package com.microsoft.workaccount.authenticatorservice;

import android.accounts.Account;
import android.accounts.AccountAuthenticatorResponse;
import android.app.admin.DevicePolicyManager;
import android.content.ComponentName;
import android.content.Context;
import android.content.Intent;
import android.os.Build;
import android.os.Bundle;
import com.microsoft.identity.client.BrokerUtils;
import com.microsoft.identity.common.internal.broker.JoinedAccountRequestHandler;
import com.microsoft.identity.common.internal.cache.registry.DefaultBrokerApplicationRegistry;
import com.microsoft.identity.common.internal.net.HttpResponse;
import com.microsoft.identity.common.internal.ui.webview.WebViewUtil;
import com.microsoft.identity.common.internal.util.BiConsumer;
import com.microsoft.identity.common.internal.util.StringUtil;
import com.microsoft.workaccount.workplacejoin.AccountManagerStorageHelper;
import com.microsoft.workaccount.workplacejoin.DeviceTokenException;
import com.microsoft.workaccount.workplacejoin.Logger;
import com.microsoft.workaccount.workplacejoin.WorkplaceJoinData;
import com.microsoft.workaccount.workplacejoin.WorkplaceJoinDataStore;
import com.microsoft.workaccount.workplacejoin.WorkplaceJoinException;
import com.microsoft.workaccount.workplacejoin.core.DRSDiscoveryRequestHandler;
import com.microsoft.workaccount.workplacejoin.core.DeviceAttrPatchRequestHandler;
import com.microsoft.workaccount.workplacejoin.core.DeviceAttrPatchingRunnable;
import com.microsoft.workaccount.workplacejoin.core.DeviceState;
import com.microsoft.workaccount.workplacejoin.core.DeviceStateRequestHandler;
import com.microsoft.workaccount.workplacejoin.core.DeviceUnregistrationRequestHandler;
import com.microsoft.workaccount.workplacejoin.core.Util;
import com.microsoft.workaccount.workplacejoin.core.WorkplaceJoinApplication;
import com.microsoft.workaccount.workplacejoin.core.WorkplaceJoinCertHelper;
import com.microsoft.workaccount.workplacejoin.core.WorkplaceJoinFailure;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import java.util.Date;
import java.util.Map;
import java.util.UUID;
import java.util.concurrent.TimeUnit;

/* loaded from: classes2.dex */
public class AuthenticatorAPIHelper {
    public static final String TAG = "AuthenticatorHelper#";
    public final AccountManagerStorageHelper mAcctMgrHelper;
    public final Context mContext;
    public final UUID mCorrelationId;
    public final DRSDiscoveryRequestHandler mDRSDiscoveryRequestHandler;
    public final DeviceAttrPatchRequestHandler mDeviceAttrPatchRequestHandler;
    public final DeviceStateRequestHandler mDeviceStateRequestHandler;
    public final DeviceTokenRequestHandler mDeviceTokenHandler;
    public final DeviceUnregistrationRequestHandler mDeviceUnregistrationRequestHandler;
    public final WorkplaceJoinDataStore mWpjDataStore;

