package com.microsoft.omadm.apppolicy;

import android.content.Context;
import android.content.pm.PackageInfo;
import android.content.pm.Signature;
import android.os.Binder;
import android.os.Bundle;
import com.microsoft.intune.common.settings.IDeploymentSettings;
import com.microsoft.intune.common.taskscheduling.AndroidTask;
import com.microsoft.intune.mam.client.app.data.WipeAppDataStatus;
import com.microsoft.intune.mam.client.app.startup.ADALConnectionDetails;
import com.microsoft.intune.mam.client.fileencryption.MAMKeyRetrievalException;
import com.microsoft.intune.mam.client.identity.MAMIdentity;
import com.microsoft.intune.mam.client.identity.MAMIdentityImpl;
import com.microsoft.intune.mam.client.identity.MAMIdentityManager;
import com.microsoft.intune.mam.client.identity.MAMIdentityManagerImpl;
import com.microsoft.intune.mam.client.identity.MAMIdentityMetaData;
import com.microsoft.intune.mam.client.ipc.AbstractAppPolicyEndpoint;
import com.microsoft.intune.mam.client.ipc.IpcUtils;
import com.microsoft.intune.mam.client.ipc.PolicyUpdateType;
import com.microsoft.intune.mam.client.ipc.PrimaryUserInfo;
import com.microsoft.intune.mam.client.telemetry.TelemetryEvent;
import com.microsoft.intune.mam.client.util.PolicyVersionUtils;
import com.microsoft.intune.mam.log.MAMLogScrubber;
import com.microsoft.intune.mam.log.MAMLogScrubberImpl;
import com.microsoft.intune.mam.policy.MAMEnrollmentManager;
import com.microsoft.intune.mam.policy.notification.AbstractAppPolicyNotifier;
import com.microsoft.omadm.EnrollmentSettings;
import com.microsoft.omadm.EnrollmentStateSettings;
import com.microsoft.omadm.OMADMItem;
import com.microsoft.omadm.Services;
import com.microsoft.omadm.apppolicy.appconfig.AppConfigHelper;
import com.microsoft.omadm.apppolicy.data.CheckinAttemptResult;
import com.microsoft.omadm.apppolicy.data.CurrentApplicationPolicyProperty;
import com.microsoft.omadm.apppolicy.data.FileEncryptionKey;
import com.microsoft.omadm.apppolicy.data.MAMAdalConnectionDetails;
import com.microsoft.omadm.apppolicy.data.MAMServiceAutoEnrollmentDetails;
import com.microsoft.omadm.apppolicy.data.MAMServiceEnrollment;
import com.microsoft.omadm.apppolicy.data.PendingApplicationPolicyProperty;
import com.microsoft.omadm.apppolicy.mamservice.MAMPolicySchema;
import com.microsoft.omadm.apppolicy.mamservice.MAMServiceEnrollmentTask;
import com.microsoft.omadm.apppolicy.mamservice.MAMServiceLicenseCheckTask;
import com.microsoft.omadm.apppolicy.mamservice.MAMServiceLookupDatabaseCache;
import com.microsoft.omadm.apppolicy.mamservice.MAMServiceTokenManager;
import com.microsoft.omadm.apppolicy.mamservice.MAMServiceUnenrollTask;
import com.microsoft.omadm.apppolicy.mamservice.MAMServiceUtils;
import com.microsoft.omadm.client.OMADMClientService;
import com.microsoft.omadm.client.tasks.TaskType;
import com.microsoft.omadm.database.TableRepository;
import com.microsoft.omadm.exception.OMADMException;
import com.microsoft.omadm.exception.OMADMTypeMismatch;
import com.microsoft.omadm.logging.OMADMTelemetryWrapper;
import com.microsoft.omadm.platforms.android.appmgr.signatures.data.ApplicationSignature;
import com.microsoft.omadm.rootdetection.DeviceRooted;
import com.microsoft.omadm.utils.PackageUtils;
import com.microsoft.omadm.utils.SSPUtils;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.UUID;
import java.util.logging.Level;
import java.util.logging.Logger;

