package com.microsoft.identity.common.internal.ui.webview.certbasedauth;

import android.app.Activity;
import android.webkit.ClientCertRequest;
import androidx.annotation.NonNull;
import androidx.annotation.RequiresApi;
import com.microsoft.identity.common.R;
import com.microsoft.identity.common.internal.ui.webview.certbasedauth.AbstractSmartcardCertBasedAuthManager;
import com.microsoft.identity.common.internal.ui.webview.certbasedauth.SmartcardCertPickerDialog;
import com.microsoft.identity.common.internal.ui.webview.certbasedauth.SmartcardPinDialog;
import com.microsoft.identity.common.java.exception.BaseException;
import com.microsoft.identity.common.java.opentelemetry.ICertBasedAuthTelemetryHelper;
import com.microsoft.identity.common.java.providers.RawAuthorizationResult;
import com.microsoft.identity.common.logging.Logger;
import java.security.PrivateKey;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.List;

/* loaded from: classes4.dex */
public abstract class AbstractSmartcardCertBasedAuthChallengeHandler<T extends AbstractSmartcardCertBasedAuthManager<?>> implements ICertBasedAuthChallengeHandler {
    protected static final String MAX_ATTEMPTS_MESSAGE = "User has reached the maximum failed attempts allowed.";
    protected static final String NO_PIV_CERTS_FOUND_MESSAGE = "No PIV certificates found on smartcard device.";
    protected static final String USER_CANCEL_MESSAGE = "User canceled smartcard CBA flow.";
    protected final String TAG;
    protected final Activity mActivity;
    protected final T mCbaManager;
    protected final IDialogHolder mDialogHolder;
    protected boolean mIsSmartcardCertBasedAuthProceeding = false;
    protected final ICertBasedAuthTelemetryHelper mTelemetryHelper;

    public AbstractSmartcardCertBasedAuthChallengeHandler(@NonNull Activity activity, @NonNull T t9, @NonNull IDialogHolder iDialogHolder, @NonNull ICertBasedAuthTelemetryHelper iCertBasedAuthTelemetryHelper, @NonNull String str) {
        this.TAG = str;
        this.mActivity = activity;
        this.mCbaManager = t9;
        this.mDialogHolder = iDialogHolder;
        this.mTelemetryHelper = iCertBasedAuthTelemetryHelper;
        iCertBasedAuthTelemetryHelper.setCertBasedAuthChallengeHandler(str);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public SmartcardCertPickerDialog.PositiveButtonListener getSmartcardCertPickerDialogPositiveButtonListener(@NonNull final ClientCertRequest clientCertRequest) {
        return new SmartcardCertPickerDialog.PositiveButtonListener() { // from class: com.microsoft.identity.common.internal.ui.webview.certbasedauth.AbstractSmartcardCertBasedAuthChallengeHandler.2
            @Override // com.microsoft.identity.common.internal.ui.webview.certbasedauth.SmartcardCertPickerDialog.PositiveButtonListener
            @RequiresApi(api = 21)
            public void onClick(@NonNull ICertDetails iCertDetails) {
                AbstractSmartcardCertBasedAuthChallengeHandler abstractSmartcardCertBasedAuthChallengeHandler = AbstractSmartcardCertBasedAuthChallengeHandler.this;
                abstractSmartcardCertBasedAuthChallengeHandler.mDialogHolder.showPinDialog(abstractSmartcardCertBasedAuthChallengeHandler.getSmartcardPinDialogPositiveButtonListener(iCertDetails, clientCertRequest), new SmartcardPinDialog.CancelCbaCallback() { // from class: com.microsoft.identity.common.internal.ui.webview.certbasedauth.AbstractSmartcardCertBasedAuthChallengeHandler.2.1
                    @Override // com.microsoft.identity.common.internal.ui.webview.certbasedauth.SmartcardPinDialog.CancelCbaCallback
                    @RequiresApi(api = 21)
                    public void onCancel() {
                        AbstractSmartcardCertBasedAuthChallengeHandler.this.mDialogHolder.dismissDialog();
                        AbstractSmartcardCertBasedAuthChallengeHandler.this.mTelemetryHelper.setResultFailure(AbstractSmartcardCertBasedAuthChallengeHandler.USER_CANCEL_MESSAGE);
                        clientCertRequest.cancel();
                    }
                });
            }
        };
    }

