package com.microsoft.omadm.platforms.android.provider;

import android.content.Context;
import android.security.KeyChainException;
import android.util.Base64;
import com.microsoft.omadm.OMADMItem;
import com.microsoft.omadm.OMADMStatusCode;
import com.microsoft.omadm.exception.OMADMException;
import com.microsoft.omadm.exception.OMADMStatusException;
import com.microsoft.omadm.platforms.ICertificateEnrollmentManager;
import com.microsoft.omadm.platforms.ICertificateStoreManager;
import com.microsoft.omadm.platforms.android.certmgr.CertStatus;
import com.microsoft.omadm.platforms.android.certmgr.data.CertRequestData;
import com.microsoft.omadm.platforms.android.certmgr.data.CertStateData;
import com.microsoft.omadm.platforms.android.certmgr.data.ScepCertificate;
import com.microsoft.omadm.platforms.android.certmgr.data.ScepCertificateRequest;
import com.microsoft.omadm.platforms.android.certmgr.data.ScepCertificateState;
import com.microsoft.omadm.platforms.android.certmgr.data.ScepEnrollCertificateRequest;
import com.microsoft.omadm.platforms.android.certmgr.data.ScepRenewCertificateRequest;
import com.microsoft.omadm.provider.OMADMAggregateProvider;
import com.microsoft.omadm.provider.OMADMLeafNode;
import com.microsoft.omadm.users.User;
import com.microsoft.omadm.utils.OMADMPolicy;
import com.microsoft.omadm.utils.ScepRequestIdUtils;
import com.microsoft.windowsintune.companyportal.enrollment.EnrollmentRenewalWstepRequest;
import java.text.MessageFormat;
import java.util.ArrayList;
import java.util.List;
import java.util.logging.Level;
import java.util.logging.Logger;
import org.apache.commons.lang3.StringUtils;

/* loaded from: classes.dex */
public class CertificateEnrollmentProvider extends OMADMAggregateProvider {
    private static final Logger LOGGER = Logger.getLogger(CertificateEnrollmentProvider.class.getName());
    private final ICertificateEnrollmentManager certEnrollMgr;
    private final CertRequestData certRequestData;
    private final CertStateData certStateData;
    private final ICertificateStoreManager certStoreMgr;
    private final User user;

    /* loaded from: classes.dex */
    private class CertificateEnrollmentRequestProvider extends OMADMAggregateProvider {
        private ICertificateEnrollmentManager certEnrollMgr;