    public AuthenticatorAPIHelper(Context context, UUID uuid) {
        this.mContext = context;
        this.mAcctMgrHelper = new AccountManagerStorageHelper(this.mContext);
        this.mWpjDataStore = new WorkplaceJoinDataStore(this.mAcctMgrHelper);
        this.mCorrelationId = uuid == null ? UUID.randomUUID() : uuid;
        this.mDeviceTokenHandler = new DeviceTokenRequestHandler();
        this.mDRSDiscoveryRequestHandler = new DRSDiscoveryRequestHandler();
        this.mDeviceStateRequestHandler = new DeviceStateRequestHandler();
        this.mDeviceAttrPatchRequestHandler = new DeviceAttrPatchRequestHandler();
        this.mDeviceUnregistrationRequestHandler = new DeviceUnregistrationRequestHandler();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public DeviceStateRequestHandler.IOnQueryDeviceCallback createGetDeviceRegistrationStateCallback(final WorkplaceJoinData workplaceJoinData, final AccountAuthenticatorResponse accountAuthenticatorResponse, final Account account, final boolean z, final DRSDiscoveryRequestHandler.DRSDiscoveryResult dRSDiscoveryResult) {
        return new DeviceStateRequestHandler.IOnQueryDeviceCallback() { // from class: com.microsoft.workaccount.authenticatorservice.AuthenticatorAPIHelper.4
            @Override // com.microsoft.workaccount.workplacejoin.core.DeviceStateRequestHandler.IOnQueryDeviceCallback
            public void onComplete(DeviceState deviceState) {
                Bundle successBundle = AuthenticatorAPIHelper.getSuccessBundle(account);
                successBundle.putBoolean(WorkplaceJoinApplication.DATA_DRS_DEVICE_STATE, deviceState == DeviceState.DEVICE_VALID);
                if (deviceState == DeviceState.DEVICE_NOT_FOUND) {
                    accountAuthenticatorResponse.onResult(successBundle);
                    return;
                }
                if (new Date().getTime() - workplaceJoinData.getLastUpdatedDeviceAttributeDate().getTime() <= TimeUnit.MINUTES.toMillis(5L)) {
                    Logger.i("AuthenticatorHelper#createGetDeviceRegistrationStateCallback", "Device Attributed updated recently, skipping update device attribute...");
                    accountAuthenticatorResponse.onResult(successBundle);
                    return;
                }
                String registeredOsVersion = workplaceJoinData.getRegisteredOsVersion();
                String androidOSVersion = Util.getAndroidOSVersion();
                DeviceAttrPatchRequestHandler deviceAttrPatchRequestHandler = AuthenticatorAPIHelper.this.mDeviceAttrPatchRequestHandler;
                WorkplaceJoinData workplaceJoinData2 = workplaceJoinData;
                UUID uuid = AuthenticatorAPIHelper.this.mCorrelationId;
                DRSDiscoveryRequestHandler.DRSDiscoveryResult dRSDiscoveryResult2 = dRSDiscoveryResult;
                deviceAttrPatchRequestHandler.patchDeviceAttribute(workplaceJoinData2, uuid, DeviceAttrPatchingRunnable.DRS_DEVICE_OS_VERSION_ATTRIBUTE_KEY, registeredOsVersion, androidOSVersion, dRSDiscoveryResult2, AuthenticatorAPIHelper.this.createPatchDeviceOSCallback(workplaceJoinData, androidOSVersion, accountAuthenticatorResponse, successBundle, dRSDiscoveryResult2));
            }

            @Override // com.microsoft.workaccount.workplacejoin.core.DeviceStateRequestHandler.IOnQueryDeviceCallback
            public void onError(Exception exc) {
                Logger.e("AuthenticatorHelper#createGetDeviceRegistrationStateCallback", "Failed to query device state.", WorkplaceJoinFailure.INTERNAL, exc);
                AuthenticatorAPIHelper.this.returnError(accountAuthenticatorResponse, exc, z);
            }
        };
    }

    private DeviceAttrPatchRequestHandler.IOnPatchDeviceAttrCallback createPatchDeviceNameCallback(final WorkplaceJoinData workplaceJoinData, final String str, final AccountAuthenticatorResponse accountAuthenticatorResponse, final Bundle bundle) {
        return new DeviceAttrPatchRequestHandler.IOnPatchDeviceAttrCallback() { // from class: com.microsoft.workaccount.authenticatorservice.AuthenticatorAPIHelper.6
            @Override // com.microsoft.workaccount.workplacejoin.core.DeviceAttrPatchRequestHandler.IOnPatchDeviceAttrCallback
            public void onComplete() {
                Logger.i("AuthenticatorHelper#createPatchDeviceNameCallback", String.format("Finished updating device attribute: %s.", DeviceAttrPatchingRunnable.DRS_DEVICE_DISPLAY_NAME_ATTRIBUTE_KEY));
                AuthenticatorAPIHelper.this.mWpjDataStore.updateRegisteredDeviceName(workplaceJoinData, str);
                accountAuthenticatorResponse.onResult(bundle);
            }

