package com.microsoft.intune.mam.client.ipc;

import android.annotation.TargetApi;
import android.content.Context;
import android.hardware.fingerprint.FingerprintManager;
import android.net.ConnectivityManager;
import android.net.NetworkInfo;
import android.os.Bundle;
import android.os.ParcelFileDescriptor;
import android.util.Base64;
import com.microsoft.intune.mam.DeviceBuildUtils;
import com.microsoft.intune.mam.client.identity.FileIdentityMetadataAgent;
import com.microsoft.intune.mam.client.identity.MAMIdentityImpl;
import com.microsoft.intune.mam.client.ipcclient.FeatureFlag;
import com.microsoft.intune.mam.client.telemetry.TelemetryLogger;
import com.microsoft.intune.mam.policy.BundleAppPolicy;
import com.microsoft.intune.mam.policy.InternalAppPolicy;
import com.microsoft.intune.mam.policy.PINCharacterType;
import com.microsoft.intune.mam.policy.PINResetReason;
import java.security.SecureRandom;
import java.util.Locale;
import java.util.concurrent.TimeUnit;
import java.util.logging.Logger;

/* loaded from: classes.dex */
public abstract class AbstractAppPolicyEndpoint implements AppPolicyEndpoint {
    private static final Logger LOGGER = Logger.getLogger(AbstractAppPolicyEndpoint.class.getName());
    private SettingEventTimer mADALTimer;
    private SettingEventTimer mComplianceTimer;
    private Context mContext;
    private FileIdentityMetadataAgent mFileIdentityMetadata;
    protected SettingEventTimer mOfflineGracePeriodTimer;
    private SettingEventTimer mPINTimer;
    private SettingEventTimer mPinExpiryTimer;
    private PolicySettings mSettings;

    /* JADX INFO: Access modifiers changed from: protected */
    public AbstractAppPolicyEndpoint(Context context, PolicySettings policySettings, TelemetryLogger telemetryLogger) {
        this.mContext = context;
        this.mSettings = policySettings;
        this.mPINTimer = new SettingEventTimer(policySettings.pinTimer(), policySettings.useMonotonicClock());
        this.mADALTimer = new SettingEventTimer(policySettings.adalTimer(), policySettings.useMonotonicClock());
        this.mComplianceTimer = new SettingEventTimer(policySettings.complianceTimer(), policySettings.useMonotonicClock());
        this.mOfflineGracePeriodTimer = new SettingEventTimer(policySettings.offlineGracePeriodTimer(), false);
        this.mPinExpiryTimer = new SettingEventTimer(policySettings.pinExpiryTimer(), false);
        this.mFileIdentityMetadata = new FileIdentityMetadataAgent(this.mContext, telemetryLogger);
    }

    private int checkPolicyTimers(InternalAppPolicy internalAppPolicy, long j, String str) {
        boolean z;
        if (j == 0) {
            j = 1;
        }
        if (internalAppPolicy.getIsPinRequired()) {
            boolean hasTimePassed = this.mPINTimer.hasTimePassed(j, TimeUnit.SECONDS);
            if (internalAppPolicy.getAllowFingerprintAuth() && internalAppPolicy.getNonBioPassRequiredAfterTimeout()) {
                z = this.mPINTimer.hasTimePassed(internalAppPolicy.getNonBioPassTimeout() != 0 ? internalAppPolicy.getNonBioPassTimeout() : 1L, TimeUnit.SECONDS);
            } else {
                z = false;
            }
            r5 = (hasTimePassed || z) ? 1 : 0;
            if (z) {
                r5 |= 512;
            }
        }
        if (internalAppPolicy.getRequiresAuthentication() && this.mADALTimer.hasTimePassed(j, TimeUnit.SECONDS)) {
            r5 |= 2;
        }
        if (internalAppPolicy.getAppRequiresCompliance() && this.mComplianceTimer.hasTimePassed(j, TimeUnit.SECONDS)) {
            r5 |= 4;
        }
        if (isNetworkAvailable(this.mContext)) {
            clearOfflineGracePeriodTimer(str);
            return r5;
        }
        if (isOfflineGracePeriodExceeded(str)) {
            return r5 | 32;
        }
        startOfflineGracePeriodTimer(str);
        return r5;
    }

