package com.microsoft.omadm.apppolicy.mamservice;

import android.content.Context;
import com.microsoft.aad.adal.AuthenticationResult;
import com.microsoft.intune.mam.client.app.startup.ADALConnectionDetails;
import com.microsoft.intune.mam.client.identity.MAMIdentity;
import com.microsoft.intune.mam.log.MAMLogScrubber;
import com.microsoft.intune.mam.log.MAMLogScrubberImpl;
import com.microsoft.intune.mam.policy.MAMServiceAuthentication;
import com.microsoft.omadm.DiagnosticSettings;
import com.microsoft.omadm.Services;
import com.microsoft.omadm.apppolicy.AppPolicyNotifier;
import com.microsoft.omadm.apppolicy.data.MAMAdalConnectionDetails;
import com.microsoft.omadm.apppolicy.data.MAMServiceEnrollment;
import com.microsoft.omadm.database.TableRepository;
import java.util.Collections;
import java.util.Comparator;
import java.util.HashMap;
import java.util.List;
import java.util.logging.Logger;
import javax.inject.Inject;
import javax.inject.Singleton;

@Singleton
/* loaded from: classes.dex */
public class MAMServiceTokenManager {
    private static final Logger LOGGER = Logger.getLogger(MAMServiceTokenManager.class.getName());
    static final String MAM_TEST_REFRESH_TOKEN = "MAMTestRefreshToken";
    private static final long TOKEN_VALIDITY_MS = 1800000;

    @Inject
    Context mContext;
    private HashMap<MAMIdentity, CachedToken> mCache = new HashMap<>();
    private MAMLogScrubber mLogScrubber = new MAMLogScrubberImpl(((DiagnosticSettings) Services.getInstance(DiagnosticSettings.class)).getVerboseLoggingEnabled());

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes.dex */
    public static class CachedToken {
        public long mExpiry;
        public String mToken;

        CachedToken(String str, long j) {
            this.mToken = str;
            this.mExpiry = j;
        }
    }

    /* loaded from: classes.dex */
    public static final class TokenData {
        final MAMServiceEnrollment mEnrollment;
        final String mMAMServiceToken;

        TokenData(MAMServiceEnrollment mAMServiceEnrollment, String str) {
            this.mEnrollment = mAMServiceEnrollment;
            this.mMAMServiceToken = str;
        }
    }

    @Inject
    public MAMServiceTokenManager(Context context) {
        this.mContext = context;
    }

    public static ADALConnectionDetails getADALConnectionDetailsFromDB(String str) {
        MAMAdalConnectionDetails mAMAdalConnectionDetails = (MAMAdalConnectionDetails) ((TableRepository) Services.getInstance(TableRepository.class)).get(new MAMAdalConnectionDetails.Key(str));
        if (mAMAdalConnectionDetails != null) {
            return mAMAdalConnectionDetails.get();
        }
        return null;
    }

    private String getCachedToken(MAMIdentity mAMIdentity) {
        String str = null;
        synchronized (this.mCache) {
            CachedToken cachedToken = this.mCache.get(mAMIdentity);
            if (cachedToken != null) {
                if (cachedToken.mExpiry < System.currentTimeMillis()) {
                    this.mCache.remove(mAMIdentity);
                } else {
                    LOGGER.info("Using cached MAMService token instead of requesting a new one");
                    str = cachedToken.mToken;
                }
            }
        }
        return str;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static int getRefreshTokenRank(String str) {
        if (MAMServiceAuthentication.APIV2_AUTH_USED.equals(str)) {
            return 1;
        }
        if (MAMServiceAuthentication.BROKER_NEEDED.equals(str)) {
            return 2;
        }
        return str != null ? 3 : 4;
    }