            @Override // com.microsoft.workaccount.workplacejoin.core.DeviceAttrPatchRequestHandler.IOnPatchDeviceAttrCallback
            public void onError(Exception exc) {
                Logger.e("AuthenticatorHelper#createPatchDeviceNameCallback", String.format("Unable to update device attribute: %s.", DeviceAttrPatchingRunnable.DRS_DEVICE_OS_VERSION_ATTRIBUTE_KEY), WorkplaceJoinFailure.INTERNAL, exc);
                accountAuthenticatorResponse.onResult(bundle);
            }
        };
    }

    /* JADX INFO: Access modifiers changed from: private */
    public DeviceAttrPatchRequestHandler.IOnPatchDeviceAttrCallback createPatchDeviceOSCallback(final WorkplaceJoinData workplaceJoinData, final String str, AccountAuthenticatorResponse accountAuthenticatorResponse, Bundle bundle, final DRSDiscoveryRequestHandler.DRSDiscoveryResult dRSDiscoveryResult) {
        final String registeredDeviceName = workplaceJoinData.getRegisteredDeviceName();
        final String deviceDisplayName = Util.getDeviceDisplayName();
        final DeviceAttrPatchRequestHandler.IOnPatchDeviceAttrCallback createPatchDeviceNameCallback = createPatchDeviceNameCallback(workplaceJoinData, deviceDisplayName, accountAuthenticatorResponse, bundle);
        return new DeviceAttrPatchRequestHandler.IOnPatchDeviceAttrCallback() { // from class: com.microsoft.workaccount.authenticatorservice.AuthenticatorAPIHelper.5
            @Override // com.microsoft.workaccount.workplacejoin.core.DeviceAttrPatchRequestHandler.IOnPatchDeviceAttrCallback
            public void onComplete() {
                Logger.i("AuthenticatorHelper#createPatchDeviceOSCallback", String.format("Finished updating device attribute: %s.", DeviceAttrPatchingRunnable.DRS_DEVICE_OS_VERSION_ATTRIBUTE_KEY));
                AuthenticatorAPIHelper.this.mWpjDataStore.updateRegisteredOsVersion(workplaceJoinData, str);
                AuthenticatorAPIHelper.this.mDeviceAttrPatchRequestHandler.patchDeviceAttribute(workplaceJoinData, AuthenticatorAPIHelper.this.mCorrelationId, DeviceAttrPatchingRunnable.DRS_DEVICE_DISPLAY_NAME_ATTRIBUTE_KEY, registeredDeviceName, deviceDisplayName, dRSDiscoveryResult, createPatchDeviceNameCallback);
            }

            @Override // com.microsoft.workaccount.workplacejoin.core.DeviceAttrPatchRequestHandler.IOnPatchDeviceAttrCallback
            public void onError(Exception exc) {
                Logger.e("AuthenticatorHelper#createPatchDeviceOSCallback", String.format("Unable to update device attribute: %s.", DeviceAttrPatchingRunnable.DRS_DEVICE_OS_VERSION_ATTRIBUTE_KEY), WorkplaceJoinFailure.INTERNAL, exc);
                AuthenticatorAPIHelper.this.mDeviceAttrPatchRequestHandler.patchDeviceAttribute(workplaceJoinData, AuthenticatorAPIHelper.this.mCorrelationId, DeviceAttrPatchingRunnable.DRS_DEVICE_DISPLAY_NAME_ATTRIBUTE_KEY, registeredDeviceName, deviceDisplayName, dRSDiscoveryResult, createPatchDeviceNameCallback);
            }
        };
    }

    public static Bundle getDeviceTokenErrorBundle(DeviceTokenException deviceTokenException) {
        Bundle bundle = new Bundle();
        bundle.putString("errorMessage", deviceTokenException.getMessage());
        bundle.putString("error_description", deviceTokenException.getErrorDescription());
        bundle.putString("error_codes", deviceTokenException.getErrorCode());
        bundle.putString(WorkplaceJoinApplication.DATA_FAILURE_TYPE, deviceTokenException.getFailureType().toString());
        return bundle;
    }

