package com.microsoft.omadm.apppolicy.mamservice;

import android.content.Context;
import android.os.Parcel;
import android.os.Parcelable;
import com.microsoft.intune.mam.client.identity.MAMIdentity;
import com.microsoft.intune.mam.client.telemetry.clientschema.MAMScenario;
import com.microsoft.intune.mam.client.telemetry.clientschema.MAMScenarioResultCode;
import com.microsoft.intune.mam.client.telemetry.clientschema.MAMScenarioState;
import com.microsoft.intune.mam.policy.MAMEnrollmentManager;
import com.microsoft.intune.mam.policy.notification.AbstractAppPolicyNotifier;
import com.microsoft.omadm.Services;
import com.microsoft.omadm.apppolicy.AppPolicyNotifier;
import com.microsoft.omadm.apppolicy.DatabaseAppPolicy;
import com.microsoft.omadm.apppolicy.data.MAMServiceAutoEnrollmentDetails;
import com.microsoft.omadm.apppolicy.data.MAMServiceEnrollment;
import com.microsoft.omadm.client.OMADMClientService;
import com.microsoft.omadm.connection.CertificateKeyStore;
import com.microsoft.omadm.database.TableRepository;
import com.microsoft.omadm.exception.OMADMException;
import com.microsoft.omadm.utils.PackageUtils;
import java.util.List;
import java.util.logging.Level;
import java.util.logging.Logger;

/* loaded from: classes.dex */
public class MAMServiceEnrollmentTask extends MAMServiceTask {
    private static final boolean ENCRYPT_CERTIFICATESTORE_PASSWORD = false;
    protected String mAppInstanceKey;
    private List<MAMServiceEncryptionKey> mEncryptionKeys;
    private final boolean mIsAutoEnrollmentTask;
    private boolean mReEnrolling;
    static final Logger LOGGER = Logger.getLogger(MAMServiceEnrollmentTask.class.getName());
    public static final Parcelable.Creator<MAMServiceEnrollmentTask> CREATOR = new Parcelable.Creator<MAMServiceEnrollmentTask>() { // from class: com.microsoft.omadm.apppolicy.mamservice.MAMServiceEnrollmentTask.1
        /* JADX WARN: Can't rename method to resolve collision */
        @Override // android.os.Parcelable.Creator
        public MAMServiceEnrollmentTask createFromParcel(Parcel parcel) {
            return new MAMServiceEnrollmentTask(parcel);
        }

        /* JADX WARN: Can't rename method to resolve collision */
        @Override // android.os.Parcelable.Creator
        public MAMServiceEnrollmentTask[] newArray(int i) {
            return new MAMServiceEnrollmentTask[i];
        }
    };

    public MAMServiceEnrollmentTask(Parcel parcel) {
        super(parcel, MAMScenario.EnrollmentTask);
        this.mEncryptionKeys = null;
        this.mReEnrolling = false;
        this.mIsAutoEnrollmentTask = parcel.readInt() != 0;
        this.mReEnrolling = parcel.readInt() != 0;
    }

    public MAMServiceEnrollmentTask(String str, MAMIdentity mAMIdentity, String str2) {
        this(str, mAMIdentity, str2, false);
    }

    public MAMServiceEnrollmentTask(String str, MAMIdentity mAMIdentity, String str2, boolean z) {
        super(str, mAMIdentity, str2, null, MAMScenario.EnrollmentTask);
        this.mEncryptionKeys = null;
        this.mReEnrolling = false;
        this.mIsAutoEnrollmentTask = z;
    }

    private void notifyEnrollmentResult(MAMEnrollmentManager.Result result) {
        if (this.mReEnrolling) {
            return;
        }
        if (!PackageUtils.isPackageInstalled(Services.get().getContext(), this.mPackageName)) {
            LOGGER.info(String.format("Skipped notifying auto-enrolled package %s of enrollment result: %s", this.mPackageName, result.toString()));
            return;
        }
        AppPolicyNotifier appPolicyNotifier = Services.get().getAppPolicyNotifier();
        if (appPolicyNotifier != null) {
            logger().info("Sending enrollment result notification for package: " + this.mPackageName + ", user " + scrubUPN(this.mIdentity) + ": " + result.toString());
            appPolicyNotifier.notifyMAMEnrollmentResult(this.mPackageName, this.mIdentity, result, this.mOperationSessionGuid);
        }
    }

