package com.gallagher.security.fidoauthenticators;

import android.content.Context;
import android.content.DialogInterface;
import android.os.Build;
import android.security.keystore.KeyPermanentlyInvalidatedException;
import androidx.appcompat.app.AlertDialog;
import java.security.GeneralSecurityException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import rx.Observable;
import rx.Subscriber;
import rx.functions.Func1;

/* JADX INFO: Access modifiers changed from: package-private */
/* compiled from: FidoASMModels.java */
/* loaded from: classes.dex */
public class FidoASMAuthenticateRequest extends FidoASMRequest {
    private static final Logger LOG = LoggerFactory.getLogger((Class<?>) FidoASMAuthenticateRequest.class);
    final FidoASMAuthenticateIn args;

    /* JADX INFO: Access modifiers changed from: package-private */
    public FidoASMAuthenticateRequest(FidoVersion fidoVersion, int i, FidoASMAuthenticateIn fidoASMAuthenticateIn, FidoExtension[] fidoExtensionArr) {
        super("Authenticate", fidoVersion, Integer.valueOf(i), fidoExtensionArr);
        this.args = fidoASMAuthenticateIn;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public FidoASMAuthenticateRequest(JSONWrapper jSONWrapper) throws FidoASMException {
        super(jSONWrapper);
        this.args = new FidoASMAuthenticateIn(jSONWrapper.get("args"));
    }

    /* JADX INFO: Access modifiers changed from: private */
    public Observable<KeyIDAndUsername> getChosenKeyID(final KeyIDAndUsername[] keyIDAndUsernameArr, final Context context) {
        return keyIDAndUsernameArr.length == 1 ? Observable.just(keyIDAndUsernameArr[0]) : Observable.create(new Observable.OnSubscribe<KeyIDAndUsername>() { // from class: com.gallagher.security.fidoauthenticators.FidoASMAuthenticateRequest.3
            @Override // rx.functions.Action1
            public void call(final Subscriber<? super KeyIDAndUsername> subscriber) {
                ArrayList arrayList = new ArrayList();
                for (KeyIDAndUsername keyIDAndUsername : keyIDAndUsernameArr) {
                    arrayList.add(keyIDAndUsername.getUsername());
                }
                AlertDialog.Builder title = new AlertDialog.Builder(context).setItems((String[]) arrayList.toArray(new String[arrayList.size()]), new DialogInterface.OnClickListener() { // from class: com.gallagher.security.fidoauthenticators.FidoASMAuthenticateRequest.3.1
                    @Override // android.content.DialogInterface.OnClickListener
                    public void onClick(DialogInterface dialogInterface, int i) {
                        subscriber.onNext(keyIDAndUsernameArr[i]);
                        subscriber.onCompleted();
                    }
                }).setTitle("Select Username");
                title.create();
                title.show();
            }
        });
    }

    private Observable<FidoASMPersistenceKeyHandle> getSelectedRegistration(FidoASMPersistenceAppRegistration[] fidoASMPersistenceAppRegistrationArr, FidoASMAuthenticatorInfo fidoASMAuthenticatorInfo, final Context context, FidoASM fidoASM) throws Exception {
        final FidoASMPersistenceAppRegistration fidoASMPersistenceAppRegistration;
        FidoASMPersistenceKeyHandle[] fidoASMPersistenceKeyHandleArr;
        KeyIDAndUsername[] decryptedKeyAndUsernames;
        boolean z;
        int length = fidoASMPersistenceAppRegistrationArr.length;
        int i = 0;
        while (true) {
            if (i >= length) {
                fidoASMPersistenceAppRegistration = null;
                break;
            }
            fidoASMPersistenceAppRegistration = fidoASMPersistenceAppRegistrationArr[i];
            if (fidoASMPersistenceAppRegistration.getAppID().equals(this.args.appID)) {
                break;
            }
            i++;
        }
        if (fidoASMPersistenceAppRegistration == null) {
            LOG.error("No registration found with matching appID");
            return Observable.just(null);
        }
        if (fidoASMPersistenceAppRegistration.keyHandles.length == 1) {
            return Observable.just(fidoASMPersistenceAppRegistration.keyHandles[0]);
        }
        if (this.args.keyIDs == null || this.args.keyIDs.length <= 0) {
            fidoASMPersistenceKeyHandleArr = fidoASMPersistenceAppRegistration.keyHandles;
