package com.kronos.dimensions.enterprise.auth;

import android.os.Handler;
import android.os.HandlerThread;
import android.os.Looper;
import com.kronos.dimensions.enterprise.app.Installation;
import com.kronos.dimensions.enterprise.app.InstallationFileException;
import com.kronos.dimensions.enterprise.auth.requests.AuthenticationHTTPResponseHandler;
import com.kronos.dimensions.enterprise.data.AutomationHelper;
import com.kronos.dimensions.enterprise.data.DBMgr;
import com.kronos.dimensions.enterprise.data.beans.OAuthBean;
import com.kronos.dimensions.enterprise.data.beans.OAuthCredentialBean;
import com.kronos.dimensions.enterprise.data.beans.OAuthTokenBean;
import com.kronos.dimensions.enterprise.data.beans.Server;
import com.kronos.dimensions.enterprise.emm.EMMConstants;
import com.kronos.dimensions.enterprise.http.HttpRetryPolicy;
import com.kronos.dimensions.enterprise.http.HttpUtils;
import com.kronos.dimensions.enterprise.http.NoServerException;
import com.kronos.dimensions.enterprise.http.WebResource;
import com.kronos.dimensions.enterprise.logging.LogFactory;
import com.kronos.dimensions.enterprise.logging.WFDLog;
import com.kronos.dimensions.enterprise.session.SessionFactory;
import com.kronos.dimensions.enterprise.util.DateAndTimeFormatter;
import com.kronos.dimensions.enterprise.util.SecureHeader;
import com.kronos.dimensions.enterprise.util.WFDUtils;
import java.util.HashMap;
import java.util.concurrent.locks.Condition;
import java.util.concurrent.locks.ReentrantLock;
import kotlin.Unit;
import kotlin.jvm.functions.Function1;
import org.json.JSONException;
import org.json.JSONObject;

/* loaded from: classes2.dex */
public class AuthenticationMgr {
    public static final String ACCESS_TOKEN_FIELD = "access_token";
    public static final String APP_KEY_HEADER = "appKey";
    private static final String ATTEMPT_SUBMIT_ACTION = "Attempting to submit action...";
    public static final String AUTHORIZATION_HEADER = "Authorization";
    public static final String AUTH_CODE_HEADER = "authcode";
    private static final String AUTH_FAILED = "Auth failed";
    public static final String CLIENT_ID_FIELD = "client_id";
    public static final String CLIENT_SECRET_FIELD = "client_secret";
    private static final String CURRENT_THREAD_IS = "Current thread is ";
    private static final String EXECUTING_ON_MAIN_THREAD = "Currently executing on main (UI) thread";
    public static final String EXPIRES_IN_FIELD = "expires_in";
    public static final String GRANT_TYPE_FIELD = "grant_type";
    private static final String LOG_PREFIX = "AuthenticationMgr::";
    public static final String OAUTH_PROVIDER_DIMENSIONS = "Dimensions";
    public static final String OAUTH_PROVIDER_HEADER = "X-OAuth-Provider";
    public static final String REFRESH_TOKEN_FIELD = "refresh_token";
    private static final String UNEXPECTED_EXCEPTION = "Unexpected exception: ";
    private State currentState;
    private final ReentrantLock lock;
    private final SessionFactory sessionFactory;
    protected boolean stepCalledFlag;
    private final Condition stepDone;
    private String stepRequestURI;
    private String stepResponse;

    /* loaded from: classes2.dex */
    public enum State {
        UNKNOWN,
        SUCCESS,
        FAILURE,
        NO_OAUTH
    }

    public AuthenticationMgr(SessionFactory sessionFactory) {
        ReentrantLock reentrantLock = new ReentrantLock();
        this.lock = reentrantLock;
        this.stepDone = reentrantLock.newCondition();
        this.currentState = State.UNKNOWN;
        this.stepResponse = "";
        this.stepRequestURI = "";
        this.stepCalledFlag = false;
        this.sessionFactory = sessionFactory;
    }

    private String getFullServerURL(String str) {
        if (str == null) {
            str = "";
        }
        int indexOf = str.indexOf(63);
        return indexOf > 0 ? str.substring(0, indexOf) : str;
    }