    private static boolean isNetworkAvailable(Context context) {
        NetworkInfo activeNetworkInfo = ((ConnectivityManager) context.getSystemService("connectivity")).getActiveNetworkInfo();
        return activeNetworkInfo != null && activeNetworkInfo.isConnected();
    }

    private final boolean isPinExpired(String str) {
        InternalAppPolicy policyForPackage = getPolicyForPackage(str, PolicyUpdateType.NOT_INITIAL_UPDATE, 0);
        if (policyForPackage == null || !policyForPackage.getIsPinRequired()) {
            return false;
        }
        long pinExpiryDays = policyForPackage.getPinExpiryDays();
        return pinExpiryDays != 0 && this.mPinExpiryTimer.hasTimePassed(pinExpiryDays, TimeUnit.DAYS);
    }

    protected abstract boolean checkIsDeviceCompliant();

    @Override // com.microsoft.intune.mam.client.ipc.AppPolicyEndpoint
    public final boolean checkPinCorrect(String str, String str2) {
        if (!userHasPin() || userRequiresResetPin(str) == PINResetReason.RETRIES_EXCEEDED) {
            return false;
        }
        String str3 = this.mSettings.pin().get();
        PinHash fromString = str3 == null ? null : PinHash.fromString(str3);
        boolean validate = (fromString == null || str2.length() <= 0) ? false : fromString.validate(str2);
        if (validate) {
            if (!fromString.usesLatestAlgorithm()) {
                this.mSettings.pin().set(PinHash.fromPassword(str2).toString());
            }
            this.mSettings.pinRetries().set(0);
        } else {
            this.mSettings.pinRetries().set(Integer.valueOf(this.mSettings.pinRetries().get().intValue() + 1));
            this.mPINTimer.expireTimer();
        }
        return validate;
    }

    @Override // com.microsoft.intune.mam.client.ipc.AppPolicyEndpoint
    public boolean clearFileIdentityInfo(long j, long j2) {
        return this.mFileIdentityMetadata.clearFileIdentityInfo(j, j2);
    }

    @Override // com.microsoft.intune.mam.client.ipc.AppPolicyEndpoint
    public void clearOfflineGracePeriodTimer(String str) {
        this.mOfflineGracePeriodTimer.disableTimer();
    }

    @Override // com.microsoft.intune.mam.client.ipc.AppPolicyEndpoint
    public final byte[] createNewClipboardKeyAndIV() {
        byte[] bArr = new byte[48];
        new SecureRandom().nextBytes(bArr);
        this.mSettings.clipboardKey().set(Base64.encodeToString(bArr, 2));
        return bArr;
    }

    @Override // com.microsoft.intune.mam.client.ipc.AppPolicyEndpoint
    @TargetApi(23)
    public final boolean fingerprintSupportedAndRegistered() {
        FingerprintManager fingerprintManager = (FingerprintManager) this.mContext.getSystemService(FingerprintManager.class);
        if (fingerprintManager == null) {
            LOGGER.warning("Unable to obtain fingerprint manager from the system.");
            return false;
        }
        if (!fingerprintManager.isHardwareDetected()) {
            LOGGER.info("Device does not have fingerprint hardware present.");
            return false;
        }
        if (fingerprintManager.hasEnrolledFingerprints()) {
            return true;
        }
        LOGGER.info("No fingerprints are registered for this user.");
        return false;
    }

    @Override // com.microsoft.intune.mam.client.ipc.AppPolicyEndpoint
    public final byte[] getCurrentClipboardKeyAndIV() {
        String str = this.mSettings.clipboardKey().get();
        if (str == null) {
            return null;
        }
        return Base64.decode(str, 2);
    }

    @Override // com.microsoft.intune.mam.client.ipc.AppPolicyEndpoint
    public abstract String getEnrolledUserAnyPackage();

    @Override // com.microsoft.intune.mam.client.ipc.AppPolicyEndpoint
    public ParcelFileDescriptor getFileIdentityInfoFd(long j, long j2, int i) {
        return this.mFileIdentityMetadata.getFileIdentityInfoFd(j, j2, i);
    }