    @Override // com.microsoft.identity.common.internal.ui.webview.certbasedauth.ICertBasedAuthChallengeHandler
    public void cleanUp() {
        this.mDialogHolder.dismissDialog();
        this.mCbaManager.clearConnectionCallback();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void clearPin(@NonNull char[] cArr) {
        Arrays.fill(cArr, (char) 0);
    }

    @Override // com.microsoft.identity.common.internal.ui.webview.certbasedauth.ICertBasedAuthChallengeHandler
    public void emitTelemetryForCertBasedAuthResults(@NonNull RawAuthorizationResult rawAuthorizationResult) {
        if (this.mIsSmartcardCertBasedAuthProceeding) {
            RawAuthorizationResult.ResultCode resultCode = rawAuthorizationResult.getResultCode();
            if (resultCode != RawAuthorizationResult.ResultCode.NON_OAUTH_ERROR && resultCode != RawAuthorizationResult.ResultCode.SDK_CANCELLED && resultCode != RawAuthorizationResult.ResultCode.CANCELLED) {
                this.mTelemetryHelper.setResultSuccess();
                return;
            }
            BaseException exception = rawAuthorizationResult.getException();
            if (exception != null) {
                this.mTelemetryHelper.setResultFailure(exception);
            } else {
                this.mTelemetryHelper.setResultFailure(resultCode.toString());
            }
        }
    }

    protected abstract SmartcardPinDialog.PositiveButtonListener getSmartcardPinDialogPositiveButtonListener(@NonNull ICertDetails iCertDetails, @NonNull ClientCertRequest clientCertRequest);

    /* JADX INFO: Access modifiers changed from: protected */
    public void indicateGeneralException(@NonNull String str, @NonNull Exception exc) {
        Logger.error(str, exc.getMessage(), exc);
        this.mTelemetryHelper.setResultFailure(exc);
        this.mDialogHolder.showErrorDialog(R.string.smartcard_general_error_dialog_title, R.string.smartcard_general_error_dialog_message);
    }

    protected abstract void onPausedSmartcardDiscovery();

    @Override // com.microsoft.identity.common.internal.ui.webview.challengehandlers.IChallengeHandler
    @RequiresApi(api = 21)
    public Void processChallenge(final ClientCertRequest clientCertRequest) {
        final String str = this.TAG + ":processChallenge";
        this.mCbaManager.requestDeviceSession(new AbstractSmartcardCertBasedAuthManager.ISessionCallback() { // from class: com.microsoft.identity.common.internal.ui.webview.certbasedauth.AbstractSmartcardCertBasedAuthChallengeHandler.1
            @Override // com.microsoft.identity.common.internal.ui.webview.certbasedauth.AbstractSmartcardCertBasedAuthManager.ISessionCallback
            public void onException(@NonNull Exception exc) {
                AbstractSmartcardCertBasedAuthChallengeHandler.this.indicateGeneralException(str, exc);
                clientCertRequest.cancel();
            }