    public static Bundle getErrorBundle(String str, WorkplaceJoinFailure workplaceJoinFailure) {
        Bundle bundle = new Bundle();
        bundle.putString("errorMessage", str);
        bundle.putString(WorkplaceJoinApplication.DATA_FAILURE_TYPE, workplaceJoinFailure.toString());
        return bundle;
    }

    public static Bundle getSuccessBundle(Account account) {
        Bundle bundle = new Bundle();
        bundle.putString("authAccount", account.name);
        bundle.putString("accountType", account.type);
        return bundle;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void returnError(AccountAuthenticatorResponse accountAuthenticatorResponse, Exception exc, boolean z) {
        if (!z) {
            accountAuthenticatorResponse.onError(5, exc.getMessage());
            return;
        }
        if (exc instanceof DeviceTokenException) {
            accountAuthenticatorResponse.onResult(getDeviceTokenErrorBundle((DeviceTokenException) exc));
        } else if (!(exc instanceof WorkplaceJoinException)) {
            accountAuthenticatorResponse.onResult(getErrorBundle(exc.getMessage(), WorkplaceJoinFailure.INTERNAL));
        } else {
            WorkplaceJoinException workplaceJoinException = (WorkplaceJoinException) exc;
            accountAuthenticatorResponse.onResult(getErrorBundle(workplaceJoinException.getMessage(), workplaceJoinException.getFailureType()));
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void tryRemovingCertSilently() {
        if (Build.VERSION.SDK_INT < 24) {
            Logger.i("AuthenticatorHelper#:tryRemovingCertSilently", "Certificate removal DID NOT succeed: uninstalling cert silently via DevicePolicyManager requires Android Version >= N, this device is running " + Build.VERSION.SDK_INT);
            return;
        }
        try {
            boolean removeKeyPair = ((DevicePolicyManager) this.mContext.getSystemService("device_policy")).removeKeyPair(null, WorkplaceJoinCertHelper.getCertName());
            StringBuilder sb = new StringBuilder();
            sb.append("Certificate removal");
            sb.append(removeKeyPair ? " did " : " DID NOT ");
            sb.append("succeed.");
            Logger.w("AuthenticatorHelper#:tryRemovingCertSilently", sb.toString(), WorkplaceJoinFailure.CERTIFICATE);
        } catch (SecurityException e) {
            Logger.w("AuthenticatorHelper#:tryRemovingCertSilently", "Certificate removal DID NOT succeed: The caller must be delegated with DELEGATION_CERT_INSTALL by the device/profile owner. " + e.getMessage(), WorkplaceJoinFailure.CERTIFICATE);
        }
    }

    @Deprecated
    public Bundle getCertInstalledStatus(Account account) {
        Bundle successBundle = getSuccessBundle(account);
        Logger.i("AuthenticatorHelper#getCertInstalledStatus", "Sending cert install status false");
        successBundle.putString(WorkplaceJoinApplication.DATA_CERT_INSTALLED, Boolean.toString(false));
        return successBundle;
    }

    public Bundle getDeviceId(Account account) {
        WorkplaceJoinData workplaceJoinData = this.mWpjDataStore.getWorkplaceJoinData();
        if (workplaceJoinData == null) {
            return getErrorBundle("Failed to get WPJ Data. Cannot get Device ID", WorkplaceJoinFailure.INTERNAL);
        }
        try {
            String deviceId = workplaceJoinData.getDeviceId();
            Bundle successBundle = getSuccessBundle(account);
            successBundle.putString(WorkplaceJoinApplication.DATA_DEVICE_ID, deviceId);
            Logger.i("AuthenticatorHelper#getDeviceId", "Sending device id.", deviceId);
            return successBundle;
        } catch (WorkplaceJoinException e) {
            return getErrorBundle(e.getMessage(), e.getFailureType());
        }
    }

