package com.centrify.directcontrol.afw.certs;

import android.support.annotation.NonNull;
import com.centrify.agent.samsung.utils.LogUtil;
import com.centrify.android.centrifypreference.CentrifyPreferenceUtils;
import com.centrify.android.utils.AfwUtils;
import com.centrify.directcontrol.CentrifyApplication;
import com.centrify.directcontrol.afw.AfwManager;
import com.dd.plist.NSArray;
import com.dd.plist.NSDictionary;
import com.dd.plist.NSObject;
import com.dd.plist.PListUtils;
import java.util.HashMap;
import java.util.HashSet;
import java.util.List;
import java.util.Map;
import java.util.Set;
import org.apache.commons.lang3.StringUtils;
import org.json.JSONException;
import org.json.JSONObject;

/* loaded from: classes.dex */
public class AfwUserCertPolicyController extends AfwCertPolicyController {
    private static final String AFW_USER_CERT_PAYLOAD_ID = "com.centrify.mobile.usercert.androidforwork";
    private static final String CA_CERT_NAME_KEY = "certificateFileName";
    private static final String POLICY_KEY_CA_CERTS = "CaCerts";
    private static final String POLICY_KEY_USER_CERT = "UserCert";
    private static final String PREF_AFW_USERCERT_NAMES = "pref_afw_usercert_names";
    private static final String TAG = "AfwUserCertPolicyController";
    private Map<String, Set<String>> mRecognizedKeys = new HashMap();
    private Set<String> certNames = new HashSet();

    public AfwUserCertPolicyController() {
        HashSet hashSet = new HashSet();
        hashSet.add(POLICY_KEY_CA_CERTS);
        hashSet.add(POLICY_KEY_USER_CERT);
        this.mRecognizedKeys.put("com.centrify.mobile.usercert.androidforwork", hashSet);
    }

    private boolean checkCertResult(NSObject... nSObjectArr) {
        String string;
        List<AfwCert> dBCert = getDBCert(null);
        for (NSObject nSObject : nSObjectArr) {
            if (!(nSObject instanceof NSDictionary) || (string = PListUtils.getString((NSDictionary) nSObject, "certificateFileName")) == null) {
                return false;
            }
            for (AfwCert afwCert : dBCert) {
                if (StringUtils.equals(afwCert.certName, string) && afwCert.policyStatus != AfwManager.PolicyState.APPLIED) {
                    return false;
                }
            }
        }
        return true;
    }

    private Set<String> getSupportedKeys(String str) {
        return this.mRecognizedKeys.get(str);
    }

    private boolean isPayloadRecognized(String str) {
        return StringUtils.equals(str, "com.centrify.mobile.usercert.androidforwork");
    }

    private void loadCertNames() {
        this.certNames = CentrifyPreferenceUtils.getStringSet(PREF_AFW_USERCERT_NAMES, new HashSet());
    }

    private void saveCertNames() {
        CentrifyPreferenceUtils.putStringSet(PREF_AFW_USERCERT_NAMES, this.certNames);
    }

    private void updateResultPayLoad(@NonNull NSDictionary nSDictionary, @NonNull Set<String> set, @NonNull JSONObject jSONObject) throws JSONException {
        String str;
        for (String str2 : nSDictionary.keySet()) {
            if (!set.contains(str2)) {
                str = "NotSupported";
            } else if (StringUtils.equals(str2, POLICY_KEY_USER_CERT)) {
                NSObject objectForKey = nSDictionary.objectForKey(str2);
                str = (objectForKey == null || !(objectForKey instanceof NSDictionary)) ? "NotValid" : checkCertResult(objectForKey) ? "Success" : "Failure";
            } else if (StringUtils.equals(str2, POLICY_KEY_CA_CERTS)) {
                NSObject[] array = PListUtils.getArray(nSDictionary, str2);
                str = array == null ? "NotValid" : checkCertResult(array) ? "Success" : "Failure";
            } else {
                str = "NotRecognized";
            }
            jSONObject.getJSONObject(str).put(str2, new JSONObject());
        }
    }

    @Override // com.centrify.directcontrol.policy.AbstractPolicyController
    protected boolean checkPrecondition(NSDictionary nSDictionary) {
        return AfwUtils.isInAfwMode(this.mAppContext);
    }

