package com.microsoft.office.outlook.security;

import android.app.Activity;
import android.content.Context;
import android.content.SharedPreferences;
import android.security.KeyChain;
import android.security.KeyChainAliasCallback;
import com.acompli.accore.features.FeatureManager;
import com.acompli.accore.util.SharedPreferenceUtil;
import com.acompli.libcircle.inject.ForApplication;
import com.acompli.libcircle.log.Logger;
import com.acompli.libcircle.log.LoggerFactory;
import com.microsoft.intune.mam.client.app.MAMComponents;
import com.microsoft.intune.mam.policy.MAMUserInfo;
import com.microsoft.intune.mam.policy.appconfig.MAMAppConfig;
import com.microsoft.intune.mam.policy.appconfig.MAMAppConfigManager;
import com.microsoft.office.outlook.hx.HxCore;
import java.util.Collections;
import java.util.List;
import java.util.Set;
import javax.inject.Inject;
import kotlin.TypeCastException;
import kotlin.collections.CollectionsKt;
import kotlin.collections.SetsKt;
import kotlin.jvm.internal.DefaultConstructorMarker;
import kotlin.jvm.internal.Intrinsics;

/* compiled from: CredentialManager.kt */
/* loaded from: classes.dex */
public final class CredentialManager {
    private static final String CREDENTIALS = "CREDENTIALS";
    private static final String INSTALLED_ALIASES_KEY = "com.microsoft.intune.certificates.InstalledCertificateAlias";
    private static final String PREF_SMIME_CERT_ALIASES = "PREF_SMIME_CERT_ALIASES";
    private static final String PREF_SMIME_CERT_ALIASES_UNCHECKED = "PREF_SMIME_CERT_ALIASES_UNCHECKED";
    private final Context context;
    private final FeatureManager featureManager;
    public static final Companion Companion = new Companion(null);
    private static final Logger LOG = LoggerFactory.a("CredentialManager");

    /* compiled from: CredentialManager.kt */
    /* loaded from: classes3.dex */
    public static final class Companion {
        private Companion() {
        }

        public /* synthetic */ Companion(DefaultConstructorMarker defaultConstructorMarker) {
            this();
        }
    }

    @Inject
    public CredentialManager(@ForApplication Context context, FeatureManager featureManager) {
        Intrinsics.b(context, "context");
        Intrinsics.b(featureManager, "featureManager");
        this.context = context;
        this.featureManager = featureManager;
    }

    private final void addSmimeCertificateAlias(String str, boolean z) {
        SharedPreferenceUtil.a(retrieveSharedPreferences(), z ? PREF_SMIME_CERT_ALIASES : PREF_SMIME_CERT_ALIASES_UNCHECKED, str, true);
    }

    private final void askForAccessToAliases(Activity activity) {
        if (!this.featureManager.a(FeatureManager.Feature.SMIME_PROTOTYPE_MASTER)) {
            LOG.b("askForAccessToAliases : S/MIME feature flag is off, returning");
            return;
        }
        final SharedPreferences retrieveSharedPreferences = retrieveSharedPreferences();
        Set<String> stringSet = retrieveSharedPreferences.getStringSet(PREF_SMIME_CERT_ALIASES_UNCHECKED, null);
        if (stringSet == null) {
            stringSet = SetsKt.a();
        }
        Set<String> stringSet2 = retrieveSharedPreferences.getStringSet(PREF_SMIME_CERT_ALIASES, null);
        if (stringSet2 == null) {
            stringSet2 = SetsKt.a();
        }
        LOG.a("askForAccessToAliases : retrieved " + stringSet.size() + " unchecked aliases");
        LOG.a("askForAccessToAliases : retrieved " + stringSet2.size() + " checked aliases");
        for (final String str : stringSet) {
            KeyChain.choosePrivateKeyAlias(activity, new KeyChainAliasCallback() { // from class: com.microsoft.office.outlook.security.CredentialManager$askForAccessToAliases$1
                @Override // android.security.KeyChainAliasCallback
                public final void alias(String str2) {
                    Logger logger;
                    Logger logger2;
                    Logger logger3;
                    Logger logger4;
                    Logger logger5;
                    logger = CredentialManager.LOG;
                    logger.a("askForAccessToAliases : asked the user to approve alias " + str);
                    logger2 = CredentialManager.LOG;
                    logger2.a("askForAccessToAliases : user approved alias " + str2);
                    if (str2 == null) {
                        logger5 = CredentialManager.LOG;
                        logger5.b("askForAccessToAliases : user did NOT approve the certificate. TODO: ask again nicely.");
                        return;
                    }
                    if (!Intrinsics.a((Object) str, (Object) str2)) {
                        logger4 = CredentialManager.LOG;
                        logger4.b("askForAccessToAliases : user approved a different certificate. TODO: ask again for the original alias");
                        return;
                    }
                    logger3 = CredentialManager.LOG;
                    logger3.a("askForAccessToAliases : moving alias " + str2 + " from UNCHECKED to CHECKED status");
                    SharedPreferenceUtil.a(retrieveSharedPreferences, "PREF_SMIME_CERT_ALIASES_UNCHECKED", str, false);
                    SharedPreferenceUtil.a(retrieveSharedPreferences, "PREF_SMIME_CERT_ALIASES", str, true);
                }
            }, null, null, null, 0, str);
        }
    }