/* loaded from: classes.dex */
public class MDMAppPolicyEndpoint extends AbstractAppPolicyEndpoint {
    private static final int DEFAULT_PIN_RETRIES = 5;
    private static final Logger LOGGER = Logger.getLogger(MDMAppPolicyEndpoint.class.getName());
    private static Object sEnrollLock = new Object();
    private final AppConfigHelper appConfigHelper;
    private final AppPolicyNotifier appPolicyNotifier;
    private final Context context;
    private final IDeploymentSettings deploymentSettings;
    private final DeviceRooted deviceRooted;
    private final EnrollmentStateSettings enrollmentStateSettings;
    private final FileEncryptionKeyManager fileEncryptionKeyManager;
    private final MAMLogScrubber mLogScrubber;
    private final MAMIdentityManagerImpl mamIdentityManager;
    private final MDMPolicySettings policySettings;
    private final TableRepository tableRepository;
    private final MAMServiceTokenManager tokenManager;

    public MDMAppPolicyEndpoint(Context context, TableRepository tableRepository, MDMPolicySettings mDMPolicySettings, AppPolicyNotifier appPolicyNotifier, FileEncryptionKeyManager fileEncryptionKeyManager, MAMServiceTokenManager mAMServiceTokenManager, EnrollmentStateSettings enrollmentStateSettings, IDeploymentSettings iDeploymentSettings, DeviceRooted deviceRooted, AppConfigHelper appConfigHelper, MAMIdentityManagerImpl mAMIdentityManagerImpl) {
        super(context, mDMPolicySettings);
        this.context = context;
        this.tableRepository = tableRepository;
        this.policySettings = mDMPolicySettings;
        this.appPolicyNotifier = appPolicyNotifier;
        this.fileEncryptionKeyManager = fileEncryptionKeyManager;
        this.tokenManager = mAMServiceTokenManager;
        this.enrollmentStateSettings = enrollmentStateSettings;
        this.deploymentSettings = iDeploymentSettings;
        this.appConfigHelper = appConfigHelper;
        this.deviceRooted = deviceRooted;
        this.mamIdentityManager = mAMIdentityManagerImpl;
        this.mLogScrubber = new MAMLogScrubberImpl(isVerboseLoggingEnabled(), mAMIdentityManagerImpl);
        this.mamIdentityManager.getAdditionalIdentityData();
    }

    private static boolean cleanupEnrollment(String str, MAMIdentity mAMIdentity, AppConfigHelper appConfigHelper, MAMServiceEnrollment mAMServiceEnrollment, boolean z) {
        TableRepository tableRepository = Services.get().getTableRepository();
        MAMLogScrubberImpl mAMLogScrubberImpl = new MAMLogScrubberImpl(Services.get().getDiagnosticSettings().getVerboseLoggingEnabled(), Services.get().getMAMIdentityManager());
        boolean z2 = false;
        if (MAMServiceUtils.isLastMAMEnrollment(str, tableRepository) && EnrolledUserUtils.getDeviceOwnerUPN() == null) {
            z2 = true;
            if (Services.get().getEnrollmentSettings().getString(EnrollmentSettings.AAD_USER_PRINCIPAL_NAME, "").isEmpty()) {
                SSPUtils.unenroll();
            }
            Services.get().getMDMPolicySettings().clear();
            Services.get().getFileEncryptionKeyManager().clearCache();
        }
        LOGGER.info("Deleting enrollment record and policies from database for package: " + str + ", identity: " + mAMLogScrubberImpl.scrubUPN(mAMIdentity.rawUPN()));
        tableRepository.beginTransaction();
        try {
            String[] strArr = {str};
            tableRepository.delete(CurrentApplicationPolicyProperty.class, "FullPackageName = ?", strArr);
            tableRepository.delete(PendingApplicationPolicyProperty.class, "FullPackageName = ?", strArr);
            tableRepository.delete(mAMServiceEnrollment.getKey());
            if (z2) {
                tableRepository.delete(FileEncryptionKey.class, null, null);
            }
            tableRepository.insertOrReplace(new MAMServiceAutoEnrollmentDetails(str, true));
            if (z) {
                appConfigHelper.removeAppConfig(str, mAMIdentity);
            }
            tableRepository.setTransactionSuccessful();
            return z2;
        } finally {
            tableRepository.endTransaction();
        }
    }

    private int getMinimumIntegerPolicyValue(String str, int i) {
        int intValue;
        int i2 = Integer.MAX_VALUE;
        Iterator<PackageInfo> it = this.context.getPackageManager().getInstalledPackages(0).iterator();
        while (it.hasNext()) {
            try {
                OMADMItem item = DatabaseAppPolicy.getItem(this.tableRepository, it.next().packageName, str);
                if (item != null && i2 > (intValue = item.getIntValue())) {
                    i2 = intValue;
                }
            } catch (OMADMTypeMismatch e) {
            }
        }
        return Integer.MAX_VALUE == i2 ? i : i2;
    }