        } else {
            ArrayList arrayList = new ArrayList();
            for (FidoASMPersistenceKeyHandle fidoASMPersistenceKeyHandle : fidoASMPersistenceAppRegistration.keyHandles) {
                String[] strArr = this.args.keyIDs;
                int length2 = strArr.length;
                int i2 = 0;
                while (true) {
                    if (i2 < length2) {
                        if (fidoASMPersistenceKeyHandle.getKeyID().equals(strArr[i2])) {
                            arrayList.add(fidoASMPersistenceKeyHandle);
                            break;
                        }
                        i2++;
                    }
                }
            }
            fidoASMPersistenceKeyHandleArr = (FidoASMPersistenceKeyHandle[]) arrayList.toArray(new FidoASMPersistenceKeyHandle[arrayList.size()]);
        }
        String str = fidoASMAuthenticatorInfo.aaid;
        str.hashCode();
        char c = 65535;
        switch (str.hashCode()) {
            case 1534736024:
                if (str.equals("0041#A003")) {
                    c = 0;
                    break;
                }
                break;
            case 1534736025:
                if (str.equals("0041#A004")) {
                    c = 1;
                    break;
                }
                break;
            case 1534736027:
                if (str.equals("0041#A006")) {
                    c = 2;
                    break;
                }
                break;
        }
        switch (c) {
            case 0:
                decryptedKeyAndUsernames = FidoSilentAuthenticator.getDecryptedKeyAndUsernames(fidoASMPersistenceKeyHandleArr);
                break;
            case 1:
                decryptedKeyAndUsernames = FidoFingerprintAuthenticator.getDecryptedKeyAndUsernames(fidoASMPersistenceKeyHandleArr);
                break;
            case 2:
                decryptedKeyAndUsernames = FidoPinAuthenticator.getDecryptedKeyAndUsernames(fidoASMPersistenceKeyHandleArr);
                break;
            default:
                throw new FatalError("Non-GGL aaid received");
        }
        List<KeyIDAndUsername> asList = Arrays.asList(decryptedKeyAndUsernames);
        Collections.reverse(asList);
        ArrayList arrayList2 = new ArrayList();
        for (KeyIDAndUsername keyIDAndUsername : asList) {
            Iterator it = arrayList2.iterator();
            while (true) {
                if (it.hasNext()) {
                    if (keyIDAndUsername.getUsername().equals(((KeyIDAndUsername) it.next()).getUsername())) {
                        z = true;
                    }
                } else {
                    z = false;
                }
            }
            if (!z) {
                arrayList2.add(keyIDAndUsername);
            }
        }
        final KeyIDAndUsername[] keyIDAndUsernameArr = (KeyIDAndUsername[]) arrayList2.toArray(new KeyIDAndUsername[arrayList2.size()]);
        return authenticateIfRequired(context, fidoASMPersistenceAppRegistration.keyHandles[0], fidoASM, fidoASMAuthenticatorInfo, this.args.appID).flatMap(new Func1<Void, Observable<FidoASMPersistenceKeyHandle>>() { // from class: com.gallagher.security.fidoauthenticators.FidoASMAuthenticateRequest.2
            @Override // rx.functions.Func1
            public Observable<FidoASMPersistenceKeyHandle> call(Void r3) {
                return FidoASMAuthenticateRequest.this.getChosenKeyID(keyIDAndUsernameArr, context).map(new Func1<KeyIDAndUsername, FidoASMPersistenceKeyHandle>() { // from class: com.gallagher.security.fidoauthenticators.FidoASMAuthenticateRequest.2.1
                    @Override // rx.functions.Func1
                    public FidoASMPersistenceKeyHandle call(KeyIDAndUsername keyIDAndUsername2) {
                        for (FidoASMPersistenceKeyHandle fidoASMPersistenceKeyHandle2 : fidoASMPersistenceAppRegistration.getKeyHandles()) {
                            if (fidoASMPersistenceKeyHandle2.getKeyID().equals(keyIDAndUsername2.getKeyID())) {
                                return fidoASMPersistenceKeyHandle2;
                            }
                        }
                        return null;
                    }
                });
            }
        });
    }

    @Override // com.gallagher.security.fidoauthenticators.FidoASMRequest
