package org.forgerock.android.auth;

import android.accounts.Account;
import android.accounts.AccountManager;
import android.content.ComponentName;
import android.content.Context;
import android.util.Base64;
import java.util.Collection;
import java.util.Collections;
import java.util.HashSet;
import java.util.Iterator;
import org.forgerock.android.auth.AccountAware;
import org.forgerock.android.auth.Encryptor;
import org.forgerock.android.auth.SingleSignOnManager;
import org.forgerock.android.auth.authenticator.AuthenticatorService;
import org.json.JSONArray;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: classes2.dex */
public class AccountSingleSignOnManager implements SingleSignOnManager, KeyUpdatedListener, SecretKeyStore, AccountAware {
    private static final String COOKIES = "org.forgerock.v1.COOKIES";
    private static final String ORG_FORGEROCK_V_1_SSO_KEYS = "org.forgerock.v1.SSO_KEYS";
    private static final String SSO_TOKEN = "org.forgerock.v1.SSO_TOKEN";
    private static final String TAG = "AccountSingleSignOnManager";
    private Account account;
    private AccountManager accountManager;
    private String accountType;
    private Encryptor encryptor;

    /* loaded from: classes2.dex */
    public static class AccountSingleSignOnManagerBuilder {
        private String accountName;
        private Context context;
        private Encryptor encryptor;

        AccountSingleSignOnManagerBuilder() {
        }

        public AccountSingleSignOnManagerBuilder accountName(String str) {
            if (str == null) {
                throw new NullPointerException("accountName is marked non-null but is null");
            }
            this.accountName = str;
            return this;
        }

        public AccountSingleSignOnManager build() throws Exception {
            return new AccountSingleSignOnManager(this.context, this.accountName, this.encryptor);
        }

        public AccountSingleSignOnManagerBuilder context(Context context) {
            if (context == null) {
                throw new NullPointerException("context is marked non-null but is null");
            }
            this.context = context;
            return this;
        }

        public AccountSingleSignOnManagerBuilder encryptor(Encryptor encryptor) {
            this.encryptor = encryptor;
            return this;
        }

        public String toString() {
            return "AccountSingleSignOnManager.AccountSingleSignOnManagerBuilder(context=" + this.context + ", accountName=" + this.accountName + ", encryptor=" + this.encryptor + ")";
        }
    }

    AccountSingleSignOnManager(Context context, String str, Encryptor encryptor) throws Exception {
        if (context == null) {
            throw new NullPointerException("context is marked non-null but is null");
        }
        if (str == null) {
            throw new NullPointerException("accountName is marked non-null but is null");
        }
        try {
            this.accountType = getAccountType(context);
            this.accountManager = AccountManager.get(context);
            this.account = new Account(str, this.accountType);
            encryptor = encryptor == null ? Encryptor.CC.getEncryptor(context, ORG_FORGEROCK_V_1_SSO_KEYS, this, this) : encryptor;
            this.encryptor = encryptor;
            Logger.debug(TAG, "Using Encryptor %s", encryptor.getClass().getSimpleName());
            verifyAccount(this.accountManager, this.accountType, this.account);
        } catch (Exception e) {
            Logger.warn(TAG, "Single Sign On is disabled due to: %s", e.getMessage());
            throw e;
        }
    }

    public static AccountSingleSignOnManagerBuilder builder() {
        return new AccountSingleSignOnManagerBuilder();
    }

    private void persist(String str, byte[] bArr, boolean z) {
        if ((bArr == null || bArr.length == 0) && !isAccountExists(this.accountManager, this.accountType, this.account)) {
            return;
        }
        this.accountManager.addAccountExplicitly(this.account, null, null);
        try {
            if (bArr == null) {
                this.accountManager.setUserData(this.account, str, null);
            } else {
                this.accountManager.setUserData(this.account, str, Base64.encodeToString(this.encryptor.encrypt(bArr), 0));
            }
        } catch (Exception e) {
            try {
                this.encryptor.reset();
                if (!z) {
                    throw new RuntimeException(e);
                }
                persist(str, bArr, false);
            } catch (Exception e2) {
                throw new RuntimeException(e2);
            }
        }
    }

    @Override // org.forgerock.android.auth.SingleSignOnManager
    public void clear() {
        for (Account account : this.accountManager.getAccountsByType(this.accountType)) {
            if (account.name.equals(this.account.name)) {
                this.accountManager.removeAccountExplicitly(account);
                return;
            }
        }
    }