    private final Set<String> getCertificateAliasesFromIntune() {
        String primaryUser;
        Set<String> h;
        MAMUserInfo mAMUserInfo = (MAMUserInfo) MAMComponents.get(MAMUserInfo.class);
        if (mAMUserInfo == null || (primaryUser = mAMUserInfo.getPrimaryUser()) == null) {
            return SetsKt.a();
        }
        MAMAppConfig retrieveMamAppConfig = retrieveMamAppConfig(primaryUser);
        if (retrieveMamAppConfig == null) {
            return SetsKt.a();
        }
        List<String> allStringsForKey = retrieveMamAppConfig.getAllStringsForKey(INSTALLED_ALIASES_KEY);
        return (allStringsForKey == null || (h = CollectionsKt.h(allStringsForKey)) == null) ? SetsKt.a() : h;
    }

    private final void putUncheckedCertificateAlias(String str) {
        if (this.featureManager.a(FeatureManager.Feature.SMIME_PROTOTYPE_MASTER)) {
            addSmimeCertificateAlias(str, false);
        } else {
            LOG.b("putUncheckedCertificateAlias : S/MIME feature flag is off, returning");
        }
    }

    private final void queryIntuneForNewCertificateAliases() {
        LOG.a("queryIntuneForNewCertificateAliases...");
        if (!this.featureManager.a(FeatureManager.Feature.SMIME_PROTOTYPE_MASTER)) {
            LOG.b("queryIntuneForNewCertificateAliases: S/MIME feature flag is off, returning");
            return;
        }
        Set<String> certificateAliasesFromIntune = getCertificateAliasesFromIntune();
        LOG.a("queryIntuneForNewCertificateAliases: found " + certificateAliasesFromIntune.size() + " aliases from Intune");
        Set<String> retrieveCheckedSmimeCertificateAliases = retrieveCheckedSmimeCertificateAliases();
        LOG.a("queryIntuneForNewCertificateAliases: we have " + retrieveCheckedSmimeCertificateAliases.size() + " checked aliases already");
        for (String str : certificateAliasesFromIntune) {
            if (!retrieveCheckedSmimeCertificateAliases.contains(str)) {
                LOG.a("queryIntuneForNewCertificateAliases : Adding alias " + str + " to unchecked bucket");
                putUncheckedCertificateAlias(str);
            }
        }
    }

    private final void registerAliasesWithHx() {
        if (!this.featureManager.a(FeatureManager.Feature.SMIME_PROTOTYPE_MASTER)) {
            LOG.b("registerAliasesWithHx : S/MIME feature flag is off, returning");
            return;
        }
        Set<String> retrieveCheckedSmimeCertificateAliases = retrieveCheckedSmimeCertificateAliases();
        LOG.a("registerAliasesWithHx: retrieved " + retrieveCheckedSmimeCertificateAliases.size() + " checked aliases");
        if (retrieveCheckedSmimeCertificateAliases.isEmpty()) {
            return;
        }
        LOG.a("registerAliasesWithHx: sending aliases to Hx");
        HxCore.setSmimeCertificateAliases(retrieveCheckedSmimeCertificateAliases);
    }

    private final void removeAllSmimeCertificateAliases() {
        SharedPreferences.Editor edit = retrieveSharedPreferences().edit();
        edit.remove(PREF_SMIME_CERT_ALIASES);
        edit.remove(PREF_SMIME_CERT_ALIASES_UNCHECKED);
        edit.apply();
    }

    private final void removeSmimeCertificateAlias(String str) {
        SharedPreferenceUtil.a(retrieveSharedPreferences(), PREF_SMIME_CERT_ALIASES, str, false);
        SharedPreferenceUtil.a(retrieveSharedPreferences(), PREF_SMIME_CERT_ALIASES_UNCHECKED, str, false);
    }

    private final Set<String> retrieveCheckedSmimeCertificateAliases() {
        SharedPreferences retrieveSharedPreferences = retrieveSharedPreferences();
        Set<String> set = Collections.EMPTY_SET;
        if (set == null) {
            throw new TypeCastException("null cannot be cast to non-null type kotlin.collections.Set<kotlin.String>");
        }
        Set<String> stringSet = retrieveSharedPreferences.getStringSet(PREF_SMIME_CERT_ALIASES, set);
        Intrinsics.a((Object) stringSet, "retrieveSharedPreference…EMPTY_SET as Set<String>)");
        return stringSet;
    }

    private final MAMAppConfig retrieveMamAppConfig(String str) {
        MAMAppConfigManager mAMAppConfigManager = (MAMAppConfigManager) MAMComponents.get(MAMAppConfigManager.class);
        if (mAMAppConfigManager != null) {
            return mAMAppConfigManager.getAppConfig(str);
        }
        return null;
    }

    private final SharedPreferences retrieveSharedPreferences() {
        SharedPreferences sharedPreferences = this.context.getSharedPreferences(CREDENTIALS, 0);
        Intrinsics.a((Object) sharedPreferences, "context.getSharedPrefere…LS, Context.MODE_PRIVATE)");
        return sharedPreferences;
    }

    public final void putCheckedCertificateAlias(String alias) {
        Intrinsics.b(alias, "alias");
        if (this.featureManager.a(FeatureManager.Feature.SMIME_PROTOTYPE_MASTER)) {
            addSmimeCertificateAlias(alias, true);
        } else {
            LOG.b("putCheckedCertificateAlias : S/MIME feature flag is off, returning");
        }
    }

    public final void reloadEverything(Activity activity) {
        Intrinsics.b(activity, "activity");
        if (this.featureManager.a(FeatureManager.Feature.SMIME_PROTOTYPE_MASTER)) {
            queryIntuneForNewCertificateAliases();
            askForAccessToAliases(activity);
            registerAliasesWithHx();
        }
    }
}
