package net.pulsesecure.modules.vpn;

import android.annotation.TargetApi;
import android.content.Context;
import android.content.Intent;
import android.os.Bundle;
import android.os.PersistableBundle;
import android.text.TextUtils;
import com.google.gson.Gson;
import com.rsa.securidlib.exceptions.SecurIDLibException;
import com.rsa.securidlib.tokenstorage.TokenMetadata;
import java.io.File;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.UUID;
import net.juniper.junos.pulse.android.IJunosApplication;
import net.juniper.junos.pulse.android.JunosApplication;
import net.juniper.junos.pulse.android.exception.ExceptionUtil;
import net.juniper.junos.pulse.android.session.ISessionCallback;
import net.juniper.junos.pulse.android.session.Session;
import net.juniper.junos.pulse.android.sql.VpnProfile;
import net.juniper.junos.pulse.android.ui.RSASecurIDLibHelper;
import net.juniper.junos.pulse.android.ui.SignInActivity;
import net.juniper.junos.pulse.android.util.CheckServerCertTrust;
import net.juniper.junos.pulse.android.util.ProfileUtility;
import net.juniper.junos.pulse.android.util.SMUtility;
import net.juniper.junos.pulse.android.util.SettingsUtil;
import net.juniper.junos.pulse.android.vpn.AppVpn;
import net.juniper.junos.pulse.android.vpn.SslVpnStats;
import net.juniper.junos.pulse.android.vpn.vpnServiceConnection;
import net.juniper.junos.pulse.android.vpnservice.VpnSamsungKnoxService;
import net.pulsesecure.infra.PSUtils;
import net.pulsesecure.pulsesecure.R;
import net.pulsesecure.pws.ui.DpcApplication;
import net.pulsesecure.pws.ui.PSUiUtils;
import org.apache.commons.io.FileUtils;
import org.htmlcleaner.CleanerProperties;
import org.slf4j.Logger;

/* loaded from: classes.dex */
public class VpnManager implements IVpnManager {
    public static final String ACTION_ONBOARD = "onboard";
    public static final int AUTH_CERTIFICATE_FILES = 1;
    public static final int AUTH_CERTIFICATE_KEYCHAIN = 2;
    public static final int AUTH_PASSWORD = 0;
    public static final int AUTH_RSA_TOKEN = 3;
    public static final int AUTH_SAFENET_TOKEN = 4;
    public static final String EMPTY_IP = "0.0.0.0";
    public static final String INTENT_KEY_ACTION = "ACTION";
    public static final String INTENT_KEY_DSID = "DSID";
    public static final String INTENT_KEY_HOST = "HOST";
    public static final String INTENT_KEY_PASSWORD = "password";
    public static final String INTENT_KEY_PATH = "PATH";
    public static final String INTENT_KEY_URL = "URL";
    public static final String INTENT_KEY_USERNAME = "username";
    public static final String RSA_PATH_STR = "Token_RSA";
    public static final String VPN_ACTION_ADD = "add";
    public static final String VPN_ACTION_START = "start";
    public static final String VPN_ACTION_STOP = "stop";
    public static final String VPN_CERTS = "VPN_CERTS";
    public static final String VPN_DATABASE = "VPN_DATABASE";
    private Logger logger = PSUtils.getClassLogger();
    private Context mContext;
    private IVpnCallbacks mListener;
    private ProfileUtility mProfileUtility;
    private ISessionCallback mSessionCallbacks;
    private RSASecurIDLibHelper m_libHelper;

    /* loaded from: classes2.dex */
    public static class CertificateData {
        public String certData;
        public String certPath;
        public String keyData;
        public String keyPath;
        public String profileName;

        public CertificateData(String str, String str2, String str3, String str4, String str5) {
            this.profileName = str;
            this.certData = str3;
            this.certPath = str2;
            this.keyPath = str4;
            this.keyData = str5;
        }
    }

    public VpnManager(Context context) {
        this.mContext = context;
        registerCallbacks();
        this.mProfileUtility = new ProfileUtility(DpcApplication.getApplication());
    }

