package com.microsoft.windowsintune.companyportal.viewmodels;

import android.app.Application;
import android.content.ContentValues;
import android.net.Uri;
import android.os.Build;
import com.microsoft.intune.common.settings.IDeploymentSettings;
import com.microsoft.intune.mam.client.identity.MAMIdentityImpl;
import com.microsoft.omadm.EnrollmentSettings;
import com.microsoft.omadm.EnrollmentStateSettings;
import com.microsoft.omadm.EnrollmentStateType;
import com.microsoft.omadm.EnrollmentType;
import com.microsoft.omadm.TableRepositoryContentProvider;
import com.microsoft.omadm.apppolicy.data.MAMIdentityMetaDataTable;
import com.microsoft.windowsintune.companyportal.LocalDeviceStateTracker;
import com.microsoft.windowsintune.companyportal.ServiceLocator;
import com.microsoft.windowsintune.companyportal.branding.AndroidBrandingInformation;
import com.microsoft.windowsintune.companyportal.branding.BrandingInformationLocalRepository;
import com.microsoft.windowsintune.companyportal.exceptions.AadAuthenticationException;
import com.microsoft.windowsintune.companyportal.models.IntuneToken;
import com.microsoft.windowsintune.companyportal.user.UserAccountInfoLookup;
import com.microsoft.windowsintune.companyportal.utils.Delegate;
import com.microsoft.windowsintune.companyportal.viewmodels.IAadAuthenticationViewModel;
import com.microsoft.windowsintune.companyportal.viewmodels.SafeViewModelDelegate;
import com.microsoft.windowsintune.companyportal.views.ISSPViewBase;
import com.microsoft.windowsintune.companyportal.views.SspDialogFactory;
import java.text.MessageFormat;
import java.util.logging.Level;
import java.util.logging.Logger;
import org.apache.commons.lang3.StringUtils;

/* loaded from: classes.dex */
public class EnrolledUserAadAuthenticationViewModel extends AadAuthenticationViewModelBase {
    private static final Logger LOGGER = Logger.getLogger(EnrolledUserAadAuthenticationViewModel.class.getName());
    private final ISSPViewBase authFragment;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: com.microsoft.windowsintune.companyportal.viewmodels.EnrolledUserAadAuthenticationViewModel$1, reason: invalid class name */
    /* loaded from: classes.dex */
    public class AnonymousClass1 extends Delegate.Action0 {
        final /* synthetic */ Uri val$contentIdentityUri;
        final /* synthetic */ ContentValues val$identityContentValues;
        final /* synthetic */ boolean val$isRenewal;

        AnonymousClass1(boolean z, ContentValues contentValues, Uri uri) {
            this.val$isRenewal = z;
            this.val$identityContentValues = contentValues;
            this.val$contentIdentityUri = uri;
        }

        @Override // com.microsoft.windowsintune.companyportal.utils.Delegate.Action0
        public void exec() {
            if (EnrolledUserAadAuthenticationViewModel.this.isAnotherUserAttemptingLogin()) {
                EnrolledUserAadAuthenticationViewModel.LOGGER.severe("A user other than the enrolled user has attempted to log in.");
                EnrolledUserAadAuthenticationViewModel.this.getContext().runOnUiThread(new Runnable() { // from class: com.microsoft.windowsintune.companyportal.viewmodels.EnrolledUserAadAuthenticationViewModel.1.1
                    @Override // java.lang.Runnable
                    public void run() {
                        SspDialogFactory.showMultiUserLoginFailureDialog(EnrolledUserAadAuthenticationViewModel.this.getContext(), ((EnrollmentSettings) ServiceLocator.getInstance().get(EnrollmentSettings.class)).getString(EnrollmentSettings.AAD_USER_PRINCIPAL_NAME, ""), ((IntuneToken) ServiceLocator.getInstance().get(IntuneToken.class)).getAADUserPrincipalNameValue(), new Delegate.Action0() { // from class: com.microsoft.windowsintune.companyportal.viewmodels.EnrolledUserAadAuthenticationViewModel.1.1.1
                            @Override // com.microsoft.windowsintune.companyportal.utils.Delegate.Action0
                            public void exec() {
                                EnrolledUserAadAuthenticationViewModel.this.loginUserAsync(AnonymousClass1.this.val$isRenewal);
                            }
                        });
                    }
                });
                EnrolledUserAadAuthenticationViewModel.this.onAuthenticationFailure(IAadAuthenticationViewModel.AuthenticationState.ErrorMultiUserLoginAttempt, new AadAuthenticationException("A user other than the enrolled user has attempted to log in."));
                return;
            }
            ServiceLocator serviceLocator = ServiceLocator.getInstance();
            IntuneToken intuneToken = (IntuneToken) serviceLocator.get(IntuneToken.class);
            EnrollmentSettings enrollmentSettings = (EnrollmentSettings) serviceLocator.get(EnrollmentSettings.class);
            String aADUserPrincipalNameValue = intuneToken.getAADUserPrincipalNameValue();
            String aADUserIdValue = intuneToken.getAADUserIdValue();
            String aADTenantId = intuneToken.getAADTenantId();
            enrollmentSettings.setString(EnrollmentSettings.AAD_USER_PRINCIPAL_NAME, aADUserPrincipalNameValue);
            enrollmentSettings.setString(EnrollmentSettings.AAD_USER_ID, aADUserIdValue);
            enrollmentSettings.commit();
            this.val$identityContentValues.put("UPN", MAMIdentityImpl.canonicalize(aADUserPrincipalNameValue));
            this.val$identityContentValues.put("AADID", MAMIdentityImpl.canonicalize(aADUserIdValue));
            this.val$identityContentValues.put(MAMIdentityMetaDataTable.COLUMN_TENANT_AAD_ID, MAMIdentityImpl.canonicalize(aADTenantId));
            if (EnrolledUserAadAuthenticationViewModel.this.getContext().getContentResolver().insert(this.val$contentIdentityUri, this.val$identityContentValues) == null) {
                EnrolledUserAadAuthenticationViewModel.LOGGER.info("Unable to insert identity info into content provider.");
            }
            EnrolledUserAadAuthenticationViewModel.this.continueAuthenticationSuccess(PostAuthenticationState.AUTHENTICATION_COMPLETE);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes.dex */
    public enum PostAuthenticationState {
        AUTHENTICATION_COMPLETE,
        ENROLLMENT_STATE_UPDATED,
        BRANDING_UPDATED
    }