    private HttpUtils getHTTPUtils() {
        return HttpUtils.getInstance();
    }

    private synchronized void performLogout(String str) throws InterruptedException {
        this.lock.lock();
        String str2 = LOG_PREFIX + Thread.currentThread().getName() + "::";
        WFDLog.d(str2 + "Current thread lock hold count during logout: " + this.lock.getHoldCount());
        WFDLog.i(str2 + "Attempting to logout...");
        this.currentState = State.UNKNOWN;
        doLogout(str);
        this.stepCalledFlag = true;
        awaitStepDone();
        this.stepCalledFlag = false;
        if (this.currentState == State.SUCCESS) {
            WFDLog.i(str2 + "Attempting to call sso/loggedout...");
            this.currentState = State.UNKNOWN;
            doSSOLoggedOut(str);
            this.stepCalledFlag = true;
            awaitStepDone();
            this.stepCalledFlag = false;
        }
        if (this.currentState == State.SUCCESS) {
            WFDLog.i(str2 + "Attempting to call openAM directly...");
            this.currentState = State.UNKNOWN;
            doOpenAMSessionClear(str);
            this.stepCalledFlag = true;
            awaitStepDone();
        }
        State state = this.currentState;
        this.currentState = State.UNKNOWN;
        clearSessionCookies();
        this.stepCalledFlag = true;
        awaitStepDone();
        this.currentState = state;
        this.lock.unlock();
    }

    private void validateOIDCAuthInfo(String str, String str2, String str3) throws NoAuthCredsException {
        boolean z = (str == null || str.isEmpty()) ? false : true;
        boolean z2 = (str2 == null || str2.isEmpty()) ? false : true;
        boolean z3 = (str3 == null || str3.isEmpty()) ? false : true;
        if (!z || !z2 || !z3) {
            throw new NoAuthCredsException(NoAuthCredsException.MISSING_OIDC_INFO);
        }
    }