        CertificateEnrollmentRequestProvider(final CertRequestData certRequestData, final CertStateData certStateData, ICertificateEnrollmentManager iCertificateEnrollmentManager, final ICertificateStoreManager iCertificateStoreManager, final String str) throws OMADMStatusException {
            this.certEnrollMgr = iCertificateEnrollmentManager;
            putChild("ConfigurationParameters", new OMADMLeafNode() { // from class: com.microsoft.omadm.platforms.android.provider.CertificateEnrollmentProvider.CertificateEnrollmentRequestProvider.1
                @Override // com.microsoft.omadm.provider.OMADMLeafNode
                public OMADMItem get() throws OMADMException {
                    ScepCertificateRequest requestById = certRequestData.getRequestById(str, Long.valueOf(CertificateEnrollmentProvider.this.user.getPrimaryKeyId()));
                    if (requestById != null) {
                        return new OMADMItem(requestById.configParameters);
                    }
                    ScepCertificateState userCertificateByRequestId = certStateData.getUserCertificateByRequestId(str, Long.valueOf(CertificateEnrollmentProvider.this.user.getPrimaryKeyId()));
                    if (userCertificateByRequestId == null) {
                        throw new OMADMStatusException(OMADMStatusCode.STATUS_E_NOT_FOUND);
                    }
                    return userCertificateByRequestId.status.convertScepCertToGatewayStatus() == CertStatus.CERT_ENROLLED ? new OMADMItem("") : new OMADMItem(userCertificateByRequestId.configParameters);
                }
            });
            putChild("Status", new OMADMLeafNode() { // from class: com.microsoft.omadm.platforms.android.provider.CertificateEnrollmentProvider.CertificateEnrollmentRequestProvider.2
                @Override // com.microsoft.omadm.provider.OMADMLeafNode
                public OMADMItem get() throws OMADMException {
                    ScepCertificateRequest requestById = certRequestData.getRequestById(str, Long.valueOf(CertificateEnrollmentProvider.this.user.getPrimaryKeyId()));
                    if (requestById != null) {
                        return new OMADMItem(requestById.status.convertScepCertToGatewayStatus().toInteger());
                    }
                    ScepCertificateState userCertificateByRequestId = certStateData.getUserCertificateByRequestId(str, Long.valueOf(CertificateEnrollmentProvider.this.user.getPrimaryKeyId()));
                    if (userCertificateByRequestId == null) {
                        throw new OMADMStatusException(OMADMStatusCode.STATUS_E_NOT_FOUND);
                    }
                    return new OMADMItem(userCertificateByRequestId.status.convertScepCertToGatewayStatus().toInteger());
                }
            });
            putChild("Error", new OMADMLeafNode() { // from class: com.microsoft.omadm.platforms.android.provider.CertificateEnrollmentProvider.CertificateEnrollmentRequestProvider.3
                @Override // com.microsoft.omadm.provider.OMADMLeafNode
                public OMADMItem get() throws OMADMException {
                    ScepCertificateRequest requestById = certRequestData.getRequestById(str, Long.valueOf(CertificateEnrollmentProvider.this.user.getPrimaryKeyId()));
                    if (requestById != null) {
                        return new OMADMItem(requestById.lastError.intValue());
                    }
                    ScepCertificateState userCertificateByRequestId = certStateData.getUserCertificateByRequestId(str, Long.valueOf(CertificateEnrollmentProvider.this.user.getPrimaryKeyId()));
                    if (userCertificateByRequestId == null) {
                        throw new OMADMStatusException(OMADMStatusCode.STATUS_E_NOT_FOUND);
                    }
                    return new OMADMItem(userCertificateByRequestId.lastError.intValue());
                }
            });
            putChild("Thumbprint", new OMADMLeafNode() { // from class: com.microsoft.omadm.platforms.android.provider.CertificateEnrollmentProvider.CertificateEnrollmentRequestProvider.4
                @Override // com.microsoft.omadm.provider.OMADMLeafNode
                public OMADMItem get() throws OMADMException {
                    ScepCertificateRequest requestById = certRequestData.getRequestById(str, Long.valueOf(CertificateEnrollmentProvider.this.user.getPrimaryKeyId()));
                    if (requestById != null) {
                        return new OMADMItem(requestById.certificateHash);
                    }
                    ScepCertificateState userCertificateByRequestId = certStateData.getUserCertificateByRequestId(str, Long.valueOf(CertificateEnrollmentProvider.this.user.getPrimaryKeyId()));
                    if (userCertificateByRequestId == null) {
                        throw new OMADMStatusException(OMADMStatusCode.STATUS_E_NOT_FOUND);
                    }
                    return new OMADMItem(userCertificateByRequestId.thumbprint);
                }
            });
            putChild("EncodedCertificate", new OMADMLeafNode() { // from class: com.microsoft.omadm.platforms.android.provider.CertificateEnrollmentProvider.CertificateEnrollmentRequestProvider.5
                @Override // com.microsoft.omadm.provider.OMADMLeafNode
                public OMADMItem get() throws OMADMException {