    public static MAMEnrollmentManager.Result internalUnenrollPackageForMAM(String str, MAMIdentity mAMIdentity, AppPolicyNotifier appPolicyNotifier, MAMIdentityManager mAMIdentityManager) {
        TableRepository tableRepository = Services.get().getTableRepository();
        Context context = Services.get().getContext();
        synchronized (sEnrollLock) {
            AppConfigHelper appConfigHelper = new AppConfigHelper(tableRepository, mAMIdentityManager);
            MAMServiceEnrollment mAMServiceEnrollment = (MAMServiceEnrollment) tableRepository.get(new MAMServiceEnrollment.Key(str));
            if (mAMServiceEnrollment == null || !mAMServiceEnrollment.identity.equals(mAMIdentity)) {
                return MAMEnrollmentManager.Result.UNENROLLMENT_SUCCEEDED;
            }
            boolean isManagedAppInternal = isManagedAppInternal(str, tableRepository);
            boolean isPackageInstalled = PackageUtils.isPackageInstalled(context, str);
            boolean z = appConfigHelper.getAppConfigJson(str, mAMIdentity) != null;
            if (isManagedAppInternal && isPackageInstalled) {
                LOGGER.info("Wiping user data for " + str + " because it is being unenrolled");
                appPolicyNotifier.wipeUserData(str, mAMIdentity);
            } else if (isManagedAppInternal) {
                LOGGER.info("Not wiping user data for " + str + " being unenrolled because it is not installed");
            } else {
                LOGGER.info("Not wiping user data for " + str + " being unenrolled because it is not managed");
            }
            queueUnenrollTask(str, mAMIdentity, mAMIdentityManager, mAMServiceEnrollment);
            boolean cleanupEnrollment = cleanupEnrollment(str, mAMIdentity, appConfigHelper, mAMServiceEnrollment, z);
            if (isManagedAppInternal) {
                LOGGER.info("Sending policy refresh notification to all managed packages due to an unenrollment.");
                appPolicyNotifier.refresh(AbstractAppPolicyNotifier.RefreshType.APP_POLICY);
            }
            if (z) {
                LOGGER.info("Sending app config refresh notification after unenrollment. App Config should be cleared.");
                appPolicyNotifier.refreshAppConfig(str, mAMIdentity);
            }
            if (cleanupEnrollment) {
                LOGGER.info("Primary user was removed during MAM-WE unenroll.");
                appPolicyNotifier.notifyPrimaryUserRemoved(mAMIdentity.toString());
            }
            if (EnrolledUserUtils.getDeviceOwnerUPN() != null) {
                Services.get().getTaskScheduler().schedule(AndroidTask.newBuilder().taskId(TaskType.UpdatePolicy.getValue()).taskReason("Update MDM-MAM policy after MAM unenrollment.").skipIfRunning(false).build());
            }
            return MAMEnrollmentManager.Result.UNENROLLMENT_SUCCEEDED;
        }
    }

    public static boolean isManagedAppInternal(String str, TableRepository tableRepository) {
        return (tableRepository.get(new CurrentApplicationPolicyProperty.Key(str, "IsManaged")) == null && tableRepository.get(new PendingApplicationPolicyProperty.Key(str, "IsManaged")) == null) ? false : true;
    }

    private void queueCheckinIfDue(String str, MAMServiceEnrollment mAMServiceEnrollment, String str2) {
        if (mAMServiceEnrollment == null) {
            return;
        }
        if (mAMServiceEnrollment.lastCheckinAttemptResult == CheckinAttemptResult.NO_TOKEN && str2 != null) {
            MAMServiceUtils.queueCheckin(mAMServiceEnrollment, this.context, true, this.mLogScrubber, str2);
        } else if (mAMServiceEnrollment.nextTriggeredCheckinDue() || (mAMServiceEnrollment.offlineTimeoutExceeded() && str2 != null)) {
            MAMServiceUtils.queueCheckin(mAMServiceEnrollment, this.context, false, this.mLogScrubber, str2);
        }
    }

    private void queueLicenseCheck(String str, String str2, String str3, String str4, MAMIdentity mAMIdentity, ADALConnectionDetails aDALConnectionDetails) {
        MAMServiceLicenseCheckTask mAMServiceLicenseCheckTask = new MAMServiceLicenseCheckTask(str, mAMIdentity, str2, aDALConnectionDetails);
        mAMServiceLicenseCheckTask.setMamServiceToken(str3);
        mAMServiceLicenseCheckTask.setOperationSessionGuid(str4);
        OMADMClientService.queueTask(this.context, mAMServiceLicenseCheckTask, "MAMService license check");
    }