    public EnrolledUserAadAuthenticationViewModel(ISSPViewBase iSSPViewBase) {
        super(iSSPViewBase);
        this.authFragment = iSSPViewBase;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void continueAuthenticationSuccess(PostAuthenticationState postAuthenticationState) {
        LOGGER.info("Continue authentication from state: " + postAuthenticationState);
        switch (postAuthenticationState) {
            case ENROLLMENT_STATE_UPDATED:
                ((BrandingInformationLocalRepository) ServiceLocator.getInstance().get(BrandingInformationLocalRepository.class)).getBrandingInformationAsync(new SafeViewModelDelegate.SafeActionWrapper1(this, new Delegate.Action1<AndroidBrandingInformation>() { // from class: com.microsoft.windowsintune.companyportal.viewmodels.EnrolledUserAadAuthenticationViewModel.2
                    @Override // com.microsoft.windowsintune.companyportal.utils.Delegate.Action1, com.microsoft.windowsintune.companyportal.utils.Delegate.Action1Throw
                    public void exec(AndroidBrandingInformation androidBrandingInformation) {
                        EnrolledUserAadAuthenticationViewModel.LOGGER.info("Branding info updated successfully");
                        EnrolledUserAadAuthenticationViewModel.this.continueAuthenticationSuccess(PostAuthenticationState.BRANDING_UPDATED);
                    }
                }), new SafeViewModelDelegate.SafeActionWrapper1(this, new Delegate.Action1<Exception>() { // from class: com.microsoft.windowsintune.companyportal.viewmodels.EnrolledUserAadAuthenticationViewModel.3
                    @Override // com.microsoft.windowsintune.companyportal.utils.Delegate.Action1, com.microsoft.windowsintune.companyportal.utils.Delegate.Action1Throw
                    public void exec(Exception exc) {
                        EnrolledUserAadAuthenticationViewModel.LOGGER.log(Level.SEVERE, "Failed to update branding info", (Throwable) exc);
                        EnrolledUserAadAuthenticationViewModel.this.continueAuthenticationSuccess(PostAuthenticationState.BRANDING_UPDATED);
                    }
                }));
                return;
            case BRANDING_UPDATED:
                setResult(1);
                return;
            default:
                updateEnrollmentState();
                return;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public boolean isAnotherUserAttemptingLogin() {
        ServiceLocator serviceLocator = ServiceLocator.getInstance();
        String string = ((EnrollmentSettings) serviceLocator.get(EnrollmentSettings.class)).getString(EnrollmentSettings.AAD_USER_ID, "");
        return (StringUtils.isEmpty(string) || StringUtils.equalsIgnoreCase(((IntuneToken) serviceLocator.get(IntuneToken.class)).getAADUserIdValue(), string)) ? false : true;
    }