    public void getDeviceState(final AccountAuthenticatorResponse accountAuthenticatorResponse, final Account account, final boolean z) {
        try {
            final WorkplaceJoinData workplaceJoinData = this.mWpjDataStore.getWorkplaceJoinData();
            if (workplaceJoinData != null) {
                this.mDRSDiscoveryRequestHandler.requestDeviceRegistrationDiscovery(this.mContext, workplaceJoinData.getTenantId(), this.mCorrelationId, new DRSDiscoveryRequestHandler.IOnDeviceRegistrationDiscovery() { // from class: com.microsoft.workaccount.authenticatorservice.AuthenticatorAPIHelper.2
                    @Override // com.microsoft.workaccount.workplacejoin.core.DRSDiscoveryRequestHandler.IOnDeviceRegistrationDiscovery
                    public void onEndpointsDiscovery(DRSDiscoveryRequestHandler.DRSDiscoveryResult dRSDiscoveryResult) {
                        Logger.v("AuthenticatorHelper#getDeviceState", "Workplace joined. Will query device state.");
                        AuthenticatorAPIHelper.this.mDeviceStateRequestHandler.getDeviceRegistrationStatus(workplaceJoinData, AuthenticatorAPIHelper.this.mCorrelationId, dRSDiscoveryResult, AuthenticatorAPIHelper.this.createGetDeviceRegistrationStateCallback(workplaceJoinData, accountAuthenticatorResponse, account, z, dRSDiscoveryResult));
                    }
                });
            } else {
                Logger.v("AuthenticatorHelper#getDeviceState", "WPJ data not found.");
                returnError(accountAuthenticatorResponse, new WorkplaceJoinException("Device is not workplace joined.", WorkplaceJoinFailure.INTERNAL), z);
            }
        } catch (Exception e) {
            Logger.e("AuthenticatorHelper#getDeviceState", "Failed to retrieve device state.", WorkplaceJoinFailure.INTERNAL, e);
            returnError(accountAuthenticatorResponse, e, z);
        }
    }

    public void getDeviceToken(final AccountAuthenticatorResponse accountAuthenticatorResponse, final Account account, final boolean z, Bundle bundle) {
        try {
            WorkplaceJoinData workplaceJoinData = this.mWpjDataStore.getWorkplaceJoinData();
            if (workplaceJoinData == null) {
                Logger.v("AuthenticatorHelper#getDeviceToken", "WPJ data not found.");
                returnError(accountAuthenticatorResponse, new WorkplaceJoinException("Device is not workplace joined.", WorkplaceJoinFailure.INTERNAL), z);
            } else {
                this.mDeviceTokenHandler.requestDeviceToken(this.mDeviceTokenHandler.getDeviceTokenRequestBody(workplaceJoinData, bundle, this.mAcctMgrHelper.getBRTAuthority(account)), bundle, this.mAcctMgrHelper.getBRTAuthority(account)).whenComplete(new BiConsumer<HttpResponse, Throwable>() { // from class: com.microsoft.workaccount.authenticatorservice.AuthenticatorAPIHelper.3
                    @Override // com.microsoft.identity.common.internal.util.BiConsumer
                    public void accept(HttpResponse httpResponse, Throwable th) {
                        if (th != null) {
                            Logger.e("AuthenticatorHelper#getDeviceToken", "Failed to retrieve Device Token", WorkplaceJoinFailure.INTERNAL, th instanceof Exception ? (Exception) th : new Exception(th));
                            AuthenticatorAPIHelper.this.returnError(accountAuthenticatorResponse, (Exception) th, z);
                            return;
                        }
                        try {
                            Logger.i("AuthenticatorHelper#getDeviceToken", "The server responded with status code : " + httpResponse.getStatusCode());
                            if (httpResponse.getStatusCode() < 200 || httpResponse.getStatusCode() >= 300) {
                                if (httpResponse.getStatusCode() >= 400 && httpResponse.getStatusCode() < 500) {
                                    Map<String, String> jsonResponse = JoinedAccountRequestHandler.getJsonResponse(httpResponse.getBody());
                                    AuthenticatorAPIHelper.this.returnError(accountAuthenticatorResponse, new DeviceTokenException(jsonResponse.get("error"), jsonResponse.get("error_description"), jsonResponse.get("error_codes"), WorkplaceJoinFailure.USER), z);
                                    return;
                                } else {
                                    if (httpResponse.getStatusCode() >= 500) {
                                        Map<String, String> jsonResponse2 = JoinedAccountRequestHandler.getJsonResponse(httpResponse.getBody());
                                        AuthenticatorAPIHelper.this.returnError(accountAuthenticatorResponse, new DeviceTokenException(jsonResponse2.get("error"), jsonResponse2.get("error_description"), jsonResponse2.get("error_codes"), WorkplaceJoinFailure.ESTS), z);
                                        return;
                                    }
                                    return;
                                }
                            }
                            Bundle successBundle = AuthenticatorAPIHelper.getSuccessBundle(account);
                            String str = JoinedAccountRequestHandler.getJsonResponse(httpResponse.getBody()).get("access_token");
                            if (StringUtil.isEmpty(str)) {
                                AuthenticatorAPIHelper.this.returnError(accountAuthenticatorResponse, new WorkplaceJoinException("Device Token not present in successful response", WorkplaceJoinFailure.ESTS), z);
                                return;
                            }
                            Logger.i("AuthenticatorHelper#getDeviceToken", "Device token successfully retrieved from the server" + httpResponse.getStatusCode());
                            successBundle.putString(WorkplaceJoinApplication.DATA_DEVICE_TOKEN, str);
                            accountAuthenticatorResponse.onResult(successBundle);
                        } catch (Exception e) {
                            Logger.e("AuthenticatorHelper#getDeviceToken", "Failed to retrieve Device Token", WorkplaceJoinFailure.INTERNAL, e);
                            AuthenticatorAPIHelper.this.returnError(accountAuthenticatorResponse, e, z);
                        }
                    }
                });
            }
        } catch (Exception e) {
            Logger.e("AuthenticatorHelper#getDeviceToken", "Failed to retrieve Device Token", WorkplaceJoinFailure.INTERNAL, e);
            returnError(accountAuthenticatorResponse, e, z);
        }
    }