    private static void queueUnenrollTask(String str, MAMIdentity mAMIdentity, MAMIdentityManager mAMIdentityManager, MAMServiceEnrollment mAMServiceEnrollment) {
        TableRepository tableRepository = Services.get().getTableRepository();
        MAMLogScrubberImpl mAMLogScrubberImpl = new MAMLogScrubberImpl(Services.get().getDiagnosticSettings().getVerboseLoggingEnabled(), mAMIdentityManager);
        Context context = Services.get().getContext();
        String mAMServiceUrl = new MAMServiceLookupDatabaseCache(tableRepository, mAMIdentityManager).getMAMServiceUrl(mAMIdentity.canonicalUPN());
        if (mAMServiceUrl == null) {
            LOGGER.warning("Unable to queue MAMService unenroll task for package: " + str + ", identity: " + mAMLogScrubberImpl.scrubUPN(mAMIdentity.rawUPN()) + "; no valid service URI found in cache.");
            return;
        }
        MAMServiceUnenrollTask mAMServiceUnenrollTask = new MAMServiceUnenrollTask(mAMServiceEnrollment.packageName, mAMServiceEnrollment.identity, mAMServiceEnrollment.refreshToken, mAMServiceUrl, mAMServiceEnrollment.enrollmentId, mAMServiceEnrollment.deviceId, mAMServiceEnrollment.getIsAutoEnrollment());
        LOGGER.info("Queueing MAMService unenroll task for package: " + str + ", identity: " + mAMLogScrubberImpl.scrubUPN(mAMIdentity.rawUPN()));
        OMADMClientService.queueTask(context, mAMServiceUnenrollTask, "MAMService unenroll task");
    }

    private void recordADALConnectionDetails(String str, MAMIdentity mAMIdentity, ADALConnectionDetails aDALConnectionDetails) {
        MAMAdalConnectionDetails mAMAdalConnectionDetails = (MAMAdalConnectionDetails) this.tableRepository.get(new MAMAdalConnectionDetails.Key(str));
        if (mAMAdalConnectionDetails == null || !mAMAdalConnectionDetails.get().equals(aDALConnectionDetails)) {
            LOGGER.info("Recording ADAL connection details for " + this.mLogScrubber.scrubUPN(mAMIdentity.rawUPN()) + " : " + aDALConnectionDetails.toString());
            this.tableRepository.insertOrReplace(new MAMAdalConnectionDetails(str, aDALConnectionDetails.getClientId(), aDALConnectionDetails.getAuthority(), aDALConnectionDetails.getNonBrokerRedirectUri(), Boolean.valueOf(aDALConnectionDetails.getSkipBroker())));
        }
    }

    private void replaceCurrentPolicyWithPendingPolicy(String str, boolean z) {
        this.tableRepository.beginTransaction();
        try {
            String[] strArr = {str};
            if (this.tableRepository.get(PendingApplicationPolicyProperty.class, "FullPackageName = ?", strArr).isEmpty()) {
                LOGGER.log(Level.FINE, "No pending policy to apply.");
                return;
            }
            LOGGER.log(Level.FINE, "Attempting to update current policy with pending policy.");
            if (z) {
                this.tableRepository.delete(CurrentApplicationPolicyProperty.class, "FullPackageName = ?", strArr);
            }
            this.tableRepository.execSQL("INSERT OR REPLACE INTO CurrentApplicationPolicy SELECT NULL, FullPackageName,PropertyName,PropertyType,PropertyValue FROM PendingApplicationPolicy WHERE FullPackageName = ?", strArr);
            this.tableRepository.delete(PendingApplicationPolicyProperty.class, "FullPackageName = ?", strArr);
            this.tableRepository.setTransactionSuccessful();
        } finally {
            this.tableRepository.endTransaction();
        }
    }

    @Override // com.microsoft.intune.mam.client.ipc.AbstractAppPolicyEndpoint
    public boolean checkIsDeviceCompliant() {
        return this.deviceRooted.isDeviceRooted() == 0;
    }

    @Override // com.microsoft.intune.mam.client.ipc.AppPolicyEndpoint
    public void clearCachedMAMServiceUrl(String str, String str2) {
        IpcUtils.ensureDeclaredCallerIsValid(str, this.context.getPackageManager());
        Binder.clearCallingIdentity();
        new MAMServiceLookupDatabaseCache(this.tableRepository, this.mamIdentityManager).clearMAMServiceUrl(str2);
    }