    private void updateEnrollmentState() {
        final EnrollmentStateSettings enrollmentStateSettings = (EnrollmentStateSettings) ServiceLocator.getInstance().get(EnrollmentStateSettings.class);
        EnrollmentStateType currentState = enrollmentStateSettings.getCurrentState();
        if (currentState.isEnrolled()) {
            LOGGER.info("Device is already enrolled; updating state tracker.");
            ((LocalDeviceStateTracker) ServiceLocator.getInstance().get(LocalDeviceStateTracker.class)).notifyUserAuthenticatedEvent(true);
        } else {
            LOGGER.info("Device is not enrolled; updating state tracker and checking for AFW enrollment.");
            ((LocalDeviceStateTracker) ServiceLocator.getInstance().get(LocalDeviceStateTracker.class)).notifyUserAuthenticatedEvent(false);
            if (currentState == EnrollmentStateType.Unenrolled) {
                LOGGER.info("Device is not enrolled.");
                if (Build.VERSION.SDK_INT >= 21) {
                    LOGGER.info("Device supports SDK version newer than Lollipop.");
                    if (((Application) ServiceLocator.getInstance().get(Application.class)).getPackageManager().hasSystemFeature("android.software.managed_users")) {
                        LOGGER.info("Device supports AFW enrollment.");
                        ((UserAccountInfoLookup) ServiceLocator.getInstance().get(UserAccountInfoLookup.class)).shouldUserAfwEnroll(new SafeViewModelDelegate.SafeActionWrapper1(this, new Delegate.Action1<Boolean>() { // from class: com.microsoft.windowsintune.companyportal.viewmodels.EnrolledUserAadAuthenticationViewModel.4
                            @Override // com.microsoft.windowsintune.companyportal.utils.Delegate.Action1, com.microsoft.windowsintune.companyportal.utils.Delegate.Action1Throw
                            public void exec(Boolean bool) {
                                Logger logger = EnrolledUserAadAuthenticationViewModel.LOGGER;
                                Object[] objArr = new Object[1];
                                objArr[0] = bool.booleanValue() ? "should" : "should not";
                                logger.info(MessageFormat.format("User {0} AFW enroll.", objArr));
                                enrollmentStateSettings.setEnrollmentType(bool.booleanValue() ? EnrollmentType.AfwProfileOwner : EnrollmentType.DeviceAdmin);
                                EnrolledUserAadAuthenticationViewModel.this.continueAuthenticationSuccess(PostAuthenticationState.ENROLLMENT_STATE_UPDATED);
                            }
                        }));
                        return;
                    } else {
                        LOGGER.info("Device does not support AFW enrollment");
                        enrollmentStateSettings.setEnrollmentType(EnrollmentType.DeviceAdmin);
                    }
                } else {
                    LOGGER.info("Device will not AFW enroll because it is < api21.");
                    enrollmentStateSettings.setEnrollmentType(EnrollmentType.DeviceAdmin);
                }
            }
        }
        continueAuthenticationSuccess(PostAuthenticationState.ENROLLMENT_STATE_UPDATED);
    }

    @Override // com.microsoft.windowsintune.companyportal.viewmodels.IAadAuthenticationViewModel
    public void loginUserAsync(boolean z) {
        LOGGER.info("Starting enrolled user authentication.");
        if (IDeploymentSettings.DataPlugin.MOCK == ((IDeploymentSettings) ServiceLocator.getInstance().get(IDeploymentSettings.class)).getDataPlugin()) {
            LOGGER.info("Data plugin is Mock. Returning success.");
            setResult(1);
            return;
        }
        ServiceLocator serviceLocator = ServiceLocator.getInstance();
        if (!((EnrollmentStateSettings) serviceLocator.get(EnrollmentStateSettings.class)).getCurrentState().isEnrolled()) {
            EnrollmentSettings enrollmentSettings = (EnrollmentSettings) serviceLocator.get(EnrollmentSettings.class);
            enrollmentSettings.remove(EnrollmentSettings.AAD_USER_PRINCIPAL_NAME);
            enrollmentSettings.remove(EnrollmentSettings.AAD_USER_ID);
            enrollmentSettings.commit();
        }
        acquireTokensAsync(new SafeViewModelDelegate.SafeActionWrapper0(this, new AnonymousClass1(z, new ContentValues(), new Uri.Builder().scheme("content").authority(TableRepositoryContentProvider.AUTHORITY).path(TableRepositoryContentProvider.MAMIDENTITY_TABLE).build())));
    }

    @Override // com.microsoft.windowsintune.companyportal.viewmodels.AadAuthenticationViewModelBase
    protected void navigateOnSignInFailure(IAadAuthenticationViewModel.AuthenticationState authenticationState) {
        EnrollmentStateType currentState = ((EnrollmentStateSettings) ServiceLocator.getInstance().get(EnrollmentStateSettings.class)).getCurrentState();
        if (authenticationState == IAadAuthenticationViewModel.AuthenticationState.UserCanceled) {
            LOGGER.info("User cancelled authentication");
            setResult(0);
        } else if (currentState.isEnrolled()) {
            LOGGER.info("Authentication failed. Device is enrolled. Re-starting navigation.");
            loginUserAsync(false);
        } else {
            LOGGER.info("Authentication failed. Device is not enrolled.");
            setResult(2);
        }
    }
}
