package com.taobao.android.sso.internal;

import android.accounts.AbstractAccountAuthenticator;
import android.accounts.Account;
import android.accounts.AccountAuthenticatorResponse;
import android.accounts.AccountManager;
import android.content.ComponentName;
import android.content.Context;
import android.content.pm.Signature;
import android.os.Bundle;
import android.os.Process;
import com.taobao.verify.Verifier;
import java.io.IOException;
import java.util.ArrayList;
import org.xmlpull.v1.XmlPullParser;
import org.xmlpull.v1.XmlPullParserException;

/* loaded from: classes.dex */
public class Authenticator extends AbstractAccountAuthenticator {
    public static final String ACCOUNT_FEATURE_MASK = "mask";
    public static final int ERROR_CODE_UNAUTHORIZED = 101;
    public static final String KEY_ACCOUNT_NAMES = "accounts";
    public static final String KEY_ACTUAL_NAME = "accounts";
    public static final String KEY_CALLER_PID = "callerPid";
    public static final String KEY_CALLER_UID = "callerUid";
    public static final String KEY_EMPTY_ACCOUNT = "empty";
    public static final String KEY_PEEK_ONLY = "peek";
    public static final String KEY_PHOTO_URL = "photo-url";
    public static final String KEY_PID = "agent_pid";
    public static final String KEY_REQUEST = "request";
    public static final String KEY_SHARE_APP = "share-app";
    public static final String KEY_SIGNATURES = "signatures";
    public static final String KEY_TIMESTAMP = "timestamp";
    public static final String KEY_TOKEN = "token";
    public static final String KEY_TOKEN_TIMESTAMP = "token-timestamp";
    public static final String REQ_ABDICATE = "abdicate";
    public static final String REQ_PEEK_TOKEN = "peek-token";
    public static final String REQ_PEEK_USERINFO = "peek-userinfo";
    public static final String REQ_REVEAL_ACTUAL_NAME = "reveal-actual-name";
    public static final String REQ_UPDATE_TOKEN = "update-token";
    public static final String REQ_UPDATE_WHITELIST = "update-whitelist";
    public static final String REQ_WHITELIST_TIMESTAMP = "whitelist-timestamp";
    private static final String USER_DATA_KEY_ACTUAL_NAME = "actual-account-name";
    private static final String USER_DATA_KEY_PHOTO_URL = "photo-url";
    private static final String USER_DATA_KEY_SHARE_APP = "share-app";
    private static final String USER_DATA_KEY_TOKEN_TIMESTAMP = "token-timestamp";
    private static String sAlipayAccountType;
    private static String sTaobaoAccountType;
    private final Context mContext;
    private final SignatureWhitelist mWhitelist;

    public Authenticator(Context context) {
        super(context);
        if (Boolean.FALSE.booleanValue()) {
            String.valueOf(Verifier.class);
        }
        this.mContext = context;
        this.mWhitelist = new SignatureWhitelist(context);
    }

    private Bundle errorResult(int i, String str) {
        Bundle bundle = new Bundle();
        bundle.putInt("errorCode", i);
        bundle.putString("errorMessage", str);
        return bundle;
    }

    private static String getAccountTypeFromXml(XmlPullParser xmlPullParser) throws XmlPullParserException, IOException {
        int eventType = xmlPullParser.getEventType();
        while (eventType != 2) {
            eventType = xmlPullParser.next();
        }
        if ("account-authenticator".equals(xmlPullParser.getName())) {
            return xmlPullParser.getAttributeValue("http://schemas.android.com/apk/res/android", "accountType");
        }
        throw new IllegalStateException("Invalid xml");
    }