    @Override // com.microsoft.intune.mam.client.ipc.AppPolicyEndpoint
    public MAMEnrollmentManager.Result enrollPackageForMAM(String str, String str2, String str3, String str4, String str5, ADALConnectionDetails aDALConnectionDetails) {
        MAMEnrollmentManager.Result result;
        IpcUtils.ensureDeclaredCallerIsValid(str, this.context.getPackageManager());
        Binder.clearCallingIdentity();
        MAMIdentityImpl fromString = this.mamIdentityManager.fromString(str2);
        this.tokenManager.cacheToken(str4, fromString);
        synchronized (sEnrollLock) {
            MAMIdentity deviceOwnerIdentity = EnrolledUserUtils.getDeviceOwnerIdentity();
            if (deviceOwnerIdentity == null || deviceOwnerIdentity.equals(fromString)) {
                MAMServiceEnrollment mAMServiceEnrollment = (MAMServiceEnrollment) this.tableRepository.get(new MAMServiceEnrollment.Key(str));
                if (mAMServiceEnrollment == null) {
                    List all = this.tableRepository.getAll(MAMServiceEnrollment.class);
                    if (all.isEmpty() || ((MAMServiceEnrollment) all.get(0)).identity.equals(fromString)) {
                        LOGGER.info("No MAM enrollment found for " + str + " and " + this.mLogScrubber.scrubUPN(str2) + "; queuing enrollment task.");
                        recordADALConnectionDetails(str, fromString, aDALConnectionDetails);
                        MAMServiceEnrollmentTask mAMServiceEnrollmentTask = new MAMServiceEnrollmentTask(str, fromString, str3);
                        mAMServiceEnrollmentTask.setMamServiceToken(str4);
                        mAMServiceEnrollmentTask.setOperationSessionGuid(str5);
                        OMADMClientService.queueTask(this.context, mAMServiceEnrollmentTask, "MAMService enrollment", true);
                        result = MAMEnrollmentManager.Result.PENDING;
                    } else {
                        LOGGER.warning("Package " + str + " cannot be enrolled for identity " + this.mLogScrubber.scrubUPN(str2) + "; other packages are already enrolled with a different identity. Checking license status.");
                        queueLicenseCheck(str, str3, str4, str5, fromString, aDALConnectionDetails);
                        result = MAMEnrollmentManager.Result.PENDING;
                    }
                } else if (mAMServiceEnrollment.identity.equals(fromString)) {
                    LOGGER.info("MAM enrollment found for " + str + " and " + this.mLogScrubber.scrubUPN(str2) + "; id = " + mAMServiceEnrollment.enrollmentId);
                    mAMServiceEnrollment.refreshToken = str3;
                    mAMServiceEnrollment.isAutoEnrollment = false;
                    this.tableRepository.insertOrReplace(mAMServiceEnrollment);
                    this.tableRepository.insertOrReplace(new MAMServiceAutoEnrollmentDetails(str, true));
                    recordADALConnectionDetails(str, fromString, aDALConnectionDetails);
                    queueCheckinIfDue(str, mAMServiceEnrollment, str4);
                    result = MAMEnrollmentManager.Result.ENROLLMENT_SUCCEEDED;
                } else {
                    LOGGER.warning("Package " + str + " cannot be enrolled for identity " + this.mLogScrubber.scrubUPN(str2) + "; it is already enrolled with a different identity. Checking license status.");
                    queueLicenseCheck(str, str3, str4, str5, fromString, aDALConnectionDetails);
                    result = MAMEnrollmentManager.Result.PENDING;
                }
            } else {
                LOGGER.warning("The device is MDM-enrolled for user " + this.mLogScrubber.scrubUPN(deviceOwnerIdentity.rawUPN()) + " therefore user " + this.mLogScrubber.scrubUPN(fromString.rawUPN()) + " cannot be enrolled in the MAM Service. Checking license status.");
                queueLicenseCheck(str, str3, str4, str5, fromString, aDALConnectionDetails);
                result = MAMEnrollmentManager.Result.PENDING;
            }
        }
        return result;
    }

    @Override // com.microsoft.intune.mam.client.ipc.AppPolicyEndpoint
    public String getAppConfigData(String str, String str2) {
        return this.appConfigHelper.getAppConfigJson(str, this.mamIdentityManager.fromString(str2));
    }

    @Override // com.microsoft.intune.mam.client.ipc.AppPolicyEndpoint
    public String getCachedMAMServiceUrl(String str, String str2) {
        IpcUtils.ensureDeclaredCallerIsValid(str, this.context.getPackageManager());
        Binder.clearCallingIdentity();
        return new MAMServiceLookupDatabaseCache(this.tableRepository, this.mamIdentityManager).getMAMServiceUrl(str2);
    }