    @Override // com.microsoft.intune.mam.client.ipc.AppPolicyEndpoint
    public ParcelFileDescriptor getFileIdentityStorageRoot(long j) {
        return this.mFileIdentityMetadata.getFileIdentityStorageRoot(j);
    }

    @Override // com.microsoft.intune.mam.client.ipc.AppPolicyEndpoint
    public final Bundle getMyAppPolicy(String str, PolicyUpdateType policyUpdateType, int i) {
        LOGGER.fine("Received request for application policy for " + str + ", " + policyUpdateType.name() + ", app policy major version = " + i);
        InternalAppPolicy policyForPackage = getPolicyForPackage(str, policyUpdateType, i);
        if (policyForPackage == null) {
            return null;
        }
        return new BundleAppPolicy(policyForPackage).getBundle();
    }

    @Override // com.microsoft.intune.mam.client.ipc.AppPolicyEndpoint
    public PINCharacterType getPINCharacterType() {
        return PINCharacterType.fromCode(this.mSettings.pinCharacterType().get().intValue());
    }

    protected abstract InternalAppPolicy getPolicyForPackage(String str, PolicyUpdateType policyUpdateType, int i);

    protected abstract int getUserPINMaxRetries(String str);

    @Override // com.microsoft.intune.mam.client.ipc.AppPolicyEndpoint
    public boolean isCheckinTimeoutExceeded(String str) {
        return false;
    }

    @Override // com.microsoft.intune.mam.client.ipc.AppPolicyEndpoint
    public final boolean isDeviceCompliant() {
        boolean checkIsDeviceCompliant = (!isXposeDetected()) & checkIsDeviceCompliant();
        if (!checkIsDeviceCompliant) {
            this.mComplianceTimer.expireTimer();
        }
        return checkIsDeviceCompliant;
    }

    @Override // com.microsoft.intune.mam.client.ipc.AppPolicyEndpoint
    public boolean isDeviceInIdentityDatabase(long j) {
        return this.mFileIdentityMetadata.isDeviceInIdentityDatabase(j);
    }

    @Override // com.microsoft.intune.mam.client.ipc.AppPolicyEndpoint
    public boolean isFeatureEnabled(FeatureFlag featureFlag) {
        return false;
    }

    @Override // com.microsoft.intune.mam.client.ipc.AppPolicyEndpoint
    public boolean isMDMPasswordPolicyCompliant() {
        return false;
    }

    public final boolean isOfflineGracePeriodExceeded(String str) {
        InternalAppPolicy policyForPackage = getPolicyForPackage(str, PolicyUpdateType.NOT_INITIAL_UPDATE, 0);
        if (policyForPackage == null) {
            return false;
        }
        return this.mOfflineGracePeriodTimer.hasTimePassed(policyForPackage.getLaunchOfflineTimeout(), TimeUnit.SECONDS);
    }

    protected abstract boolean isXposeDetected();

    @Override // com.microsoft.intune.mam.client.ipc.AppPolicyEndpoint
    public final int mustCheckPolicies(String str, boolean z) {
        InternalAppPolicy policyForPackage = getPolicyForPackage(str, PolicyUpdateType.NOT_INITIAL_UPDATE, 0);
        if (policyForPackage == null) {
            return 0;
        }
        int i = isCheckinTimeoutExceeded(str) ? 16 : 0;
        if (policyForPackage.getAllowedAndroidManufacturersElseWipe() != null) {
            i |= 128;
        }
        if (policyForPackage.getAllowedAndroidManufacturersElseBlock() != null) {
            i |= 256;
        }
        if (!policyForPackage.getMinOSVersion().isZero() && !policyForPackage.getMinOSVersion().isOtherEqualOrNewer(DeviceBuildUtils.getAndroidOSVersion())) {
            i |= 8;
        }
        if (!policyForPackage.getMinOSVersionWarning().isZero() && !policyForPackage.getMinOSVersionWarning().isOtherEqualOrNewer(DeviceBuildUtils.getAndroidOSVersion())) {
            i |= 8;
        }
        if (!policyForPackage.getMinOSVersionWipe().isZero() && !policyForPackage.getMinOSVersionWipe().isOtherEqualOrNewer(DeviceBuildUtils.getAndroidOSVersion())) {
            i |= 8;
        }
        if (!policyForPackage.getMinAppVersion().isZero() || !policyForPackage.getMinAppVersionWarning().isZero() || !policyForPackage.getMinAppVersionWipe().isZero()) {
            i |= 8;
        }
        if (!policyForPackage.getMinOSPatch().isZero() || !policyForPackage.getMinOSPatchWarning().isZero() || !policyForPackage.getMinOSPatchWipe().isZero()) {
            i |= 8;
        }
        if (z && policyForPackage.getIsPinRequired() && policyForPackage.getAllowFingerprintAuth() && policyForPackage.getNonBioPassRequiredOnLaunch()) {
            i |= 513;
        }
        return checkPolicyTimers(policyForPackage, policyForPackage.getLaunchOnlineTimeout(), str) | i;
    }

