest(authRequestDetails, 1);
                        break;
                    } else if (!authRequestDetails.getUserCanChangePin()) {
                        authResponseEnum = performAuthResultRequest(authRequestDetails, 4);
                        break;
                    } else {
                        authResponseEnum = AuthResponseEnum.PIN_CHANGE;
                        break;
                    }
                case 2:
                    if (authRequestDetails.getPinRetries() <= 0) {
                        authResponseEnum = performAuthResultRequest(authRequestDetails, 3);
                        break;
                    } else {
                        authRequestDetails.setPinRetries(authRequestDetails.getPinRetries() - 1);
                        authResponseEnum = AuthResponseEnum.PIN_ERROR_RETRY;
                        break;
                    }
                case 3:
                case 4:
                    authResponseEnum = AuthResponseEnum.AUTH_DENIED;
                    break;
                case 5:
                    authResponseEnum = AuthResponseEnum.AUTH_TIMEOUT;
                    break;
                default:
                    PhoneFactorApplication.logger.e("unknown pin validation result: " + pinValidationResponse.getResult());
                    authResponseEnum = null;
                    break;
            }
            return authResponseEnum;
        } catch (ParseException e) {
            PhoneFactorApplication.logger.e("Error in handlePinAuthResponse", e);
            PhoneFactorApplication.logger.e("responseStr - " + str);
            return AuthResponseEnum.ERROR_RESPONSE_PARSING;
        }
    }

    private AuthResponseEnum handlePinChangeResponse(AuthRequestDetails authRequestDetails, String str) {
        AuthResponseEnum authResponseEnum;
        if (str == null) {
            return AuthResponseEnum.ERROR_COMMUNICATION;
        }
        try {
            PinChangeResponse pinChangeResponse = new PinChangeResponse(str);
            MfaAuthenticationLatencyManager.logChangePinAuthRequestEnd(this._app);
            PhoneFactorApplication.logger.v("handlePinChangeResponse : response.getResult - " + pinChangeResponse.getResult());
            switch (pinChangeResponse.getResult()) {
                case 1:
                    authResponseEnum = performAuthResultRequest(authRequestDetails, 1);
                    break;
                case 2:
                default:
                    authResponseEnum = AuthResponseEnum.PIN_ERROR_CHANGE_FAILURE;
                    break;
                case 3:
                    authResponseEnum = AuthResponseEnum.PIN_ERROR_MINIMUM_LENGTH;
                    break;
                case 4:
                    authResponseEnum = AuthResponseEnum.PIN_ERROR_SEQUENTIAL_DIGITS;
                    break;
                case 5:
                    authResponseEnum = AuthResponseEnum.PIN_ERROR_ALL_SAME_DIGIT;
                    break;
                case 6:
                    authResponseEnum = AuthResponseEnum.PIN_ERROR_SUBSET_OF_PHONE;
                    break;
                case 7:
                    authResponseEnum = AuthResponseEnum.PIN_ERROR_HISTORY_DUPLICATE;
                    break;
            }
            return authResponseEnum;
        } catch (ParseException e) {
            PhoneFactorApplication.logger.e("Error in handlePinChangeResponse: ", e);
            PhoneFactorApplication.logger.e("responseString: " + str);
            return AuthResponseEnum.ERROR_RESPONSE_PARSING;
        }
    }