    public static String getAlipayAccountType(Context context) {
        if (sAlipayAccountType != null) {
            return sAlipayAccountType;
        }
        try {
            String accountTypeFromXml = getAccountTypeFromXml(context.getResources().getXml(context.getPackageManager().getServiceInfo(new ComponentName(context, (Class<?>) AlipayAuthenticationService.class), 640).metaData.getInt("android.accounts.AccountAuthenticator")));
            sAlipayAccountType = accountTypeFromXml;
            return accountTypeFromXml;
        } catch (Exception e) {
            throw new IllegalArgumentException("AlipayAuthenticationService service not found: " + e.getMessage());
        }
    }

    public static String getTaobaoAccountType(Context context) {
        if (sTaobaoAccountType != null) {
            return sTaobaoAccountType;
        }
        try {
            String accountTypeFromXml = getAccountTypeFromXml(context.getResources().getXml(context.getPackageManager().getServiceInfo(new ComponentName(context, (Class<?>) AuthenticationService.class), 640).metaData.getInt("android.accounts.AccountAuthenticator")));
            sTaobaoAccountType = accountTypeFromXml;
            return accountTypeFromXml;
        } catch (Exception e) {
            throw new IllegalArgumentException("TaobaoAuthenticationService service not found: " + e.getMessage());
        }
    }

    private void unsupport(AccountAuthenticatorResponse accountAuthenticatorResponse) {
        accountAuthenticatorResponse.onError(6, "Unsupported");
    }

    private Bundle verifyCallerIdentity(Bundle bundle) {
        int i;
        int i2;
        int i3 = bundle.getInt(KEY_CALLER_PID, -1);
        int i4 = bundle.getInt(KEY_CALLER_UID, -1);
        if (i3 == -1 || i4 == -1) {
            int i5 = bundle.getInt(KEY_PID);
            int i6 = bundle.getInt("token");
            TokenInfo tokenInfo = PidGetterService.sTokenArray.get(i5);
            if (tokenInfo != null) {
                if (tokenInfo.mTokens.get(i6).longValue() > System.currentTimeMillis()) {
                    i2 = tokenInfo.mPid;
                    i = tokenInfo.mUid;
                } else {
                    i = i4;
                    i2 = i3;
                }
                tokenInfo.mTokens.remove(i6);
                i3 = i2;
                i4 = i;
            }
        }
        if (i4 == -1 || i3 == -1) {
            Bundle bundle2 = new Bundle();
            bundle2.putInt("errorCode", 6);
            bundle2.putString("errorMessage", "sso service fetch pid failed");
            return bundle2;
        }
        if (i3 == Process.myPid() && i4 == Process.myUid()) {
            return null;
        }
        try {
            verifySignatures(i3, i4);
            return null;
        } catch (SecurityException e) {
            Bundle bundle3 = new Bundle();
            bundle3.putInt("errorCode", 101);
            bundle3.putString("errorMessage", "Unsupported");
            return bundle3;
        }
    }

    private void verifySignatures(int i, int i2) {
        try {
            String[] packagesForUid = this.mContext.getPackageManager().getPackagesForUid(i2);
            if (packagesForUid != null && packagesForUid.length > 0) {
                for (String str : packagesForUid) {
                    if (this.mWhitelist.match(this.mContext.getPackageManager().getPackageInfo(str, 64).signatures)) {
                        return;
                    }
                }
            }
        } catch (Exception e) {
        }
        throw new SecurityException("Identify declined");
    }