    private long createConnection(String str, String str2, String str3, String str4, String str5, String str6, String str7, int i, String str8, boolean z) {
        int addProfile = this.mProfileUtility.addProfile(str, str2, str3, str4, str5, str6, str7, i, UUID.randomUUID().toString(), null, null, str8);
        if (DpcApplication.getApplication().getDefaultProfileID() == -1 || z) {
            DpcApplication.getApplication().setDefaultProfileID(addProfile);
        }
        return addProfile;
    }

    private List<CertificateData> getCertificateData(List<VpnProfile> list) {
        ArrayList arrayList = new ArrayList();
        for (VpnProfile vpnProfile : list) {
            try {
                if (!TextUtils.isEmpty(vpnProfile.getCertPath())) {
                    this.logger.debug("persisting " + vpnProfile.getCertPath());
                    arrayList.add(new CertificateData(vpnProfile.getName(), vpnProfile.getCertPath(), FileUtils.readFileToString(new File(vpnProfile.getCertPath())), vpnProfile.getKeyPath(), FileUtils.readFileToString(new File(vpnProfile.getKeyPath()))));
                }
            } catch (IOException e) {
                this.logger.error("failed persisting certificate", (Throwable) e);
            }
        }
        return arrayList;
    }

    private File getNewPath(File file) {
        File file2 = new File(this.mContext.getFilesDir(), "certs");
        file2.mkdirs();
        if (file2.exists() && file2.isDirectory()) {
            return new File(file2, file.getName());
        }
        throw new RuntimeException("Failed to create certificate dir");
    }

    private List<VpnProfile> getVpnProfilesForAfwTransfer() {
        List<VpnProfile> profiles = getProfiles();
        for (VpnProfile vpnProfile : profiles) {
            if (!TextUtils.isEmpty(vpnProfile.getCertAlias())) {
                profiles.remove(vpnProfile);
            }
        }
        return profiles;
    }

    private boolean oldConnection(long j, String str) {
        for (VpnProfile vpnProfile : DpcApplication.getApplication().getProfiles()) {
            if (vpnProfile.getName().equals(str) && (j == -1 || j != vpnProfile.getDatabaseId())) {
                return false;
            }
        }
        return true;
    }

    private void registerCallbacks() {
        if (getActiveSession() == null || DpcApplication.getApplication().getSession() == null) {
            return;
        }
        if (this.mSessionCallbacks != null) {
            DpcApplication.getApplication().getSession().removeCallback(this.mSessionCallbacks);
        }
        this.mSessionCallbacks = new ISessionCallback() { // from class: net.pulsesecure.modules.vpn.VpnManager.1
            @Override // net.juniper.junos.pulse.android.session.ISessionCallback
            public void sessionLogoutCompleted(Session session, int i) {
                if (VpnManager.this.mListener != null) {
                    VpnManager.this.mListener.sessionEnded();
                }
            }

            @Override // net.juniper.junos.pulse.android.session.ISessionCallback
            public void sessionSyncCompleted(Session session, int i) {
                if (VpnManager.this.mListener != null) {
                    VpnManager.this.mListener.syncCompleted();
                }
                if (!VpnManager.EMPTY_IP.equals(VpnManager.this.getVpnStats().Ipaddr) || VpnManager.this.mListener == null) {
                    return;
                }
                VpnManager.this.mListener.onError(R.string.ip_pool_exhausted);
            }
        };
        DpcApplication.getApplication().getSession().addCallback(this.mSessionCallbacks);
    }

    private void restoreCertificateData(String str) {
        for (CertificateData certificateData : (CertificateData[]) new Gson().fromJson(str, CertificateData[].class)) {
            try {
                this.logger.debug("restoring " + certificateData.certPath);
                File file = new File(certificateData.certPath);
                File file2 = new File(certificateData.keyPath);
                File newPath = getNewPath(file);
                File newPath2 = getNewPath(file2);
                FileUtils.write(newPath, (CharSequence) certificateData.certData, false);
                FileUtils.write(newPath2, (CharSequence) certificateData.keyData, false);
                VpnProfile profile = getProfile(certificateData.profileName);
                profile.setCertPath(newPath.getPath());
                profile.setKeyPath(newPath2.getPath());
                updateProfile(profile);
            } catch (IOException e) {
                this.logger.error("failed restoring certificate", (Throwable) e);
            }
        }
    }