            @Override // com.microsoft.identity.common.internal.ui.webview.certbasedauth.AbstractSmartcardCertBasedAuthManager.ISessionCallback
            public void onGetSession(@NonNull ISmartcardSession iSmartcardSession) throws Exception {
                if (iSmartcardSession.getPinAttemptsRemaining() == 0) {
                    AbstractSmartcardCertBasedAuthChallengeHandler.this.promptTooManyFailedPinAttempts(str);
                    clientCertRequest.cancel();
                    AbstractSmartcardCertBasedAuthChallengeHandler.this.onPausedSmartcardDiscovery();
                    return;
                }
                List<ICertDetails> certDetailsList = iSmartcardSession.getCertDetailsList();
                if (!certDetailsList.isEmpty()) {
                    AbstractSmartcardCertBasedAuthChallengeHandler abstractSmartcardCertBasedAuthChallengeHandler = AbstractSmartcardCertBasedAuthChallengeHandler.this;
                    abstractSmartcardCertBasedAuthChallengeHandler.mDialogHolder.showCertPickerDialog(certDetailsList, abstractSmartcardCertBasedAuthChallengeHandler.getSmartcardCertPickerDialogPositiveButtonListener(clientCertRequest), new SmartcardCertPickerDialog.CancelCbaCallback() { // from class: com.microsoft.identity.common.internal.ui.webview.certbasedauth.AbstractSmartcardCertBasedAuthChallengeHandler.1.1
                        @Override // com.microsoft.identity.common.internal.ui.webview.certbasedauth.SmartcardCertPickerDialog.CancelCbaCallback
                        @RequiresApi(api = 21)
                        public void onCancel() {
                            AbstractSmartcardCertBasedAuthChallengeHandler.this.mDialogHolder.dismissDialog();
                            AbstractSmartcardCertBasedAuthChallengeHandler.this.mTelemetryHelper.setResultFailure(AbstractSmartcardCertBasedAuthChallengeHandler.USER_CANCEL_MESSAGE);
                            clientCertRequest.cancel();
                        }
                    });
                    AbstractSmartcardCertBasedAuthChallengeHandler.this.onPausedSmartcardDiscovery();
                } else {
                    Logger.info(str, AbstractSmartcardCertBasedAuthChallengeHandler.NO_PIV_CERTS_FOUND_MESSAGE);
                    AbstractSmartcardCertBasedAuthChallengeHandler.this.mTelemetryHelper.setResultFailure(AbstractSmartcardCertBasedAuthChallengeHandler.NO_PIV_CERTS_FOUND_MESSAGE);
                    AbstractSmartcardCertBasedAuthChallengeHandler.this.mDialogHolder.showErrorDialog(R.string.smartcard_no_cert_dialog_title, R.string.smartcard_no_cert_dialog_message);
                    clientCertRequest.cancel();
                    AbstractSmartcardCertBasedAuthChallengeHandler.this.onPausedSmartcardDiscovery();
                }
            }
        });
        return null;
    }

    protected void promptTooManyFailedPinAttempts(@NonNull String str) {
        Logger.info(str, MAX_ATTEMPTS_MESSAGE);
        this.mTelemetryHelper.setResultFailure(MAX_ATTEMPTS_MESSAGE);
        this.mDialogHolder.showErrorDialog(R.string.smartcard_max_attempt_dialog_title, R.string.smartcard_max_attempt_dialog_message);
    }

    protected abstract void setPinDialogForIncorrectAttempt(@NonNull ICertDetails iCertDetails, @NonNull ClientCertRequest clientCertRequest);

    /* JADX INFO: Access modifiers changed from: protected */
    @RequiresApi(api = 21)
    public void tryUsingSmartcardWithPin(@NonNull char[] cArr, @NonNull ICertDetails iCertDetails, @NonNull ClientCertRequest clientCertRequest, @NonNull ISmartcardSession iSmartcardSession) throws Exception {
        String str = this.TAG + ":tryUsingSmartcardWithPin";
        if (iSmartcardSession.verifyPin(cArr)) {
            useSmartcardCertForAuth(iCertDetails, cArr, iSmartcardSession, clientCertRequest);
            return;
        }
        int pinAttemptsRemaining = iSmartcardSession.getPinAttemptsRemaining();
        onPausedSmartcardDiscovery();
        if (pinAttemptsRemaining != 0) {
            setPinDialogForIncorrectAttempt(iCertDetails, clientCertRequest);
        } else {
            promptTooManyFailedPinAttempts(str);
            clientCertRequest.cancel();
        }
    }

    @RequiresApi(api = 21)
    protected void useSmartcardCertForAuth(@NonNull ICertDetails iCertDetails, @NonNull char[] cArr, @NonNull ISmartcardSession iSmartcardSession, @NonNull ClientCertRequest clientCertRequest) throws Exception {
        this.mCbaManager.initBeforeProceedingWithRequest(this.mTelemetryHelper);
        PrivateKey keyForAuth = iSmartcardSession.getKeyForAuth(iCertDetails, cArr);
        X509Certificate[] x509CertificateArr = {iCertDetails.getCertificate()};
        this.mDialogHolder.dismissDialog();
        this.mIsSmartcardCertBasedAuthProceeding = true;
        clientCertRequest.proceed(keyForAuth, x509CertificateArr);
    }
}
