package org.forgerock.android.auth;

import android.accounts.Account;
import android.accounts.AccountManager;
import android.content.ComponentName;
import android.content.Context;
import android.content.pm.PackageManager;
import android.content.res.XmlResourceParser;
import android.os.Build;
import android.util.Base64;
import androidx.recyclerview.widget.RecyclerView;
import java.io.IOException;
import java.util.Collection;
import java.util.Collections;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Objects;
import lombok.NonNull;
import org.forgerock.android.auth.authenticator.AuthenticatorService;
import org.json.JSONArray;
import org.xmlpull.v1.XmlPullParserException;

/* loaded from: classes5.dex */
class AccountSingleSignOnManager implements SingleSignOnManager, KeyUpdatedListener, SecretKeyStore {
    private static final String ACCOUNT_TYPE = "accountType";
    private static final String COOKIES = "org.forgerock.v1.COOKIES";
    private static final String ORG_FORGEROCK_V_1_SSO_KEYS = "org.forgerock.v1.SSO_KEYS";
    private static final String SSO_TOKEN = "org.forgerock.v1.SSO_TOKEN";
    private static final String TAG = "AccountSingleSignOnManager";
    private Account account;
    private AccountManager accountManager;
    private String accountType;
    private Encryptor encryptor;

    /* loaded from: classes5.dex */
    public static class AccountSingleSignOnManagerBuilder {
        private Context context;
        private Encryptor encryptor;

        public AccountSingleSignOnManager build() throws Exception {
            return new AccountSingleSignOnManager(this.context, this.encryptor);
        }

        public AccountSingleSignOnManagerBuilder context(@NonNull Context context) {
            Objects.requireNonNull(context, "context is marked non-null but is null");
            this.context = context;
            return this;
        }

        public AccountSingleSignOnManagerBuilder encryptor(Encryptor encryptor) {
            this.encryptor = encryptor;
            return this;
        }

        public String toString() {
            return "AccountSingleSignOnManager.AccountSingleSignOnManagerBuilder(context=" + this.context + ", encryptor=" + this.encryptor + ")";
        }
    }

    public AccountSingleSignOnManager(@NonNull Context context, Encryptor encryptor) throws Exception {
        Objects.requireNonNull(context, "context is marked non-null but is null");
        try {
            this.accountType = getAccountType(context);
            this.accountManager = AccountManager.get(context);
            this.account = new Account(context.getString(R.string.forgerock_account_name), this.accountType);
            encryptor = encryptor == null ? getEncryptor(context) : encryptor;
            this.encryptor = encryptor;
            Logger.debug(TAG, "Using Encryptor %s", encryptor.getClass().getSimpleName());
        } catch (Exception e12) {
            Logger.warn(TAG, "Single Sign On is disabled due to: %s", e12.getMessage());
            throw e12;
        }
    }

    public static AccountSingleSignOnManagerBuilder builder() {
        return new AccountSingleSignOnManagerBuilder();
    }

    private String getAccountType(Context context) throws PackageManager.NameNotFoundException, IOException, XmlPullParserException {
        return parse(context, context.getPackageManager().getServiceInfo(new ComponentName(context, (Class<?>) AuthenticatorService.class), RecyclerView.b0.FLAG_IGNORE).metaData.getInt("android.accounts.AccountAuthenticator"));
    }

    private Encryptor getEncryptor(Context context) {
        switch (Build.VERSION.SDK_INT) {
            case 21:
            case 22:
                return new AndroidLEncryptor(context, ORG_FORGEROCK_V_1_SSO_KEYS, this);
            case 23:
                return new AndroidMEncryptor(ORG_FORGEROCK_V_1_SSO_KEYS, this);
            case 24:
                return new AndroidNEncryptor(ORG_FORGEROCK_V_1_SSO_KEYS, this);
            default:
                return new AndroidNEncryptor(ORG_FORGEROCK_V_1_SSO_KEYS, this);
        }
    }