    private void signIn(Bundle bundle) {
        if (DpcApplication.getApplication().getConnectionStatusManager().isSignedIn()) {
            this.logger.error("signIn called when already signedIn");
            return;
        }
        boolean trustedServerCertRequired = SettingsUtil.getTrustedServerCertRequired();
        this.logger.debug("Trusted server cert required " + trustedServerCertRequired);
        if (trustedServerCertRequired) {
            new CheckServerCertTrust(this.mContext, DpcApplication.getApplication().getProfile(bundle.getLong(SignInActivity.PULSE_PROFILE_ID, -1L))).execute(new Void[0]);
        } else {
            Intent intent = new Intent(this.mContext, (Class<?>) SignInActivity.class);
            if (bundle != null) {
                intent.putExtras(bundle);
            }
            this.mContext.startActivity(intent);
        }
    }

    private void startLoginActivity(Bundle bundle) {
        String stringValueForKey = SettingsUtil.getStringValueForKey("needToRestartVpnService");
        if (!TextUtils.isEmpty(stringValueForKey) && stringValueForKey.equals(CleanerProperties.BOOL_ATT_TRUE)) {
            DpcApplication.getApplication().getVpnConn().restartVpnService();
        }
        signIn(bundle);
    }

    @Override // net.pulsesecure.modules.vpn.IVpnManager
    public void connect(VpnProfile vpnProfile) {
        this.logger.debug("connect " + vpnProfile.getName());
        if (!SMUtility.isConnectionAvailable(this.mContext)) {
            PSUiUtils.noNetworkDialog(this.mContext);
            return;
        }
        ExceptionUtil.logEvent("User opened Connect.", 0, this.mContext, DpcApplication.getApplication());
        Bundle bundle = new Bundle();
        bundle.putString(SignInActivity.PULSE_START_VPN, CleanerProperties.BOOL_ATT_TRUE);
        bundle.putLong(SignInActivity.PULSE_PROFILE_ID, vpnProfile.getDatabaseId());
        startLoginActivity(bundle);
    }

    @Override // net.pulsesecure.modules.vpn.IVpnManager
    public void deleteCertificateFiles() {
        for (VpnProfile vpnProfile : getProfiles()) {
            if (!TextUtils.isEmpty(vpnProfile.getCertPath())) {
                new File(vpnProfile.getCertPath()).delete();
                new File(vpnProfile.getKeyPath()).delete();
            }
        }
    }

    @Override // net.pulsesecure.modules.vpn.IVpnManager
    public void deleteConnection(VpnProfile vpnProfile) {
        this.mProfileUtility.deleteProfile(vpnProfile.getDatabaseId());
    }

    @Override // net.pulsesecure.modules.vpn.IVpnManager
    public void disconnectActiveSession() {
        ExceptionUtil.logEvent("User opened Disconnect.", 0, this.mContext, DpcApplication.getApplication());
        Session session = DpcApplication.getApplication().getSession();
        if (session != null) {
            this.logger.debug("VPN signing out");
            if (this.mListener != null) {
                this.mListener.startingDisconnect();
            }
            DpcApplication.getApplication().stopVpn();
            session.startLogout();
        }
    }

    @Override // net.pulsesecure.modules.vpn.IVpnManager
    public String getActiveConnectionUsername() {
        Session session = DpcApplication.getApplication().getSession();
        return session == null ? "" : session.params().getUserName();
    }

    @Override // net.pulsesecure.modules.vpn.IVpnManager
    public VpnProfile getActiveSession() {
        return DpcApplication.getApplication().getActiveProfile();
    }

    @Override // net.pulsesecure.modules.vpn.IVpnManager
    public VpnProfile getDefaultProfile() {
        return getProfile(getDefaultProfileId());
    }

    @Override // net.pulsesecure.modules.vpn.IVpnManager
    public long getDefaultProfileId() {
        return DpcApplication.getApplication().getDefaultProfileID();
    }

    @Override // net.pulsesecure.modules.vpn.IVpnManager
    public VpnProfile getProfile(long j) {
        return DpcApplication.getApplication().getProfile(j);
    }

