package com.microsoft.workaccount.authenticatorservice;

import android.accounts.Account;
import android.content.Context;
import android.util.Base64;
import com.google.gson.Gson;
import com.google.gson.GsonBuilder;
import com.microsoft.identity.AndroidBrokerPlatformComponentsFactory;
import com.microsoft.identity.broker4j.workplacejoin.WorkplaceJoinFailure;
import com.microsoft.identity.common.adal.internal.AuthenticationConstants;
import com.microsoft.identity.common.adal.internal.cache.ADALTokenCacheItem;
import com.microsoft.identity.common.internal.broker.AndroidBrokerAccount;
import com.microsoft.identity.common.java.adal.cache.DateTimeAdapter;
import com.microsoft.identity.common.java.crypto.KeyAccessorStringAdapter;
import com.microsoft.identity.common.java.exception.ClientException;
import com.microsoft.identity.common.java.util.StringUtil;
import com.microsoft.identity.common.logging.Logger;
import com.microsoft.intune.common.settings.implementation.RxPreferencesContentProvider;
import com.microsoft.workaccount.workplacejoin.AccountManagerStorageHelper;
import com.microsoft.workaccount.workplacejoin.core.StringHelper;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.ArrayList;
import java.util.Date;
import java.util.Iterator;
import java.util.List;
import java.util.StringTokenizer;

/* loaded from: classes5.dex */
public class AccountManagerCache implements IBrokerTokenCacheStore {
    private static final String CACHEKEY = "cache key";
    private static final String HASH_ALGORITHM = "SHA256";
    private static final String TAG = AccountManagerCache.class.getSimpleName();
    private final AccountManagerStorageHelper mAccountManagerStorageHelper;
    private final AndroidBrokerAccount mCacheAccount;
    private final int mCallingAppUid;
    private final KeyAccessorStringAdapter mEncryptionManager;
    private final Gson mGson = new GsonBuilder().registerTypeAdapter(Date.class, new DateTimeAdapter()).create();

    public AccountManagerCache(Context context, Account account, int i) {
        this.mCacheAccount = AndroidBrokerAccount.adapt(account);
        this.mCallingAppUid = i;
        this.mAccountManagerStorageHelper = new AccountManagerStorageHelper(context);
        this.mEncryptionManager = new KeyAccessorStringAdapter(AndroidBrokerPlatformComponentsFactory.createFromContext(context).getStorageEncryptionManager());
    }

    private void appendAppUIDToAccount() {
        String data = this.mAccountManagerStorageHelper.getData(this.mCacheAccount, "account.uid.caches");
        if (data == null) {
            data = "";
        }
        Logger.infoPII(TAG, "Add calling UID:" + this.mCallingAppUid + "appIdList:" + data);
        if (data.contains("calling.uid.key" + this.mCallingAppUid)) {
            return;
        }
        Logger.info(TAG, "Account has new calling UID.");
        Logger.infoPII(TAG, "Calling UID: " + this.mCallingAppUid);
        try {
            this.mAccountManagerStorageHelper.setData(this.mCacheAccount, "account.uid.caches", this.mEncryptionManager.encrypt(data + "calling.uid.key" + this.mCallingAppUid));
        } catch (Exception unused) {
            Logger.warn(TAG, "Failed to encrypt entry");
        }
    }

    private List<ADALTokenCacheItem> getCacheItemsForUid(String str) {
        ArrayList arrayList = new ArrayList();
        Iterator<String> it = getKeysForAppUid(str).iterator();
        while (it.hasNext()) {
            try {
                ADALTokenCacheItem loadCacheItem = loadCacheItem(it.next(), str);
                if (loadCacheItem != null) {
                    arrayList.add(loadCacheItem);
                }
            } catch (Exception unused) {
            }
        }
        return arrayList;
    }