    @Override // com.microsoft.intune.mam.client.ipc.AppPolicyEndpoint
    public final void notifyADALAuthenticationStatus(String str, boolean z) {
        if (getPolicyForPackage(str, PolicyUpdateType.NOT_INITIAL_UPDATE, 0).getRequiresAuthentication()) {
            if (z) {
                this.mADALTimer.restartTimer();
            } else {
                this.mADALTimer.expireTimer();
            }
        }
    }

    @Override // com.microsoft.intune.mam.client.ipc.AppPolicyEndpoint
    public void onMAMAppInstall(String str, String str2) {
        LOGGER.info(String.format(Locale.US, "onMAMAppInstall called for installed package %s and action %s. Method not implemented in this agent, doing nothing.", str, str2));
    }

    @Override // com.microsoft.intune.mam.client.ipc.AppPolicyEndpoint
    public void reportFatalError(String str, String str2, String str3) {
        LOGGER.severe(String.format(Locale.US, "App '%s' reported (probably fatal) error on thread '%s': %s", str, str2, str3));
    }

    @Override // com.microsoft.intune.mam.client.ipc.AppPolicyEndpoint
    public void resetConditionalLaunchTimers(String str, boolean z) {
        InternalAppPolicy policyForPackage = getPolicyForPackage(str, PolicyUpdateType.NOT_INITIAL_UPDATE, 0);
        if (policyForPackage == null) {
            return;
        }
        if (policyForPackage.getRequiresAuthentication() && (z || this.mADALTimer.isStarted())) {
            this.mADALTimer.restartTimer();
        }
        if (policyForPackage.getIsPinRequired() && (z || this.mPINTimer.isStarted())) {
            this.mPINTimer.restartTimer();
        }
        if (policyForPackage.getAppRequiresCompliance()) {
            if (z || this.mComplianceTimer.isStarted()) {
                this.mComplianceTimer.restartTimer();
            }
        }
    }

    @Override // com.microsoft.intune.mam.client.ipc.AppPolicyEndpoint
    public final boolean setNewPin(String str, PINCharacterType pINCharacterType) {
        this.mSettings.pin().set(PinHash.fromPassword(str).toString());
        this.mSettings.pinRetries().set(0);
        this.mSettings.pinCharacterType().set(Integer.valueOf(pINCharacterType.getCode()));
        this.mPinExpiryTimer.restartTimer();
        return true;
    }

    protected void startOfflineGracePeriodTimer(String str) {
        if (this.mOfflineGracePeriodTimer.isStarted()) {
            return;
        }
        LOGGER.info("Starting offline grace period timer.");
        this.mOfflineGracePeriodTimer.restartTimer();
    }

    @Override // com.microsoft.intune.mam.client.ipc.AppPolicyEndpoint
    public abstract void updateMAMServiceToken(String str, MAMIdentityImpl mAMIdentityImpl, String str2, boolean z);

    @Override // com.microsoft.intune.mam.client.ipc.AppPolicyEndpoint
    public final boolean userHasPin() {
        return this.mSettings.pin().get() != null;
    }

    @Override // com.microsoft.intune.mam.client.ipc.AppPolicyEndpoint
    public final PINResetReason userRequiresResetPin(String str) {
        return this.mSettings.pinRetries().get().intValue() >= getUserPINMaxRetries(str) ? PINResetReason.RETRIES_EXCEEDED : isPinExpired(str) ? PINResetReason.EXPIRED : PINResetReason.NOT_REQUIRED;
    }
}