    @Override // com.microsoft.omadm.apppolicy.mamservice.MAMServiceTask
    protected boolean ensureServiceURI(boolean z) {
        boolean ensureServiceURIInternal = super.ensureServiceURIInternal(z);
        if (!ensureServiceURIInternal) {
            if (this.mMamServiceToken == null) {
                notifyEnrollmentResult(MAMEnrollmentManager.Result.AUTHORIZATION_NEEDED);
                Services.get().getMAMTelemetryLogger().logMAMScenarioStop(this.mScenario, MAMScenarioResultCode.AuthNeeded, this.mPackageName, this.mOperationSessionGuid, this.mMAMIdentityManager.getTenantAadId(this.mIdentity));
            } else {
                notifyEnrollmentResult(MAMEnrollmentManager.Result.NOT_LICENSED);
                Services.get().getMAMTelemetryLogger().logMAMScenarioStop(this.mScenario, MAMScenarioResultCode.NotLicensed, this.mPackageName, this.mOperationSessionGuid, this.mMAMIdentityManager.getTenantAadId(this.mIdentity));
            }
        }
        return ensureServiceURIInternal;
    }

    public boolean getReEnrolling() {
        return this.mReEnrolling;
    }

    @Override // com.microsoft.omadm.apppolicy.mamservice.MAMServiceTask
    protected void handleException(Exception exc) {
        String str = "Enrollment failed for package " + this.mPackageName + ", user " + scrubUPN(this.mIdentity);
        LOGGER.log(Level.SEVERE, str, (Throwable) exc);
        logTelemetryException(exc, str);
        logTelemetryScenarioStop(MAMServiceUtils.isExceptionFromNetworkFailure(exc) ? MAMScenarioResultCode.NetworkError : MAMScenarioResultCode.ClientException);
        notifyEnrollmentResult(MAMEnrollmentManager.Result.ENROLLMENT_FAILED);
    }

    @Override // com.microsoft.omadm.apppolicy.mamservice.MAMServiceTask
    protected void handleFailure(MAMServiceResponse mAMServiceResponse) throws OMADMException {
        MAMEnrollmentManager.Result result;
        MAMScenarioResultCode mAMScenarioResultCode;
        int httpStatus = mAMServiceResponse.getHttpStatus();
        LOGGER.severe("Enrollment failed for package " + this.mPackageName + ", user " + scrubUPN(this.mIdentity) + ", HTTP status: " + String.valueOf(httpStatus) + DatabaseAppPolicy.ARRAY_SEPARATOR + mAMServiceResponse.getStatusMessage());
        switch (httpStatus) {
            case 401:
            case 403:
                if (previousTries() != 0 || !updateServiceURIAndRetry()) {
                    result = MAMEnrollmentManager.Result.NOT_LICENSED;
                    mAMScenarioResultCode = MAMScenarioResultCode.NotLicensed;
                    break;
                } else {
                    return;
                }
                break;
            case 402:
            default:
                result = MAMEnrollmentManager.Result.ENROLLMENT_FAILED;
                mAMScenarioResultCode = MAMScenarioResultCode.Failure;
                break;
        }
        logTelemetryScenarioStop(mAMScenarioResultCode);
        notifyEnrollmentResult(result);
        if (getReEnrolling()) {
            wipeAndUnenrollApp(Services.get().getTableRepository());
            LOGGER.warning("Re-enrollment failed for package " + this.mPackageName + ", user " + scrubUPN(this.mIdentity) + ", wipe and un-enroll the app.");
        }
    }