    private ADALTokenCacheItem loadCacheItem(String str, String str2) throws ClientException {
        String data = this.mAccountManagerStorageHelper.getData(this.mCacheAccount, getBrokerCacheKey(str, str2));
        if (StringUtil.isNullOrEmpty(data)) {
            return null;
        }
        try {
            ADALTokenCacheItem aDALTokenCacheItem = (ADALTokenCacheItem) this.mGson.fromJson(data, ADALTokenCacheItem.class);
            Logger.verbosePII(TAG + ":loadCacheItem", "Json parsing for key. cache key:" + str);
            return aDALTokenCacheItem;
        } catch (Exception e) {
            Logger.error(TAG + ":loadCacheItem", "Failed to decrypt entry." + WorkplaceJoinFailure.INTERNAL.toString(), e);
            throw e;
        }
    }

    private void removeCacheKey(String str) {
        Logger.verbose(TAG + "removeCacheKey", "Remove cache key.");
        Logger.verbosePII(TAG + "removeCacheKey", "cache key:" + str);
        String data = this.mAccountManagerStorageHelper.getData(this.mCacheAccount, "userdata.caller.cachekeys" + this.mCallingAppUid);
        if (data == null) {
            Logger.verbose(TAG + "removeCacheKey", "Cache key does not exist");
            return;
        }
        Logger.verbose(TAG + "removeCacheKey", "removeCacheKey Keylist.");
        Logger.verbosePII(TAG + "removeCacheKey", "Keylist: " + data);
        String replace = data.replace("|" + str, "");
        this.mAccountManagerStorageHelper.setData(this.mCacheAccount, "userdata.caller.cachekeys" + this.mCallingAppUid, replace.trim());
    }

    private void saveCacheKey(String str) {
        String data = this.mAccountManagerStorageHelper.getData(this.mCacheAccount, "userdata.caller.cachekeys" + this.mCallingAppUid);
        if (data == null) {
            data = "";
        }
        Logger.verbosePII(TAG + "saveCacheKey", "Keylist:" + data);
        if (data.contains("|" + str)) {
            Logger.verbose(TAG + "saveCacheKey", "Account has this cache key.");
            Logger.verbosePII(TAG + "saveCacheKey", "account.name:" + this.mCacheAccount.getUsername() + ", " + CACHEKEY + ":" + str);
            return;
        }
        Logger.verbose(TAG + "saveCacheKey", "Account does not have this cache key.");
        Logger.verbosePII(TAG + "saveCacheKey", "account.name:" + this.mCacheAccount.getUsername() + ", " + CACHEKEY + ":" + str);
        StringBuilder sb = new StringBuilder();
        sb.append(data);
        sb.append("|");
        sb.append(str);
        String sb2 = sb.toString();
        this.mAccountManagerStorageHelper.setData(this.mCacheAccount, "userdata.caller.cachekeys" + this.mCallingAppUid, sb2);
    }

    @Override // com.microsoft.workaccount.authenticatorservice.IBrokerTokenCacheStore
    public boolean contains(String str) {
        Logger.verbosePII(TAG + "contains", "Cache contains for key.cache key:" + str);
        if (str == null) {
            throw new IllegalArgumentException("cacheKey cannot be null");
        }
        String data = this.mAccountManagerStorageHelper.getData(this.mCacheAccount, getBrokerCacheKey(str, String.valueOf(this.mCallingAppUid)));
        return (data == null || data.isEmpty()) ? false : true;
    }