    @Override // com.microsoft.intune.mam.client.ipc.AppPolicyEndpoint
    public Bundle getCurrentFileEncryptionKey() throws MAMKeyRetrievalException {
        try {
            return this.fileEncryptionKeyManager.getCurrentKey().getBundle();
        } catch (OMADMException e) {
            throw new MAMKeyRetrievalException("Failed to get current file encryption key.", e);
        }
    }

    @Override // com.microsoft.intune.mam.client.ipc.AbstractAppPolicyEndpoint, com.microsoft.intune.mam.client.ipc.AppPolicyEndpoint
    public String getEnrolledUserAnyPackage() {
        MAMIdentity enrolledUserAnyPackage = EnrolledUserUtils.getEnrolledUserAnyPackage();
        if (enrolledUserAnyPackage == null) {
            return null;
        }
        return enrolledUserAnyPackage.rawUPN();
    }

    @Override // com.microsoft.intune.mam.client.ipc.AppPolicyEndpoint
    public Bundle getFileEncryptionKey(UUID uuid) throws MAMKeyRetrievalException {
        try {
            LOGGER.info("Getting file encryption key for key id: " + uuid);
            return this.fileEncryptionKeyManager.getKey(uuid).getBundle();
        } catch (OMADMException e) {
            throw new MAMKeyRetrievalException("Failed to get encryption key with id: " + uuid + ".", e);
        }
    }

    @Override // com.microsoft.intune.mam.client.ipc.AppPolicyEndpoint
    public List<MAMIdentityImpl> getIdentities() {
        this.mamIdentityManager.getAdditionalIdentityData();
        return this.mamIdentityManager.getIdentities();
    }

    @Override // com.microsoft.intune.mam.client.ipc.AppPolicyEndpoint
    public List<MAMIdentityMetaData> getIdentityMetaData() {
        return this.mamIdentityManager.getIdentityMetaData();
    }

    @Override // com.microsoft.intune.mam.client.ipc.AbstractAppPolicyEndpoint
    public DatabaseAppPolicy getPolicyForPackage(String str, PolicyUpdateType policyUpdateType, int i) {
        DatabaseAppPolicy databaseAppPolicy = null;
        MAMServiceEnrollment mAMServiceEnrollment = (MAMServiceEnrollment) this.tableRepository.get(new MAMServiceEnrollment.Key(str));
        boolean z = mAMServiceEnrollment != null;
        if (policyUpdateType == PolicyUpdateType.INITIAL_UPDATE && z && mAMServiceEnrollment.checkinAtLaunch.booleanValue()) {
            LOGGER.info("App is configured to checkin at launch. Queueing checkin task for package: " + mAMServiceEnrollment.packageName + ", identity: " + this.mLogScrubber.scrubUPN(mAMServiceEnrollment.identity.rawUPN()));
            MAMServiceUtils.queueCheckin(mAMServiceEnrollment, this.context, true, this.mLogScrubber, null);
        }
        boolean z2 = z && mAMServiceEnrollment.getHasPolicy();
        if (isManagedApp(str)) {
            databaseAppPolicy = new DatabaseAppPolicy(this.tableRepository, str, z2);
            String pendingPolicyTemplateVersion = databaseAppPolicy.getPendingPolicyTemplateVersion();
            if (pendingPolicyTemplateVersion == null) {
                LOGGER.log(Level.FINE, "There is no pending policy version. Falling back to the current policy version or default.");
                pendingPolicyTemplateVersion = databaseAppPolicy.getPolicyTemplateVersion();
            }
            LOGGER.log(Level.FINE, "Effective pending policy version is: " + pendingPolicyTemplateVersion);
            if (policyUpdateType == PolicyUpdateType.INITIAL_UPDATE || PolicyVersionUtils.isSupportedPolicyVersion(pendingPolicyTemplateVersion, i)) {
                replaceCurrentPolicyWithPendingPolicy(str, z2);
            }
        }
        return databaseAppPolicy;
    }

    @Override // com.microsoft.intune.mam.client.ipc.AppPolicyEndpoint
    public PrimaryUserInfo getPrimaryUserInfo(String str) {
        MAMIdentity enrolledUser = EnrolledUserUtils.getEnrolledUser(str);
        if (enrolledUser == null) {
            return new PrimaryUserInfo(null, null, null, null);
        }
        MAMIdentity deviceOwnerIdentity = EnrolledUserUtils.getDeviceOwnerIdentity();
        return new PrimaryUserInfo(enrolledUser.rawUPN(), enrolledUser.aadId(), deviceOwnerIdentity == null ? null : deviceOwnerIdentity.rawUPN(), deviceOwnerIdentity != null ? deviceOwnerIdentity.aadId() : null);
    }