    @Override // net.pulsesecure.modules.vpn.IVpnManager
    public VpnProfile getProfile(String str) {
        for (VpnProfile vpnProfile : getProfiles()) {
            if (vpnProfile.getName().equals(str)) {
                return vpnProfile;
            }
        }
        return null;
    }

    @Override // net.pulsesecure.modules.vpn.IVpnManager
    public List<VpnProfile> getProfiles() {
        return DpcApplication.getApplication().getProfiles();
    }

    @Override // net.pulsesecure.modules.vpn.IVpnManager
    public RSASecurIDLibHelper getRSASecureIdLibraryHelper() {
        try {
            return RSASecurIDLibHelper.getInstance(this.mContext);
        } catch (SecurIDLibException e) {
            this.logger.error("failed to get RSASecurIDLibHelper instance ", (Throwable) e);
            return null;
        }
    }

    @Override // net.pulsesecure.modules.vpn.IVpnManager
    public String getTokenSerialNumber(String str) {
        if (this.m_libHelper == null) {
            try {
                this.m_libHelper = RSASecurIDLibHelper.getInstance(this.mContext);
            } catch (Exception e) {
                throw new RuntimeException(e);
            }
        }
        TokenMetadata tokenMetadata = this.m_libHelper.getTokenMetadata(str);
        return tokenMetadata != null ? tokenMetadata.getSerialNumber() : str;
    }

    @Override // net.pulsesecure.modules.vpn.IVpnManager
    public VpnState getVpnState() {
        String str = DpcApplication.getApplication().getVpnStats().State;
        return this.mContext.getString(R.string.vpnreconnecting).equals(str) ? VpnState.Reconnecting : str.contains(this.mContext.getString(R.string.vpnconnected)) ? VpnState.Connected : this.mContext.getString(R.string.vpn_initializing).equals(str) ? VpnState.Initializing : this.mContext.getString(R.string.vpndisconnected).equals(str) ? VpnState.Disconnected : VpnState.Disconnected;
    }

    @Override // net.pulsesecure.modules.vpn.IVpnManager
    public SslVpnStats getVpnStats() {
        return ((IJunosApplication) this.mContext.getApplicationContext()).getVpnStats();
    }

    @Override // net.pulsesecure.modules.vpn.IVpnManager
    public boolean isConnected() {
        return getVpnState().isConnected();
    }

    @Override // net.pulsesecure.modules.vpn.IVpnManager
    public boolean isConnectionLimited() {
        return ((JunosApplication) this.mContext.getApplicationContext()).getConnectionStatusManager().isLimitedConnectivity();
    }

    @Override // net.pulsesecure.modules.vpn.IVpnManager
    public boolean isKNOXProfile(VpnProfile vpnProfile) {
        String thirdPartyPkgName;
        return vpnProfile != null && vpnProfile.isThirdParty() && (thirdPartyPkgName = vpnProfile.getThirdPartyPkgName()) != null && thirdPartyPkgName.equals(VpnSamsungKnoxService.KNOX_FRAMEWORK);
    }

    @Override // net.pulsesecure.modules.vpn.IVpnManager
    public boolean isReconnecting() {
        return getVpnState().isReconnecting();
    }

    @Override // net.pulsesecure.modules.vpn.IVpnManager
    public boolean isSignedIn() {
        return DpcApplication.getApplication().getConnectionStatusManager().isSignedIn();
    }

    @Override // net.pulsesecure.modules.vpn.IVpnManager
    public void makeDefaultConnection(VpnProfile vpnProfile) {
        ExceptionUtil.logEvent("Default connection selected: " + vpnProfile.getUrl(), 0, this.mContext, DpcApplication.getApplication());
        DpcApplication.getApplication().setDefaultProfileID(vpnProfile.getDatabaseId());
    }

    @Override // net.pulsesecure.modules.vpn.IVpnManager
    @TargetApi(21)
    public void persistProfilesToBundle(PersistableBundle persistableBundle) {
        Gson gson = new Gson();
        List<VpnProfile> vpnProfilesForAfwTransfer = getVpnProfilesForAfwTransfer();
        persistableBundle.putString(VPN_DATABASE, gson.toJson(vpnProfilesForAfwTransfer));
        persistableBundle.putString(VPN_CERTS, gson.toJson(getCertificateData(vpnProfilesForAfwTransfer)));
    }