    @Override // com.centrify.directcontrol.policy.AbstractPolicyController
    protected JSONObject getPayloadsReport(NSObject[] nSObjectArr) throws JSONException {
        JSONObject jSONObject = new JSONObject();
        for (NSObject nSObject : nSObjectArr) {
            String id = getId(nSObject);
            NSDictionary nSDictionary = null;
            if (nSObject instanceof NSDictionary) {
                nSDictionary = (NSDictionary) nSObject;
                removeNonPolicyKeys(nSDictionary.keySet());
            }
            Set<String> supportedKeys = getSupportedKeys(id);
            JSONObject initializePayloadReport = initializePayloadReport(id);
            if (StringUtils.isBlank(id) || nSDictionary == null || nSDictionary.isEmpty()) {
                markInvalid(initializePayloadReport);
            } else if (!isPayloadRecognized(id)) {
                markNotRecognized(initializePayloadReport);
            } else if (supportedKeys == null || supportedKeys.isEmpty()) {
                markNotSupported(initializePayloadReport);
            } else {
                updateResultPayLoad(nSDictionary, supportedKeys, initializePayloadReport.getJSONObject("Result"));
                markPayloadStatusByKeys(initializePayloadReport);
            }
            jSONObject.put(id, initializePayloadReport);
        }
        return jSONObject;
    }

    @Override // com.centrify.directcontrol.policy.AbstractPolicyController
    public JSONObject getProfileToReport(NSObject nSObject, String str) throws JSONException {
        return doGetProfileReport(nSObject, str);
    }

    @Override // com.centrify.directcontrol.policy.AbstractPolicyController
    public void loadPolicy() {
        reApplyPendingCertPolicy();
    }

    @Override // com.centrify.directcontrol.policy.AbstractPolicyController
    public void resetAll() {
    }

    @Override // com.centrify.directcontrol.policy.AbstractPolicyController
    public void resetPolicy(String str) {
        boolean isInAfwMode = AfwUtils.isInAfwMode(CentrifyApplication.getAppInstance());
        LogUtil.debug(TAG, "Afw cert removal:" + str + " isInAfwMode: " + isInAfwMode);
        if (isInAfwMode) {
            loadCertNames();
            List<AfwCert> dBCert = getDBCert(null);
            if (dBCert == null || dBCert.size() <= 0) {
                return;
            }
            for (AfwCert afwCert : dBCert) {
                if (this.certNames.contains(afwCert.certName)) {
                    deleteDBCert(uninstallCert(afwCert));
                }
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.centrify.directcontrol.afw.certs.AfwCertPolicyController
    public AfwCert saveCert(NSDictionary nSDictionary, Boolean bool) {
        AfwCert saveCert = super.saveCert(nSDictionary, bool);
        this.certNames.add(saveCert.certName);
        return saveCert;
    }

    @Override // com.centrify.directcontrol.policy.AbstractPolicyController
    public boolean savePolicy(NSDictionary nSDictionary) {
        if (!this.mDevice.isAfwSupportedClient()) {
            LogUtil.debug(TAG, "the payload is not saved as the afw profile is not created or entitlement is false");
            return false;
        }
        this.certNames.clear();
        for (NSObject nSObject : ((NSArray) nSDictionary.objectForKey("content")).getArray()) {
            NSDictionary nSDictionary2 = (NSDictionary) nSObject;
            NSObject objectForKey = nSDictionary2.objectForKey(POLICY_KEY_CA_CERTS);
            if (objectForKey != null) {
                for (NSObject nSObject2 : ((NSArray) objectForKey).getArray()) {
                    saveCert((NSDictionary) nSObject2, true);
                }
            } else {
                LogUtil.warning(TAG, "No CaCerts key found.");
            }
            NSObject objectForKey2 = nSDictionary2.objectForKey(POLICY_KEY_USER_CERT);
            if (objectForKey2 != null) {
                saveCert((NSDictionary) objectForKey2, false);
            } else {
                LogUtil.warning(TAG, "No UserCert key found.");
            }
        }
        saveCertNames();
        LogUtil.debug(TAG, "savePolicy-end");
        return true;
    }
}