    @Override // com.microsoft.intune.mam.client.ipc.AppPolicyEndpoint
    public HashSet<Signature> getSignaturesForPackage(String str) {
        HashSet<Signature> hashSet = new HashSet<>();
        for (ApplicationSignature applicationSignature : this.tableRepository.getAll(ApplicationSignature.class)) {
            if (str.equals(applicationSignature.packageName)) {
                hashSet.add(new Signature(applicationSignature.signature));
            }
        }
        return hashSet;
    }

    @Override // com.microsoft.intune.mam.client.ipc.AppPolicyEndpoint
    public String getUPNIdentifierForLogging(String str) {
        return this.mamIdentityManager.getUPNIdentifierForLogging(str);
    }

    @Override // com.microsoft.intune.mam.client.ipc.AbstractAppPolicyEndpoint
    public int getUserPINMaxRetries(String str) {
        return getMinimumIntegerPolicyValue("PINNumRetry", 5);
    }

    @Override // com.microsoft.intune.mam.client.ipc.AppPolicyEndpoint
    public boolean hasAppsWithAppConfig() {
        return this.appConfigHelper.deviceHasAppsWithAppConfig();
    }

    @Override // com.microsoft.intune.mam.client.ipc.AppPolicyEndpoint
    public boolean hasManagedApps() {
        return (this.tableRepository.isTableEmpty(CurrentApplicationPolicyProperty.class) && this.tableRepository.isTableEmpty(PendingApplicationPolicyProperty.class)) ? false : true;
    }

    @Override // com.microsoft.intune.mam.client.ipc.AppPolicyEndpoint
    public void heartbeat(String str) {
        LOGGER.info("received heartbeat for package: " + str);
        queueCheckinIfDue(str, (MAMServiceEnrollment) this.tableRepository.get(new MAMServiceEnrollment.Key(str)), null);
    }

    @Override // com.microsoft.intune.mam.client.ipc.AppPolicyEndpoint
    public boolean isARPFeatureAvailable() {
        return this.deploymentSettings.isARPFeatureAvailable().booleanValue();
    }

    @Override // com.microsoft.intune.mam.client.ipc.AppPolicyEndpoint
    public boolean isAutoEnrolledWithToken(String str) {
        MAMServiceEnrollment mAMServiceEnrollment = (MAMServiceEnrollment) this.tableRepository.get(new MAMServiceEnrollment.Key(str));
        return (mAMServiceEnrollment == null || !mAMServiceEnrollment.getIsAutoEnrollment() || MAMServiceUtils.getEnrollmentsWithTokenOrBroker().isEmpty()) ? false : true;
    }

    @Override // com.microsoft.intune.mam.client.ipc.AbstractAppPolicyEndpoint, com.microsoft.intune.mam.client.ipc.AppPolicyEndpoint
    public boolean isCheckinTimeoutExceeded(String str) {
        MAMServiceEnrollment mAMServiceEnrollment = (MAMServiceEnrollment) this.tableRepository.get(new MAMServiceEnrollment.Key(str));
        if (mAMServiceEnrollment == null) {
            return false;
        }
        return mAMServiceEnrollment.offlineTimeoutExceeded();
    }

    @Override // com.microsoft.intune.mam.client.ipc.AbstractAppPolicyEndpoint, com.microsoft.intune.mam.client.ipc.AppPolicyEndpoint
    public boolean isMDMPasswordPolicyCompliant() {
        return MAMDevicePolicyUtils.isDevicePasswordCompliant();
    }

    @Override // com.microsoft.intune.mam.client.ipc.AppPolicyEndpoint
    public boolean isManagedApp(String str) {
        return isManagedAppInternal(str, this.tableRepository);
    }

    @Override // com.microsoft.intune.mam.client.ipc.AppPolicyEndpoint
    public boolean isPackageEnrolledForMAM(String str, String str2) {
        IpcUtils.ensureDeclaredCallerIsValid(str, this.context.getPackageManager());
        Binder.clearCallingIdentity();
        MAMServiceEnrollment mAMServiceEnrollment = (MAMServiceEnrollment) this.tableRepository.get(new MAMServiceEnrollment.Key(str));
        if (mAMServiceEnrollment != null) {
            return mAMServiceEnrollment.identity.equals(this.mamIdentityManager.fromString(str2));
        }
        return false;
    }