    @Override // com.microsoft.omadm.apppolicy.mamservice.MAMServiceTask
    protected void handleNoAccessToken() throws OMADMException {
        LOGGER.severe("Enrollment failed for package " + this.mPackageName + ", user " + scrubUPN(this.mIdentity) + "; No access token.");
        logTelemetryScenarioStop(MAMScenarioResultCode.AuthNeeded);
        notifyEnrollmentResult(MAMEnrollmentManager.Result.AUTHORIZATION_NEEDED);
    }

    @Override // com.microsoft.omadm.apppolicy.mamservice.MAMServiceTask
    protected void handleNoPolicyCommand(TableRepository tableRepository) throws OMADMException {
        super.handleNoPolicyCommand(tableRepository);
        Services.get().getMAMTelemetryLogger().logMAMScenarioStateChange(MAMScenario.Enrollment, MAMScenarioState.Intermediate, MAMScenarioResultCode.NoPolicy, this.mPackageName, this.mOperationSessionGuid, this.mMAMIdentityManager.getTenantAadId(this.mIdentity));
    }

    @Override // com.microsoft.omadm.apppolicy.mamservice.MAMServiceTask
    protected void handleSuccess(MAMServiceResponse mAMServiceResponse, ApplicationInstance applicationInstance) throws OMADMException {
        try {
            CertificateKeyStore.initMAMKeystorePassword(Services.get().getEnrollmentSettings(), false);
            LOGGER.info("Storing encryption keys from service");
            Services.get().getFileEncryptionKeyManager().storeKeysFromMAMService(this.mEncryptionKeys);
            handleCheckinSuccess((CheckinResponse) mAMServiceResponse, applicationInstance);
            super.handleSuccess(mAMServiceResponse, applicationInstance);
        } catch (Exception e) {
            throw new OMADMException("Failed to initialize MAM KeyStore", e);
        }
    }

    @Override // com.microsoft.omadm.apppolicy.mamservice.MAMServiceTask
    protected void handleWipeCommand(TableRepository tableRepository) throws OMADMException {
        Context context = Services.get().getContext();
        MAMServiceEnrollment mAMServiceEnrollment = (MAMServiceEnrollment) tableRepository.get(new MAMServiceEnrollment.Key(this.mPackageName));
        MAMServiceUnenrollTask mAMServiceUnenrollTask = new MAMServiceUnenrollTask(this.mPackageName, this.mIdentity, this.mRefreshToken, this.mServiceURI, this.mAppInstanceKey, getDeviceIdForRequest(), isAutoEnrollmentTask() || (mAMServiceEnrollment != null && mAMServiceEnrollment.getIsAutoEnrollment()));
        mAMServiceUnenrollTask.setMamServiceToken(this.mMamServiceToken);
        LOGGER.info("Queueing MAMService unenroll task for package: " + this.mPackageName + ", identity: " + scrubUPN(this.mIdentity));
        OMADMClientService.queueTask(context, mAMServiceUnenrollTask, "MAMService unenroll task");
        throw new OMADMException("Wipe command received during enrollment: aborting");
    }

    @Override // com.microsoft.omadm.apppolicy.mamservice.MAMServiceTask
    protected boolean isAutoEnrollmentTask() {
        return this.mIsAutoEnrollmentTask;
    }

    @Override // com.microsoft.omadm.apppolicy.mamservice.MAMServiceTask
    protected Logger logger() {
        return LOGGER;
    }

    @Override // com.microsoft.omadm.apppolicy.mamservice.MAMServiceTask
    protected MAMServiceResponse runRequest(MAMServiceTransport mAMServiceTransport, ApplicationInstance applicationInstance) throws OMADMException {
        LOGGER.info("Attempting enrollment for package " + this.mPackageName + ", user " + scrubUPN(this.mIdentity));
        ApplicationInstanceResponse enroll = mAMServiceTransport.enroll(applicationInstance);
        if (!httpStatusSuccess(enroll.getHttpStatus())) {
            return enroll;
        }
        this.mEncryptionKeys = enroll.getEncryptionKeys();
        LOGGER.info("Attempting initial checkin for package " + this.mPackageName + ", user " + scrubUPN(this.mIdentity));
        this.mAppInstanceKey = enroll.getAppInstance().getKey();
        applicationInstance.setKey(this.mAppInstanceKey);
        return mAMServiceTransport.checkin(applicationInstance);
    }