    public synchronized void authenticate(String str, String str2, IAuthenticationCompletionHandler iAuthenticationCompletionHandler, boolean z, boolean z2, boolean z3) {
        String str3;
        SecureHeader secureHeader;
        this.lock.lock();
        this.stepCalledFlag = false;
        this.currentState = State.UNKNOWN;
        this.stepResponse = "";
        this.stepRequestURI = "";
        String str4 = LOG_PREFIX + Thread.currentThread().getName() + "::";
        WFDLog.i(str4 + CURRENT_THREAD_IS + Thread.currentThread().getName());
        if (getMainThread() == Thread.currentThread()) {
            WFDLog.e(str4 + EXECUTING_ON_MAIN_THREAD);
        }
        OAuthTokenBean userOAuthTokens = getDBMgr().getUserOAuthTokens(str, str2);
        OAuthCredentialBean oAuthCredsByRealm = getDBMgr().getOAuthCredsByRealm(str);
        OAuthBean oAuthBean = new OAuthBean(oAuthCredsByRealm, userOAuthTokens);
        Server serverByRealm = getDBMgr().getServerByRealm(str);
        String fullServerURL = getFullServerURL(serverByRealm.getFullSessionURL());
        WFDLog.d(str4 + "Server url to encode for a goto query parameter: " + fullServerURL);
        String urlEncode = getHTTPUtils().urlEncode(fullServerURL);
        WFDLog.d(str4 + "Encoded server url for a goto query parameter: " + urlEncode);
        SecureHeader secureHeader2 = getSecureHeader();
        try {
            try {
                validateOAuthCreds(oAuthBean);
                WFDLog.i(str4 + "Attempting to ping capabilities to check if there's already a session...");
                this.currentState = State.UNKNOWN;
                doCSRFToken(str);
                this.stepCalledFlag = true;
                awaitStepDone();
                this.stepCalledFlag = false;
                if (this.currentState != State.SUCCESS || validateExistingSession()) {
                    secureHeader = secureHeader2;
                } else {
                    this.currentState = State.UNKNOWN;
                    WFDLog.d(str4 + "Clearing saved secure app header");
                    secureHeader2.clearStoredAppHeader();
                    clearSessionCookies();
                    this.stepCalledFlag = true;
                    awaitStepDone();
                    this.stepCalledFlag = false;
                    DateAndTimeFormatter dateAndTimeFormatter = new DateAndTimeFormatter();
                    secureHeader = secureHeader2;
                    WFDLog.d(str4 + "Access token expiration date: " + dateAndTimeFormatter.toISO8601DeviceTimezone(userOAuthTokens.getExpirationDateInSeconds() * 1000, false) + ", Current date: " + dateAndTimeFormatter.toISO8601DeviceTimezone(System.currentTimeMillis(), false));
                    if (userOAuthTokens.getAccessTokenExpired()) {
                        this.currentState = State.FAILURE;
                        WFDLog.i(str4 + "Access token expired, did not try to authenticate");
                    } else {
                        WFDLog.i(str4 + "Access token still valid, attempting to authenticate...");
                        this.currentState = State.UNKNOWN;
                        doAuth(str, oAuthBean, urlEncode);
                        this.stepCalledFlag = true;
                        awaitStepDone();
                        this.stepCalledFlag = false;
                    }
                    if (this.currentState == State.FAILURE) {
                        WFDLog.i(str4 + "Auth failed, attempting to refresh...");
                        this.currentState = State.UNKNOWN;
                        doRefreshAuthToken(str, oAuthCredsByRealm, userOAuthTokens);
                        this.stepCalledFlag = true;
                        awaitStepDone();
                        this.stepCalledFlag = false;
                        if (this.currentState == State.SUCCESS) {
                            WFDLog.i(str4 + "Saving new auth tokens");
                            OAuthBean oAuthBean2 = new OAuthBean(oAuthCredsByRealm, saveNewAuthTokens(str, str2, userOAuthTokens));
                            validateOAuthCreds(oAuthBean2);
                            WFDLog.i(str4 + "Attempting to authenticate again...");
                            this.currentState = State.UNKNOWN;
                            doAuth(str, oAuthBean2, urlEncode);
                            this.stepCalledFlag = true;
                            awaitStepDone();
                            this.stepCalledFlag = false;
                        }
                    }
                    WFDLog.d(str4 + "Current state: " + this.currentState + ", is header allowed = " + serverByRealm.isSecureAppHeaderAllowed());
                    if (this.currentState == State.SUCCESS && serverByRealm.isSecureAppHeaderAllowed() && (z3 || z2)) {
                        generateSecureHeader(serverByRealm);
                    }
                    if (this.currentState == State.SUCCESS && z3) {
                        WFDLog.i(str4 + "Attempting to login to sso/portal...");
                        this.currentState = State.UNKNOWN;
                        doSSOPortal(str);
                        this.stepCalledFlag = true;
                        awaitStepDone();
                        this.stepCalledFlag = false;
                    }
                    if (this.currentState == State.SUCCESS && z2) {
                        WFDLog.i(str4 + "Attempting to refresh CSRF token...");
                        this.currentState = State.UNKNOWN;
                        doCSRFToken(str);
                        this.stepCalledFlag = true;
                        awaitStepDone();
                        this.stepCalledFlag = false;
                        if (this.currentState == State.SUCCESS) {
                            saveNewCSRFTokens();
                        }
                    }
                }
                if (this.currentState == State.SUCCESS) {
                    WFDLog.i(str4 + ATTEMPT_SUBMIT_ACTION);
                    this.currentState = State.UNKNOWN;
                    try {
                        iAuthenticationCompletionHandler.handleSuccessfulAuth(z ? new PostOAuthActionHandler(this) : new NullPostOAuthActionHandler());
                        this.stepCalledFlag = true;
                    } catch (NoAuthCredsException e) {
                        e = e;
                        WFDLog.e(str4 + "Auth aborted: ", e);
                        iAuthenticationCompletionHandler.handleFailedAuth();
                        this.stepCalledFlag = true;
                        this.lock.unlock();
                        str3 = str4 + "Current thread lock hold count from post-authentication: " + this.lock.getHoldCount();
                        WFDLog.d(str3);
                    } catch (Exception e2) {
                        e = e2;
                        WFDLog.e(str4 + UNEXPECTED_EXCEPTION, e);
                        WFDLog.i(str4 + AUTH_FAILED);
                        iAuthenticationCompletionHandler.handleFailedAuth();
                        this.stepCalledFlag = true;
                        this.lock.unlock();
                        str3 = str4 + "Current thread lock hold count from post-authentication: " + this.lock.getHoldCount();
                        WFDLog.d(str3);
                    }
                }
                if (z) {
                    awaitStepDone();
                    this.stepCalledFlag = false;
                    State state = this.currentState;
                    WFDLog.d(str4 + "Clearing saved secure app header");
                    secureHeader.clearStoredAppHeader();
                    getDBMgr().deleteDeviceProperty(DBMgr.SECURE_HEADER_ALLOWED_FOR_SESSION_SERVER);
                    WFDLog.d(str4 + "Current thread lock hold count from pre-logout: " + this.lock.getHoldCount());
                    performLogout(str);
                    WFDLog.d(str4 + "Current thread lock hold count from post-logout: " + this.lock.getHoldCount());
                    this.currentState = state;
                }
                if (this.currentState == State.FAILURE) {
                    WFDLog.i(str4 + AUTH_FAILED);
                    iAuthenticationCompletionHandler.handleFailedAuth();
                }
                this.stepCalledFlag = true;
                this.lock.unlock();
                str3 = str4 + "Current thread lock hold count from post-authentication: " + this.lock.getHoldCount();
            } catch (Throwable th) {
                this.stepCalledFlag = true;
                this.lock.unlock();
                WFDLog.d(str4 + "Current thread lock hold count from post-authentication: " + this.lock.getHoldCount());
                throw th;
            }
        } catch (NoAuthCredsException e3) {
            e = e3;
        } catch (Exception e4) {
            e = e4;
        }
        WFDLog.d(str3);
    }