    @Override // com.microsoft.intune.mam.client.ipc.AppPolicyEndpoint
    public boolean isVerboseLoggingEnabled() {
        return Services.get().getDiagnosticSettings().getVerboseLoggingEnabled();
    }

    @Override // com.microsoft.intune.mam.client.ipc.AppPolicyEndpoint
    public boolean isWipeInProgress(String str) {
        WipeAppDataStatus appDataWipeStatus = this.appPolicyNotifier.getAppDataWipeStatus(str);
        return appDataWipeStatus == WipeAppDataStatus.INITIATED_SELECTIVE_WIPE || appDataWipeStatus == WipeAppDataStatus.LOADING_INTERNAL_SELECTIVE_WIPE;
    }

    @Override // com.microsoft.intune.mam.client.ipc.AbstractAppPolicyEndpoint
    public boolean isXposeDetected() {
        return Services.get().getRootCloakInstalledRootTest().executeTest() != 0;
    }

    @Override // com.microsoft.intune.mam.client.ipc.AppPolicyEndpoint
    public void logTelemetryEvent(TelemetryEvent telemetryEvent) {
        OMADMTelemetryWrapper.sendMAMTelemetryEvent(telemetryEvent);
    }

    @Override // com.microsoft.intune.mam.client.ipc.AppPolicyEndpoint
    public void notifyAppDataWipeStatus(String str, WipeAppDataStatus wipeAppDataStatus) {
        this.appPolicyNotifier.notifyAppDataWipeStatus(str, wipeAppDataStatus);
    }

    @Override // com.microsoft.intune.mam.client.ipc.AbstractAppPolicyEndpoint, com.microsoft.intune.mam.client.ipc.AppPolicyEndpoint
    public void onMAMAppInstall(String str, String str2) {
        Services.get().getAppInstallationReceiver().onAppInstalled(this.context, str, str2);
    }

    @Override // com.microsoft.intune.mam.client.ipc.AppPolicyEndpoint
    public void persistIdentity(MAMIdentityImpl mAMIdentityImpl) {
        this.mamIdentityManager.trackIdentity(mAMIdentityImpl);
    }

    @Override // com.microsoft.intune.mam.client.ipc.AppPolicyEndpoint
    public void persistIdentityMetaData(MAMIdentityMetaData mAMIdentityMetaData) {
        this.mamIdentityManager.trackIdentityMetaData(mAMIdentityMetaData);
    }

    @Override // com.microsoft.intune.mam.client.ipc.AppPolicyEndpoint
    public Bundle prefetchCurrentFileEncryptionKey(String str) throws MAMKeyRetrievalException {
        try {
            OMADMItem item = DatabaseAppPolicy.getItem(this.tableRepository, str, MAMPolicySchema.REQUIRE_FILE_ENCRYPTION);
            if (item == null || !item.getBooleanValue()) {
                return null;
            }
            return this.fileEncryptionKeyManager.getCurrentKey().getBundle();
        } catch (OMADMException e) {
            throw new MAMKeyRetrievalException("Failed to get current file encryption key.", e);
        }
    }

    @Override // com.microsoft.intune.mam.client.ipc.AppPolicyEndpoint
    public void setCachedMAMServiceUrl(String str, String str2, String str3) {
        IpcUtils.ensureDeclaredCallerIsValid(str, this.context.getPackageManager());
        Binder.clearCallingIdentity();
    }

    @Override // com.microsoft.intune.mam.client.ipc.AppPolicyEndpoint
    public MAMEnrollmentManager.Result unenrollPackageForMAM(String str, String str2) {
        IpcUtils.ensureDeclaredCallerIsValid(str, this.context.getPackageManager());
        Binder.clearCallingIdentity();
        return internalUnenrollPackageForMAM(str, this.mamIdentityManager.fromString(str2), this.appPolicyNotifier, this.mamIdentityManager);
    }

    @Override // com.microsoft.intune.mam.client.ipc.AbstractAppPolicyEndpoint, com.microsoft.intune.mam.client.ipc.AppPolicyEndpoint
    public void updateMAMServiceToken(String str, MAMIdentityImpl mAMIdentityImpl, String str2) {
        this.tokenManager.cacheToken(str2, mAMIdentityImpl);
        queueCheckinIfDue(str, (MAMServiceEnrollment) this.tableRepository.get(new MAMServiceEnrollment.Key(str)), str2);
    }
}