                    ScepCertificateState userCertificateByRequestId = certStateData.getUserCertificateByRequestId(str, Long.valueOf(CertificateEnrollmentProvider.this.user.getPrimaryKeyId()));
                    if (userCertificateByRequestId == null) {
                        throw new OMADMStatusException(OMADMStatusCode.STATUS_E_NOT_FOUND);
                    }
                    ScepCertificate scepCertificate = new ScepCertificate(userCertificateByRequestId);
                    if (scepCertificate.status == CertStatus.CERT_ACCESS_GRANTED) {
                        try {
                            if (!iCertificateStoreManager.loadUserCertificate(scepCertificate)) {
                                throw new OMADMStatusException(OMADMStatusCode.STATUS_E_NOT_FOUND);
                            }
                        } catch (KeyChainException e) {
                            throw new OMADMStatusException(OMADMStatusCode.STATUS_E_RETRY_LATER);
                        }
                    }
                    if (scepCertificate.certBlob == null) {
                        throw new OMADMStatusException(OMADMStatusCode.STATUS_E_NOT_FOUND);
                    }
                    return new OMADMItem(Base64.encodeToString(scepCertificate.certBlob, 0));
                }
            });
            putChild("Install", new OMADMLeafNode() { // from class: com.microsoft.omadm.platforms.android.provider.CertificateEnrollmentProvider.CertificateEnrollmentRequestProvider.6
                @Override // com.microsoft.omadm.provider.OMADMLeafNode
                public void set(OMADMItem oMADMItem) throws OMADMException {
                    if (oMADMItem == null) {
                        throw new OMADMStatusException(OMADMStatusCode.STATUS_E_FAILED);
                    }
                    ScepCertificateState userCertificateByRequestId = certStateData.getUserCertificateByRequestId(str, Long.valueOf(CertificateEnrollmentProvider.this.user.getPrimaryKeyId()));
                    try {
                        certRequestData.addRequest(ScepEnrollCertificateRequest.generateRequest(str, oMADMItem.value, userCertificateByRequestId == null ? null : userCertificateByRequestId.alias, Long.valueOf(CertificateEnrollmentProvider.this.user.getPrimaryKeyId())));
                    } catch (Exception e) {
                        CertificateEnrollmentProvider.LOGGER.log(Level.WARNING, MessageFormat.format("Encountered exception generating or adding ScepEnrollCertificateRequest for scep install with id: {0}", str), (Throwable) e);
                        throw new OMADMStatusException(OMADMStatusCode.STATUS_E_FAILED, e);
                    }
                }
            });
            putChild(EnrollmentRenewalWstepRequest.REQUEST_TYPE_RENEW, new OMADMLeafNode() { // from class: com.microsoft.omadm.platforms.android.provider.CertificateEnrollmentProvider.CertificateEnrollmentRequestProvider.7
                @Override // com.microsoft.omadm.provider.OMADMLeafNode
                public void set(OMADMItem oMADMItem) throws OMADMException {
                    if (oMADMItem == null) {
                        throw new OMADMStatusException(OMADMStatusCode.STATUS_E_FAILED);
                    }
                    ScepCertificateState userCertificateByRequestId = certStateData.getUserCertificateByRequestId(str, Long.valueOf(CertificateEnrollmentProvider.this.user.getPrimaryKeyId()));
                    if (userCertificateByRequestId == null) {
                        throw new OMADMStatusException(OMADMStatusCode.STATUS_E_NOT_FOUND);
                    }
                    try {
                        certRequestData.addRequest(ScepRenewCertificateRequest.generateRequest(str, oMADMItem.value, userCertificateByRequestId.alias, userCertificateByRequestId.thumbprint, userCertificateByRequestId.privateKey, userCertificateByRequestId.user));
                    } catch (Exception e) {
                        CertificateEnrollmentProvider.LOGGER.log(Level.WARNING, MessageFormat.format("Encountered exception generating or adding ScepEnrollCertificateRequest for scep renew with id: {0}", str), (Throwable) e);
                        throw new OMADMStatusException(OMADMStatusCode.STATUS_E_FAILED);
                    }
                }
            });
            putChild("Alias", new OMADMLeafNode() { // from class: com.microsoft.omadm.platforms.android.provider.CertificateEnrollmentProvider.CertificateEnrollmentRequestProvider.8
                @Override // com.microsoft.omadm.provider.OMADMLeafNode
                public OMADMItem get() throws OMADMException {
                    ScepCertificateState userCertificateByRequestId = certStateData.getUserCertificateByRequestId(str, Long.valueOf(CertificateEnrollmentProvider.this.user.getPrimaryKeyId()));
                    if (userCertificateByRequestId != null && !StringUtils.isBlank(userCertificateByRequestId.alias)) {
                        return new OMADMItem(userCertificateByRequestId.alias);
                    }
                    ScepCertificateRequest requestById = certRequestData.getRequestById(str, Long.valueOf(CertificateEnrollmentProvider.this.user.getPrimaryKeyId()));
                    if (requestById == null || StringUtils.isBlank(requestById.alias)) {
                        throw new OMADMStatusException(OMADMStatusCode.STATUS_E_NOT_FOUND);
                    }
                    return new OMADMItem(requestById.alias);
                }
            });
        }