    private String parse(Context context, int i12) throws IOException, XmlPullParserException {
        XmlResourceParser xml = context.getResources().getXml(i12);
        xml.next();
        for (int eventType = xml.getEventType(); eventType != 1; eventType = xml.next()) {
            if (eventType == 2 || eventType == 3) {
                for (int i13 = 0; i13 < xml.getAttributeCount(); i13++) {
                    if (ACCOUNT_TYPE.equals(xml.getAttributeName(i13))) {
                        return xml.getAttributeValue(i13);
                    }
                }
            }
        }
        throw new IllegalArgumentException("AccountType is not defined under forgerock_authenticator.xml");
    }

    private void persist(String str, byte[] bArr, boolean z12) {
        this.accountManager.addAccountExplicitly(this.account, null, null);
        try {
            if (bArr == null) {
                this.accountManager.setUserData(this.account, str, null);
            } else {
                this.accountManager.setUserData(this.account, str, Base64.encodeToString(this.encryptor.encrypt(bArr), 0));
            }
        } catch (Exception e12) {
            try {
                this.encryptor.reset();
                if (!z12) {
                    throw new RuntimeException(e12);
                }
                persist(str, bArr, false);
            } catch (Exception e13) {
                throw new RuntimeException(e13);
            }
        }
    }

    @Override // org.forgerock.android.auth.SingleSignOnManager
    public void clear() {
        for (Account account : this.accountManager.getAccountsByType(this.accountType)) {
            if (Build.VERSION.SDK_INT >= 22) {
                this.accountManager.removeAccountExplicitly(account);
            } else {
                try {
                    this.accountManager.removeAccount(account, null, null).getResult();
                } catch (Exception e12) {
                    Logger.warn(TAG, e12, "Failed to remove Account %s.", account.name);
                }
            }
        }
    }

    @Override // org.forgerock.android.auth.SingleSignOnManager
    public Collection<String> getCookies() {
        try {
            String userData = this.accountManager.getUserData(this.account, COOKIES);
            if (userData == null) {
                return Collections.emptySet();
            }
            JSONArray jSONArray = new JSONArray(new String(this.encryptor.decrypt(Base64.decode(userData, 0))));
            HashSet hashSet = new HashSet();
            for (int i12 = 0; i12 < jSONArray.length(); i12++) {
                hashSet.add(jSONArray.getString(i12));
            }
            return hashSet;
        } catch (Exception unused) {
            return Collections.emptySet();
        }
    }

    @Override // org.forgerock.android.auth.SecretKeyStore
    public String getEncryptedSecretKey() {
        return this.accountManager.getPassword(this.account);
    }

    @Override // org.forgerock.android.auth.SingleSignOnManager
    public SSOToken getToken() {
        try {
            String userData = this.accountManager.getUserData(this.account, SSO_TOKEN);
            if (userData != null) {
                return new SSOToken(new String(this.encryptor.decrypt(Base64.decode(userData, 0))));
            }
            return null;
        } catch (Exception e12) {
            Logger.warn(TAG, e12, "Failed to decrypt data", new Object[0]);
            return null;
        }
    }

    @Override // org.forgerock.android.auth.SingleSignOnManager
    public boolean hasToken() {
        return this.accountManager.getUserData(this.account, SSO_TOKEN) != null;
    }

    @Override // org.forgerock.android.auth.KeyUpdatedListener
    public void onKeyUpdated() {
        clear();
    }

    @Override // org.forgerock.android.auth.SecretKeyStore
    public void persist(String str) {
        this.accountManager.setPassword(this.account, str);
    }

    @Override // org.forgerock.android.auth.SingleSignOnManager
    public void persist(Collection<String> collection) {
        if (collection.isEmpty()) {
            persist(COOKIES, null, true);
            return;
        }
        JSONArray jSONArray = new JSONArray();
        Iterator<String> it2 = collection.iterator();
        while (it2.hasNext()) {
            jSONArray.put(it2.next());
        }
        persist(COOKIES, jSONArray.toString().getBytes(), true);
    }

    @Override // org.forgerock.android.auth.SingleSignOnManager
    public void persist(SSOToken sSOToken) {
        persist(SSO_TOKEN, sSOToken.getValue().getBytes(), true);
    }

    @Override // org.forgerock.android.auth.SecretKeyStore
    public void remove() {
        this.accountManager.setPassword(this.account, null);
    }

    @Override // org.forgerock.android.auth.SingleSignOnManager
    public void revoke(FRListener<Void> fRListener) {
        clear();
    }
}