    public synchronized void authenticateOIDC(String str, IAuthenticationCompletionHandler iAuthenticationCompletionHandler) {
        String str2;
        this.lock.lock();
        this.stepCalledFlag = false;
        this.currentState = State.UNKNOWN;
        this.stepResponse = "";
        this.stepRequestURI = "";
        String str3 = LOG_PREFIX + Thread.currentThread().getName() + "::";
        WFDLog.i(str3 + CURRENT_THREAD_IS + Thread.currentThread().getName());
        if (getMainThread() == Thread.currentThread()) {
            WFDLog.e(str3 + EXECUTING_ON_MAIN_THREAD);
        }
        try {
            try {
                try {
                    JSONObject jSONObject = new JSONObject(str);
                    String string = jSONObject.getString("oidcServerUrl");
                    String string2 = jSONObject.getString("oidcToken");
                    String string3 = jSONObject.getString("oidcAppKey");
                    validateOIDCAuthInfo(string, string2, string3);
                    this.currentState = State.UNKNOWN;
                    clearSessionCookies();
                    this.stepCalledFlag = true;
                    awaitStepDone();
                    this.stepCalledFlag = false;
                    WFDLog.i(str3 + "Attempting to ping deeplink OIDC API...");
                    this.currentState = State.UNKNOWN;
                    doOIDCCall(string, string2, string3);
                    this.stepCalledFlag = true;
                    awaitStepDone();
                    this.stepCalledFlag = false;
                    if (this.currentState == State.SUCCESS) {
                        WFDLog.i(str3 + ATTEMPT_SUBMIT_ACTION);
                        iAuthenticationCompletionHandler.handleSuccessfulAuth(new NullPostOAuthActionHandler());
                    } else {
                        WFDLog.i(str3 + "OIDC authentication failed");
                        iAuthenticationCompletionHandler.handleFailedAuth();
                    }
                    this.stepCalledFlag = true;
                    this.lock.unlock();
                    str2 = str3 + "Current thread lock hold count from post-OIDC: " + this.lock.getHoldCount();
                } catch (JSONException e) {
                    WFDLog.e(str3 + "Issue reading OIDC parameters, cannot attempt OIDC auth", e);
                    iAuthenticationCompletionHandler.handleFailedAuth();
                    this.stepCalledFlag = true;
                    this.lock.unlock();
                    str2 = str3 + "Current thread lock hold count from post-OIDC: " + this.lock.getHoldCount();
                }
            } catch (NoAuthCredsException e2) {
                WFDLog.e(str3 + "Missing needed information for OIDC auth, auth aborted: ", e2);
                iAuthenticationCompletionHandler.handleFailedAuth();
                this.stepCalledFlag = true;
                this.lock.unlock();
                str2 = str3 + "Current thread lock hold count from post-OIDC: " + this.lock.getHoldCount();
            } catch (Exception e3) {
                WFDLog.e(str3 + UNEXPECTED_EXCEPTION, e3);
                WFDLog.i(str3 + AUTH_FAILED);
                iAuthenticationCompletionHandler.handleFailedAuth();
                this.stepCalledFlag = true;
                this.lock.unlock();
                str2 = str3 + "Current thread lock hold count from post-OIDC: " + this.lock.getHoldCount();
            }
            WFDLog.d(str2);
        } catch (Throwable th) {
            this.stepCalledFlag = true;
            this.lock.unlock();
            WFDLog.d(str3 + "Current thread lock hold count from post-OIDC: " + this.lock.getHoldCount());
            throw th;
        }
    }

    protected void awaitStepDone() throws InterruptedException {
        while (this.currentState == State.UNKNOWN) {
            this.stepDone.await();
        }
    }

    protected void clearSessionCookies() {
        WFDLog.i("AuthenticationMgr::Clearing session cookies");
        WFDLog.d("AuthenticationMgr::Creating handler thread: ClearSessionCookiesThread");
        final HandlerThread handlerThread = getHandlerThread("ClearSessionCookiesThread");
        handlerThread.start();
        if (getHandler(handlerThread.getLooper()).post(new Runnable() { // from class: com.kronos.dimensions.enterprise.auth.AuthenticationMgr$$ExternalSyntheticLambda0
            @Override // java.lang.Runnable
            public final void run() {
                AuthenticationMgr.this.m164x541a6030(handlerThread);
            }
        })) {
            return;
        }
        WFDLog.e("AuthenticationMgr::Session cookie runnable was not able to be placed in the looper's message queue. No cookies were cleared");
        signalLock(State.FAILURE, null, null);
        WFDLog.d("AuthenticationMgr::Quitting handler thread");
        handlerThread.quitSafely();
    }