    @Override // android.accounts.AbstractAccountAuthenticator
    public Bundle addAccount(AccountAuthenticatorResponse accountAuthenticatorResponse, String str, String str2, String[] strArr, Bundle bundle) {
        String str3;
        String string;
        if (bundle.getInt(KEY_CALLER_PID, -1) == -1 || bundle.getInt(KEY_CALLER_UID, -1) == -1) {
            PidGetterService.sIsAddAccountHasPid = false;
        }
        if (bundle != null) {
            str3 = bundle.getString("authtoken") != null ? bundle.getString("authtoken") : null;
            Bundle bundle2 = null;
            if (str != null) {
                if (str.equals(getAlipayAccountType(this.mContext))) {
                    bundle2 = verifyCallerIdentity(bundle);
                } else if (str.equals(getTaobaoAccountType(this.mContext))) {
                    bundle2 = verifyCallerIdentity(bundle);
                }
            }
            if (bundle2 != null) {
                return bundle2;
            }
        } else {
            str3 = null;
        }
        if (bundle == null || (string = bundle.getString(KEY_REQUEST)) == null) {
            if (bundle == null || !bundle.containsKey("authAccount")) {
                Bundle bundle3 = new Bundle();
                bundle3.putInt("errorCode", 4);
                bundle3.putString("errorMessage", "Unsupported");
                return bundle3;
            }
            AccountManager accountManager = AccountManager.get(this.mContext);
            String string2 = bundle.getString("authAccount");
            if (string2.length() == 0) {
                return errorResult(7, "Empty account name");
            }
            Account account = new Account(string2, str);
            Bundle bundle4 = null;
            String string3 = bundle.getString("accounts");
            String string4 = bundle.getString("photo-url");
            String string5 = bundle.getString("share-app");
            String valueOf = String.valueOf(System.currentTimeMillis());
            if (string3 != null) {
                bundle4 = new Bundle();
                bundle4.putString(USER_DATA_KEY_ACTUAL_NAME, string3);
                bundle4.putString("photo-url", string4);
                bundle4.putString("share-app", string5);
                bundle4.putString("token-timestamp", valueOf);
            }
            accountManager.addAccountExplicitly(account, null, bundle4);
            if (str3 != null) {
                accountManager.setAuthToken(account, str2, str3);
            }
            Bundle bundle5 = new Bundle();
            bundle5.putString("authAccount", string2);
            bundle5.putString("accountType", str);
            return bundle5;
        }
        if (REQ_REVEAL_ACTUAL_NAME.equals(string)) {
            Bundle bundle6 = new Bundle();
            String[] stringArray = bundle.getStringArray("accounts");
            AccountManager accountManager2 = AccountManager.get(this.mContext);
            for (String str4 : stringArray) {
                String userData = accountManager2.getUserData(new Account(str4, str), USER_DATA_KEY_ACTUAL_NAME);
                if (userData != null) {
                    bundle6.putString(str4, userData);
                }
            }
            return bundle6;
        }
        if (REQ_UPDATE_TOKEN.equals(string)) {
            String string6 = bundle.getString("authtoken");
            if (string6 == null) {
                return Bundle.EMPTY;
            }
            String string7 = bundle.getString("authAccount");
            if (string7.length() == 0) {
                return errorResult(7, "Empty account name");
            }
            AccountManager.get(this.mContext).setAuthToken(new Account(string7, str), str2, string6);
            return Bundle.EMPTY;
        }
        if (REQ_WHITELIST_TIMESTAMP.equals(string)) {
            Bundle bundle7 = new Bundle();
            bundle7.putLong("timestamp", this.mWhitelist.getTimestamp());
            return bundle7;
        }
        if (REQ_UPDATE_WHITELIST.equals(string)) {
            ArrayList parcelableArrayList = bundle.getParcelableArrayList(KEY_SIGNATURES);
            if (parcelableArrayList == null) {
                throw new IllegalArgumentException("signatures unspecified");
            }
            if (parcelableArrayList.isEmpty()) {
                return Bundle.EMPTY;
            }
            long j = bundle.getLong("timestamp");
            if (j == 0) {
                return Bundle.EMPTY;
            }
            this.mWhitelist.update((Signature[]) parcelableArrayList.toArray(new Signature[parcelableArrayList.size()]), j);
            return Bundle.EMPTY;
        }
        if (REQ_ABDICATE.equals(string)) {
            ComponentName componentName = new ComponentName(this.mContext, (Class<?>) AuthenticationService.class);
            accountAuthenticatorResponse.onResult(Bundle.EMPTY);
            this.mContext.getPackageManager().setComponentEnabledSetting(componentName, 2, 0);
            return null;
        }
        if (REQ_PEEK_TOKEN.equals(string)) {
            AccountManager accountManager3 = AccountManager.get(this.mContext);
            String string8 = bundle.getString("authAccount");
            String peekAuthToken = accountManager3.peekAuthToken(new Account(string8, str), str2);
            if (peekAuthToken == null) {
                return Bundle.EMPTY;
            }
            Bundle bundle8 = new Bundle();
            bundle8.putString("authAccount", string8);
            bundle8.putString("accountType", str);
            bundle8.putString("token", peekAuthToken);
            return bundle8;
        }
        if (!REQ_PEEK_USERINFO.equals(string)) {
            throw new UnsupportedOperationException("Unknown request: " + string);
        }
        String[] stringArray2 = bundle.getStringArray("accounts");
        if (stringArray2 == null || stringArray2.length == 0) {
            return Bundle.EMPTY;
        }
        Bundle bundle9 = new Bundle();
        AccountManager accountManager4 = AccountManager.get(this.mContext);
        for (String str5 : stringArray2) {
            Bundle bundle10 = new Bundle();
            Account account2 = new Account(str5, str);
            String userData2 = accountManager4.getUserData(account2, USER_DATA_KEY_ACTUAL_NAME);
            String userData3 = accountManager4.getUserData(account2, "photo-url");
            String userData4 = accountManager4.getUserData(account2, "share-app");
            String userData5 = accountManager4.getUserData(account2, "token-timestamp");
            String peekAuthToken2 = accountManager4.peekAuthToken(account2, str2);
            try {
                bundle10.putLong("token-timestamp", Long.parseLong(userData5));
            } catch (NumberFormatException e) {
                e.printStackTrace();
            }
            bundle10.putString("accounts", userData2);
            bundle10.putString("photo-url", userData3);
            bundle10.putString("share-app", userData4);
            bundle10.putString("token", peekAuthToken2);
            if (userData2 != null) {
                bundle9.putParcelable(str5, bundle10);
            }
        }
        return bundle9;
    }