    public Intent getInstallCertActivityIntent(Account account) {
        Intent intent = new Intent();
        intent.putExtra("authAccount", account.name);
        intent.putExtra("accountType", account.type);
        return intent;
    }

    public void getIsSharedDevice(AccountAuthenticatorResponse accountAuthenticatorResponse, Account account, boolean z) {
        try {
            WorkplaceJoinData workplaceJoinData = this.mWpjDataStore.getWorkplaceJoinData();
            boolean z2 = workplaceJoinData != null && workplaceJoinData.isSharedDevice();
            Bundle successBundle = getSuccessBundle(account);
            successBundle.putBoolean(WorkplaceJoinApplication.DATA_IS_SHARED_DEVICE, z2);
            accountAuthenticatorResponse.onResult(successBundle);
        } catch (Exception e) {
            Logger.e("AuthenticatorHelper#getIsSharedDevice", "Failed to retrieve is Shared Device value.", WorkplaceJoinFailure.INTERNAL, e);
            returnError(accountAuthenticatorResponse, e, z);
        }
    }

    public Bundle getOnPremStatus(Account account) {
        boolean isOnPremCert = this.mWpjDataStore.getWorkplaceJoinData().getCertificateData().isOnPremCert();
        Bundle successBundle = getSuccessBundle(account);
        successBundle.putBoolean(WorkplaceJoinApplication.DATA_ONPREM_VERIFY, isOnPremCert);
        Logger.i(TAG, "Is on-prem cert:" + isOnPremCert);
        return successBundle;
    }

    public Bundle getUPN(Account account) {
        WorkplaceJoinData workplaceJoinData = this.mWpjDataStore.getWorkplaceJoinData();
        String upn = workplaceJoinData != null ? workplaceJoinData.getUpn() : null;
        Bundle successBundle = getSuccessBundle(account);
        successBundle.putString(WorkplaceJoinApplication.DATA_UPN, upn);
        return successBundle;
    }