    protected void doAuth(String str, OAuthBean oAuthBean, String str2) {
        OAuthCredentialBean credentials = oAuthBean.getCredentials();
        OAuthTokenBean tokens = oAuthBean.getTokens();
        if (tokens.getAccessToken() == null || tokens.getAccessToken().length() <= 0 || !credentials.getIsOAuthAllowed()) {
            WFDLog.i("AuthenticationMgr::OAuth not allowed, either no OAuth tokens are saved, or no server credentials were retrieved.");
            this.currentState = State.NO_OAUTH;
            return;
        }
        try {
            WFDLog.d("AuthenticationMgr::Authenticating...");
            WebResource authenticationURI = getAuthenticationURI(str, str2);
            HashMap hashMap = new HashMap();
            hashMap.put(APP_KEY_HEADER, credentials.getAppKey());
            hashMap.put("Authorization", tokens.getAccessToken());
            hashMap.put(OAUTH_PROVIDER_HEADER, OAUTH_PROVIDER_DIMENSIONS);
            authenticationURI.postJSON(new AuthenticationHTTPResponseHandler(this), hashMap, "");
        } catch (NoServerException e) {
            WFDLog.e("AuthenticationMgr::Failed to authenticate", e);
            this.currentState = State.NO_OAUTH;
        } catch (Exception e2) {
            WFDLog.e("AuthenticationMgr::Unexpected exception: ", e2);
            this.currentState = State.NO_OAUTH;
        }
    }

    protected void doCSRFToken(String str) {
        try {
            WFDLog.d("AuthenticationMgr::Requesting new CSRF token");
            getCapabilitiesURI(str).get(new AuthenticationHTTPResponseHandler(this), new HashMap());
        } catch (NoServerException e) {
            WFDLog.e("AuthenticationMgr::Failed to retrieve new CSRF token", e);
            this.currentState = State.NO_OAUTH;
        } catch (Exception e2) {
            WFDLog.e("AuthenticationMgr::Unexpected exception: ", e2);
            this.currentState = State.NO_OAUTH;
        }
    }

    protected void doLogout(String str) {
        try {
            WFDLog.d("AuthenticationMgr::Requesting logout.");
            getLogoutURI(str).get(new AuthenticationHTTPResponseHandler(this), new HashMap());
        } catch (NoServerException e) {
            WFDLog.e("AuthenticationMgr::Failed to request logout.", e);
            this.currentState = State.NO_OAUTH;
        } catch (Exception e2) {
            WFDLog.e("AuthenticationMgr::Unexpected exception: ", e2);
            this.currentState = State.NO_OAUTH;
        }
    }

    protected void doOIDCCall(String str, String str2, String str3) {
        try {
            WFDLog.d("AuthenticationMgr::Authenticating...");
            WebResource oidcuri = getOIDCURI(str);
            HashMap hashMap = new HashMap();
            hashMap.put(AUTH_CODE_HEADER, str2);
            hashMap.put(APP_KEY_HEADER, str3);
            oidcuri.get(new AuthenticationHTTPResponseHandler(this), hashMap);
        } catch (NoServerException e) {
            WFDLog.e("AuthenticationMgr::Failed to authenticate", e);
            this.currentState = State.NO_OAUTH;
        } catch (Exception e2) {
            WFDLog.e("AuthenticationMgr::Unexpected exception: ", e2);
            this.currentState = State.NO_OAUTH;
        }
    }

    protected void doOpenAMSessionClear(String str) {
        try {
            WFDLog.d("AuthenticationMgr::Requesting openAM logout.");
            getOpenAMURI(str).postJSON(new AuthenticationHTTPResponseHandler(this), new HashMap(), "");
        } catch (NoServerException e) {
            WFDLog.e("AuthenticationMgr::Failed to request openAM logout.", e);
            this.currentState = State.NO_OAUTH;
        } catch (Exception e2) {
            WFDLog.e("AuthenticationMgr::Unexpected exception: ", e2);
            this.currentState = State.NO_OAUTH;
        }
    }

    protected void doRefreshAuthToken(String str, OAuthCredentialBean oAuthCredentialBean, OAuthTokenBean oAuthTokenBean) {
        if (oAuthTokenBean.getRefreshToken() == null || oAuthTokenBean.getRefreshToken().length() <= 0 || !oAuthCredentialBean.getIsOAuthAllowed()) {
            WFDLog.i("AuthenticationMgr::OAuth not allowed for current user.");
            this.currentState = State.NO_OAUTH;
            return;
        }
        try {
            WFDLog.d("AuthenticationMgr::Refreshing the OAuth tokens.");
            WebResource authTokenURI = getAuthTokenURI(str);
            HashMap hashMap = new HashMap();
            hashMap.put(APP_KEY_HEADER, oAuthCredentialBean.getAppKey());
            hashMap.put(OAUTH_PROVIDER_HEADER, OAUTH_PROVIDER_DIMENSIONS);
            HashMap hashMap2 = new HashMap();
            hashMap2.put(CLIENT_ID_FIELD, oAuthCredentialBean.getClientId());
            hashMap2.put(CLIENT_SECRET_FIELD, oAuthCredentialBean.getClientSecret());
            hashMap2.put(GRANT_TYPE_FIELD, REFRESH_TOKEN_FIELD);
            hashMap2.put(REFRESH_TOKEN_FIELD, oAuthTokenBean.getRefreshToken());
            authTokenURI.postForm(new AuthenticationHTTPResponseHandler(this, true), hashMap, hashMap2);
        } catch (NoServerException e) {
            WFDLog.e("AuthenticationMgr::Failed to refresh the OAuth tokens.", e);
            this.currentState = State.NO_OAUTH;
        } catch (Exception e2) {
            WFDLog.e("AuthenticationMgr::Unexpected exception: ", e2);
            this.currentState = State.NO_OAUTH;
        }
    }