    /* JADX WARN: Unsupported multi-entry loop pattern (BACK_EDGE: B:30:0x00c5 -> B:23:0x007f). Please report as a decompilation issue!!! */
    public static CheckForAuthenticationResponse performCheckForAuthenticationRequest(Context context) {
        Storage storage = new Storage(context);
        String readDosPreventer = storage.readDosPreventer();
        if (TextUtils.isEmpty(readDosPreventer)) {
            PhoneFactorApplication.logger.e("DOS preventer not found.");
            return null;
        }
        String readNotificationRegistrationId = storage.readNotificationRegistrationId();
        if (TextUtils.isEmpty(readNotificationRegistrationId)) {
            PhoneFactorApplication.logger.e("FCM not registered.");
            return null;
        }
        String str = "";
        String readActivatedNotificationRegistrationId = storage.readActivatedNotificationRegistrationId();
        String readPreviousActivatedNotificationRegistrationId = storage.readPreviousActivatedNotificationRegistrationId();
        if (!readNotificationRegistrationId.equals(readActivatedNotificationRegistrationId)) {
            str = readActivatedNotificationRegistrationId;
        } else if (!TextUtils.isEmpty(readPreviousActivatedNotificationRegistrationId) && !readPreviousActivatedNotificationRegistrationId.equals(readNotificationRegistrationId)) {
            str = readPreviousActivatedNotificationRegistrationId;
        }
        if (str == null) {
            str = "";
        }
        String checkForAuthenticationRequest = new CheckForAuthenticationRequest(readDosPreventer, readNotificationRegistrationId, str).toString();
        try {
            if (checkForAuthenticationRequest.contains("request-id")) {
                int indexOf = checkForAuthenticationRequest.indexOf("request-id");
                PhoneFactorApplication.logger.i(checkForAuthenticationRequest.substring(indexOf, checkForAuthenticationRequest.indexOf("'", indexOf + 10 + 3) + 1));
            } else {
                PhoneFactorApplication.logger.e("request-id not found; isEmpty() = " + checkForAuthenticationRequest.isEmpty());
            }
        } catch (Exception e) {
            PhoneFactorApplication.logger.e("Error parsing request ID from request string.", e);
        }
        try {
            return new CheckForAuthenticationResponse(new PopConn(Util.mfaTragetEnvironment.getPadUrl()).send(checkForAuthenticationRequest));
        } catch (Exception e2) {
            PhoneFactorApplication.logger.e("Error checking for pending authentications.", e2);
            PhoneFactorApplication.telemetry.trackException(e2, TelemetryConstants.Scenarios.MfaCheckForAuth);
            return null;
        }
    }

    public AuthResponseEnum performAuthResultRequest(AuthRequestDetails authRequestDetails, int i) {
        AuthenticationResultRequest authenticationResultRequest = new AuthenticationResultRequest(authRequestDetails.getResponseGuid(), this._fcmRegistrationId, PhoneFactorApplication.getAppVersionName(this._app), Build.VERSION.RELEASE, i, this._storage.readNotificationRegistrationId(), AuthenticationResultRequest.NOTIFICATION_TYPE_GCM, (System.currentTimeMillis() / 1000) / 30);
        PopRequest popRequest = new PopRequest(this._pendingAuthentication.getPadRequestUrl());
        MfaAuthenticationLatencyManager.logAuthResultRequestStart(this._app);
        return handleAuthResultResponse(authRequestDetails, i, popRequest.performRequest(authenticationResultRequest.toString()));
    }

    public GetAuthRequestResult performGetAuthRequest() {
        String readDosPreventer = this._storage.readDosPreventer();
        PhoneFactorApplication.logger.i("dosPreventer: " + readDosPreventer);
        AuthenticationRequest authenticationRequest = new AuthenticationRequest(this._pendingAuthentication.getGuid(), this._pendingAuthentication.getOathCode(), readDosPreventer == null || readDosPreventer.length() == 0, this._fcmRegistrationId, PhoneFactorApplication.getAppVersionName(this._app), Build.VERSION.RELEASE);
        PopRequest popRequest = new PopRequest(this._pendingAuthentication.getPadRequestUrl());
        MfaAuthenticationLatencyManager.logGetAuthRequestStart(this._app);
        return handleGetAuthRequestResponse(popRequest.performRequest(authenticationRequest.toString()));
    }

    public AuthResponseEnum performPinAuthRequest(AuthRequestDetails authRequestDetails, String str, boolean z) {
        PinValidationRequest pinValidationRequest = new PinValidationRequest(authRequestDetails.getResponseGuid(), this._fcmRegistrationId, PhoneFactorApplication.getAppVersionName(this._app), Build.VERSION.RELEASE, str, z);
        PopRequest popRequest = new PopRequest(this._pendingAuthentication.getPadRequestUrl());
        MfaAuthenticationLatencyManager.logPinValidationRequestStart(this._app);
        return handlePinAuthResponse(authRequestDetails, popRequest.performRequest(pinValidationRequest.toString()));
    }

    public AuthResponseEnum performPinChange(AuthRequestDetails authRequestDetails, String str) {
        PinChangeRequest pinChangeRequest = new PinChangeRequest(authRequestDetails.getResponseGuid(), this._fcmRegistrationId, PhoneFactorApplication.getAppVersionName(this._app), Build.VERSION.RELEASE, str);
        PopRequest popRequest = new PopRequest(this._pendingAuthentication.getPadRequestUrl());
        MfaAuthenticationLatencyManager.logChangePinAuthRequestStart(this._app);
        return handlePinChangeResponse(authRequestDetails, popRequest.performRequest(pinChangeRequest.toString()));
    }
}