    @Override // com.microsoft.omadm.apppolicy.mamservice.MAMServiceTask
    protected void sendNotifications(boolean z, boolean z2) {
        AppPolicyNotifier appPolicyNotifier;
        if (z2) {
            super.sendRefreshNotification(AbstractAppPolicyNotifier.RefreshType.APP_CONFIG);
        }
        if (z && (appPolicyNotifier = Services.get().getAppPolicyNotifier()) != null) {
            logger().info("Sending policy refresh notification to all managed packages due to a new enrollment.");
            appPolicyNotifier.refresh(AbstractAppPolicyNotifier.RefreshType.APP_POLICY);
        }
        notifyEnrollmentResult(MAMEnrollmentManager.Result.ENROLLMENT_SUCCEEDED);
    }

    public void setReEnrolling(boolean z) {
        this.mReEnrolling = z;
    }

    @Override // com.microsoft.omadm.taskexecutor.ExecutorTask
    public boolean shouldRunRequest() {
        if (this.mReEnrolling) {
            LOGGER.info("Re-enrolling existing package " + this.mPackageName + " for user " + scrubUPN(this.mIdentity));
            return true;
        }
        TableRepository tableRepository = Services.get().getTableRepository();
        MAMServiceEnrollment mAMServiceEnrollment = (MAMServiceEnrollment) tableRepository.get(new MAMServiceEnrollment.Key(this.mPackageName));
        if (mAMServiceEnrollment == null) {
            return true;
        }
        if (mAMServiceEnrollment.identity.equals(this.mIdentity)) {
            if (!isAutoEnrollmentTask()) {
                mAMServiceEnrollment.refreshToken = this.mRefreshToken;
                mAMServiceEnrollment.isAutoEnrollment = false;
                tableRepository.insertOrReplace(mAMServiceEnrollment);
                MAMServiceAutoEnrollmentDetails mAMServiceAutoEnrollmentDetails = (MAMServiceAutoEnrollmentDetails) tableRepository.get(new MAMServiceAutoEnrollmentDetails.Key(this.mPackageName));
                if (mAMServiceAutoEnrollmentDetails == null) {
                    mAMServiceAutoEnrollmentDetails = new MAMServiceAutoEnrollmentDetails(this.mPackageName, true);
                }
                mAMServiceAutoEnrollmentDetails.autoEnrollmentDisabled = true;
                tableRepository.insertOrReplace(mAMServiceAutoEnrollmentDetails);
            }
            LOGGER.warning("Skipping enrollment: existing enrollment record found for " + this.mPackageName + ", user " + scrubUPN(this.mIdentity));
            notifyEnrollmentResult(MAMEnrollmentManager.Result.ENROLLMENT_SUCCEEDED);
        } else {
            LOGGER.warning("Package " + this.mPackageName + " cannot be enrolled for identity " + scrubUPN(this.mIdentity) + "; other packages are already enrolled with a different identity. Checking license status.");
            Context context = Services.get().getContext();
            MAMServiceLicenseCheckTask mAMServiceLicenseCheckTask = new MAMServiceLicenseCheckTask(this.mPackageName, this.mIdentity, this.mRefreshToken, getADALConnectionDetails(context));
            mAMServiceLicenseCheckTask.setMamServiceToken(this.mMamServiceToken);
            mAMServiceLicenseCheckTask.setOperationSessionGuid(getOperationSessionGuid());
            OMADMClientService.queueTask(context, mAMServiceLicenseCheckTask, "MAMService license check");
        }
        return false;
    }

    @Override // com.microsoft.omadm.apppolicy.mamservice.MAMServiceTask, android.os.Parcelable
    public void writeToParcel(Parcel parcel, int i) {
        super.writeToParcel(parcel, i);
        parcel.writeInt(this.mIsAutoEnrollmentTask ? 1 : 0);
        parcel.writeInt(this.mReEnrolling ? 1 : 0);
    }
}