    public Bundle getUserInfo(Account account) {
        String accountHomeAccountId = this.mAcctMgrHelper.getAccountHomeAccountId(account);
        String accountUserIdList = this.mAcctMgrHelper.getAccountUserIdList(account);
        String accountGivenName = this.mAcctMgrHelper.getAccountGivenName(account);
        String accountFamilyName = this.mAcctMgrHelper.getAccountFamilyName(account);
        String accountIdp = this.mAcctMgrHelper.getAccountIdp(account);
        String accountDisplayableUserId = this.mAcctMgrHelper.getAccountDisplayableUserId(account);
        String accountHomeTenantId = this.mAcctMgrHelper.getAccountHomeTenantId(account);
        Bundle successBundle = getSuccessBundle(account);
        successBundle.putString("account.userinfo.userid", accountHomeAccountId);
        successBundle.putString("account.userinfo.userid.list", accountUserIdList);
        successBundle.putString("account.userinfo.given.name", accountGivenName);
        successBundle.putString("account.userinfo.family.name", accountFamilyName);
        successBundle.putString("account.userinfo.identity.provider", accountIdp);
        successBundle.putString("account.userinfo.userid.displayable", accountDisplayableUserId);
        successBundle.putString("account.userinfo.tenantid", accountHomeTenantId);
        WorkplaceJoinData workplaceJoinData = this.mWpjDataStore.getWorkplaceJoinData();
        boolean z = workplaceJoinData != null && account.name.equalsIgnoreCase(workplaceJoinData.getUpn());
        boolean accountNgcStatus = this.mAcctMgrHelper.getAccountNgcStatus(account);
        successBundle.putBoolean(WorkplaceJoinApplication.DATA_IS_JOINED, z);
        successBundle.putBoolean(WorkplaceJoinApplication.DATA_IS_NGC, accountNgcStatus);
        Logger.i(TAG, "Returning userinfo details");
        return successBundle;
    }

    public Bundle getVersion(Account account) {
        Bundle successBundle = getSuccessBundle(account);
        successBundle.putString(WorkplaceJoinApplication.DATA_VERSION, WorkplaceJoinApplication.PROTOCOL_VERSION_CODE + "");
        Logger.i(TAG, "Sending protocol version:" + WorkplaceJoinApplication.PROTOCOL_VERSION);
        return successBundle;
    }

    public String getWpjAccountName() {
        Account workplaceJoinAccount = this.mWpjDataStore.getWorkplaceJoinAccount();
        if (workplaceJoinAccount != null) {
            return workplaceJoinAccount.name;
        }
        return null;
    }

    public Bundle installCertSilently() {
        WorkplaceJoinData workplaceJoinData = this.mWpjDataStore.getWorkplaceJoinData();
        if (workplaceJoinData == null) {
            Logger.v("AuthenticatorHelper#:installCertSilently", "WPJ not found.");
            return getErrorBundle("Device is not workplace joined.", WorkplaceJoinFailure.INTERNAL);
        }
        if (Build.VERSION.SDK_INT < 24) {
            return getErrorBundle("Installing cert silently via DevicePolicyManager requires Android Version >= N, this device is running " + Build.VERSION.SDK_INT, WorkplaceJoinFailure.USER);
        }
        try {
            boolean installKeyPair = ((DevicePolicyManager) this.mContext.getSystemService("device_policy")).installKeyPair((ComponentName) null, (PrivateKey) workplaceJoinData.getCertificateData().getDevicePrivateKey(), new Certificate[]{workplaceJoinData.getCertificateData().getX509Cert()}, WorkplaceJoinCertHelper.getCertName(), true);
            if (installKeyPair) {
                Logger.i("AuthenticatorHelper#:installCertSilently", "Returning silent cert install succeeded.");
            } else {
                Logger.w("AuthenticatorHelper#:installCertSilently", "Returning silent cert install failed.", WorkplaceJoinFailure.CERTIFICATE);
            }
            Bundle bundle = new Bundle();
            bundle.putBoolean(WorkplaceJoinApplication.DATA_CERT_INSTALLED, installKeyPair);
            return bundle;
        } catch (SecurityException e) {
            Logger.e("AuthenticatorHelper#:installCertSilently", "Failed to install cert silently, The caller must be delegated with DELEGATION_CERT_INSTALL by the device/profile owner.", WorkplaceJoinFailure.CERTIFICATE, e);
            return getErrorBundle("Failed to install cert silently, The caller must be delegated with DELEGATION_CERT_INSTALL by the device/profile owner.", WorkplaceJoinFailure.CERTIFICATE);
        }
    }