    @Override // com.microsoft.workaccount.authenticatorservice.IBrokerTokenCacheStore
    public Iterator<ADALTokenCacheItem> getAll() {
        ArrayList arrayList = new ArrayList();
        List<String> appUidsForAccount = getAppUidsForAccount();
        if (appUidsForAccount.isEmpty()) {
            Logger.verbosePII(TAG + "getAll", "No uids exist for account. account.name:" + this.mCacheAccount.getUsername());
        } else {
            Logger.verbosePII(TAG + "getAll", "Find uids for account. account.name :" + this.mCacheAccount.getUsername());
            Iterator<String> it = appUidsForAccount.iterator();
            while (it.hasNext()) {
                arrayList.addAll(getCacheItemsForUid(it.next()));
            }
        }
        return arrayList.iterator();
    }

    public List<ADALTokenCacheItem> getAllTokensForUid() {
        List<ADALTokenCacheItem> cacheItemsForUid = getCacheItemsForUid(String.valueOf(this.mCallingAppUid));
        Logger.verbose(TAG + ":getAllTokensForUid", "Located [" + cacheItemsForUid.size() + "] tokens for uid [" + this.mCallingAppUid + "]");
        return cacheItemsForUid;
    }

    public List<String> getAppUidsForAccount() {
        Logger.verbose(TAG + "getAppUidsForAccount", "Trying to find all uids stored for the account");
        String data = this.mAccountManagerStorageHelper.getData(this.mCacheAccount, "account.uid.caches");
        ArrayList arrayList = new ArrayList();
        if (StringUtil.isNullOrEmpty(data)) {
            Logger.verbose(TAG + "getAppUidsForAccount", "Uids not found for the account");
        } else {
            Logger.verbose(TAG + "getAppUidsForAccount", "Found uids for the account, trying to get individual uid.");
            String[] split = data.split("calling.uid.key");
            if (split.length == 0) {
                Logger.verbose(TAG + "getAppUidsForAccount", "Didn't successfully split the decrypted uids.");
            }
            for (String str : split) {
                if (!StringHelper.IsNullOrBlank(str)) {
                    arrayList.add(str);
                }
            }
        }
        return arrayList;
    }

    public String getBrokerCacheKey(String str, String str2) {
        if (str == null || str.isEmpty()) {
            return null;
        }
        try {
            return new String(Base64.encode(MessageDigest.getInstance("SHA256").digest(("calling.uid.key" + str2 + str).getBytes(AuthenticationConstants.CHARSET_UTF8)), 2), AuthenticationConstants.CHARSET_UTF8);
        } catch (NoSuchAlgorithmException e) {
            Logger.error(TAG + "getBrokerCacheKey", "Device does not support the algorithm " + WorkplaceJoinFailure.ADAL.toString(), e);
            IllegalArgumentException illegalArgumentException = new IllegalArgumentException("Broker cache key is invalid");
            Logger.error(TAG + "getBrokerCacheKey", illegalArgumentException.getMessage() + WorkplaceJoinFailure.ADAL.toString(), illegalArgumentException);
            throw illegalArgumentException;
        }
    }

    @Override // com.microsoft.workaccount.authenticatorservice.IBrokerTokenCacheStore
    public ADALTokenCacheItem getItem(String str) {
        Logger.verbose(TAG + "getItem", "Cache get item for key", "cache key:" + str + " app uid:" + this.mCallingAppUid);
        if (str != null) {
            try {
                return loadCacheItem(str, String.valueOf(this.mCallingAppUid));
            } catch (Exception unused) {
                removeItem(str);
                return null;
            }
        }
        IllegalArgumentException illegalArgumentException = new IllegalArgumentException("cacheKey");
        Logger.error(TAG + "getItem", "Broker cache key is invalid" + WorkplaceJoinFailure.INTERNAL.toString(), illegalArgumentException);
        throw illegalArgumentException;
    }