    protected void doSSOLoggedOut(String str) {
        try {
            WFDLog.d("AuthenticationMgr::Requesting sso logout.");
            getSSOLogoutURI(str).get(new AuthenticationHTTPResponseHandler(this), new HashMap());
        } catch (NoServerException e) {
            WFDLog.e("AuthenticationMgr::Failed to request sso logout.", e);
            this.currentState = State.NO_OAUTH;
        } catch (Exception e2) {
            WFDLog.e("AuthenticationMgr::Unexpected exception: ", e2);
            this.currentState = State.NO_OAUTH;
        }
    }

    protected void doSSOPortal(String str) {
        try {
            WFDLog.d("AuthenticationMgr::Requesting SSO Portal.");
            getSsoPortalURI(str).get(new AuthenticationHTTPResponseHandler(this), new HashMap());
        } catch (NoServerException e) {
            WFDLog.e("AuthenticationMgr::Failed to request SSO Portal.", e);
            this.currentState = State.NO_OAUTH;
        } catch (Exception e2) {
            WFDLog.e("AuthenticationMgr::Unexpected exception: ", e2);
            this.currentState = State.NO_OAUTH;
        }
    }

    protected void generateSecureHeader(Server server) {
        String fullServerURL = getFullServerURL(server.getFullSessionURL());
        String automationEMMConfig = getAutomationEMMConfig(getDBMgr().getGlobalProperty(EMMConstants.INSTANCE.getEMM_CONFIG()));
        boolean z = false;
        if (automationEMMConfig.isEmpty()) {
            WFDLog.i("AuthenticationMgr::No saved EMM configuration data, setting isOrganizationalDevice to false");
        } else {
            WFDLog.d("AuthenticationMgr::Saved EMM configuration data found, checking for isOrganizationDevice flag");
            try {
                JSONObject jSONObject = new JSONObject(automationEMMConfig);
                if (jSONObject.has(EMMConstants.INSTANCE.getEMM_IS_ORGANIZATIONAL_DEVICE())) {
                    boolean z2 = jSONObject.getBoolean(EMMConstants.INSTANCE.getEMM_IS_ORGANIZATIONAL_DEVICE());
                    WFDLog.d("AuthenticationMgr::isOrganizationalDevice flag found, value: " + z2);
                    z = z2;
                }
            } catch (Exception e) {
                WFDLog.e("AuthenticationMgr::Error getting isOrganizationalDevice value from EMMConfig, setting false", e);
            }
        }
        WFDLog.i("AuthenticationMgr::Header value result: " + getSecureHeader().getSecureHeader(fullServerURL, getApplicationId(), z));
    }

    protected String getApplicationId() {
        try {
            return Installation.getId(WFDUtils.getInstance().getAppContext());
        } catch (InstallationFileException e) {
            WFDLog.e("AuthenticationMgr::There was an error reading the UUID", e);
            return "";
        }
    }

    protected WebResource getAuthTokenURI(String str) throws NoServerException {
        return this.sessionFactory.createWebResource(WFDUtils.getInstance().getAppContext(), "/api/authentication/access_token", str, HttpRetryPolicy.BACKOFF);
    }

    protected WebResource getAuthenticationURI(String str, String str2) throws NoServerException {
        return this.sessionFactory.createWebResource(WFDUtils.getInstance().getAppContext(), str2 != null ? "/api/authentication/oauth/login?authIndexType=service&authIndexValue=oAuthService&goto=" + str2 : "/api/authentication/oauth/login?authIndexType=service&authIndexValue=oAuthService", str, HttpRetryPolicy.BACKOFF);
    }

    protected String getAutomationEMMConfig(String str) {
        try {
            if (getAutomationHelper().isReleaseBuild() || !getAutomationHelper().hasAutomationValueSet(AutomationHelper.SET_EMM_DICT)) {
                return str;
            }
            String automationEMMConfig = getAutomationHelper().getAutomationEMMConfig();
            WFDLog.i("AuthenticationMgr::Automation value for EMM config data set to: " + automationEMMConfig);
            return automationEMMConfig;
        } catch (Exception e) {
            WFDLog.e("AuthenticationMgr::There was an exception trying to use automation EMM config data", e);
            return str;
        }
    }