    @Override // android.accounts.AbstractAccountAuthenticator
    public Bundle confirmCredentials(AccountAuthenticatorResponse accountAuthenticatorResponse, Account account, Bundle bundle) {
        unsupport(accountAuthenticatorResponse);
        return null;
    }

    @Override // android.accounts.AbstractAccountAuthenticator
    public Bundle editProperties(AccountAuthenticatorResponse accountAuthenticatorResponse, String str) {
        throw new UnsupportedOperationException();
    }

    /* JADX WARN: Removed duplicated region for block: B:11:0x002f A[ORIG_RETURN, RETURN] */
    /* JADX WARN: Removed duplicated region for block: B:13:0x0043  */
    @Override // android.accounts.AbstractAccountAuthenticator
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public android.os.Bundle getAuthToken(android.accounts.AccountAuthenticatorResponse r9, android.accounts.Account r10, java.lang.String r11, android.os.Bundle r12) throws android.accounts.NetworkErrorException {
        /*
            Method dump skipped, instructions count: 373
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.taobao.android.sso.internal.Authenticator.getAuthToken(android.accounts.AccountAuthenticatorResponse, android.accounts.Account, java.lang.String, android.os.Bundle):android.os.Bundle");
    }

    @Override // android.accounts.AbstractAccountAuthenticator
    public String getAuthTokenLabel(String str) {
        return "Full access";
    }

    @Override // android.accounts.AbstractAccountAuthenticator
    public Bundle hasFeatures(AccountAuthenticatorResponse accountAuthenticatorResponse, Account account, String[] strArr) {
        Bundle bundle = new Bundle();
        bundle.putBoolean("booleanResult", false);
        return bundle;
    }

    @Override // android.accounts.AbstractAccountAuthenticator
    public Bundle updateCredentials(AccountAuthenticatorResponse accountAuthenticatorResponse, Account account, String str, Bundle bundle) {
        return null;
    }
}