    public String acquireMAMServiceToken(String str, String str2, MAMIdentity mAMIdentity, ADALConnectionDetails aDALConnectionDetails) {
        if (MAM_TEST_REFRESH_TOKEN.equals(str2)) {
            return MAM_TEST_REFRESH_TOKEN;
        }
        if (str2 == null) {
            LOGGER.severe("acquireMAMServiceToken passed null refresh token. This should not occur");
            return null;
        }
        String cachedToken = getCachedToken(mAMIdentity);
        if (cachedToken != null) {
            return cachedToken;
        }
        if (MAMServiceAuthentication.APIV2_AUTH_USED.equals(str2)) {
            LOGGER.info("Calling app-registered auth callback to acquire MAM Service token for " + str);
            String mAMServiceTokenFromCallback = ((AppPolicyNotifier) Services.getInstance(AppPolicyNotifier.class)).getMAMServiceTokenFromCallback(str, mAMIdentity.rawUPN(), mAMIdentity.aadId());
            cacheToken(mAMServiceTokenFromCallback, mAMIdentity);
            return mAMServiceTokenFromCallback;
        }
        if (MAMServiceAuthentication.BROKER_NEEDED.equals(str2)) {
            String mamServiceToken = ((AppPolicyNotifier) Services.getInstance(AppPolicyNotifier.class)).getMamServiceToken(str, mAMIdentity.rawUPN());
            cacheToken(mamServiceToken, mAMIdentity);
            return mamServiceToken;
        }
        AuthenticationResult authenticateWithRefreshToken = MAMServiceAuthentication.authenticateWithRefreshToken(this.mContext, aDALConnectionDetails, str2);
        if (authenticateWithRefreshToken == null) {
            return null;
        }
        cacheToken(authenticateWithRefreshToken.getAccessToken(), mAMIdentity);
        return authenticateWithRefreshToken.getAccessToken();
    }

    public TokenData acquireMAMServiceTokenFromEnrolledApps(String str) {
        List<MAMServiceEnrollment> enrollmentsBySuccess = MAMServiceUtils.getEnrollmentsBySuccess();
        Collections.sort(enrollmentsBySuccess, new Comparator<MAMServiceEnrollment>() { // from class: com.microsoft.omadm.apppolicy.mamservice.MAMServiceTokenManager.1
            @Override // java.util.Comparator
            public int compare(MAMServiceEnrollment mAMServiceEnrollment, MAMServiceEnrollment mAMServiceEnrollment2) {
                int refreshTokenRank = MAMServiceTokenManager.getRefreshTokenRank(mAMServiceEnrollment.refreshToken);
                int refreshTokenRank2 = MAMServiceTokenManager.getRefreshTokenRank(mAMServiceEnrollment2.refreshToken);
                if (refreshTokenRank == refreshTokenRank2) {
                    return 0;
                }
                return refreshTokenRank < refreshTokenRank2 ? -1 : 1;
            }
        });
        TableRepository tableRepository = (TableRepository) Services.getInstance(TableRepository.class);
        for (MAMServiceEnrollment mAMServiceEnrollment : enrollmentsBySuccess) {
            String cachedToken = getCachedToken(mAMServiceEnrollment.identity);
            if (cachedToken != null) {
                return new TokenData(mAMServiceEnrollment, cachedToken);
            }
            MAMAdalConnectionDetails mAMAdalConnectionDetails = (MAMAdalConnectionDetails) tableRepository.get(new MAMAdalConnectionDetails.Key(mAMServiceEnrollment.packageName));
            String acquireMAMServiceToken = acquireMAMServiceToken(mAMServiceEnrollment.packageName, mAMServiceEnrollment.refreshToken, mAMServiceEnrollment.identity, mAMAdalConnectionDetails == null ? null : mAMAdalConnectionDetails.get());
            if (acquireMAMServiceToken != null) {
                return new TokenData(mAMServiceEnrollment, acquireMAMServiceToken);
            }
            LOGGER.info("Unable to acquire MAM Service Token from app " + mAMServiceEnrollment.packageName + " on behalf of " + str);
        }
        return null;
    }

    public void cacheToken(String str, MAMIdentity mAMIdentity) {
        if (str == null) {
            return;
        }
        synchronized (this.mCache) {
            CachedToken cachedToken = this.mCache.get(mAMIdentity);
            if (cachedToken == null || !str.equals(cachedToken.mToken)) {
                this.mCache.put(mAMIdentity, new CachedToken(str, System.currentTimeMillis() + TOKEN_VALIDITY_MS));
                LOGGER.info("Cached MAMService token for " + this.mLogScrubber.scrubUPN(mAMIdentity.rawUPN()));
            }
        }
    }
}