    @Override // org.forgerock.android.auth.AccountAware
    public /* synthetic */ String getAccountType(Context context) {
        String parse;
        parse = parse(context, context.getPackageManager().getServiceInfo(new ComponentName(context, (Class<?>) AuthenticatorService.class), 128).metaData.getInt("android.accounts.AccountAuthenticator"));
        return parse;
    }

    @Override // org.forgerock.android.auth.SingleSignOnManager
    public Collection<String> getCookies() {
        try {
            String userData = this.accountManager.getUserData(this.account, COOKIES);
            if (userData != null) {
                JSONArray jSONArray = new JSONArray(new String(this.encryptor.decrypt(Base64.decode(userData, 0))));
                HashSet hashSet = new HashSet();
                for (int i = 0; i < jSONArray.length(); i++) {
                    hashSet.add(jSONArray.getString(i));
                }
                return hashSet;
            }
        } catch (Exception e) {
            Logger.warn(TAG, e, "Failed to decrypt data", new Object[0]);
            clear();
        }
        return Collections.emptySet();
    }

    @Override // org.forgerock.android.auth.SecretKeyStore
    public String getEncryptedSecretKey() {
        return this.accountManager.getPassword(this.account);
    }

    @Override // org.forgerock.android.auth.SingleSignOnManager
    public SSOToken getToken() {
        try {
            String userData = this.accountManager.getUserData(this.account, SSO_TOKEN);
            if (userData != null) {
                return new SSOToken(new String(this.encryptor.decrypt(Base64.decode(userData, 0))));
            }
            return null;
        } catch (EncryptionException e) {
            Logger.warn(TAG, e, "Failed to decrypt data", new Object[0]);
            clear();
            return null;
        }
    }

    @Override // org.forgerock.android.auth.SingleSignOnManager
    public boolean hasToken() {
        return this.accountManager.getUserData(this.account, SSO_TOKEN) != null;
    }

    @Override // org.forgerock.android.auth.AccountAware
    public /* synthetic */ boolean isAccountExists(AccountManager accountManager, String str, Account account) {
        return AccountAware.CC.$default$isAccountExists(this, accountManager, str, account);
    }

    @Override // org.forgerock.android.auth.SingleSignOnManager
    public /* synthetic */ boolean isBroadcastEnabled() {
        return SingleSignOnManager.CC.$default$isBroadcastEnabled(this);
    }

    @Override // org.forgerock.android.auth.KeyUpdatedListener
    public void onKeyUpdated() {
        clear();
    }

    @Override // org.forgerock.android.auth.AccountAware
    public /* synthetic */ String parse(Context context, int i) {
        return AccountAware.CC.$default$parse(this, context, i);
    }

    @Override // org.forgerock.android.auth.SecretKeyStore
    public void persist(String str) {
        this.accountManager.setPassword(this.account, str);
    }

    @Override // org.forgerock.android.auth.SingleSignOnManager
    public void persist(Collection<String> collection) {
        if (collection.isEmpty()) {
            persist(COOKIES, null, true);
            return;
        }
        JSONArray jSONArray = new JSONArray();
        Iterator<String> it = collection.iterator();
        while (it.hasNext()) {
            jSONArray.put(it.next());
        }
        persist(COOKIES, jSONArray.toString().getBytes(), true);
    }

    @Override // org.forgerock.android.auth.SingleSignOnManager
    public void persist(SSOToken sSOToken) {
        persist(SSO_TOKEN, sSOToken.getValue().getBytes(), true);
    }

    @Override // org.forgerock.android.auth.SecretKeyStore
    public void remove() {
        this.accountManager.setPassword(this.account, null);
    }

    @Override // org.forgerock.android.auth.AccountAware
    public /* synthetic */ void removeAccount(AccountManager accountManager, Account account) {
        accountManager.removeAccountExplicitly(account);
    }

    @Override // org.forgerock.android.auth.SingleSignOnManager
    public void revoke(FRListener<Void> fRListener) {
        clear();
    }

    @Override // org.forgerock.android.auth.AccountAware
    public /* synthetic */ void verifyAccount(AccountManager accountManager, String str, Account account) {
        AccountAware.CC.$default$verifyAccount(this, accountManager, str, account);
    }
}