    @Override // net.pulsesecure.modules.vpn.IVpnManager
    public void removeVpnListener() {
        this.mListener = null;
    }

    @Override // net.pulsesecure.modules.vpn.IVpnManager
    @TargetApi(21)
    public void restoreProfilesFromBundle(PersistableBundle persistableBundle) {
        if (TextUtils.isEmpty(persistableBundle.getString(VPN_DATABASE))) {
            return;
        }
        for (VpnProfile vpnProfile : (VpnProfile[]) new Gson().fromJson(persistableBundle.getString(VPN_DATABASE), VpnProfile[].class)) {
            saveProfile(vpnProfile);
        }
        restoreCertificateData(persistableBundle.getString(VPN_CERTS));
        persistableBundle.remove(VPN_DATABASE);
        persistableBundle.remove(VPN_CERTS);
    }

    @Override // net.pulsesecure.modules.vpn.IVpnManager
    public long saveConnection(long j, String str, String str2, String str3, int i, String str4, String str5, String str6, String str7, String str8, boolean z, ArrayList<String> arrayList) {
        long createConnection;
        VpnProfile profile = getProfile(j);
        if (profile != null) {
            if (getActiveSession() != null && getActiveSession().getDatabaseId() == profile.getDatabaseId() && (!str2.equals(profile.getUrl()) || ((str4 != null && !str4.equals(profile.getRealm())) || ((str5 != null && !str5.equals(profile.getRole())) || !str.equals(profile.getName()) || (str3 != null && !str3.equals(profile.getUsername())))))) {
                disconnectActiveSession();
            }
            this.mProfileUtility.updateProfile(j, str, str2, str3, str4, str5, str6, str7, i, null, str8);
            createConnection = j;
        } else {
            createConnection = createConnection(str, str2, str3, str4, str5, str6, str7, i, str8, z);
        }
        if (arrayList != null) {
            this.logger.debug("profile name [{}]; allowing VPN access to the following packages: {}", str, arrayList);
            AppVpn appVpn = new AppVpn(this.mContext, str, 0);
            Iterator<String> it = arrayList.iterator();
            while (it.hasNext()) {
                appVpn.addAppVpnPackage(it.next());
            }
            appVpn.storeAppVpnData();
        }
        return createConnection;
    }

    @Override // net.pulsesecure.modules.vpn.IVpnManager
    public void saveProfile(VpnProfile vpnProfile) {
        saveConnection(-1L, vpnProfile.getName(), vpnProfile.getUrl(), vpnProfile.getUsername(), vpnProfile.getFlags(), vpnProfile.getRealm(), vpnProfile.getRole(), vpnProfile.getCertPath(), vpnProfile.getKeyPath(), vpnProfile.getCertAlias(), true, null);
    }

    @Override // net.pulsesecure.modules.vpn.IVpnManager
    public void setVpnListener(IVpnCallbacks iVpnCallbacks) {
        registerCallbacks();
        this.mListener = iVpnCallbacks;
    }

    @Override // net.pulsesecure.modules.vpn.IVpnManager
    public void startVpnService() {
        this.logger.debug("startVpnService");
        DpcApplication.getApplication().getVpnConn().startVpnService(new vpnServiceConnection.ServiceConnectedCallback() { // from class: net.pulsesecure.modules.vpn.VpnManager.2
            @Override // net.juniper.junos.pulse.android.vpn.vpnServiceConnection.ServiceConnectedCallback
            public void onConnected() {
                VpnManager.this.logger.debug("onConnected");
            }
        });
    }

    @Override // net.pulsesecure.modules.vpn.IVpnManager
    public void updateProfile(VpnProfile vpnProfile) {
        saveConnection(vpnProfile.getDatabaseId(), vpnProfile.getName(), vpnProfile.getUrl(), vpnProfile.getUsername(), vpnProfile.getFlags(), vpnProfile.getRealm(), vpnProfile.getRole(), vpnProfile.getCertPath(), vpnProfile.getKeyPath(), vpnProfile.getCertAlias(), true, null);
    }

    @Override // net.pulsesecure.modules.vpn.IVpnManager
    public boolean validateProfile(String str) {
        return DpcApplication.getApplication().validateProfile(str);
    }
}