    public Observable<FidoASMResponse> process(final FidoASM fidoASM, final Context context, final TitleAndDescription titleAndDescription) {
        if (context == null) {
            throw new FatalError("context is required for FidoASMAuthenticateRequest");
        }
        try {
            final FidoASMAuthenticatorInfo lookupAuthenticatorInfo = fidoASM.lookupAuthenticatorInfo(this.authenticatorIndex);
            FidoASMPersistenceAppRegistration[] registrations = fidoASM.getRegistrations(context, lookupAuthenticatorInfo.aaid);
            if (registrations.length == 0) {
                LOG.error("No registrations found for authenticator" + lookupAuthenticatorInfo.aaid);
                return Observable.just(new FidoASMResponse(FidoASMStatusCode.UAF_ASM_STATUS_AUTHENTICATOR_DISCONNECTED, null));
            }
            if (lookupAuthenticatorInfo.isSecondFactorAuthenticator() && this.args.keyIDs != null && this.args.keyIDs.length == 0) {
                LOG.error("Empty keyIDs with a second factor request");
                return Observable.just(new FidoASMResponse(FidoASMStatusCode.UAF_ASM_STATUS_ACCESS_DENIED, null));
            }
            try {
                return getSelectedRegistration(registrations, lookupAuthenticatorInfo, context, fidoASM).flatMap(new Func1<FidoASMPersistenceKeyHandle, Observable<FidoASMResponse>>() { // from class: com.gallagher.security.fidoauthenticators.FidoASMAuthenticateRequest.1
                    @Override // rx.functions.Func1
                    public Observable<FidoASMResponse> call(FidoASMPersistenceKeyHandle fidoASMPersistenceKeyHandle) {
                        Observable<String> authenticate;
                        if (fidoASMPersistenceKeyHandle == null) {
                            FidoASMAuthenticateRequest.LOG.error("No valid keyID found");
                            return (FidoASMAuthenticateRequest.this.args.keyIDs == null || FidoASMAuthenticateRequest.this.args.keyIDs.length <= 0) ? Observable.just(new FidoASMResponse(FidoASMStatusCode.UAF_ASM_STATUS_ACCESS_DENIED, null)) : Observable.just(new FidoASMResponse(FidoASMStatusCode.UAF_ASM_STATUS_KEY_DISAPPEARED_PERMANENTLY, null));
                        }
                        FidoAuthenticatorParams authenticatorParams = Utils.getAuthenticatorParams(lookupAuthenticatorInfo.aaid);
                        if (authenticatorParams == null) {
                            FidoASMAuthenticateRequest.LOG.error("No authenticator params found - invalid AAID");
                            return Observable.just(new FidoASMResponse(FidoASMStatusCode.UAF_ASM_STATUS_AUTHENTICATOR_DISCONNECTED, null));
                        }
                        try {
                            FidoEngine fidoEngine = new FidoEngine(context, authenticatorParams, FidoASMAuthenticateRequest.this.args.finalChallenge, Base64.decodeBase64(fidoASMPersistenceKeyHandle.getKeyID()), "Auth");
                            if (titleAndDescription == null) {
                                FidoASMAuthenticateRequest.LOG.error("Title and description not passed for registration request");
                                return Observable.just(new FidoASMResponse(FidoASMStatusCode.UAF_ASM_STATUS_ERROR, null));
                            }
                            String str = lookupAuthenticatorInfo.aaid;
                            str.hashCode();
                            char c = 65535;
                            switch (str.hashCode()) {
                                case 1534736024:
                                    if (str.equals("0041#A003")) {
                                        c = 0;
                                        break;
                                    }
                                    break;
                                case 1534736025:
                                    if (str.equals("0041#A004")) {
                                        c = 1;
                                        break;
                                    }
                                    break;
                                case 1534736027:
                                    if (str.equals("0041#A006")) {
                                        c = 2;
                                        break;
                                    }