    public List<String> getKeysForAppUid(String str) {
        ArrayList arrayList = new ArrayList();
        Logger.verbose(TAG + "getKeysForAppUid", "Trying to get stored keys for given uid.");
        String data = this.mAccountManagerStorageHelper.getData(this.mCacheAccount, "userdata.caller.cachekeys" + str);
        if (data == null || data.isEmpty()) {
            Logger.verbose(TAG + "getKeysForAppUid", "Keys are not present");
        } else {
            Logger.verbose(TAG + "getKeysForAppUid", "Keys are present.");
            Logger.verbosePII(TAG + "getKeysForAppUid", data);
            StringTokenizer stringTokenizer = new StringTokenizer(data, "|", false);
            if (!stringTokenizer.hasMoreTokens()) {
                Logger.verbose(TAG + "getKeysForAppUid", "No cache keys for account.");
                Logger.verbosePII(TAG + "getKeysForAppUid", "account.name:" + this.mCacheAccount.getUsername());
            }
            while (stringTokenizer.hasMoreTokens()) {
                String nextToken = stringTokenizer.nextToken();
                if (nextToken != null && !nextToken.isEmpty()) {
                    Logger.verbose(TAG + "getKeysForAppUid", "Adding keys for account name.");
                    Logger.verbosePII(TAG + "getKeysForAppUid", "account.name:" + nextToken);
                    arrayList.add(nextToken);
                }
            }
        }
        return arrayList;
    }

    @Override // com.microsoft.workaccount.authenticatorservice.IBrokerTokenCacheStore
    public void removeAll() {
        Logger.verbose(TAG + "removeAll", "Attempting to remove all keys for account.");
        Logger.verbosePII(TAG + "removeAll", "account.name:" + this.mCacheAccount.getUsername());
        String data = this.mAccountManagerStorageHelper.getData(this.mCacheAccount, "userdata.caller.cachekeys" + this.mCallingAppUid);
        if (data == null || data.isEmpty()) {
            Logger.verbose(TAG + "removeAll", "Keys are not present");
            return;
        }
        Logger.verbose(TAG + "removeAll", "Keys are present.");
        Logger.verbosePII(TAG + "removeAll", "Keylist:" + data);
        StringTokenizer stringTokenizer = new StringTokenizer(data, "|", false);
        if (!stringTokenizer.hasMoreTokens()) {
            Logger.verbose(TAG + "removeAll", "No cache keys for account.");
            Logger.verbosePII(TAG + "removeAll", "account.name:" + this.mCacheAccount.getUsername());
        }
        while (stringTokenizer.hasMoreTokens()) {
            String nextToken = stringTokenizer.nextToken();
            if (nextToken != null && !nextToken.isEmpty()) {
                Logger.verbose(TAG + "removeAll", "Removing cache for account.");
                Logger.verbosePII(TAG + "removeAll", "account.name:" + nextToken);
                removeItem(nextToken);
            }
        }
        this.mAccountManagerStorageHelper.setData(this.mCacheAccount, "userdata.caller.cachekeys" + this.mCallingAppUid, "");
    }

    @Override // com.microsoft.workaccount.authenticatorservice.IBrokerTokenCacheStore
    public void removeItem(String str) {
        if (str == null) {
            throw new IllegalArgumentException(RxPreferencesContentProvider.INTENT_EXTRA_KEY);
        }
        Logger.verbosePII(TAG + "removeItem", "Cache removeItem for key. cache key:" + str);
        this.mAccountManagerStorageHelper.setData(this.mCacheAccount, getBrokerCacheKey(str, String.valueOf(this.mCallingAppUid)), "");
        removeCacheKey(str);
    }

    @Override // com.microsoft.workaccount.authenticatorservice.IBrokerTokenCacheStore
    public void setItem(String str, ADALTokenCacheItem aDALTokenCacheItem) {
        Logger.verbosePII(TAG + "setItem", "Cache setItem for key.cache key:" + str);
        if (str == null) {
            throw new IllegalArgumentException("key cannot be null");
        }
        if (aDALTokenCacheItem == null) {
            throw new IllegalArgumentException("item cannot be null");
        }
        String json = this.mGson.toJson(aDALTokenCacheItem);
        if (!StringUtil.isNullOrEmpty(json)) {
            this.mAccountManagerStorageHelper.setData(this.mCacheAccount, getBrokerCacheKey(str, String.valueOf(this.mCallingAppUid)), json);
            saveCacheKey(str);
        }
        appendAppUIDToAccount();
    }
}