    protected AutomationHelper getAutomationHelper() {
        return AutomationHelper.getInstance();
    }

    protected WebResource getCapabilitiesURI(String str) throws NoServerException {
        return this.sessionFactory.createWebResource(WFDUtils.getInstance().getAppContext(), "/mobileapp/capabilities", str, HttpRetryPolicy.NONE);
    }

    protected DBMgr getDBMgr() {
        return DBMgr.getInstance();
    }

    protected Handler getHandler(Looper looper) {
        return new Handler(looper);
    }

    protected HandlerThread getHandlerThread(String str) {
        return new HandlerThread(str);
    }

    protected WebResource getLogoutURI(String str) throws NoServerException {
        return this.sessionFactory.createWebResource(WFDUtils.getInstance().getAppContext(), "/user/logout", str, HttpRetryPolicy.NONE);
    }

    protected Thread getMainThread() {
        return Looper.getMainLooper().getThread();
    }

    protected WebResource getOIDCURI(String str) throws NoServerException {
        if (str.endsWith("/")) {
            str = str.substring(0, str.length() - 1);
        }
        return this.sessionFactory.createWebResource(WFDUtils.getInstance().getAppContext(), str + "/api/v1/auth/connect", null, HttpRetryPolicy.NONE);
    }

    protected WebResource getOpenAMURI(String str) throws NoServerException {
        String str2 = this.stepRequestURI;
        if (str2 != null && str2.endsWith("/")) {
            this.stepRequestURI = this.stepRequestURI.substring(0, r0.length() - 1);
        }
        return this.sessionFactory.createWebResource(WFDUtils.getInstance().getAppContext(), this.stepRequestURI + "/authn/json/sessions?_action=logout", str, HttpRetryPolicy.NONE);
    }

    protected WebResource getSSOLogoutURI(String str) throws NoServerException {
        return this.sessionFactory.createWebResource(WFDUtils.getInstance().getAppContext(), "/sso/loggedout", str, HttpRetryPolicy.NONE);
    }

    protected SecureHeader getSecureHeader() {
        return this.sessionFactory.createSecureHeader(LogFactory.getLogger(), WFDUtils.LOGTAG);
    }

    protected WebResource getSsoPortalURI(String str) throws NoServerException {
        return this.sessionFactory.createWebResource(WFDUtils.getInstance().getAppContext(), "/sso/portal", str, HttpRetryPolicy.NONE);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: lambda$clearSessionCookies$0$com-kronos-dimensions-enterprise-auth-AuthenticationMgr, reason: not valid java name */
    public /* synthetic */ Unit m163x2e86572f(HandlerThread handlerThread, Boolean bool) {
        String str = LOG_PREFIX + Thread.currentThread().getName() + "::";
        if (Boolean.TRUE.equals(bool)) {
            WFDLog.d(str + "Session cookies were cleared, flushing");
            this.sessionFactory.getCookieStore().flush();
        }
        WFDLog.d(str + "Signaling end of clearing cookies");
        signalLock(State.SUCCESS, null, null);
        WFDLog.d(str + "Quitting handler thread");
        handlerThread.quitSafely();
        return Unit.INSTANCE;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: lambda$clearSessionCookies$1$com-kronos-dimensions-enterprise-auth-AuthenticationMgr, reason: not valid java name */
    public /* synthetic */ void m164x541a6030(final HandlerThread handlerThread) {
        this.sessionFactory.getCookieStore().removeSessionCookies(new Function1() { // from class: com.kronos.dimensions.enterprise.auth.AuthenticationMgr$$ExternalSyntheticLambda1
            @Override // kotlin.jvm.functions.Function1
            public final Object invoke(Object obj) {
                return AuthenticationMgr.this.m163x2e86572f(handlerThread, (Boolean) obj);
            }
        });
    }