                                    break;
                            }
                            switch (c) {
                                case 0:
                                    authenticate = FidoSilentAuthenticator.authenticate(fidoEngine, fidoASMPersistenceKeyHandle, fidoASM, FidoASMAuthenticateRequest.this.args.appID);
                                    break;
                                case 1:
                                    authenticate = FidoFingerprintAuthenticator.authenticate(fidoEngine, fidoASMPersistenceKeyHandle, fidoASM, titleAndDescription, FidoASMAuthenticateRequest.this.args.appID);
                                    break;
                                case 2:
                                    try {
                                        authenticate = FidoPinAuthenticator.authenticate(fidoEngine, fidoASMPersistenceKeyHandle, fidoASM, titleAndDescription, FidoASMAuthenticateRequest.this.args.appID);
                                        break;
                                    } catch (Exception e) {
                                        FidoASMAuthenticateRequest.LOG.error("Failed to authenticate", (Throwable) e);
                                        return Observable.just(new FidoASMResponse(FidoASMStatusCode.UAF_ASM_STATUS_ERROR, null));
                                    }
                                default:
                                    FidoASMAuthenticateRequest.LOG.error("No valid authenticator found with that AAID");
                                    return Observable.just(new FidoASMResponse(FidoASMStatusCode.UAF_ASM_STATUS_ERROR, null));
                            }
                            return authenticate.map(new Func1<String, FidoASMResponse>() { // from class: com.gallagher.security.fidoauthenticators.FidoASMAuthenticateRequest.1.2
                                @Override // rx.functions.Func1
                                public FidoASMResponse call(String str2) {
                                    return new FidoASMResponse(FidoASMStatusCode.UAF_ASM_STATUS_OK, new FidoASMAuthenticateOut(str2, "UAFV1TLV").toJson());
                                }
                            }).onErrorReturn(new Func1<Throwable, FidoASMResponse>() { // from class: com.gallagher.security.fidoauthenticators.FidoASMAuthenticateRequest.1.1
                                @Override // rx.functions.Func1
                                public FidoASMResponse call(Throwable th) {
                                    if (th.getCause() instanceof GeneralSecurityException) {
                                        return new FidoASMResponse(FidoASMStatusCode.UAF_ASM_STATUS_ACCESS_DENIED, null);
                                    }
                                    if (th instanceof FidoASMException) {
                                        return new FidoASMResponse(((FidoASMException) th).statusCode, null);
                                    }
                                    FidoASMAuthenticateRequest.LOG.error("Unexpected error from Authenticator.authenticate", th);
                                    return new FidoASMResponse(FidoASMStatusCode.UAF_ASM_STATUS_ERROR, null);
                                }
                            });
                        } catch (GeneralSecurityException e2) {
                            FidoASMAuthenticateRequest.LOG.error("Failed to initialize FidoEngine", (Throwable) e2);
                            return (Build.VERSION.SDK_INT < 23 || e2.getClass() != KeyPermanentlyInvalidatedException.class) ? Observable.just(new FidoASMResponse(FidoASMStatusCode.UAF_ASM_STATUS_ACCESS_DENIED, null)) : Observable.just(new FidoASMResponse(FidoASMStatusCode.UAF_ASM_STATUS_KEY_DISAPPEARED_PERMANENTLY, null));
                        }
                    }
                });
            } catch (Exception e) {
                LOG.error("Failed to process authenticate request", (Throwable) e);
                return Observable.just(new FidoASMResponse(FidoASMStatusCode.UAF_ASM_STATUS_ERROR, null));
            }
        } catch (FidoASMException e2) {
            LOG.error("Failed to lookup authenticator", (Throwable) e2);
            return Observable.just(new FidoASMResponse(e2.statusCode, e2.responseData));
        }
    }
}