        @Override // com.microsoft.omadm.provider.OMADMAggregateProvider, com.microsoft.omadm.provider.OMADMProvider
        public List<OMADMPolicy> getPolicies() {
            ArrayList arrayList = new ArrayList();
            arrayList.add(new CertificateRequestPolicy(this.certEnrollMgr, CertificateEnrollmentProvider.this.user));
            List<OMADMPolicy> policies = super.getPolicies();
            if (policies != null) {
                arrayList.addAll(policies);
            }
            return arrayList;
        }
    }

    /* loaded from: classes.dex */
    public static class CertificateRequestPolicy implements OMADMPolicy {
        private final ICertificateEnrollmentManager certEnrollMgr;
        private final User user;

        public CertificateRequestPolicy(ICertificateEnrollmentManager iCertificateEnrollmentManager, User user) {
            this.certEnrollMgr = iCertificateEnrollmentManager;
            this.user = user;
        }

        @Override // com.microsoft.omadm.utils.OMADMPolicy
        public void enforce() throws OMADMException {
            this.certEnrollMgr.enrollPendingCertificates(Long.valueOf(this.user.getPrimaryKeyId()));
        }

        @Override // com.microsoft.omadm.utils.OMADMPolicy
        public boolean isCompliant() throws OMADMException {
            return true;
        }
    }

    public CertificateEnrollmentProvider(Context context, ICertificateEnrollmentManager iCertificateEnrollmentManager, ICertificateStoreManager iCertificateStoreManager, User user) throws OMADMException {
        this.certEnrollMgr = iCertificateEnrollmentManager;
        this.certStoreMgr = iCertificateStoreManager;
        this.user = user;
        this.certRequestData = new CertRequestData(context);
        this.certStateData = new CertStateData(context);
        for (ScepCertificateRequest scepCertificateRequest : this.certRequestData.getAllRequests(Long.valueOf(user.getPrimaryKeyId()))) {
            putChild(scepCertificateRequest.requestId, new CertificateEnrollmentRequestProvider(this.certRequestData, this.certStateData, this.certEnrollMgr, this.certStoreMgr, scepCertificateRequest.requestId));
        }
        for (ScepCertificateState scepCertificateState : this.certStateData.getAllUserCertificates(Long.valueOf(user.getPrimaryKeyId()))) {
            putChild(scepCertificateState.requestId, new CertificateEnrollmentRequestProvider(this.certRequestData, this.certStateData, this.certEnrollMgr, this.certStoreMgr, scepCertificateState.requestId));
        }
    }

    @Override // com.microsoft.omadm.provider.OMADMAggregateProvider, com.microsoft.omadm.provider.OMADMProvider
    public void addNode(String str, OMADMItem oMADMItem) throws OMADMException {
        if (str == null || str.length() == 0) {
            throw new OMADMStatusException(OMADMStatusCode.STATUS_E_FAILED);
        }
        String[] splitAndEscapeRequestId = ScepRequestIdUtils.splitAndEscapeRequestId(str);
        if (splitAndEscapeRequestId == null || splitAndEscapeRequestId.length != 2) {
            throw new OMADMStatusException(OMADMStatusCode.STATUS_E_FAILED);
        }
        if (this.certRequestData.getRequestById(splitAndEscapeRequestId[0], Long.valueOf(this.user.getPrimaryKeyId())) == null) {
            putChild(splitAndEscapeRequestId[0], new CertificateEnrollmentRequestProvider(this.certRequestData, this.certStateData, this.certEnrollMgr, this.certStoreMgr, splitAndEscapeRequestId[0]));
        }
        super.addNode(splitAndEscapeRequestId[0] + "/" + splitAndEscapeRequestId[1], oMADMItem);
    }

    @Override // com.microsoft.omadm.provider.OMADMAggregateProvider, com.microsoft.omadm.provider.OMADMProvider
    public void deleteNode(String str) throws OMADMException {
        if (str == null || str.length() == 0) {
            throw new OMADMStatusException(OMADMStatusCode.STATUS_E_FAILED);
        }
        String escapeScepRequestId = ScepRequestIdUtils.escapeScepRequestId(str);
        ScepCertificateRequest requestById = this.certRequestData.getRequestById(escapeScepRequestId, Long.valueOf(this.user.getPrimaryKeyId()));
        ScepCertificateState userCertificateByRequestId = this.certStateData.getUserCertificateByRequestId(escapeScepRequestId, Long.valueOf(this.user.getPrimaryKeyId()));
        if (requestById == null && userCertificateByRequestId == null) {
            String[] splitAndEscapeRequestId = ScepRequestIdUtils.splitAndEscapeRequestId(str);
            if (splitAndEscapeRequestId == null || splitAndEscapeRequestId.length != 2) {
                throw new OMADMStatusException(OMADMStatusCode.STATUS_E_FAILED);
            }
            super.deleteNode(splitAndEscapeRequestId[0] + "/" + splitAndEscapeRequestId[1]);
            return;
        }
        if (requestById != null) {
            this.certRequestData.deleteRequest(escapeScepRequestId, Long.valueOf(this.user.getPrimaryKeyId()));
        }
        if (userCertificateByRequestId != null) {
            this.certStoreMgr.deleteUserCertificate(userCertificateByRequestId);
        }
    }

    @Override // com.microsoft.omadm.provider.OMADMAggregateProvider, com.microsoft.omadm.provider.OMADMProvider
    public OMADMItem getNode(String str) throws OMADMException {
        if (StringUtils.isEmpty(str)) {
            return super.getNode(str);
        }
        String[] splitAndEscapeRequestId = ScepRequestIdUtils.splitAndEscapeRequestId(str);
        if (splitAndEscapeRequestId == null || splitAndEscapeRequestId.length != 2) {
            throw new OMADMStatusException(OMADMStatusCode.STATUS_E_FAILED);
        }
        return super.getNode(splitAndEscapeRequestId[0] + "/" + splitAndEscapeRequestId[1]);
    }
}