    public synchronized void logout(IAuthenticationCompletionHandler iAuthenticationCompletionHandler) {
        String str;
        this.lock.lock();
        this.stepCalledFlag = false;
        this.currentState = State.UNKNOWN;
        this.stepResponse = "";
        this.stepRequestURI = "";
        String str2 = LOG_PREFIX + Thread.currentThread().getName() + "::";
        WFDLog.i(str2 + CURRENT_THREAD_IS + Thread.currentThread().getName());
        if (getMainThread() == Thread.currentThread()) {
            WFDLog.e(str2 + EXECUTING_ON_MAIN_THREAD);
        }
        WFDLog.d(str2 + "Current thread lock hold count from pre-logout: " + this.lock.getHoldCount());
        try {
            try {
                if (getDBMgr().getSession().getFullUrl() != null) {
                    WFDLog.i(str2 + "Attempting to ping capabilities to check if there's already a session...");
                    this.currentState = State.UNKNOWN;
                    doCSRFToken(null);
                    this.stepCalledFlag = true;
                    awaitStepDone();
                    this.stepCalledFlag = false;
                    if (this.currentState == State.SUCCESS && validateExistingSession()) {
                        performLogout(null);
                        if (this.currentState == State.SUCCESS) {
                            WFDLog.i(str2 + ATTEMPT_SUBMIT_ACTION);
                            iAuthenticationCompletionHandler.handleSuccessfulAuth(new NullPostOAuthActionHandler());
                        } else {
                            WFDLog.i(str2 + "Logout failed");
                            iAuthenticationCompletionHandler.handleFailedAuth();
                        }
                    } else {
                        WFDLog.i(str2 + "No valid session, no logout needed.");
                        iAuthenticationCompletionHandler.handleSuccessfulAuth(new NullPostOAuthActionHandler());
                    }
                } else {
                    WFDLog.i(str2 + "No valid session, no logout needed.");
                    iAuthenticationCompletionHandler.handleSuccessfulAuth(new NullPostOAuthActionHandler());
                }
                this.stepCalledFlag = true;
                this.lock.unlock();
                str = str2 + "Current thread lock hold count from post-logout: " + this.lock.getHoldCount();
            } catch (Exception e) {
                WFDLog.e(str2 + UNEXPECTED_EXCEPTION, e);
                WFDLog.i(str2 + "Logout failed");
                iAuthenticationCompletionHandler.handleFailedAuth();
                this.stepCalledFlag = true;
                this.lock.unlock();
                str = str2 + "Current thread lock hold count from post-logout: " + this.lock.getHoldCount();
            }
            WFDLog.d(str);
        } catch (Throwable th) {
            this.stepCalledFlag = true;
            this.lock.unlock();
            WFDLog.d(str2 + "Current thread lock hold count from post-logout: " + this.lock.getHoldCount());
            throw th;
        }
    }

    protected OAuthTokenBean saveNewAuthTokens(String str, String str2, OAuthTokenBean oAuthTokenBean) {
        try {
            JSONObject jSONObject = new JSONObject(this.stepResponse);
            OAuthTokenBean oAuthTokenBean2 = new OAuthTokenBean(jSONObject.getString(ACCESS_TOKEN_FIELD), jSONObject.getInt(EXPIRES_IN_FIELD), jSONObject.has(REFRESH_TOKEN_FIELD) ? jSONObject.getString(REFRESH_TOKEN_FIELD) : oAuthTokenBean.getRefreshToken(), oAuthTokenBean.getOidcFlag(), jSONObject.getLong(EXPIRES_IN_FIELD) + (System.currentTimeMillis() / 1000));
            getDBMgr().setUserOAuthTokens(oAuthTokenBean2, str, str2);
            return oAuthTokenBean2;
        } catch (JSONException e) {
            WFDLog.e("AuthenticationMgr::Error parsing OAuth token response", e);
            getDBMgr().deleteUserOAuthTokens(str, str2);
            return new OAuthTokenBean();
        } catch (Exception e2) {
            WFDLog.e("AuthenticationMgr::Error parsing and saving OAuth tokens", e2);
            getDBMgr().deleteUserOAuthTokens(str, str2);
            return new OAuthTokenBean();
        }
    }

    protected void saveNewCSRFTokens() {
        try {
            String string = new JSONObject(this.stepResponse).getString("csrf");
            if (string.isEmpty()) {
                return;
            }
            WFDLog.i("AuthenticationMgr::Saving CSRF token");
            getDBMgr().setDeviceProperty(DBMgr.CSRF_TOKEN, string);
        } catch (Exception e) {
            WFDLog.e("AuthenticationMgr::Error parsing CSRF token response", e);
        }
    }

    public void signalLock(State state, String str, String str2) {
        this.lock.lock();
        this.currentState = state;
        this.stepResponse = str;
        this.stepRequestURI = str2;
        this.stepDone.signalAll();
        this.lock.unlock();
    }

    protected boolean validateExistingSession() {
        try {
            return new JSONObject(this.stepResponse).has("csrf");
        } catch (Exception e) {
            WFDLog.e("AuthenticationMgr::Issue parsing capabilities response", e);
            return false;
        }
    }

    protected void validateOAuthCreds(OAuthBean oAuthBean) throws NoAuthCredsException {
        OAuthTokenBean tokens = oAuthBean.getTokens();
        OAuthCredentialBean credentials = oAuthBean.getCredentials();
        if (!tokens.getHasOAuthTokens() || !credentials.getIsOAuthAllowed()) {
            throw new NoAuthCredsException(NoAuthCredsException.MISSING_AUTH_CREDS);
        }
    }
}