    public void removeAccountData(final AccountAuthenticatorResponse accountAuthenticatorResponse, final Account account, final boolean z) {
        Logger.v("AuthenticatorHelper#removeAccountData", "removeAccountData called for account,", "account.name:" + account.name);
        WebViewUtil.removeCookiesFromWebView(this.mContext);
        Logger.v("AuthenticatorHelper#removeAccountData", "Removed cookies from webview hosted at authenticator process.");
        BrokerUtils.removeAccountFromTokenCache(this.mContext, account);
        Account workplaceJoinAccount = this.mWpjDataStore.getWorkplaceJoinAccount();
        final WorkplaceJoinData workplaceJoinData = this.mWpjDataStore.getWorkplaceJoinData();
        if (workplaceJoinData != null && workplaceJoinAccount != null && account.name.equalsIgnoreCase(workplaceJoinAccount.name)) {
            Logger.v("AuthenticatorHelper#removeAccountData", "Account is workplace joined. Deleting certificate objects.");
            this.mDRSDiscoveryRequestHandler.requestDeviceRegistrationDiscovery(this.mContext, account.name, this.mCorrelationId, new DRSDiscoveryRequestHandler.IOnDeviceRegistrationDiscovery() { // from class: com.microsoft.workaccount.authenticatorservice.AuthenticatorAPIHelper.1
                @Override // com.microsoft.workaccount.workplacejoin.core.DRSDiscoveryRequestHandler.IOnDeviceRegistrationDiscovery
                public void onEndpointsDiscovery(DRSDiscoveryRequestHandler.DRSDiscoveryResult dRSDiscoveryResult) {
                    AuthenticatorAPIHelper.this.mDeviceUnregistrationRequestHandler.deleteCertificateObjects(AuthenticatorAPIHelper.this.mContext, workplaceJoinData, AuthenticatorAPIHelper.this.mCorrelationId, dRSDiscoveryResult, new DeviceUnregistrationRequestHandler.OnDeviceUnregisteredListener() { // from class: com.microsoft.workaccount.authenticatorservice.AuthenticatorAPIHelper.1.1
                        @Override // com.microsoft.workaccount.workplacejoin.core.DeviceUnregistrationRequestHandler.OnDeviceUnregisteredListener
                        public void onError(WorkplaceJoinException workplaceJoinException) {
                            Logger.e("AuthenticatorHelper#removeAccountData", workplaceJoinException.getMessage(), workplaceJoinException.getFailureType(), (Exception) workplaceJoinException.getCause());
                            AnonymousClass1 anonymousClass1 = AnonymousClass1.this;
                            AccountAuthenticatorResponse accountAuthenticatorResponse2 = accountAuthenticatorResponse;
                            if (accountAuthenticatorResponse2 != null) {
                                AuthenticatorAPIHelper.this.returnError(accountAuthenticatorResponse2, workplaceJoinException, z);
                            }
                        }

                        @Override // com.microsoft.workaccount.workplacejoin.core.DeviceUnregistrationRequestHandler.OnDeviceUnregisteredListener
                        public void onSuccess(boolean z2) {
                            AuthenticatorAPIHelper.this.tryRemovingCertSilently();
                            AnonymousClass1 anonymousClass1 = AnonymousClass1.this;
                            if (accountAuthenticatorResponse != null) {
                                Bundle successBundle = AuthenticatorAPIHelper.getSuccessBundle(account);
                                successBundle.putBoolean(DeviceUnregistrationRequestHandler.DEVICE_DELETED_FROM_DRS, z2);
                                accountAuthenticatorResponse.onResult(successBundle);
                            }
                        }
                    });
                }
            });
            new DefaultBrokerApplicationRegistry(this.mContext).clear();
        } else {
            Logger.v("AuthenticatorHelper#removeAccountData", "Account is not workplace joined");
            if (accountAuthenticatorResponse != null) {
                returnError(accountAuthenticatorResponse, new WorkplaceJoinException("Account is not workplace joined", WorkplaceJoinFailure.INTERNAL), z);
            }
        }
    }
}
